将 jenkins 机密文件传递给 docker 映像运行

Question

I'm building a Jenkins pipeline, I've a builde image in my repo, and I've uploaded a secret file that I need to provide to my building job to Jenkins credentials as a Secret file. I need to copy this file to the working directory of a docker run command that run a command on the builder image. I'm using this to retrieve the file as env variable:

withCredentials([
        file(credentialsId: 'keystore', variable: 'KEYSTORE'), {
          try {
            docker run parameters ${image}  -e ${KEYSTORE} command...
         }

Any ideas on how can I make that file available inside the container when run the docker image?

Answer 1

If you want to get the credentials file inside a docker container, you'll also need to volume mount it.

docker run parameters ${image} -e ${KEYSTORE} -v ${KEYSTORE}:${KEYSTORE}:ro

In case you use the built-in docker support, jenkins will take care of that:

pipeline {
    agent {
        dockerfile {
            dir 'build'
        }
    }

    stages {
        stage('Build') {
            steps {
                withCredentials([file(credentialsId: 'keystore', variable: 'KEYSTORE')]) {
                    sh 'ls -l'
                }
            }
        }
    }
}