Credentials provider that allows storing credentials in Kubernetes
The plugin will run if you have configured kubectl locally (and have the permissions required to watch/list/read secrets).
For full integration testing then this directory contains some files useful for developer testing the plugin inside a Jenkins running inside a kubernetes (tested with GKE).
They may require some small tweaks for your environment (as it will be different to mine), but if so please don’t attempt to commit them back :-)
All commands are run from docs/dev unless otherwise specified.
mvn verify) (from the root of the repository) docker build ../.. -f Dockerfile -t jenkins-k8s-creds
e.g.
docker build ../.. -f Dockerfile -t eu.gcr.io/myproject/jenkins-k8s-creds
docker push [HOSTNAME]/[PROJECT-ID]/[IMAGE][:TAG]
e.g.
docker push eu.gcr.io/myproject/jenkins-k8s-creds
Note: this page is useful for setting up auth to push to GKE
In short: gcloud docker -- push <image>
After building the image using the steps above use the following steps to deploy it to development cluster for testing.
kubectl apply -f testing-namespace.yamlkubectl apply -f service-account.yamlkubectl apply -f secret-reader-role.yamlkubectl apply -f secret-reader-role-binding.yamlkubectl apply -f jenkins-kube-creds.yamlkubectl apply -f service.yamlOR
If using kubectl 1.14+ you can simply run the kustomization script:
# from the project root
kubectl apply -k docs/dev
# and to tear it all down
kubectl delete -k docs/dev
Documentation can be generated locally for testing using bundle exec jekyll serve once Jekyll is installed.