Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/javascript/471.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Jenkins 詹金斯将环境传递给pod模板_Jenkins_Kubernetes - Fatal编程技术网
Fatal编程技术网
  • jenkins/
  • Jenkins 詹金斯将环境传递给pod模板

Jenkins 詹金斯将环境传递给pod模板

jenkins kubernetes

Jenkins 詹金斯将环境传递给pod模板,jenkins,kubernetes,Jenkins,Kubernetes,我有一个Jenkins作业,它在K8s节点中使用两个容器调用POD。 我有一个自定义python脚本,它从远程系统获取临时机密,并用这个机密在名称空间中创建机密 def create_secret(body): v1.create_namespaced_secret(namespace='default', body=body ) 这个生成机密的容器是Init

我有一个Jenkins作业,它在K8s节点中使用两个容器调用POD。 我有一个自定义python脚本,它从远程系统获取临时机密,并用这个机密在名称空间中创建机密

def create_secret(body):
    v1.create_namespaced_secret(namespace='default',
                                body=body
                                )
这个生成机密的容器是InitContainer。 创建机密后,InitContainer将被销毁并启动my apps容器。 由于我的秘密是暂时的,这是詹金斯的工作,我想用“詹金斯工作”这样的名字来制作临时秘密,例如秘密名称“詹金斯奴隶布拉”。 在此之后,我想向我的应用程序容器公开以下秘密:

  containers:
    - name: "jnlp"
      env:
        - name: HOSTNAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name

        - name: "TOKEN"
          valueFrom:
            secretKeyRef:
              name: "$(HOSTNAME)"
              key: "TOKEN"
但当我在Jenkins内部的Kubernetes插件中将下一个字符串放入我的POD模板时,我的Jenkins工作并没有开始

    - name: "TOKEN"
      valueFrom:
        secretKeyRef:
          name: "$(HOSTNAME)"
          key: "TOKEN"
主要问题是Jenkins job和Jenkins的Kubernetes插件,这家伙无法启动POD,因为无法将环境传递到模板,我尝试了$HOSTNAME、$(HOSTNAME)、${HOSTNAME}和其他许多不同的方法,但job不起作用。Jenkins作业主机名的每个开头都是新的。秘密的名字每次都必须是新的。我不能用静态名称来表示秘密

这是我的Kubernetes插件模板: Yaml合并策略:合并

apiVersion: v1
kind: Pod
spec:
  securityContext:
    fsGroup: 65534
  initContainers:
    - name: "cred-prepare"
      image: XXXXXXXXXX.dkr.ecr.us-east-1.amazonaws.com/kubesdk:latest
      volumeMounts:
        - name: "secret-volume"
          mountPath: "script.py"
          subPath: "script.py"
      command:
        - "/bin/sh"
        - "-c"
        - |
          python3 script.py # Creating secret with name=HOSTNAME
  containers:
    - name: "jnlp"
      env:
        - name: HOSTNAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name

        - name: "TOKEN"
          valueFrom:
            secretKeyRef:
              name: "$(HOSTNAME)"
              key: "TOKEN"
  volumes:
    - name: "secret-volume"
      secret:
        secretName: "secrets"
        items:
          - key: "script.py"
            path: "script.py"
如果可以将秘密变量从InitContainer直接发送到app Container,请告诉我如何发送。 多谢各位

我从org.csanchez.jenkins.plugins.kubernetes获得了额外的日志

Error in provisioning; agent=KubernetesSlave name: k8s-slave-dispute-81rzs, template=PodTemplate{inheritFrom='', name='k8s-slave-dispute', namespace='default', hostNetwork=false, instanceCap=10, label='k8s-slave-dispute', serviceAccount='jenkins-slave', nodeSelector='', nodeUsageMode=EXCLUSIVE, workspaceVolume=EmptyDirWorkspaceVolume [memory=false], containers=[ContainerTemplate{name='jnlp', image='123123123123123.dkr.ecr.us-east-1.amazonaws.com/jnlp2:latest', workingDir='/home/jenkins/agent', command='', args='', ttyEnabled=true, resourceRequestCpu='', resourceRequestMemory='', resourceLimitCpu='', resourceLimitMemory='', livenessProbe=org.csanchez.jenkins.plugins.kubernetes.ContainerLivenessProbe@2cb36d87}]}
io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: POST at: https://12312312312312312312312.gr7.us-east-1.eks.amazonaws.com/api/v1/namespaces/default/pods. Message: Pod "k8s-slave-dispute-81rzs" is invalid: spec.containers[0].env[3].valueFrom.secretKeyRef.name: Invalid value: "$(JENKINS_NAME)": a DNS-1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'). Received status: Status(apiVersion=v1, code=422, details=StatusDetails(causes=[StatusCause(field=spec.containers[0].env[3].valueFrom.secretKeyRef.name, message=Invalid value: "$(JENKINS_NAME)": a DNS-1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'), reason=FieldValueInvalid, additionalProperties={})], group=null, kind=Pod, name=k8s-slave-dispute-81rzs, retryAfterSeconds=null, uid=null, additionalProperties={}), kind=Status, message=Pod "k8s-slave-dispute-81rzs" is invalid: spec.containers[0].env[3].valueFrom.secretKeyRef.name: Invalid value: "$(JENKINS_NAME)": a DNS-1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'), metadata=ListMeta(_continue=null, remainingItemCount=null, resourceVersion=null, selfLink=null, additionalProperties={}), reason=Invalid, status=Failure, additionalProperties={}).
Kubernetes插件无法将环境传递到pod模板

Invalid value: "$(JENKINS_NAME)": a DNS-1123 subdomain must consist of lower case alphanumeric characters
Env JENKINS_NAME表示POD主机名。

您是否尝试将(secretKeyRef)引用到主机名而不是$Hostname?主机名将在initContainer完成后自动更改。主机名是POD而不是容器的名称,是的,我尝试过。您是否找到了解决方案?您是否尝试将(secretKeyRef)引用到主机名而不是$Hostname?主机名将在initContainer完成后自动更改。主机名是POD而不是容器的名称,是的,我尝试过。您找到解决方案了吗?