2018-06-27 16:26:49 +02:00
# Molgenis Jenkins Helm Chart
2018-06-26 14:35:43 +02:00
2018-06-29 09:53:48 +02:00
Jenkins master and slave cluster utilizing the Jenkins Kubernetes plugin.
Wraps [the kuberenetes jenkins chart ](https://github.com/kubernetes/charts/tree/master/stable/jenkins ), see documentation there!
2018-06-26 14:35:43 +02:00
## Chart Details
This chart will do the following:
2018-06-26 15:06:35 +02:00
* 1 x Jenkins Master with port 8080 exposed on an external ClusterIP
2018-06-26 14:35:43 +02:00
* All using Kubernetes Deployments
## Installing the Chart
2018-06-29 09:53:48 +02:00
Usually, you'll be deploying this to the molgenis cluster.
In the [Rancher Catalog ](https://rancher.molgenis.org:7443/g/catalog ), add the latest version of this repository.
In the [molgenis cluster management page ](https://rancher.molgenis.org:7443/p/c-mhkqb:project-2pf45/apps ), choose the
catalog, pick the molgenis-jenkins app from the catalog and deploy it.
2018-06-26 14:35:43 +02:00
## Configuration
2018-06-29 09:53:48 +02:00
When deploying, you can paste values into the Rancher Answers to override the defaults in this chart.
Array values can be added as {value, value, value}.
2018-06-26 15:06:35 +02:00
```
2018-06-29 09:53:48 +02:00
jenkins.Master.HostName=jenkins.molgenis.org
jenkins.Master.AdminPassword=pa$$word
jenkins.Persistence.Enabled=false
2018-07-03 23:44:36 +02:00
jenkins.Master.InstallPlugins={kubernetes:1.8.4, workflow-aggregator:2.5, workflow-job:2.21, credentials-binding:1.16, git:3.9.1, blueocean:1.6.2, github-oauth:0.29}
jenkins.Master.Security.UseGitHub=false
## if UseGitHub=true
jenkins.Master.Security.GitHub.ClientID=id
jenkins.Master.Security.GitHub.ClientSecret=S3cr3t
## end UseGitHub=true
2018-06-29 09:53:48 +02:00
PipelineSecrets.Env.PGPPassphrase=literal:S3cr3t
2018-06-26 15:06:35 +02:00
```
2018-06-26 14:35:43 +02:00
2018-06-29 09:53:48 +02:00
You can use [all configuration values of the jenkins subchart ](https://github.com/kubernetes/charts/tree/master/stable/jenkins ).
> Because we use jenkins as a sub-chart, you should prefix all value keys with `jenkins`!
2018-06-26 14:35:43 +02:00
2018-07-03 23:44:36 +02:00
### GitHub Authentication delegation
You need to setup a MOLGENIS - Jenkins GitHub OAuth App. You can do this by accessing this url: [add new OAuth app ](https://github.com/settings/applications/new ).
2018-09-10 17:13:55 +02:00
### Secrets
2018-06-26 14:35:43 +02:00
2018-09-10 17:13:55 +02:00
When deployed, the chart creates a couple of kubernetes secrets that get used by jenkins.
2018-06-26 14:35:43 +02:00
2018-07-03 23:44:36 +02:00
You can override the values at deploy time but otherwise also configure them
[in Rancher ](https://rancher.molgenis.org:7443/p/c-mhkqb:project-2pf45/secrets ) or through kubectl.
2018-06-26 14:35:43 +02:00
2018-09-10 17:13:55 +02:00
#### Vault
The vault secret gets mounted in the vault pod so pipeline scripts can retrieve secrets from the vault.
| Parameter | Description | Default |
| ------------------------- | ------------------------------------------ | ---------------------------------------------- |
| `secret.vault.token` | Token to log into the hashicorp vault | `xxxx` |
| `secret.vault.addr` | Address of the vault | `https:vault-operator.vault-operator.svc:8200` |
| `secret.vault.skipVerify` | Skip verification of the https connection | `1` |
#### GitHub
Token used by Jenkins to authenticate on GitHub.
| Parameter | Description | Default |
| --------------------- | ------------------------ | ------------------ |
| `secret.gitHub.user` | username for the account | `molgenis-jenkins` |
| `secret.gitHub.token` | token for the account | `xxxx` |
#### Gogs
2018-08-18 23:40:57 +02:00
2018-09-10 17:13:55 +02:00
Token used by Jenkins to authenticate on the [RuG Webhosting Gogs ](https://git.webhosting.rug.nl ).
| Parameter | Description | Default |
| ------------------- | ------------------------ | --------- |
| `secret.gogs.user` | username for the account | `p281392` |
| `secret.gogs.token` | token for the account | `xxxx` |
#### Legacy:
##### Docker Hub
2018-08-18 23:40:57 +02:00
2018-09-10 17:13:55 +02:00
Account used in pipeline builds to push docker images to `hub.docker.com` .
> They should read `secret/gcc/account/dockerhub` from vault instead!
| Parameter | Description | Default |
| --------------------------- | ------------------------ | --------------- |
| `secret.dockerHub.user` | username for the account | `molgenisci` |
| `secret.dockerHub.password` | password for the account | `xxxx` |
##### Registry
2018-07-03 23:44:36 +02:00
2018-09-10 17:13:55 +02:00
Account used in pipeline builds to push docker images to `registry.molgenis.org` .
> They should read `secret/ops/account/nexus` from vault instead!
| Parameter | Description | Default |
| --------------------------- | ------------------------ | --------- |
| `secret.dockerHub.user` | username for the account | `admin` |
| `secret.dockerHub.password` | password for the account | `xxxx` |
2018-06-26 14:35:43 +02:00
2018-06-29 09:53:48 +02:00
## Command line use
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install` .
2018-06-26 14:35:43 +02:00
2018-06-29 09:53:48 +02:00
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart.
For example,
2018-06-26 14:35:43 +02:00
```bash
2018-06-29 09:53:48 +02:00
$ helm install --name jenkins -f values.yaml molgenis-jenkins
2018-06-26 14:35:43 +02:00
```
2018-06-29 09:53:48 +02:00
> **Tip**: You can use the default [values.yaml](values.yaml)
2018-06-26 14:35:43 +02:00
