[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: Best way to add ca.crt to jenkins container



And what about authenticating on the environment? So our jenins is building our images. Than it's pushing our images to the registry we want. (This could be a registry on a whole other OpenShift Cluster).
To access the registry you also need a token (docker login -u.. -e .. -p TOKEN ...).
You can only get a token after authenticating in your cluster.
So now we're performing something like this: oc login -u admin -p admin ${DESTIONATIONMASTER} --certificate-authority=/cert/${CERT}

in our Jenkins Job but this does not seem as a good approach. Do you have some recommendations?



From: bparees redhat com
Date: Tue, 12 Apr 2016 08:47:34 -0400
Subject: Re: Best way to add ca.crt to jenkins container
To: lorenz vanthillo outlook com
CC: users lists openshift redhat com



On Tue, Apr 12, 2016 at 8:13 AM, Lorenz Vanthillo <lorenz vanthillo outlook com> wrote:
We have a Jenkins Container on our OpenShift 1.1 DEV environment
We're able to push images to our different environments (exposed secure registry). (for example environment TEST)
But we have 2 "issues".
- We have to mount the ca.crt of our environment TEST to our jenkins container so it's able to authenticate on our environment.
- We need to create /etc/docker/certs.d/docker-registry.test.xxx:443/ca.crt on our DEV environment so It's able to authenticate on our docker-registry on TEST.

We have to perform this steps for every new environment which we're setting up. Is there some better way to achieve this?

​if the certs are the same you could always build your own jenkins image layered on top of the openshift one that includes those certs, and set it up as an openshift docker build so you can respin it any time the openshift jenkins image changes.

You could also create the certs as Secrets and use a template to define a deployment config that will mount those secrets to the right place every time.  (but you'd still have to create the Secrets in every project of every environment)

 

_______________________________________________
users mailing list
users lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users




--
Ben Parees | OpenShift


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]