From b291f5450e02c6416838906cc228b75d9699db64 Mon Sep 17 00:00:00 2001 From: sido Date: Mon, 2 Jul 2018 14:10:58 +0200 Subject: [PATCH 1/3] add nexus password environment --- molgenis-jenkins/README.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/molgenis-jenkins/README.md b/molgenis-jenkins/README.md index 9fe7bd6..2ee45ea 100644 --- a/molgenis-jenkins/README.md +++ b/molgenis-jenkins/README.md @@ -46,13 +46,14 @@ You can override the values at deploy time but otherwise also configure them Environment variables stored in molgenis-pipeline-env secret, to be added as environment variables in the slave pods. -| Parameter | Description | Default | -| ---------------------------------- | ------------------------------------ | --------------- | -| `PipelineSecrets.Env.Replace` | Replace molgenis-pipeline-env secret | `true` | -| `PipelineSecrets.Env.PGPPassphrase`| passphrase for the pgp signing key | `literal:xxxx` | -| `PipelineSecrets.Env.CodecovToken` | token for codecov.io | `xxxx` | -| `PipelineSecrets.Env.GitHubToken` | token for GH molgenis-jenkins user | `xxxx` | -| `PipelineSecrets.Env.SonarToken` | token for sonarcloud.io | `xxxx` | | +| Parameter | Description | Default | +| ---------------------------------- | ---------------------------------------- | --------------- | +| `PipelineSecrets.Env.Replace` | Replace molgenis-pipeline-env secret | `true` | +| `PipelineSecrets.Env.PGPPassphrase`| passphrase for the pgp signing key | `literal:xxxx` | +| `PipelineSecrets.Env.CodecovToken` | token for codecov.io | `xxxx` | +| `PipelineSecrets.Env.GitHubToken` | token for GH molgenis-jenkins user | `xxxx` | +| `PipelineSecrets.Env.NexusPassword`| token for molgenis-jenkins user in NEXUS | `xxxx` | +| `PipelineSecrets.Env.SonarToken` | token for sonarcloud.io | `xxxx` | | ### File From 800d7a934c97f76ca21a5c0318d0647264540a4a Mon Sep 17 00:00:00 2001 From: sido Date: Mon, 2 Jul 2018 20:13:01 +0200 Subject: [PATCH 2/3] add docker hub credentials --- molgenis-jenkins/README.md | 17 +++++++++-------- .../molgenis-jenkins-dockerhub-secret.yaml | 16 ++++++++++++++++ molgenis-jenkins/values.yaml | 2 ++ 3 files changed, 27 insertions(+), 8 deletions(-) create mode 100644 molgenis-jenkins/templates/molgenis-jenkins-dockerhub-secret.yaml diff --git a/molgenis-jenkins/README.md b/molgenis-jenkins/README.md index 2ee45ea..c4e134a 100644 --- a/molgenis-jenkins/README.md +++ b/molgenis-jenkins/README.md @@ -46,14 +46,15 @@ You can override the values at deploy time but otherwise also configure them Environment variables stored in molgenis-pipeline-env secret, to be added as environment variables in the slave pods. -| Parameter | Description | Default | -| ---------------------------------- | ---------------------------------------- | --------------- | -| `PipelineSecrets.Env.Replace` | Replace molgenis-pipeline-env secret | `true` | -| `PipelineSecrets.Env.PGPPassphrase`| passphrase for the pgp signing key | `literal:xxxx` | -| `PipelineSecrets.Env.CodecovToken` | token for codecov.io | `xxxx` | -| `PipelineSecrets.Env.GitHubToken` | token for GH molgenis-jenkins user | `xxxx` | -| `PipelineSecrets.Env.NexusPassword`| token for molgenis-jenkins user in NEXUS | `xxxx` | -| `PipelineSecrets.Env.SonarToken` | token for sonarcloud.io | `xxxx` | | +| Parameter | Description | Default | +| -------------------------------------- | ----------------------------------------- | --------------- | +| `PipelineSecrets.Env.Replace` | Replace molgenis-pipeline-env secret | `true` | +| `PipelineSecrets.Env.PGPPassphrase` | passphrase for the pgp signing key | `literal:xxxx` | +| `PipelineSecrets.Env.CodecovToken` | token for codecov.io | `xxxx` | +| `PipelineSecrets.Env.GitHubToken` | token for GH molgenis-jenkins user | `xxxx` | +| `PipelineSecrets.Env.NexusPassword` | token for molgenis-jenkins user in NEXUS | `xxxx` | +| `PipelineSecrets.Env.DockerHubPassword`| token for molgenis user in hub.docker.com | `xxxx` | +| `PipelineSecrets.Env.SonarToken` | token for sonarcloud.io | `xxxx` | | ### File diff --git a/molgenis-jenkins/templates/molgenis-jenkins-dockerhub-secret.yaml b/molgenis-jenkins/templates/molgenis-jenkins-dockerhub-secret.yaml new file mode 100644 index 0000000..cac25e2 --- /dev/null +++ b/molgenis-jenkins/templates/molgenis-jenkins-dockerhub-secret.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Secret +metadata: +# this is the jenkins id. + name: "molgenis-jenkins-dockerhub-secret" + labels: +# so we know what type it is. + "jenkins.io/credentials-type": "usernamePassword" + annotations: { +# description - can not be a label as spaces are not allowed + "jenkins.io/credentials-description" : "user to authenticate against GOGS (git.webhosting.rug.nl)" + } +type: Opaque +data: + username: {{ "molgenis" | b64enc | quote }} + password: {{ .Values.PipelineSecrets.Env.DockerHubPassword | b64enc | quote }} \ No newline at end of file diff --git a/molgenis-jenkins/values.yaml b/molgenis-jenkins/values.yaml index 76e6db6..7b44096 100644 --- a/molgenis-jenkins/values.yaml +++ b/molgenis-jenkins/values.yaml @@ -269,6 +269,8 @@ PipelineSecrets: SonarToken: xxxx # Password Local NEXUS NexusPassword: xxxx + # Password hub.docker.com + DockerHubPassword: xxxx File: # Set to false to keep existing secret Replace: true From 238da8b22bb2c57438a41f3236b0aea67781f536 Mon Sep 17 00:00:00 2001 From: sido Date: Mon, 2 Jul 2018 20:23:09 +0200 Subject: [PATCH 3/3] changed name because of weird policy dockerhub --- .../templates/molgenis-jenkins-dockerhub-secret.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/molgenis-jenkins/templates/molgenis-jenkins-dockerhub-secret.yaml b/molgenis-jenkins/templates/molgenis-jenkins-dockerhub-secret.yaml index cac25e2..5646e8b 100644 --- a/molgenis-jenkins/templates/molgenis-jenkins-dockerhub-secret.yaml +++ b/molgenis-jenkins/templates/molgenis-jenkins-dockerhub-secret.yaml @@ -12,5 +12,5 @@ metadata: } type: Opaque data: - username: {{ "molgenis" | b64enc | quote }} + username: {{ "molgenisci" | b64enc | quote }} password: {{ .Values.PipelineSecrets.Env.DockerHubPassword | b64enc | quote }} \ No newline at end of file