-
Notifications
You must be signed in to change notification settings - Fork 42
/
Jenkinsfile
164 lines (156 loc) · 4.92 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
def REGISTRY_URL = 'docker.pkg.github.com'
def OWNER = 'mjah'
def REPO_NAME = 'kubernetes-jenkins-cicd-pipeline-example'
def IMAGE_NAME = 'helloworld'
def IMAGE_REGISTRY = "${REGISTRY_URL}/${OWNER}/${REPO_NAME}/${IMAGE_NAME}"
def IMAGE_BRANCH_TAG = "${IMAGE_REGISTRY}:${env.BRANCH_NAME}"
def REGISTRY_CREDENTIALS = 'github-mjah'
def CLUSTER_CREDENTIALS = 'cluster-1-kubeconfig'
def KUBERNETES_MANIFEST = 'kubernetes-manifest.yaml'
def STAGING_NAMESPACE = 'staging'
def PRODUCTION_NAMESPACE = 'production'
def PULL_SECRET = "registry-${REGISTRY_CREDENTIALS}"
def DOCKER_HOST_VALUE = 'tcp://dind.default:2375'
def DOCKER_POD = """
apiVersion: v1
kind: Pod
spec:
containers:
- name: docker
image: docker:19.03.6
command:
- cat
tty: true
env:
- name: DOCKER_HOST
value: ${DOCKER_HOST_VALUE}
"""
def KUBECTL_POD = """
apiVersion: v1
kind: Pod
spec:
containers:
- name: kubectl
image: lachlanevenson/k8s-kubectl:v1.15.9
command:
- cat
tty: true
"""
pipeline {
agent any
stages {
stage('Run Docker') {
agent { kubernetes label: 'docker', yaml: "${DOCKER_POD}" }
stages {
stage('Build Docker Image') {
steps {
container('docker') {
sh "docker build -t ${IMAGE_BRANCH_TAG}.${env.GIT_COMMIT[0..6]} ."
}
}
}
stage('Push Image to Registry') {
steps {
container('docker') {
withCredentials([
usernamePassword(
credentialsId: "${REGISTRY_CREDENTIALS}",
usernameVariable: 'REGISTRY_USER', passwordVariable: 'REGISTRY_PASS'
)
]) {
sh """
echo ${REGISTRY_PASS} | docker login ${REGISTRY_URL} -u ${REGISTRY_USER} --password-stdin
docker push ${IMAGE_BRANCH_TAG}.${env.GIT_COMMIT[0..6]}
docker tag ${IMAGE_BRANCH_TAG}.${env.GIT_COMMIT[0..6]} ${IMAGE_BRANCH_TAG}
docker push ${IMAGE_BRANCH_TAG}
"""
}
}
}
}
}
}
stage('Deploy Master') {
when { branch 'master' }
agent { kubernetes label: 'kubectl', yaml: "${KUBECTL_POD}" }
stages {
stage('Deploy Image to Staging') {
steps {
container('kubectl') {
withCredentials([
file(
credentialsId: "${CLUSTER_CREDENTIALS}",
variable: 'KUBECONFIG'
),
usernamePassword(
credentialsId: "${REGISTRY_CREDENTIALS}",
usernameVariable: 'REGISTRY_USER', passwordVariable: 'REGISTRY_PASS'
)
]) {
sh """
kubectl \
-n ${STAGING_NAMESPACE} \
create secret docker-registry ${PULL_SECRET} \
--docker-server=${REGISTRY_URL} \
--docker-username=${REGISTRY_USER} \
--docker-password=${REGISTRY_PASS} \
--dry-run \
-o yaml \
| kubectl apply -f -
sed \
-e "s|{{NAMESPACE}}|${STAGING_NAMESPACE}|g" \
-e "s|{{PULL_IMAGE}}|${IMAGE_BRANCH_TAG}.${env.GIT_COMMIT[0..6]}|g" \
-e "s|{{PULL_SECRET}}|${PULL_SECRET}|g" \
${KUBERNETES_MANIFEST} \
| kubectl apply -f -
"""
}
}
}
}
stage('Manual Review') {
agent none
steps {
timeout(time:2, unit:'DAYS') {
input message: 'Deploy image to production?'
}
}
}
stage('Deploy Image to Production') {
steps {
container('kubectl') {
withCredentials([
file(
credentialsId: "${CLUSTER_CREDENTIALS}",
variable: 'KUBECONFIG'
),
usernamePassword(
credentialsId: "${REGISTRY_CREDENTIALS}",
usernameVariable: 'REGISTRY_USER', passwordVariable: 'REGISTRY_PASS'
)
]) {
sh """
kubectl \
-n ${PRODUCTION_NAMESPACE} \
create secret docker-registry ${PULL_SECRET} \
--docker-server=${REGISTRY_URL} \
--docker-username=${REGISTRY_USER} \
--docker-password=${REGISTRY_PASS} \
--dry-run \
-o yaml \
| kubectl apply -f -
sed \
-e "s|{{NAMESPACE}}|${PRODUCTION_NAMESPACE}|g" \
-e "s|{{PULL_IMAGE}}|${IMAGE_BRANCH_TAG}.${env.GIT_COMMIT[0..6]}|g" \
-e "s|{{PULL_SECRET}}|${PULL_SECRET}|g" \
${KUBERNETES_MANIFEST} \
| kubectl apply -f -
"""
}
}
}
}
}
}
}
}