下面是管道:-
#!groovy
String version
String awsRegion = "us-east-1"
String appName = "abcde"
String dockerFilePath = "."
def featureEnv = env.BRANCH_NAME != 'master'
String branchName = env.BRANCH_NAME
String env = (env.BRANCH_NAME == 'master') ? 'release' : 'develop'
String ecrRepo = featureEnv ? "123456789012.dkr.ecr.${awsRegion}.amazonaws.com/abcde_${env}" : "987654321098.dkr.ecr.${awsRegion}.amazonaws.com/abcde_master"
String terraformPath = "terraform/dev"
println "Feature Environment=${featureEnv}"
pipeline {
agent none
options {
buildDiscarder(logRotator(numToKeepStr: '30'))
disableConcurrentBuilds()
timeout(time: 6, unit: 'HOURS')
ansiColor('xterm')
}
stages {
stage('version build'){
agent { label 'linux' }
steps {
script {
version = VersionNumber(
versionNumberString: '1.0.${BUILD_NUMBER, X}',
skipFailedBuilds: false)
currentBuild.displayName = version
println "Pipeline Version='${version}'"
}
}
}
stage('Build') {
when {
anyOf { branch 'develop'; branch 'release'; branch 'master' }
}
agent { label 'linux' }
steps {
checkout scm
unstash name: "${appName}-docker"
dir(dockerFilePath) {
sh("""
while IFS= read -r line; do
build_args+=" --build-arg \$line"
done < "env_vars.txt"
#echo \$build_args
docker build -t ${ecrRepo}:${version} \$build_args --no-cache=true .
eval \$(aws ecr get-login --no-include-email --region ${awsRegion})
docker push ${ecrRepo}:${version}
docker rmi ${ecrRepo}:${version}
""")
}
}
}
}
}
我正在使用多分支管道来执行Jenkins作业,但是对于master
分支机构docker push
而言,它是指非生产AWS账户123456789012
而不是987654321098
生产账户。 >
这是Jenkins的控制台输出:-
https://123456789012.dkr.ecr.us-east-1.amazonaws.com
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /home/jenkins/.docker/config.json.
Configure a credential helper to remove this warning.
Login Succeeded
+ docker push 987654321098.dkr.ecr.us-east-1.amazonaws.com/abcde_master:1.0.3
The push refers to repository [987654321098.dkr.ecr.us-east-1.amazonaws.com/abcde_master]
67fd951a79e2: Preparing
67fd951a79e2: Preparing
f790557d0705: Waiting
5219a8696018: Waiting
denied: Your authorization token has expired. Reauthenticate and try again.
所以我在Jenkinsfile中为Prod添加了一个单独的阶段,如何通过告诉docker考虑Prod帐户并在分支为master
时成功推送到AWS ECR回购,在一个阶段中避免同一阶段。