From d05e67c279a5ed251da8a4736a5a51eb863cb34b Mon Sep 17 00:00:00 2001 From: Fleur Kelpin Date: Sat, 18 Aug 2018 23:43:21 +0200 Subject: [PATCH] feat(jenkins): Create new molgenis pod with vault container and without the secrets. The new pod has label molgenisv2, the legacy one is still labeled molgenis so existing scripts will keep working. --- molgenis-jenkins/values.yaml | 35 ++++++++++++++++++++++++++++++----- 1 file changed, 30 insertions(+), 5 deletions(-) diff --git a/molgenis-jenkins/values.yaml b/molgenis-jenkins/values.yaml index 3e0a32e..f994646 100644 --- a/molgenis-jenkins/values.yaml +++ b/molgenis-jenkins/values.yaml @@ -368,15 +368,12 @@ jenkins: install: true Pods: molgenis: - Label: molgenis - NodeUsageMode: NORMAL + Label: molgenisv2 + NodeUsageMode: EXCLUSIVE volumes: - type: HostPath hostPath: "/var/run/docker.sock" mountPath: "/var/run/docker.sock" - - type: Secret - secretName: molgenis-pipeline-file-secret - mountPath: "/root/.m2" Containers: maven: Image: "registry.webhosting.rug.nl/molgenis/maven" @@ -394,6 +391,34 @@ jenkins: Command: cat WorkingDir: /home/jenkins TTY: true + vault: + Image: "vault" + Command: cat + WorkingDir: /home/jenkins + TTY: true + EnvVars: + - type: Secret + key: VAULT_TOKEN + secretName: molgenis-pipeline-vault-secret + secretKey: token + - type: Secret + key: VAULT_SKIP_VERIFY + secretName: molgenis-pipeline-vault-secret + secretKey: skipVerify + - type: Secret + key: VAULT_ADDR + secretName: molgenis-pipeline-vault-secret + secretKey: addr + NodeSelector: {} + molgenis-legacy: + InheritFrom: molgenis + Label: molgenis + NodeUsageMode: NORMAL + volumes: + - type: Secret + secretName: molgenis-pipeline-file-secret + mountPath: "/root/.m2" + Containers: EnvVars: - type: Secret key: PGP_PASSPHRASE