问题描述:
image.png

简单版解决方法:

在jenkins容器里执行git config —global http.sslVerify false
或者将此文件挂载进去
image.png

image.png

然而跑一个示例的流水线依然报该错误。原来jenkins调取的slave流水线里没有Git忽略ssl配置

通过如下命令查看jenkins/inbound-agent镜像的家目录:

  1. docker history --format {{.CreatedBy}} --no-trunc=true jenkins/inbound-agent:4.11-1-jdk11 |sed "s?/bin/sh\ -c\ \#(nop)\ ??g"|sed "s?/bin/sh\ -c?RUN?g" | tac

image.png
所以将示例的流水线加上该挂载就能跑成功了(mountPath)

  1. def label = "slave-${UUID.randomUUID().toString()}"
  3. podTemplate(label: label, containers: [
  4.   containerTemplate(name: 'golang', image: 'golang:1.16.14-alpine3.14', command: 'cat', ttyEnabled: true),
  5.   containerTemplate(name: 'docker', image: 'docker:latest', command: 'cat', ttyEnabled: true),
  6.   containerTemplate(name: 'kubectl', image: 'cnych/kubectl', command: 'cat', ttyEnabled: true)
  7. ], serviceAccount: 'jenkins', volumes: [
  8.   hostPathVolume(mountPath: '/home/jenkins/.kube', hostPath: '/root/.kube'),
  9.   hostPathVolume(mountPath: '/home/jenkins/.gitconfig', hostPath: '/root/.gitconfig'),
  10.   hostPathVolume(mountPath: '/var/run/docker.sock', hostPath: '/var/run/docker.sock')
  11. ]) {
  12.   node(label) {
  13.     def myRepo = checkout scm
  14.     def gitCommit = myRepo.GIT_COMMIT
  15.     def gitBranch = myRepo.GIT_BRANCH
  17.     stage('单元测试') {
  18.       echo "测试阶段"
  19.     }
  20.     stage('代码编译打包') {
  21.       container('golang') {
  22.         echo "代码编译打包阶段"
  23.       }
  24.     }
  25.     stage('构建 Docker 镜像') {
  26.       container('docker') {
  27.         echo "构建 Docker 镜像阶段"
  28.       }
  29.     }
  30.     stage('运行 Kubectl') {
  31.       container('kubectl') {
  32.         echo "查看 K8S 集群 Pod 列表"
  33.         sh "kubectl get pods"
  34.       }
  35.     }
  36.   }
  37. }