jenkins
/
jenkins-config
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

parameterize docker group

This commit is contained in:
Arvydas Silanskas 2024-09-28 11:53:40 +03:00
parent fb0137cd2c
commit b0529477f4
4 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.adoc
View File

@ -4,6 +4,7 @@
. Run `create-keys.sh` to generate SSH keys used for Jenkins controller to talk to Jenkins agent; . Run `create-keys.sh` to generate SSH keys used for Jenkins controller to talk to Jenkins agent;
. Run `echo -n 'password' > adminpassword` to setup password for admin user (watchout to not add newlines); . Run `echo -n 'password' > adminpassword` to setup password for admin user (watchout to not add newlines);
. Run `echo "DOCKER_GROUP=$(getent group docker | cut -d: -f3)" > .env` to setup agent's group so it can access docker socket;
. Run `docker compose up -d`; . Run `docker compose up -d`;
. (Optionally) Add `update.sh` script to be run by cron periodically. . (Optionally) Add `update.sh` script to be run by cron periodically.
@ -21,6 +22,7 @@ Jobs often need secrets, however these secrets should be scoped per-user / proje
== Points of Improvement == Points of Improvement
. Fix the goofy docker group mess;
. Externalize user management (eg LDAP); . Externalize user management (eg LDAP);
. Use vaults for secret storage; . Use vaults for secret storage;
. Change agent from persistent ssh to an adhoc provisioned instance. . Change agent from persistent ssh to an adhoc provisioned instance.

2
docker-compose.yml
View File

@ -17,6 +17,8 @@ services:
build: build:
context: . context: .
dockerfile: jenkins-agent.Dockerfile dockerfile: jenkins-agent.Dockerfile
args:
DOCKER_GROUP: '${DOCKER_GROUP}'
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro - /var/run/docker.sock:/var/run/docker.sock:ro

3
jenkins-agent.Dockerfile
View File

@ -1,4 +1,5 @@
FROM jenkins/ssh-agent:latest FROM jenkins/ssh-agent:latest
COPY --from=docker:dind /usr/local/bin/docker /usr/local/bin/ COPY --from=docker:dind /usr/local/bin/docker /usr/local/bin/
RUN groupadd docker -g 971 ARG DOCKER_GROUP
RUN groupadd docker -g $DOCKER_GROUP
RUN usermod -aG docker jenkins RUN usermod -aG docker jenkins

4
jenkins.yml
View File

@ -67,10 +67,6 @@ jobs:
folder('index_scheme_org') { folder('index_scheme_org') {
displayName: 'index.scheme.org' displayName: 'index.scheme.org'
} }
- script: >
folder('index_scheme_org2') {
displayName: 'index.scheme.org2'
}
- script: > - script: >
multibranchPipelineJob('index_scheme_org/build') { multibranchPipelineJob('index_scheme_org/build') {
displayName: 'Build and deploy' displayName: 'Build and deploy'