Jenkinsfile |码头工人| ecr | AWS

时间:2020-07-13 11:40:29

标签: amazon-web-services docker jenkins jenkins-pipeline aws-ecr

下面是管道:-

#!groovy
String version
String awsRegion = "us-east-1"
String appName = "abcde"
String dockerFilePath = "."
def featureEnv = env.BRANCH_NAME != 'master'
String branchName = env.BRANCH_NAME
String env = (env.BRANCH_NAME == 'master') ? 'release' : 'develop'
String ecrRepo = featureEnv ? "123456789012.dkr.ecr.${awsRegion}.amazonaws.com/abcde_${env}" : "987654321098.dkr.ecr.${awsRegion}.amazonaws.com/abcde_master"
String terraformPath = "terraform/dev"
println "Feature Environment=${featureEnv}"

pipeline {
    agent none
    options {
        buildDiscarder(logRotator(numToKeepStr: '30'))
        disableConcurrentBuilds()
        timeout(time: 6, unit: 'HOURS')
        ansiColor('xterm')
    }

    stages {
        stage('version build'){
          agent { label 'linux' }
          steps {
            script {
                    version = VersionNumber(
                        versionNumberString: '1.0.${BUILD_NUMBER, X}',
                        skipFailedBuilds:    false)
                    currentBuild.displayName = version
                    println "Pipeline Version='${version}'"
              }
        }
    }
        
        stage('Build') {
            when {
                anyOf { branch 'develop'; branch 'release'; branch 'master' }
            }
            agent { label 'linux' }
            steps {
                checkout scm
                unstash name: "${appName}-docker"
                dir(dockerFilePath) {
                     sh("""
                        while IFS= read -r line; do
                            build_args+=" --build-arg \$line"
                        done < "env_vars.txt"
                        #echo \$build_args
                        docker build -t ${ecrRepo}:${version} \$build_args --no-cache=true .
                        eval \$(aws ecr get-login --no-include-email --region ${awsRegion})
                        docker push ${ecrRepo}:${version}
                        docker rmi ${ecrRepo}:${version}
                     """)
               }
            }
        }
    }
}

我正在使用多分支管道来执行Jenkins作业,但是对于master分支机构docker push而言,它是指非生产AWS账户123456789012而不是987654321098生产账户。 >

这是Jenkins的控制台输出:-

https://123456789012.dkr.ecr.us-east-1.amazonaws.com
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /home/jenkins/.docker/config.json.
Configure a credential helper to remove this warning.
Login Succeeded
+ docker push 987654321098.dkr.ecr.us-east-1.amazonaws.com/abcde_master:1.0.3
The push refers to repository [987654321098.dkr.ecr.us-east-1.amazonaws.com/abcde_master]
67fd951a79e2: Preparing
67fd951a79e2: Preparing
f790557d0705: Waiting
5219a8696018: Waiting
denied: Your authorization token has expired. Reauthenticate and try again.

所以我在Jenkinsfile中为Prod添加了一个单独的阶段,如何通过告诉docker考虑Prod帐户并在分支为master时成功推送到AWS ECR回购,在一个阶段中避免同一阶段。

0 个答案:

没有答案