Setting up Jenkins credentials

Gogs integrates with external identity providers and also features its own basic username/password authentication, which I'm using in my setup. This is not secure over HTTP, so, in a real environment, I would use SSH or HTTPS for Git, either by packaging a Secure Sockets Layer (SSL) certificate in the image, or by using a proxy server in front of Gogs.

In the Users section of the Gogs admin interface, I've created a jenkins user and given it read access to the docker-on-windows Git repository, which I'll use for my sample CI/CD job:

Jenkins will pull the source code repository from Gogs, authenticating as the jenkins user. I've added the username and password to Jenkins as global credentials so that they can be used by any job:

Jenkins doesn't display the password once entered, and it records an audit trail for all the jobs that use the credential, so this is a secure way of authenticating. My Jenkins container is running with a volume that mounts the Docker named pipe from the Windows host so that it can work with the Docker Engine without authenticating.

As an alternative, I could connect to a remote Docker API over TCP. To authenticate with Docker, I would use the Transport Layer Security (TLS) certificates I generated when securing the Docker engine. There are three certificates—the Certificate Authority (CA), the client certificate, and the client key. They need to be passed to the Docker CLI as file paths, and Jenkins supports this with credentials that can be saved as secret files, thus storing the certificate PEM files in Jenkins.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.147.77.208