diff --git a/Jenkinsfile b/Jenkinsfile index 1ad492b..b28599d 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -3,6 +3,7 @@ pipeline { environment { REGISTRY = "myharbor.local:80" + HARBOR_IP = "192.168.108.101" // Your Master Node IP APP_NAME = "ecommerce-app" IMAGE_NAME = "ecommerce-backend" IMAGE_TAG = "${REGISTRY}/library/${IMAGE_NAME}:${env.BRANCH_NAME}-${env.BUILD_NUMBER}" @@ -11,37 +12,22 @@ pipeline { } stages { - stage('Checkout') { + stage('Network Setup') { steps { - checkout scm + // Manually inject the host entry for this build session + sh "echo '${HARBOR_IP} myharbor.local' | sudo tee -a /etc/hosts" } } stage('Build Image') { steps { script { - // Force nerdctl to use the socket by creating the directory it expects - sh """ - mkdir -p /run/buildkit-default - mkdir -p /run/buildkit + // Start buildkitd if it died during pod rotation + sh "mkdir -p /run/buildkit && sudo chmod 777 /run/buildkit" + sh "nohup buildkitd --addr unix:///run/buildkit/buildkitd.sock > /tmp/buildkitd.log 2>&1 &" + sleep 10 - # Search for the buildkit socket in the entire /run directory - # and symlink it to the default location nerdctl wants - BK_SOCKET=\$(find /run -name "buildkitd.sock" | head -n 1) - - if [ -n "\$BK_SOCKET" ]; then - echo "Found BuildKit socket at \$BK_SOCKET. Linking..." - ln -sf \$BK_SOCKET /run/buildkit/buildkitd.sock - ln -sf \$BK_SOCKET /run/buildkit-default/buildkitd.sock - else - echo "BuildKit socket not found. Attempting to start it locally..." - nohup buildkitd --addr unix:///run/buildkit/buildkitd.sock > /tmp/buildkitd.log 2>&1 & - sleep 10 - fi - - # Run the build - nerdctl --address ${CONTAINERD_ADDR} build --insecure-registry -t ${IMAGE_TAG} . - """ + sh "nerdctl --address ${CONTAINERD_ADDR} build --insecure-registry -t ${IMAGE_TAG} ." } } } @@ -50,24 +36,19 @@ pipeline { steps { script { withCredentials([usernamePassword(credentialsId: 'harbor-creds', passwordVariable: 'PASS', usernameVariable: 'USER')]) { - sh "nerdctl --address ${CONTAINERD_ADDR} login ${REGISTRY} -u ${USER} -p ${PASS} --insecure-registry" + // Using --password-stdin to remove the "insecure" warning + sh "echo '${PASS}' | nerdctl --address ${CONTAINERD_ADDR} login ${REGISTRY} -u ${USER} --password-stdin --insecure-registry" sh "nerdctl --address ${CONTAINERD_ADDR} push ${IMAGE_TAG} --insecure-registry" } } } } - stage('Deploy to K8s') { + stage('Deploy') { steps { script { withCredentials([file(credentialsId: 'k8s-config', variable: 'KUBECONFIG')]) { - // Using 'Never' because nerdctl builds directly into the containerd store - // shared by the node. - sh """ - kubectl --kubeconfig=${KUBECONFIG} patch deployment ${APP_NAME} -n ${NAMESPACE} --patch \ - '{"spec": {"template": {"spec": {"containers": [{"name": "${APP_NAME}", "image": "${IMAGE_TAG}", "imagePullPolicy": "Never"}]}}}}' - """ - sh "kubectl --kubeconfig=${KUBECONFIG} rollout status deployment/${APP_NAME} -n ${NAMESPACE}" + sh "kubectl --kubeconfig=${KUBECONFIG} patch deployment ${APP_NAME} -n ${NAMESPACE} --patch '{\"spec\": {\"template\": {\"spec\": {\"containers\": [{\"name\": \"${APP_NAME}\", \"image\": \"${IMAGE_TAG}\", \"imagePullPolicy\": \"Never\"}]}}}}'" } } }