Integrate Harbor into Pipelines

    • You need to enable the KubeSphere DevOps System.
    • You need to create a workspace, a DevOps project, and a user (). This account needs to be invited to the DevOps project with the operator role. See if they are not ready.

    Install Harbor

    It is highly recommended that you install Harbor through . Alternatively, install Harbor manually through Helm3.

    1. After Harbor is installed, visit <NodeIP>:30002 and log in to the console with the default account and password (admin/Harbor12345). Click Projects in the left navigation pane and click NEW PROJECT on the Projects page.

    2. In the displayed dialog box, set a name (ks-devops-harbor) and click OK.

    3. Click the project you just created, and click NEW ROBOT ACCOUNT under the Robot Accounts tab.

    4. In the displayed dialog box, set a name (robot-test) for the robot account and click SAVE. Make sure you select the checkbox for pushing artifact in Permissions.

    5. In the displayed dialog box, click EXPORT TO FILE to save the token.

    Enable Insecure Registry

    You have to configure Docker to disregard security for your Harbor registry.

    1. Run the following commands to restart Docker for the changes to take effect.

      Note

      It is suggested that you use this solution for isolated testing or in a tightly controlled, air-gapped environment. For more information, refer to . After you finish the above operations, you can also use the images in your Harbor registry when deploying workloads in your project. You need to create an image Secret for your Harbor registry, and then select your Harbor registry and enter the absolute path of your images in Container Settings under the Container Image tab to search for your images.

    1. Log in to KubeSphere as , go to your DevOps project and create credentials for Harbor in Credentials under DevOps Project Settings.

    2. On the Create Credentials page, set a credential ID (robot-test) and select Username and password for Type. The Username field must be the same as the value of name in the JSON file you just downloaded and enter the value of token in the file for Password/Token.

    3. Click OK to save it.

    Create a Pipeline

    1. Go to the Pipelines page and click Create. In the Basic Information tab, enter a name (demo-pipeline) for the pipeline and click Next.

    1. Click the pipeline to go to its details page and click Edit Jenkinsfile.

    2. Copy and paste the following contents into the Jenkinsfile. Note that you must replace the values of REGISTRY, HARBOR_NAMESPACE, APP_NAME, and HARBOR_CREDENTIAL with your own values.

      ``` pipeline {
      agent {

      1. node {
      2.   label 'maven'
      3. }

      }

      environment {

      }

      stages {

      1. stage('docker login') {
      2.     container ('maven') {
      4.       sh '''echo $HARBOR_CREDENTIAL_PSW | docker login $REGISTRY -u 'robot$robot-test' --password-stdin'''
      5.         }
      6.       }  
      7.     }
      9. stage('build & push') {
      10.   steps {
      11.     container ('maven') {
      12.       sh 'git clone https://github.com/kstaken/dockerfile-examples.git'
      13.       sh 'cd dockerfile-examples/rethinkdb && docker build -t $REGISTRY/$HARBOR_NAMESPACE/$APP_NAME:devops-test .'
      14.       sh 'docker push  $REGISTRY/$HARBOR_NAMESPACE/$APP_NAME:devops-test'
      15.       }
      16.     }

      }

    Run the Pipeline