Closed MadsNielsen closed 6 years ago
We won't need history, nor backup, as it is only a demo instance and new builds will come again when there is activity in projects. Else we simple run some.
Basic setup working in docker compose with secrets and master.
You mentioned a bug in docker compose, leading to this change in CasC https://github.com/jenkinsci/configuration-as-code-plugin/commit/c83470c3b842358bbbbbb3f6af996dfa278953af
Can you please check the file outside and inside the container using cat -A
https://linuxaria.com/pills/linux-terminal-seeing-the-unseen-characters-with-cat to verify it is a bug in docker-compose?
No matter what we can not commit to CASC project without an issue or PR... so please revert that commit and create a proper issues describing the problem there - if the problem really is with CasC and not docker compose.
FYI @ewelinawilkosz
md5sum could also be used to verify the files are identical ?
cat with the -A switch inside container:
jenkins@5e53860188b8:/$ cat -A /run/secrets/adminpw
secr3t$
cat with the -A switch from the host system:
mads@mads-UX302LG:/var/deploy/secrets$ cat -A /var/deploy/secrets/adminpw
secr3t$
CAT(1) User Commands CAT(1)
NAME
cat - concatenate files and print on the standard output
SYNOPSIS
cat [OPTION]... [FILE]...
DESCRIPTION
Concatenate FILE(s) to standard output.
With no FILE, or when FILE is -, read standard input.
-A, --show-all
equivalent to -vET
-b, --number-nonblank
number nonempty output lines, overrides -n
-e equivalent to -vE
-E, --show-ends
display $ at end of each line
-n, --number
number all output lines
-s, --squeeze-blank
suppress repeated empty output lines
-t equivalent to -vT
-T, --show-tabs
display TAB characters as ^I
-u (ignored)
-v, --show-nonprinting
use ^ and M- notation, except for LFD and TAB
--help display this help and exit
--version
output version information and exit
mads@mads-UX302LG:/var/deploy/secrets$ cat /var/deploy/secrets/adminpw
secr3t
mads@mads-UX302LG:/var/deploy/secrets$
jenkins@5e53860188b8:/$ cat /run/secrets/adminpw
secr3t
jenkins@5e53860188b8:/$
So with the above I would conclude docker compose work correctly and as expected - it do not change the file passed in through secrets.
The problem must be they way we read it in CasC https://github.com/jenkinsci/configuration-as-code-plugin/blob/master/src/main/java/org/jenkinsci/plugins/casc/DockerSecretSource.java#L21
Should use a specific version of jenkins4casc and docker version 3.3 so we can use docker secrets.
It should reference docker secrets we create manually on the EC2 instance docker host.
It should reference a jenkins.yml in this repository, using an environment variable and point to the raw content of the jenkins.yml