LM
/
nwl-ci
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docker,playbooks: moved getting root CA into playbook 

there is an issue with curl getting the Belden root cert, thus the
setup was completely moved to the playbook.

Signed-off-by: Marc Mattmüller <marc.mattmueller@netmodule.com>
This commit is contained in:
Marc Mattmüller 2023-07-11 15:34:24 +02:00
parent 94aa68c0d6
commit ba1a480537
2 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docker/Dockerfile
View File

@ -20,8 +20,5 @@ ENV JAVA_OPTS -Djenkins.install.runSetupWizard=false -Dhudson.slaves.WorkspaceLi
ENV CASC_JENKINS_CONFIG /var/jenkins_home/casc.yaml ENV CASC_JENKINS_CONFIG /var/jenkins_home/casc.yaml
ENV JENKINS_HOME /var/jenkins_home ENV JENKINS_HOME /var/jenkins_home
# get RootCA so that we have it for importing:
RUN curl -sSL https://platform-nas.gad.local/K-Stufen/cert/Belden-Global-Root-CA.crt -o /tmp/rootCA_Belden.crt
COPY plugins.txt /usr/share/jenkins/ref/plugins.txt COPY plugins.txt /usr/share/jenkins/ref/plugins.txt
RUN jenkins-plugin-cli --plugin-file /usr/share/jenkins/ref/plugins.txt RUN jenkins-plugin-cli --plugin-file /usr/share/jenkins/ref/plugins.txt

3
playbooks/getting_started/setup-nwl-jenkins.yaml
View File

@ -63,6 +63,7 @@
executable: /bin/bash executable: /bin/bash
- name: Setup trust store containing Belden root CA in Jenkins - name: Setup trust store containing Belden root CA in Jenkins
ansible.builtin.shell: | ansible.builtin.shell: |
curl -sSL https://platform-nas.gad.local/K-Stufen/cert/Belden-Global-Root-CA.crt -o secrets/.cacerts/rootCA_Belden.crt
docker-compose up --build -d docker-compose up --build -d
sleep 30s sleep 30s
docker-compose logs | grep "Jenkins is fully up and running" docker-compose logs | grep "Jenkins is fully up and running"
@ -70,7 +71,7 @@
echo "FAILED to bring Jenkins up --> check docker-compose logs" echo "FAILED to bring Jenkins up --> check docker-compose logs"
else else
docker exec -it $(docker ps | grep jenkins:nwl | cut -d' ' -f1) /bin/bash docker exec -it $(docker ps | grep jenkins:nwl | cut -d' ' -f1) /bin/bash
keytool -keystore /var/jenkins_home/.cacerts/cacerts -import -alias "Belden Root CA" -file /tmp/rootCA_Belden.crt -noprompt -storepass changeit keytool -keystore /var/jenkins_home/.cacerts/cacerts -import -alias "Belden Root CA" -file /var/jenkins_home/.cacerts/rootCA_Belden.crt -noprompt -storepass changeit
exit exit
fi fi
docker-compose down docker-compose down