And what about authenticating on the environment? So our jenins is building our
images. Than it's pushing our images to the registry we want. (This could be a
registry on a whole other OpenShift Cluster).
To access the registry you also need a token (docker login -u.. -e .. -p TOKEN
...).
You can only get a token after authenticating in your cluster.
So now we're performing something like this: oc login -u admin -p admin
${DESTIONATIONMASTER} --certificate-authority=/cert/${CERT}
in our Jenkins Job but this does not seem as a good approach. Do you have some
recommendations?
From: [email protected]
Date: Tue, 12 Apr 2016 08:47:34 -0400
Subject: Re: Best way to add ca.crt to jenkins container
To: [email protected]
CC: [email protected]
On Tue, Apr 12, 2016 at 8:13 AM, Lorenz Vanthillo
<[email protected]> wrote:
We have a Jenkins Container on our OpenShift 1.1 DEV environment
We're able to push images to our different environments (exposed secure
registry). (for example environment TEST)
But we have 2 "issues".
- We have to mount the ca.crt of our environment TEST to our jenkins container
so it's able to authenticate on our environment.
- We need to create /etc/docker/certs.d/docker-registry.test.xxx:443/ca.crt on
our DEV environment so It's able to authenticate on our docker-registry on TEST.
We have to perform this steps for every new environment which we're setting up.
Is there some better way to achieve this?
if the certs are the same you could always build your own jenkins image
layered on top of the openshift one that includes those certs, and set it up as
an openshift docker build so you can respin it any time the openshift jenkins
image changes.
You could also create the certs as Secrets and use a template to define a
deployment config that will mount those secrets to the right place every time.
(but you'd still have to create the Secrets in every project of every
environment)
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
--
Ben Parees | OpenShift
_______________________________________________
users mailing list
[email protected]
http://lists.openshift.redhat.com/openshiftmm/listinfo/users