fix (molgenis-vault): Add maintainers and home and fix whitespace

Jenkinsfile

@@ -0,0 +1,16 @@
+pipeline {
+    agent {
+        kubernetes {
+            label 'helm'
+        }
+    }
+    stages {
+        stage('Test') {
+            steps {
+                container('chart-testing') {
+                    sh "chart_test.sh --no-install --all"
+                }
+            }
+        }
+    }
+}

charts/molgenis-httpd/Chart.yaml

@@ -5,4 +5,8 @@ name: molgenis-httpd
 version: 0.1.0
 sources:
 - https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git
-icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-httpd/catalogIcon-molgenis-httpd.svg
+icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-httpd/catalogIcon-molgenis-httpd.svg
+home: http://httpd.apache.org
+maintainers:
+- name: sidohaakma
+- name: fdlk

charts/molgenis-httpd/values.yaml

@@ -48,4 +48,4 @@ nodeSelector: {}
 
 tolerations: []
 
-affinity: {}
+affinity: {}

charts/molgenis-jenkins/Chart.yaml

@@ -0,0 +1,11 @@
+name: molgenis-jenkins
+home: https://jenkins.io/
+version: 0.7.1
+appVersion: 2.121
+description: Molgenis installation for the jenkins chart.
+sources:
+- https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git
+icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-jenkins/catalogIcon-molgenis-jenkins.svg
+maintainers:
+- name: fdlk
+- name: sidohaakma

charts/molgenis-jenkins/README.md

@@ -0,0 +1,111 @@
+# Molgenis Jenkins Helm Chart
+
+Jenkins master and slave cluster utilizing the Jenkins Kubernetes plugin.
+Wraps [the kuberenetes jenkins chart](https://github.com/kubernetes/charts/tree/master/stable/jenkins), see documentation there!
+
+## Chart Details
+
+This chart will do the following:
+
+* 1 x Jenkins Master with port 8080 exposed on an external ClusterIP
+* All using Kubernetes Deployments
+
+## Installing the Chart
+
+Usually, you'll be deploying this to the molgenis cluster.
+In the [Rancher Catalog](https://rancher.molgenis.org:7443/g/catalog), add the latest version of this repository.
+In the [molgenis cluster management page](https://rancher.molgenis.org:7443/p/c-mhkqb:project-2pf45/apps), choose the 
+catalog, pick the molgenis-jenkins app from the catalog and deploy it.
+
+## Configuration
+
+When deploying, you can paste values into the Rancher Answers to override the defaults in this chart.
+Array values can be added as {value, value, value}.
+```
+jenkins.Master.HostName=jenkins.molgenis.org
+jenkins.Master.AdminPassword=pa$$word
+jenkins.Persistence.Enabled=false
+jenkins.Master.InstallPlugins={kubernetes:1.8.4, workflow-aggregator:2.5, workflow-job:2.21, credentials-binding:1.16, git:3.9.1, blueocean:1.6.2, github-oauth:0.29}
+jenkins.Master.Security.UseGitHub=false
+## if UseGitHub=true
+jenkins.Master.Security.GitHub.ClientID=id
+jenkins.Master.Security.GitHub.ClientSecret=S3cr3t
+## end UseGitHub=true
+PipelineSecrets.Env.PGPPassphrase=literal:S3cr3t
+```
+
+You can use [all configuration values of the jenkins subchart](https://github.com/kubernetes/charts/tree/master/stable/jenkins).
+> Because we use jenkins as a sub-chart, you should prefix all value keys with `jenkins`!
+
+### GitHub Authentication delegation
+You need to setup a MOLGENIS - Jenkins GitHub OAuth App. You can do this by accessing this url: [add new OAuth app](https://github.com/settings/applications/new).
+
+### Secrets
+
+   When deployed, the chart creates a couple of kubernetes secrets that get used by jenkins.
+
+   You can override the values at deploy time but otherwise also configure them 
+   [in Rancher](https://rancher.molgenis.org:7443/p/c-mhkqb:project-2pf45/secrets) or through kubectl.
+
+#### Vault
+
+The vault secret gets mounted in the vault pod so pipeline scripts can retrieve secrets from the vault.
+
+| Parameter                 | Description                                | Default                                        |
+| ------------------------- | ------------------------------------------ | ---------------------------------------------- |
+| `secret.vault.token`      | Token to log into the hashicorp vault      | `xxxx`                                         |
+| `secret.vault.addr`       | Address of the vault                       | `https:vault-operator.vault-operator.svc:8200` |
+| `secret.vault.skipVerify` | Skip verification of the https connection  | `1`                                            |
+
+#### GitHub
+
+Token used by Jenkins to authenticate on GitHub.
+
+| Parameter             | Description              | Default            |
+| --------------------- | ------------------------ | ------------------ |
+| `secret.gitHub.user`  | username for the account | `molgenis-jenkins` |
+| `secret.gitHub.token` | token for the account    | `xxxx`             |
+
+#### Gogs
+
+Token used by Jenkins to authenticate on the [RuG Webhosting Gogs](https://git.webhosting.rug.nl).
+
+| Parameter           | Description              | Default   |
+| ------------------- | ------------------------ | --------- |
+| `secret.gogs.user`  | username for the account | `p281392` |
+| `secret.gogs.token` | token for the account    | `xxxx`    |
+
+#### Legacy:
+
+##### Docker Hub
+   
+Account used in pipeline builds to push docker images to `hub.docker.com`.
+> They should read `secret/gcc/account/dockerhub` from vault instead!
+
+| Parameter                   | Description              | Default         |
+| --------------------------- | ------------------------ | --------------- |
+| `secret.dockerHub.user`     | username for the account | `molgenisci`    |
+| `secret.dockerHub.password` | password for the account | `xxxx`          |
+
+##### Registry
+   
+Account used in pipeline builds to push docker images to `registry.molgenis.org`.
+> They should read `secret/ops/account/nexus` from vault instead!
+
+| Parameter                   | Description              | Default   |
+| --------------------------- | ------------------------ | --------- |
+| `secret.dockerHub.user`     | username for the account | `admin`   |
+| `secret.dockerHub.password` | password for the account | `xxxx`    |
+
+## Command line use
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart.
+For example,
+
+```bash
+$ helm install --name jenkins -f values.yaml molgenis-jenkins
+```
+
+> **Tip**: You can use the default [values.yaml](values.yaml)
+

charts/molgenis-jenkins/resources/README.md

@@ -0,0 +1,6 @@
+To be able to run helm inside a jenkins pod, you'll need to 
+* create a role in the namespace where tiller is installed
+* bind that role to the user that jenkins pods run as
+
+This directory contains yaml for these resources.
+See also https://github.com/helm/helm/blob/master/docs/rbac.md

charts/molgenis-jenkins/values.yaml

@@ -0,0 +1,608 @@
+jenkins:
+  Master:
+    HostName: jenkins.molgenis.org
+    ServiceType: ClusterIP
+    InstallPlugins:
+      - kubernetes:1.12.6
+      - workflow-aggregator:2.5
+      - workflow-job:2.25
+      - credentials-binding:1.16
+      - git:3.9.1
+      - github-branch-source:2.3.6
+      - kubernetes-credentials-provider:0.10
+      - blueocean:1.8.3
+      - github-oauth:0.29
+      - gogs-webhook:1.0.14
+      - github-scm-trait-commit-skip:0.1.1
+    Security:
+      UseGitHub: false
+      GitHub:
+        ClientID: ""
+        ClienSecret: ""
+    DefaultView: dev
+    Views:
+      dev:
+        - molgenis
+      ops:
+        - molgenis-ops-docker-httpd
+        - molgenis-ops-docker-maven
+        - molgenis-ops-docker-node
+        - molgenis-ops-tools
+        - molgenis-ops-tomcat
+    Jobs: |-
+      molgenis: |-
+        <?xml version='1.1' encoding='UTF-8'?>
+        <jenkins.branch.OrganizationFolder plugin="branch-api@2.0.20">
+          <actions/>
+          <description></description>
+          <properties>
+            <org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig plugin="pipeline-model-definition@1.3.1">
+              <dockerLabel></dockerLabel>
+              <registry plugin="docker-commons@1.13"/>
+            </org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig>
+            <jenkins.branch.NoTriggerOrganizationFolderProperty>
+              <branches>.*</branches>
+            </jenkins.branch.NoTriggerOrganizationFolderProperty>
+          </properties>
+          <folderViews class="jenkins.branch.OrganizationFolderViewHolder">
+            <owner reference="../.."/>
+          </folderViews>
+          <healthMetrics>
+            <com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric plugin="cloudbees-folder@6.5.1">
+              <nonRecursive>false</nonRecursive>
+            </com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric>
+          </healthMetrics>
+          <icon class="jenkins.branch.MetadataActionFolderIcon">
+            <owner class="jenkins.branch.OrganizationFolder" reference="../.."/>
+          </icon>
+          <orphanedItemStrategy class="com.cloudbees.hudson.plugins.folder.computed.DefaultOrphanedItemStrategy" plugin="cloudbees-folder@6.5.1">
+            <pruneDeadBranches>true</pruneDeadBranches>
+            <daysToKeep>-1</daysToKeep>
+            <numToKeep>-1</numToKeep>
+          </orphanedItemStrategy>
+          <triggers>
+            <com.cloudbees.hudson.plugins.folder.computed.PeriodicFolderTrigger plugin="cloudbees-folder@6.5.1">
+              <spec>H H * * *</spec>
+              <interval>86400000</interval>
+            </com.cloudbees.hudson.plugins.folder.computed.PeriodicFolderTrigger>
+          </triggers>
+          <disabled>false</disabled>
+          <navigators>
+            <org.jenkinsci.plugins.github__branch__source.GitHubSCMNavigator plugin="github-branch-source@2.3.6">
+              <repoOwner>molgenis</repoOwner>
+              <credentialsId>molgenis-jenkins-github-secret</credentialsId>
+              <traits>
+                <org.jenkinsci.plugins.github__branch__source.BranchDiscoveryTrait>
+                  <strategyId>1</strategyId>
+                </org.jenkinsci.plugins.github__branch__source.BranchDiscoveryTrait>
+                <org.jenkinsci.plugins.github__branch__source.OriginPullRequestDiscoveryTrait>
+                  <strategyId>1</strategyId>
+                </org.jenkinsci.plugins.github__branch__source.OriginPullRequestDiscoveryTrait>
+                <org.jenkinsci.plugins.github__branch__source.ForkPullRequestDiscoveryTrait>
+                  <strategyId>1</strategyId>
+                  <trust class="org.jenkinsci.plugins.github_branch_source.ForkPullRequestDiscoveryTrait$TrustPermission"/>
+                </org.jenkinsci.plugins.github__branch__source.ForkPullRequestDiscoveryTrait>
+                <org.jenkinsci.plugins.scm__filter.GitHubCommitSkipTrait plugin="github-scm-trait-commit-skip@0.1.1"/>
+                <jenkins.plugins.git.traits.LocalBranchTrait plugin="git@3.9.1">
+                  <extension class="hudson.plugins.git.extensions.impl.LocalBranch">
+                    <localBranch>**</localBranch>
+                  </extension>
+                </jenkins.plugins.git.traits.LocalBranchTrait>
+                <jenkins.plugins.git.traits.UserIdentityTrait plugin="git@3.9.1">
+                  <extension class="hudson.plugins.git.extensions.impl.UserIdentity">
+                    <name>MOLGENIS Jenkins</name>
+                    <email>molgenis+ci@gmail.com</email>
+                  </extension>
+                </jenkins.plugins.git.traits.UserIdentityTrait>
+              </traits>
+            </org.jenkinsci.plugins.github__branch__source.GitHubSCMNavigator>
+          </navigators>
+          <projectFactories>
+            <org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProjectFactory plugin="workflow-multibranch@2.19">
+              <scriptPath>Jenkinsfile</scriptPath>
+            </org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProjectFactory>
+          </projectFactories>
+          <buildStrategies/>
+        </jenkins.branch.OrganizationFolder>
+      molgenis-ops-docker-httpd: |-
+        <?xml version='1.1' encoding='UTF-8'?>
+        <org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject plugin="workflow-multibranch@2.19">
+          <actions/>
+          <description>HTTPD server that can be used for redirection and proxieing</description>
+          <displayName>molgenis-ops-docker-httpd</displayName>
+          <properties>
+            <org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig plugin="pipeline-model-definition@1.3.1">
+              <dockerLabel></dockerLabel>
+              <registry plugin="docker-commons@1.13"/>
+            </org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig>
+          </properties>
+          <folderViews class="jenkins.branch.MultiBranchProjectViewHolder" plugin="branch-api@2.0.20">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </folderViews>
+          <healthMetrics>
+            <com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric plugin="cloudbees-folder@6.5.1">
+              <nonRecursive>false</nonRecursive>
+            </com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric>
+          </healthMetrics>
+          <icon class="jenkins.branch.MetadataActionFolderIcon" plugin="branch-api@2.0.20">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </icon>
+          <orphanedItemStrategy class="com.cloudbees.hudson.plugins.folder.computed.DefaultOrphanedItemStrategy" plugin="cloudbees-folder@6.5.1">
+            <pruneDeadBranches>true</pruneDeadBranches>
+            <daysToKeep>-1</daysToKeep>
+            <numToKeep>-1</numToKeep>
+          </orphanedItemStrategy>
+          <triggers/>
+          <disabled>false</disabled>
+          <sources class="jenkins.branch.MultiBranchProject$BranchSourceList" plugin="branch-api@2.0.20">
+            <data>
+              <jenkins.branch.BranchSource>
+                <source class="jenkins.plugins.git.GitSCMSource" plugin="git@3.9.1">
+                  <id>a756941d-6c9d-4492-bcf9-327041764be6</id>
+                  <remote>https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-httpd.git</remote>
+                  <credentialsId>molgenis-jenkins-gogs-secret</credentialsId>
+                  <traits>
+                    <jenkins.plugins.git.traits.BranchDiscoveryTrait/>
+                    <jenkins.plugins.git.traits.LocalBranchTrait plugin="git@3.9.1">
+                      <extension class="hudson.plugins.git.extensions.impl.LocalBranch">
+                        <localBranch>**</localBranch>
+                      </extension>
+                    </jenkins.plugins.git.traits.LocalBranchTrait>
+                    <jenkins.plugins.git.traits.UserIdentityTrait plugin="git@3.9.1">
+                      <extension class="hudson.plugins.git.extensions.impl.UserIdentity">
+                        <name>MOLGENIS Jenkins</name>
+                        <email>molgenis+ci@gmail.com</email>
+                      </extension>
+                    </jenkins.plugins.git.traits.UserIdentityTrait>
+                  </traits>
+                </source>
+                <strategy class="jenkins.branch.DefaultBranchPropertyStrategy">
+                  <properties class="empty-list"/>
+                </strategy>
+              </jenkins.branch.BranchSource>
+            </data>
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </sources>
+          <factory class="org.jenkinsci.plugins.workflow.multibranch.WorkflowBranchProjectFactory">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+            <scriptPath>Jenkinsfile</scriptPath>
+          </factory>
+        </org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject>
+      molgenis-ops-docker-node: |-
+        <?xml version='1.1' encoding='UTF-8'?>
+        <org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject plugin="workflow-multibranch@2.19">
+          <actions/>
+          <description>NodeJS build container with Curl</description>
+          <displayName>molgenis-ops-docker-node</displayName>
+          <properties>
+            <org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig plugin="pipeline-model-definition@1.3.1">
+              <dockerLabel></dockerLabel>
+              <registry plugin="docker-commons@1.13"/>
+            </org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig>
+          </properties>
+          <folderViews class="jenkins.branch.MultiBranchProjectViewHolder" plugin="branch-api@2.0.20">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </folderViews>
+          <healthMetrics>
+            <com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric plugin="cloudbees-folder@6.5.1">
+              <nonRecursive>false</nonRecursive>
+            </com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric>
+          </healthMetrics>
+          <icon class="jenkins.branch.MetadataActionFolderIcon" plugin="branch-api@2.0.20">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </icon>
+          <orphanedItemStrategy class="com.cloudbees.hudson.plugins.folder.computed.DefaultOrphanedItemStrategy" plugin="cloudbees-folder@6.5.1">
+            <pruneDeadBranches>true</pruneDeadBranches>
+            <daysToKeep>-1</daysToKeep>
+            <numToKeep>-1</numToKeep>
+          </orphanedItemStrategy>
+          <triggers/>
+          <disabled>false</disabled>
+          <sources class="jenkins.branch.MultiBranchProject$BranchSourceList" plugin="branch-api@2.0.20">
+            <data>
+              <jenkins.branch.BranchSource>
+                <source class="jenkins.plugins.git.GitSCMSource" plugin="git@3.9.1">
+                  <id>a756941d-6c9d-4492-bcf9-327041764be6</id>
+                  <remote>https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-node.git</remote>
+                  <credentialsId>molgenis-jenkins-gogs-secret</credentialsId>
+                  <traits>
+                    <jenkins.plugins.git.traits.BranchDiscoveryTrait/>
+                    <jenkins.plugins.git.traits.LocalBranchTrait plugin="git@3.9.1">
+                      <extension class="hudson.plugins.git.extensions.impl.LocalBranch">
+                        <localBranch>**</localBranch>
+                      </extension>
+                    </jenkins.plugins.git.traits.LocalBranchTrait>
+                    <jenkins.plugins.git.traits.UserIdentityTrait plugin="git@3.9.1">
+                      <extension class="hudson.plugins.git.extensions.impl.UserIdentity">
+                        <name>MOLGENIS Jenkins</name>
+                        <email>molgenis+ci@gmail.com</email>
+                      </extension>
+                    </jenkins.plugins.git.traits.UserIdentityTrait>
+                  </traits>
+                </source>
+                <strategy class="jenkins.branch.DefaultBranchPropertyStrategy">
+                  <properties class="empty-list"/>
+                </strategy>
+              </jenkins.branch.BranchSource>
+            </data>
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </sources>
+          <factory class="org.jenkinsci.plugins.workflow.multibranch.WorkflowBranchProjectFactory">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+            <scriptPath>Jenkinsfile</scriptPath>
+          </factory>
+        </org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject>
+      molgenis-ops-docker-maven: |-
+        <?xml version='1.1' encoding='UTF-8'?>
+        <org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject plugin="workflow-multibranch@2.19">
+          <actions/>
+          <description>MAVEN build container with RPMbuild and Curl</description>
+          <displayName>molgenis-ops-docker-maven</displayName>
+          <properties>
+            <org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig plugin="pipeline-model-definition@1.3.1">
+              <dockerLabel></dockerLabel>
+              <registry plugin="docker-commons@1.13"/>
+            </org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig>
+          </properties>
+          <folderViews class="jenkins.branch.MultiBranchProjectViewHolder" plugin="branch-api@2.0.20">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </folderViews>
+          <healthMetrics>
+            <com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric plugin="cloudbees-folder@6.5.1">
+              <nonRecursive>false</nonRecursive>
+            </com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric>
+          </healthMetrics>
+          <icon class="jenkins.branch.MetadataActionFolderIcon" plugin="branch-api@2.0.20">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </icon>
+          <orphanedItemStrategy class="com.cloudbees.hudson.plugins.folder.computed.DefaultOrphanedItemStrategy" plugin="cloudbees-folder@6.5.1">
+            <pruneDeadBranches>true</pruneDeadBranches>
+            <daysToKeep>-1</daysToKeep>
+            <numToKeep>-1</numToKeep>
+          </orphanedItemStrategy>
+          <triggers/>
+          <disabled>false</disabled>
+          <sources class="jenkins.branch.MultiBranchProject$BranchSourceList" plugin="branch-api@2.0.20">
+            <data>
+              <jenkins.branch.BranchSource>
+                <source class="jenkins.plugins.git.GitSCMSource" plugin="git@3.9.1">
+                  <id>4702479a-6988-4a85-b4b7-e77fa2d05ffa</id>
+                  <remote>https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-maven.git</remote>
+                  <credentialsId>molgenis-jenkins-gogs-secret</credentialsId>
+                  <traits>
+                    <jenkins.plugins.git.traits.BranchDiscoveryTrait/>
+                    <jenkins.plugins.git.traits.LocalBranchTrait plugin="git@3.9.1">
+                      <extension class="hudson.plugins.git.extensions.impl.LocalBranch">
+                        <localBranch>**</localBranch>
+                      </extension>
+                    </jenkins.plugins.git.traits.LocalBranchTrait>
+                    <jenkins.plugins.git.traits.UserIdentityTrait plugin="git@3.9.1">
+                      <extension class="hudson.plugins.git.extensions.impl.UserIdentity">
+                        <name>MOLGENIS Jenkins</name>
+                        <email>molgenis+ci@gmail.com</email>
+                      </extension>
+                    </jenkins.plugins.git.traits.UserIdentityTrait>
+                  </traits>
+                </source>
+                <strategy class="jenkins.branch.DefaultBranchPropertyStrategy">
+                  <properties class="empty-list"/>
+                </strategy>
+              </jenkins.branch.BranchSource>
+            </data>
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </sources>
+          <factory class="org.jenkinsci.plugins.workflow.multibranch.WorkflowBranchProjectFactory">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+            <scriptPath>Jenkinsfile</scriptPath>
+          </factory>
+        </org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject>
+      molgenis-ops-tomcat: |-
+        <?xml version='1.1' encoding='UTF-8'?>
+        <org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject plugin="workflow-multibranch@2.19">
+          <actions/>
+          <description>MOLGENIS tomcat package to manage tomcat version on CentOS</description>
+          <displayName>molgenis-ops-tomcat</displayName>
+          <properties>
+            <org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig plugin="pipeline-model-definition@1.3.1">
+              <dockerLabel></dockerLabel>
+              <registry plugin="docker-commons@1.13"/>
+            </org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig>
+          </properties>
+          <folderViews class="jenkins.branch.MultiBranchProjectViewHolder" plugin="branch-api@2.0.20">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </folderViews>
+          <healthMetrics>
+            <com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric plugin="cloudbees-folder@6.5.1">
+              <nonRecursive>false</nonRecursive>
+            </com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric>
+          </healthMetrics>
+          <icon class="jenkins.branch.MetadataActionFolderIcon" plugin="branch-api@2.0.20">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </icon>
+          <orphanedItemStrategy class="com.cloudbees.hudson.plugins.folder.computed.DefaultOrphanedItemStrategy" plugin="cloudbees-folder@6.5.1">
+            <pruneDeadBranches>true</pruneDeadBranches>
+            <daysToKeep>-1</daysToKeep>
+            <numToKeep>-1</numToKeep>
+          </orphanedItemStrategy>
+          <triggers/>
+          <disabled>false</disabled>
+          <sources class="jenkins.branch.MultiBranchProject$BranchSourceList" plugin="branch-api@2.0.20">
+            <data>
+              <jenkins.branch.BranchSource>
+                <source class="jenkins.plugins.git.GitSCMSource" plugin="git@3.9.1">
+                  <id>4702479a-6988-4a85-b4b7-e77fa2d05ffa</id>
+                  <remote>https://git.webhosting.rug.nl/molgenis/molgenis-ops-tomcat.git</remote>
+                  <credentialsId>molgenis-jenkins-gogs-secret</credentialsId>
+                  <traits>
+                    <jenkins.plugins.git.traits.BranchDiscoveryTrait/>
+                    <jenkins.plugins.git.traits.LocalBranchTrait plugin="git@3.9.1">
+                      <extension class="hudson.plugins.git.extensions.impl.LocalBranch">
+                        <localBranch>**</localBranch>
+                      </extension>
+                    </jenkins.plugins.git.traits.LocalBranchTrait>
+                    <jenkins.plugins.git.traits.UserIdentityTrait plugin="git@3.9.1">
+                      <extension class="hudson.plugins.git.extensions.impl.UserIdentity">
+                        <name>MOLGENIS Jenkins</name>
+                        <email>molgenis+ci@gmail.com</email>
+                      </extension>
+                    </jenkins.plugins.git.traits.UserIdentityTrait>
+                  </traits>
+                </source>
+                <strategy class="jenkins.branch.DefaultBranchPropertyStrategy">
+                  <properties class="empty-list"/>
+                </strategy>
+              </jenkins.branch.BranchSource>
+            </data>
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </sources>
+          <factory class="org.jenkinsci.plugins.workflow.multibranch.WorkflowBranchProjectFactory">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+            <scriptPath>Jenkinsfile</scriptPath>
+          </factory>
+        </org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject>
+      molgenis-ops-tools: |-
+        <?xml version='1.1' encoding='UTF-8'?>
+        <org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject plugin="workflow-multibranch@2.19">
+          <actions/>
+          <description>MOLGENIS operations tools-package to configure firewall, apache, sudoers, etc.</description>
+          <displayName>molgenis-ops-tools</displayName>
+          <properties>
+            <org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig plugin="pipeline-model-definition@1.3.1">
+              <dockerLabel></dockerLabel>
+              <registry plugin="docker-commons@1.13"/>
+            </org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig>
+          </properties>
+          <folderViews class="jenkins.branch.MultiBranchProjectViewHolder" plugin="branch-api@2.0.20">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </folderViews>
+          <healthMetrics>
+            <com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric plugin="cloudbees-folder@6.5.1">
+              <nonRecursive>false</nonRecursive>
+            </com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric>
+          </healthMetrics>
+          <icon class="jenkins.branch.MetadataActionFolderIcon" plugin="branch-api@2.0.20">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </icon>
+          <orphanedItemStrategy class="com.cloudbees.hudson.plugins.folder.computed.DefaultOrphanedItemStrategy" plugin="cloudbees-folder@6.5.1">
+            <pruneDeadBranches>true</pruneDeadBranches>
+            <daysToKeep>-1</daysToKeep>
+            <numToKeep>-1</numToKeep>
+          </orphanedItemStrategy>
+          <triggers/>
+          <disabled>false</disabled>
+          <sources class="jenkins.branch.MultiBranchProject$BranchSourceList" plugin="branch-api@2.0.20">
+            <data>
+              <jenkins.branch.BranchSource>
+                <source class="jenkins.plugins.git.GitSCMSource" plugin="git@3.9.1">
+                  <id>4702479a-6988-4a85-b4b7-e77fa2d05ffa</id>
+                  <remote>https://git.webhosting.rug.nl/molgenis/molgenis-ops-tools.git</remote>
+                  <credentialsId>molgenis-jenkins-gogs-secret</credentialsId>
+                  <traits>
+                    <jenkins.plugins.git.traits.BranchDiscoveryTrait/>
+                    <jenkins.plugins.git.traits.LocalBranchTrait plugin="git@3.9.1">
+                      <extension class="hudson.plugins.git.extensions.impl.LocalBranch">
+                        <localBranch>**</localBranch>
+                      </extension>
+                    </jenkins.plugins.git.traits.LocalBranchTrait>
+                    <jenkins.plugins.git.traits.UserIdentityTrait plugin="git@3.9.1">
+                      <extension class="hudson.plugins.git.extensions.impl.UserIdentity">
+                        <name>MOLGENIS Jenkins</name>
+                        <email>molgenis+ci@gmail.com</email>
+                      </extension>
+                    </jenkins.plugins.git.traits.UserIdentityTrait>
+                  </traits>
+                </source>
+                <strategy class="jenkins.branch.DefaultBranchPropertyStrategy">
+                  <properties class="empty-list"/>
+                </strategy>
+              </jenkins.branch.BranchSource>
+            </data>
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+          </sources>
+          <factory class="org.jenkinsci.plugins.workflow.multibranch.WorkflowBranchProjectFactory">
+            <owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
+            <scriptPath>Jenkinsfile</scriptPath>
+          </factory>
+        </org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject>
+    # Kubernetes secret that contains a 'credentials.xml' for Jenkins
+    # CredentialsXmlSecret: jenkins-credentials
+    # Kubernetes secret that contains files to be put in the Jenkins 'secrets' directory,
+    # useful to manage encryption keys used for credentials.xml for instance (such as
+    # master.key and hudson.util.Secret)
+    # SecretsFilesSecret: jenkins-secrets
+    CustomConfigMap: true
+  rbac:
+    install: true
+  Pods:
+    molgenis:
+      Label: molgenis
+      NodeUsageMode: NORMAL
+      volumes:
+        - type: HostPath
+          hostPath: "/var/run/docker.sock"
+          mountPath: "/var/run/docker.sock"
+      Containers:
+        maven:
+          Image: "registry.webhosting.rug.nl/molgenis/maven"
+          ImageTag: lts
+          AlwaysPullImage: true
+          Command: cat
+          WorkingDir: /home/jenkins
+          TTY: true
+          resources:
+            requests:
+              cpu: "1"
+              memory: "4Gi"
+          EnvVars:
+            - type: KeyValue
+              key: MAVEN_OPTS
+              value: "-Duser.home=/home/jenkins"
+            - type: KeyValue
+              key: MAVEN_CONFIG
+              value: "/home/jenkins/.m2"
+        alpine:
+          Image: "spotify/alpine"
+          Command: cat
+          WorkingDir: /home/jenkins
+          TTY: true
+        vault:
+          Image: "vault"
+          Command: cat
+          WorkingDir: /home/jenkins
+          TTY: true
+          EnvVars:
+            - type: Secret
+              key: VAULT_TOKEN
+              secretName: molgenis-pipeline-vault-secret
+              secretKey: token
+            - type: Secret
+              key: VAULT_SKIP_VERIFY
+              secretName: molgenis-pipeline-vault-secret
+              secretKey: skipVerify
+            - type: Secret
+              key: VAULT_ADDR
+              secretName: molgenis-pipeline-vault-secret
+              secretKey: addr
+        helm:
+          Image: "lachlanevenson/k8s-helm"
+          ImageTag: "v2.10.0"
+          Command: cat
+          WorkingDir: /home/jenkins
+          TTY: true
+      NodeSelector: {}
+    node:
+      Label: node-carbon
+      NodeUsageMode: EXCLUSIVE
+      Containers:
+        node:
+          Image: "registry.webhosting.rug.nl/molgenis/node"
+          ImageTag: lts
+          AlwaysPullImage: true
+          Command: cat
+          WorkingDir: /home/jenkins
+          TTY: true
+        vault:
+          Image: "vault"
+          Command: cat
+          WorkingDir: /home/jenkins
+          TTY: true
+          EnvVars:
+            - type: Secret
+              key: VAULT_TOKEN
+              secretName: molgenis-pipeline-vault-secret
+              secretKey: token
+            - type: Secret
+              key: VAULT_SKIP_VERIFY
+              secretName: molgenis-pipeline-vault-secret
+              secretKey: skipVerify
+            - type: Secret
+              key: VAULT_ADDR
+              secretName: molgenis-pipeline-vault-secret
+              secretKey: addr
+      NodeSelector: {}
+    molgenis-it:
+      InheritFrom: molgenis
+      Label: molgenis-it
+      NodeUsageMode: EXCLUSIVE
+      Containers:
+        elasticsearch:
+          Image: docker.elastic.co/elasticsearch/elasticsearch
+          ImageTag: 5.5.3
+          resources:
+            requests:
+              cpu: "100m"
+              memory: "1Gi"
+            limits:
+              cpu: "1"
+              memory: "1500Mi"
+          EnvVars:
+          - type: KeyValue
+            key: ES_JAVA_OPTS
+            value: "-Xms512m -Xmx512m"
+          - type: KeyValue
+            key: cluster.name
+            value: molgenis
+          - type: KeyValue
+            key: bootstrap.memory_lock
+            value: "true"
+          - type: KeyValue
+            key: xpack.security.enabled
+            value: "false"
+          - type: KeyValue
+            key: discovery.type
+            value: single-node
+        postgres:
+          Image: postgres
+          ImageTag: 9.6-alpine
+          resources:
+            requests:
+              cpu: "100m"
+              memory: "250Mi"
+            limits:
+              cpu: "1"
+              memory: "250Mi"
+          EnvVars:
+          - type: KeyValue
+            key: POSTGRES_USER
+            value: molgenis
+          - type: KeyValue
+            key: POSTGRES_PASSWORD
+            value: molgenis
+          - type: KeyValue
+            key: POSTGRES_DB
+            value: molgenis
+        opencpu:
+          Image: molgenis/opencpu
+          AlwaysPullImage: true
+          resources:
+            requests:
+              cpu: "100m"
+              memory: "256Mi"
+            limits:
+              cpu: "1"
+              memory: "512Mi"
+      NodeSelector: {}
+
+# secret contains configuration for the kubernetes secrets that jenkins can access
+secret:
+  # vault configures the vault secret
+  vault:
+    token: xxxx
+    addr: "https://vault-operator.vault-operator.svc:8200"
+    skipVerify: "1"
+  # githubToken contains access token for jenkins bot account on github.com
+  gitHub:
+    user: "molgenis-jenkins"
+    token: xxxx
+  # gogs contains access token for jenkins bot account on RuG GoGs
+  gogs:
+    user: p281392
+    token: xxxx
+  # registry contains credentials for registry.molgenis.org
+  registry:
+    user: admin
+    password: xxxx
+  # dockerHubPassword contains password for hub.docker.com
+  dockerHub:
+    user: molgenisci
+    password: xxxx

charts/molgenis-nexus/Chart.yaml

@@ -5,4 +5,8 @@ name: molgenis-nexus
 version: 0.4.2
 sources:
 - https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git
-icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-nexus/catalogIcon-molgenis-nexus.svg
+icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-nexus/catalogIcon-molgenis-nexus.svg
+home: https://www.sonatype.com/nexus-repository-oss
+maintainers:
+- name: sidohaakma
+- name: fdlk

charts/molgenis-nexus/README.md

@@ -0,0 +1,64 @@
+# MOLGENIS - NEXUS Helm Chart
+
+NEXUS repository for kubernetes to deploy on a kubernetes cluster with NFS-share
+
+## Chart Details
+
+This chart will deploy:
+
+- 1 NEXUS-nfs initialization container
+
+  We need this container to avoid permission issues on the NEXUS docker
+- 1 NEXUS container
+- 1 MOLGENIS-httpd container (to proxy the registry and docker to one domain)
+
+## Backup restore
+There are two steps in restoring the NEXUS.
+
+- Database
+- Blobstore
+
+### Restore the database
+Go to the commandline:
+
+```bash
+kubectl get pv
+```
+
+```bash
+| NAME | CAPACITY | ACCESS | MODES | RECLAIM | POLICY | STATUS | CLAIM | STORAGECLASS | REASON | AGE |
+| ---- | -------- | ------ | ----- | ------- | ------ | ------ | ----- | ------------ | ------ | --- |
+| pvc-45988f55-900f-11e8-a0b4-005056a51744 | 30G | RWX | | Retain | Bound | molgenis-nexus/molgenis-nfs-claim | nfs-provisioner-retain | | | 33d |
+| pvc-3984723d-220f-14e8-a98a-skjhf88823kk | 30G | RWO | | Delete | Bound | molgenis-test/molgenis-nfs-claim | nfs-provisioner | | | 33d |
+```
+
+The persistent volume is the one in the molgenis-nexus namespace. 
+
+Go to the NFS-provisioner to the path of the persistent volume:
+
+```bash
+ls -t --full-time | head -7 | xargs cp ../restore-from-backup/
+```
+
+### Restore the blobstore
+You can copy the directory ```blobs``` to the target persistent volume ```/ blobs```.
+
+You can now bring the NEXUS back up.
+
+## Installing the Chart
+
+You can test in install the chart by executing:
+
+```helm lint .```
+
+To test if your helm chart-syntax is right and:
+
+```helm install . --dry-run --debug```
+
+To test if your hem chart works and:
+
+```helm install .```
+
+To deploy it on the cluster.
+
+

charts/molgenis-opencpu/Chart.yaml

@@ -5,4 +5,8 @@ name: molgenis-opencpu
 version: 0.1.1
 sources:
 - https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git
-icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-opencpu/catalogIcon-molgenis-opencpu.svg
+icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-opencpu/catalogIcon-molgenis-opencpu.svg
+home: https://www.opencpu.org
+maintainers:
+- name: sidohaakma
+- name: fdlk

charts/molgenis-opencpu/templates/deployment.yaml

@@ -0,0 +1,35 @@
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  {{- with .Values.ingress.annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+  {{- end }}
+  name: {{ template "opencpu.fullname" . }}
+  labels:
+    app: {{ template "opencpu.name" . }}
+    chart: {{ template "opencpu.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ template "opencpu.name" . }}
+      release: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app: {{ template "opencpu.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      containers:
+      {{- with .Values.opencpu }}
+      - name: {{ .name }}
+        image: "{{ .image.repository }}/{{ .image.name }}:{{ .image.tag }}"
+        imagePullPolicy: {{ .image.pullPolicy }}
+        ports:
+        - containerPort: {{ .service.port }}
+      {{- end }}
+
+

charts/molgenis-opencpu/values.yaml

@@ -0,0 +1,41 @@
+# Default values for nexus.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+environment: production
+
+opencpu:
+  name: opencpu
+  strategy:
+    type: Recreate
+  restartPolicy: Always
+  image:
+    repository: registry.hub.docker.com
+    name: molgenis/opencpu
+    tag: stable
+    pullPolicy: Always
+  service:
+    name: opencpu
+    type: LoadBalancer
+    port: 8004
+    firewall:
+    - 145.100.224.1/24
+
+ingress:
+  enabled: false
+  annotations: {
+    kubernetes.io/ingress.class: "nginx",
+    nginx.ingress.kubernetes.io/proxy-body-size: "0"
+  }
+  path: /
+  hosts:
+  - name: opencpu.molgenis.org
+  tls: []
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}

charts/molgenis-vault/Chart.yaml

@@ -4,3 +4,7 @@ description: MOLGENIS vault
 name: molgenis-vault
 version: 0.1.1
 icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis-vault/catalogIcon-molgenis-vault.svg
+home: https://github.com/coreos/vault-operator
+maintainers:
+- name: fdlk
+- name: sidohaakma

charts/molgenis-vault/README.md

@@ -0,0 +1,52 @@
+# MOLGENIS Vault helm chart
+
+This chart creates a vault operator, but NO vault.
+The vault operator defines a new custom resource named `vault` that you can use to create vaults.
+
+After launching the operator, create the molgenis vault manually:
+`kubectl create -f resources/vault.yaml`
+
+That creates a new vault with two vault pods.
+
+See https://github.com/coreos/vault-operator/blob/master/doc/user/vault.md
+
+## Parameters
+
+### Azure cloud credentials
+Define credentials for backup to the Azure Blob Store.
+See [etcd-operator documentation](https://github.com/coreos/etcd-operator/blob/master/doc/user/abs_backup.md).
+
+| Parameter       | Description                   | Default            |
+| --------------- | ----------------------------- | ------------------ |
+| `abs.account`   | name of storage account       | `fdlkops`          |
+| `abs.accessKey` | access key of storage account | `xxxx`             |
+| `abs.cloud`     | name of cloud environment     | `AzurePublicCloud` |
+
+### Backup job
+Define the schedule of the backup job
+
+| Parameter            | Description                  | Default       |
+| -------------------- | ---------------------------- | ------------- |
+| `backupJob.enable`   | Enable backup cronjob        | `true`        |
+| `backupJob.schedule` | cron schedule for the backup | `0 12 * * 1`  |
+
+### UI
+
+Parameter | Description | Default
+--------- | ----------- | ------- 
+`ui.replicaCount` | desired number of Vault UI pod | `1`
+`ui.image.repository` | Vault UI container image repository | `djenriquez/vault-ui`
+`ui.image.tag` | Vault UI container image tag | `latest`
+`ui.resources` | Vault UI pod resource requests & limits | `{}`
+`ui.nodeSelector` | node labels for Vault UI pod assignment | `{}`
+`ui.ingress.enabled` | If true, Vault UI Ingress will be created | `true`
+`ui.ingress.annotations` | Vault UI Ingress annotations | `{}`
+`ui.ingress.host` | Vault UI Ingress hostname | `vault.molgenis.org`
+`ui.ingress.tls` | Vault UI Ingress TLS configuration (YAML) | `[]`
+`ui.vault.url` | Vault UI default vault url | `https://vault.vault-operator:8200`
+`ui.vault.auth` | Vault UI login method | `GITHUB`
+`ui.service.name` | Vault UI service name | `vault-ui`
+`ui.service.type` | type of ui service to create | `ClusterIP`
+`ui.service.externalPort` | Vault UI service target port | `8000`
+`ui.service.internalPort` | Vault UI container port | `8000`
+`ui.service.nodePort` | Port to be used as the service NodePort (ignored if `server.service.type` is not `NodePort`) | `0`

charts/molgenis-vault/values.yaml

@@ -0,0 +1,79 @@
+# Default values for molgenis-vault.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# abs gives details of the credentials to reach the azure backup storage
+abs:
+  # account is the name of the Storage account
+  account: fdlkops
+  # access key for the Storage account
+  accessKey: xxxx
+  # default cloud
+  cloud: AzurePublicCloud
+
+# backupjob describes the backup cronjob
+backupJob:
+  # enable enables the backup job
+  enable: true
+  # schedule gives the cron schedule for the backup job
+  schedule: "0 12 * * 1"
+
+###
+# All of the config variables related to setting up the etcd-operator
+# If you want more information about the variables exposed, please visit:
+#   https://github.com/kubernetes/charts/tree/master/stable/etcd-operator#configuration
+###
+etcd-operator:
+  deployments:
+    etcdOperator: true
+    backupOperator: true
+    restoreOperator: true
+  serviceAccount:
+    etcdOperatorServiceAccount:
+      create: true
+    backupOperatorServiceAccount:
+      create: true
+    restoreOperatorServiceAccount:
+      create: true
+  etcdOperator:
+    image:
+      tag: v0.9.2
+  backupOperator:
+    image:
+      tag: v0.9.2
+  restoreOperator:
+    image:
+      tag: v0.9.2
+
+ui:
+  name: "vault-ui"
+  replicaCount: 1
+  image:
+    repository: djenriquez/vault-ui
+    tag: latest
+  service:
+    name: vault-ui
+    type: ClusterIP
+    externalPort: 8000
+    internalPort: 8000
+    # nodePort: 32001
+  ingress:
+    enabled: true
+    # Used to create Ingress record (should used with service.type: ClusterIP).
+    host: vault.molgenis.org
+
+  resources: {}
+    # We usually recommend not to specify default resources and to leave this as a conscious
+    # choice for the user. This also increases chances charts run on environments with little
+    # resources, such as Minikube. If you do want to specify resources, uncomment the following
+    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+    # limits:
+    #  cpu: 100m
+    #  memory: 128Mi
+    # requests:
+    #  cpu: 100m
+    #  memory: 128Mi
+  nodeSelector: {}
+  vault:
+    auth: GITHUB
+    url: https://vault.vault-operator:8200

charts/molgenis/Chart.yaml

@@ -5,4 +5,8 @@ name: molgenis
 version: 0.4.3
 sources:
 - https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git
-icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis/catalogIcon-molgenis.svg
+icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/molgenis/catalogIcon-molgenis.svg
+home: http://molgenis.org
+maintainers:
+- name: sidohaakma
+- name: fdlk

charts/molgenis/values.yaml

@@ -0,0 +1,103 @@
+# Default values for molgenis.
+
+replicaCount: 1
+
+service:
+  type: LoadBalancer
+  firewall:
+    enabled: false
+    kind: "umcg"
+    umcg:
+      rules:
+      - 127.0.0.1/32
+    cluster:
+      rules:
+      - 127.0.0.1/32
+  port: 8080
+
+ingress:
+  enabled: true
+  annotations:
+    nginx.ingress.kubernetes.io/proxy-body-size: "0"
+  path: /
+  hosts:
+  - name: test.molgenis.org
+  tls: []
+
+molgenis:
+  image:
+    repository: registry.hub.docker.com
+    name: molgenis/molgenis-app
+    tag: stable
+    pullPolicy: Always
+  adminPassword:
+  javaOpts:
+    maxHeapSpace: "1g"
+  resources:
+    limits:
+      cpu: 1
+      memory: 1250Mi
+    requests:
+      cpu: 200m
+      memory: 1250Mi
+  persistence:
+    claim: molgenis-nfs-claim
+    size: 5Gi
+  services:
+    opencpu:
+      host: localhost
+    elasticsearch:
+      transportAddresses: localhost:9300
+      clusterName: molgenis
+    postgres:
+      embedded: false
+      host: localhost
+      scheme: molgenis
+      user: molgenis
+      password: molgenis
+
+elasticsearch:
+  image:
+    repository: docker.elastic.co/elasticsearch/elasticsearch
+    tag: 5.5.3
+    pullPolicy: IfNotPresent
+  javaOpts: "-Xms1g -Xmx1g"
+  clusterName: molgenis
+  resources:
+    limits:
+      cpu: 2
+      memory: 3Gi
+    requests:
+      cpu: 100m
+      memory: 1Gi
+  persistence:
+    claim: elasticsearch-nfs-claim
+    size: 5Gi
+
+postgres:
+  image:
+    repository: postgres
+    tag: 9.6-alpine
+    pullPolicy: IfNotPresent
+  resources:
+    limits:
+      cpu: 1
+      memory: 250Mi
+    requests:
+      cpu: 100m
+      memory: 250Mi
+  persistence:
+    claim: postgres-nfs-claim
+    size: 5Gi
+
+persistence:
+  enabled: true
+  retain: false
+
+nodeSelector: {
+  deployPod: "true"
+}
+
+tolerations: []
+
+affinity: {}

molgenis-jenkins/Chart.yaml

@@ -1,6 +1,6 @@
 name: molgenis-jenkins
 home: https://jenkins.io/
-version: 0.7.1
+version: 0.8.0
 appVersion: 2.121
 description: Molgenis installation for the jenkins chart.
 sources:

molgenis-jenkins/README.md

@@ -75,6 +75,10 @@ Token used by Jenkins to authenticate on the [RuG Webhosting Gogs](https://git.w
 | `secret.gogs.user`  | username for the account | `p281392` |
 | `secret.gogs.token` | token for the account    | `xxxx`    |
 
+
+#### Slack
+The Slack integration is done mostly in the Jenkinsfile of each project. It is sufficient to only add the plugin to the Jenkins configuration in Helm.
+
 #### Legacy:
 
 ##### Docker Hub

molgenis-jenkins/resources/README.md

@@ -1,3 +1,5 @@
+# Helm in Jenkins
+
 To be able to run helm inside a jenkins pod, you'll need to 
 * create a role in the namespace where tiller is installed
 * bind that role to the user that jenkins pods run as

molgenis-jenkins/values.yaml

@@ -1,5 +1,7 @@
 jenkins:
   Master:
+    NodeSelector:
+      deployPod: "true"
     HostName: jenkins.molgenis.org
     ServiceType: ClusterIP
     InstallPlugins:
@@ -14,6 +16,7 @@ jenkins:
       - github-oauth:0.29
       - gogs-webhook:1.0.14
       - github-scm-trait-commit-skip:0.1.1
+      - slack:2.3
     Security:
       UseGitHub: false
       GitHub:
@@ -489,7 +492,9 @@ jenkins:
           Command: cat
           WorkingDir: /home/jenkins
           TTY: true
-      NodeSelector: {}
+      NodeSelector: {
+        deployPod: "true"
+      }
     node:
       Label: node-carbon
       NodeUsageMode: EXCLUSIVE
@@ -519,7 +524,9 @@ jenkins:
               key: VAULT_ADDR
               secretName: molgenis-pipeline-vault-secret
               secretKey: addr
-      NodeSelector: {}
+      NodeSelector: {
+        deployPod: "true"
+      }
     molgenis-it:
       InheritFrom: molgenis
       Label: molgenis-it
@@ -581,7 +588,9 @@ jenkins:
             limits:
               cpu: "1"
               memory: "512Mi"
-      NodeSelector: {}
+      NodeSelector: {
+        deployPod: "true"
+      }
 
 #secret contains configuration for the kubernetes secrets that jenkins can access
 secret:

molgenis-nexus/README.md

@@ -61,4 +61,9 @@ To test if your hem chart works and:
 
 To deploy it on the cluster.
 
+```curl -L -u xxxx:xxxx http://registry.molgenis.org/repository/helm/ --upload-file molgenis-x.x.x.tgz```
+
+To push it to the registry
+
+
 

molgenis-opencpu/templates/deployment.yaml

@@ -31,5 +31,7 @@ spec:
         ports:
         - containerPort: {{ .service.port }}
       {{- end }}
-
-
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml . | indent 8 }}
+      {{- end }}

molgenis-opencpu/values.yaml

@@ -34,7 +34,9 @@ ingress:
   - name: opencpu.molgenis.org
   tls: []
 
-nodeSelector: {}
+nodeSelector: {
+  deployPod: "true"
+}
 
 tolerations: []
 

molgenis-vault/README.md

@@ -38,7 +38,7 @@ Parameter | Description | Default
 `ui.image.repository` | Vault UI container image repository | `djenriquez/vault-ui`
 `ui.image.tag` | Vault UI container image tag | `latest`
 `ui.resources` | Vault UI pod resource requests & limits | `{}`
-`ui.nodeSelector` | node labels for Vault UI pod assignment | `{}`
+`ui.nodeSelector` | node labels for Vault UI pod assignment | `{deployPod: "true"}`
 `ui.ingress.enabled` | If true, Vault UI Ingress will be created | `true`
 `ui.ingress.annotations` | Vault UI Ingress annotations | `{}`
 `ui.ingress.host` | Vault UI Ingress hostname | `vault.molgenis.org`

molgenis-vault/values.yaml

@@ -18,6 +18,10 @@ backupJob:
   # schedule gives the cron schedule for the backup job
   schedule: "0 12 * * 1"
 
+vault-operator:
+  nodeSelector:
+    deployPod: "true"
+
 ###
 # All of the config variables related to setting up the etcd-operator
 # If you want more information about the variables exposed, please visit:
@@ -44,6 +48,8 @@ etcd-operator:
   restoreOperator:
     image:
       tag: v0.9.2
+  nodeSelector:
+    deployPod: "true"
 
 ui:
   name: "vault-ui"
@@ -73,7 +79,8 @@ ui:
     #requests:
     #  cpu: 100m
     #  memory: 128Mi
-  nodeSelector: {}
+  nodeSelector:
+    deployPod: "true"
   vault:
     auth: GITHUB
     url: https://vault.vault-operator:8200

molgenis/values.yaml

@@ -94,9 +94,8 @@ persistence:
   enabled: true
   retain: false
 
-nodeSelector: {
+nodeSelector:
   deployPod: "true"
-}
 
 tolerations: []