1
0

feat (jenkins): Create new molgenis pod with vault container and without the secrets.

The new pod has label molgenisv2, the legacy one is still labeled molgenis so existing scripts will keep working.
This commit is contained in:
Fleur Kelpin 2018-08-18 23:43:21 +02:00
parent 3a720a8a85
commit 2fae637eee

View File

@ -368,15 +368,12 @@ jenkins:
install: true
Pods:
molgenis:
Label: molgenis
NodeUsageMode: NORMAL
Label: molgenisv2
NodeUsageMode: EXCLUSIVE
volumes:
- type: HostPath
hostPath: "/var/run/docker.sock"
mountPath: "/var/run/docker.sock"
- type: Secret
secretName: molgenis-pipeline-file-secret
mountPath: "/root/.m2"
Containers:
maven:
Image: "registry.webhosting.rug.nl/molgenis/maven"
@ -394,6 +391,34 @@ jenkins:
Command: cat
WorkingDir: /home/jenkins
TTY: true
vault:
Image: "vault"
Command: cat
WorkingDir: /home/jenkins
TTY: true
EnvVars:
- type: Secret
key: VAULT_TOKEN
secretName: molgenis-pipeline-vault-secret
secretKey: token
- type: Secret
key: VAULT_SKIP_VERIFY
secretName: molgenis-pipeline-vault-secret
secretKey: skipVerify
- type: Secret
key: VAULT_ADDR
secretName: molgenis-pipeline-vault-secret
secretKey: addr
NodeSelector: {}
molgenis-legacy:
InheritFrom: molgenis
Label: molgenis
NodeUsageMode: NORMAL
volumes:
- type: Secret
secretName: molgenis-pipeline-file-secret
mountPath: "/root/.m2"
Containers:
EnvVars:
- type: Secret
key: PGP_PASSPHRASE