Compare commits
9 Commits
91fbfed2a6
...
c47de0a6cb
Author | SHA1 | Date | |
---|---|---|---|
|
c47de0a6cb | ||
|
d909c1bc07 | ||
|
b600c06489 | ||
|
e1e3b0ccc8 | ||
|
fba81f3ea7 | ||
|
b4b9004ac6 | ||
|
f885e0239e | ||
|
c064d27191 | ||
|
00b025e4d1 |
File diff suppressed because it is too large
Load Diff
Before Width: | Height: | Size: 133 KiB |
@ -1,21 +0,0 @@
|
|||||||
# Patterns to ignore when building packages.
|
|
||||||
# This supports shell glob matching, relative path matching, and
|
|
||||||
# negation (prefixed with !). Only one pattern per line.
|
|
||||||
.DS_Store
|
|
||||||
# Common VCS dirs
|
|
||||||
.git/
|
|
||||||
.gitignore
|
|
||||||
.bzr/
|
|
||||||
.bzrignore
|
|
||||||
.hg/
|
|
||||||
.hgignore
|
|
||||||
.svn/
|
|
||||||
# Common backup files
|
|
||||||
*.swp
|
|
||||||
*.bak
|
|
||||||
*.tmp
|
|
||||||
*~
|
|
||||||
# Various IDEs
|
|
||||||
.project
|
|
||||||
.idea/
|
|
||||||
*.tmproj
|
|
@ -1,6 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
appVersion: "1.0"
|
|
||||||
description: Jenkins stack for MOLGENIS
|
|
||||||
name: jenkins
|
|
||||||
version: 0.1.0
|
|
||||||
icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/jenkins/v0.1.x/catalogIcon-molgenis-jenkins.svg
|
|
@ -1,32 +0,0 @@
|
|||||||
{{/* vim: set filetype=mustache: */}}
|
|
||||||
{{/*
|
|
||||||
Expand the name of the chart.
|
|
||||||
*/}}
|
|
||||||
{{- define "jenkins.name" -}}
|
|
||||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Create a default fully qualified app name.
|
|
||||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
|
||||||
If release name contains chart name it will be used as a full name.
|
|
||||||
*/}}
|
|
||||||
{{- define "jenkins.fullname" -}}
|
|
||||||
{{- if .Values.fullnameOverride -}}
|
|
||||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- else -}}
|
|
||||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
|
||||||
{{- if contains $name .Release.Name -}}
|
|
||||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- else -}}
|
|
||||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Create chart name and version as used by the chart label.
|
|
||||||
*/}}
|
|
||||||
{{- define "jenkins.chart" -}}
|
|
||||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- end -}}
|
|
@ -1,38 +0,0 @@
|
|||||||
apiVersion: extensions/v1beta1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
creationTimestamp: null
|
|
||||||
name: {{ .Values.jenkins.agent.name }}
|
|
||||||
labels:
|
|
||||||
app: {{ .Values.jenkins.agent.name }}
|
|
||||||
environment: {{ .Values.environment }}
|
|
||||||
spec:
|
|
||||||
replicas: {{ .Values.replicaCount}}
|
|
||||||
strategy:
|
|
||||||
type: {{ .Values.jenkins.strategy.type }}
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: {{ .Values.jenkins.agent.selector }}
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: {{ .Values.jenkins.agent.name }}
|
|
||||||
creationTimestamp: null
|
|
||||||
spec:
|
|
||||||
restartPolicy: {{ .Values.agent.restartPolicy }}
|
|
||||||
containers:
|
|
||||||
- name: {{ .Values.jenkins.agent.name }}
|
|
||||||
image: "{{ .Values.jenkins.agent.image.repository }}:{{ .Values.jenkins.agent.image.tag }}"
|
|
||||||
imagePullPolicy: {{ .Values.jenkins.agent.image.pullPolicy }}
|
|
||||||
- name: JENKINS_SLAVE_SSH_PUBKEY
|
|
||||||
value: {{ .Values.jenkins.agent.ssh.public.key }}
|
|
||||||
ports:
|
|
||||||
- containerPort: {{ .Values.jenkins.agent.port }}
|
|
||||||
volumeMounts:
|
|
||||||
- mountPath: /var/run/docker.sock
|
|
||||||
name: jenkins-agent-worker-claim
|
|
||||||
volumes:
|
|
||||||
- name: jenkins-agent-worker-claim
|
|
||||||
persistentVolumeClaim:
|
|
||||||
claimName: jenkins-agent-worker-claim
|
|
||||||
|
|
@ -1,41 +0,0 @@
|
|||||||
apiVersion: extensions/v1beta1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
creationTimestamp: null
|
|
||||||
name: {{ .Values.jenkins.master.name }}
|
|
||||||
labels:
|
|
||||||
app: {{ .Values.jenkins.master.name }}
|
|
||||||
environment: {{ .Values.environment }}
|
|
||||||
spec:
|
|
||||||
replicas: {{ .Values.replicaCount}}
|
|
||||||
strategy:
|
|
||||||
type: {{ .Values.jenkins.strategy.type }}
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: {{ .Values.jenkins.master.selector }}
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: {{ .Values.jenkins.master.name }}
|
|
||||||
creationTimestamp: null
|
|
||||||
spec:
|
|
||||||
restartPolicy: {{ .Values.jenkins.restartPolicy }}
|
|
||||||
containers:
|
|
||||||
- name: {{ .Values.jenkins.master.name }}
|
|
||||||
image: "{{ .Values.jenkins.master.image.repository }}:{{ .Values.jenkins.master.image.tag }}"
|
|
||||||
imagePullPolicy: {{ .Values.jenkins.master.image.pullPolicy }}
|
|
||||||
- env:
|
|
||||||
- name: JENKINS_ADMIN_PASS
|
|
||||||
- name: JENKINS_ADMIN_USER
|
|
||||||
ports:
|
|
||||||
- containerPort: {{ .Values.jenkins.master.port }}
|
|
||||||
resources: {}
|
|
||||||
volumeMounts:
|
|
||||||
- name: jenkins-master-claim
|
|
||||||
mountPath: /var/jenkins-home
|
|
||||||
- name: jenkins-master-claim
|
|
||||||
mountPath: /var/run/docker.sock
|
|
||||||
volumes:
|
|
||||||
- name: jenkins-master-claim
|
|
||||||
persistentVolumeClaim:
|
|
||||||
claimName: jenkins-master-claim
|
|
@ -1,36 +0,0 @@
|
|||||||
{{- if .Values.ingress.enabled }}
|
|
||||||
{{- range .Values.ingress.hosts }}
|
|
||||||
apiVersion: extensions/v1beta1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: "{{ $.Release.Name }}-ingress"
|
|
||||||
labels:
|
|
||||||
app: {{ template "jenkins.fullname" $ }}
|
|
||||||
chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}"
|
|
||||||
release: "{{ $.Release.Name }}"
|
|
||||||
heritage: "{{ $.Release.Service }}"
|
|
||||||
annotations:
|
|
||||||
{{- if .tls }}
|
|
||||||
ingress.kubernetes.io/secure-backends: "true"
|
|
||||||
{{- end }}
|
|
||||||
{{- range $key, $value := .annotations }}
|
|
||||||
{{ $key }}: {{ $value | quote }}
|
|
||||||
{{- end }}
|
|
||||||
spec:
|
|
||||||
rules:
|
|
||||||
- host: {{ .name }}
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- path: {{ default "/" .path }}
|
|
||||||
backend:
|
|
||||||
serviceName: {{ template "jenkins.fullname" $ }}
|
|
||||||
servicePort: 80
|
|
||||||
{{- if .tls }}
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- {{ .name }}
|
|
||||||
secretName: {{ .tlsSecret }}
|
|
||||||
{{- end }}
|
|
||||||
---
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
@ -1,13 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: {{ .Values.jenkins.agent.name }}
|
|
||||||
labels:
|
|
||||||
app: {{ .Values.jenkins.agent.name }}
|
|
||||||
spec:
|
|
||||||
type: NodePort
|
|
||||||
ports:
|
|
||||||
- name: {{ .Values.jenkins.agent.name }}
|
|
||||||
port: {{ .Values.jenkins.agent.port }}
|
|
||||||
selector:
|
|
||||||
app: {{ .Values.jenkins.agent.selector }}
|
|
@ -1,13 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: {{ .Values.jenkins.master.name }}
|
|
||||||
labels:
|
|
||||||
app: {{ .Values.jenkins.master.name }}
|
|
||||||
spec:
|
|
||||||
type: NodePort
|
|
||||||
ports:
|
|
||||||
- name: {{ .Values.jenkins.master.name }}
|
|
||||||
port: {{ .Values.jenkins.master.port }}
|
|
||||||
selector:
|
|
||||||
app: {{ .Values.jenkins.master.selector }}
|
|
@ -1,12 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: PersistentVolumeClaim
|
|
||||||
metadata:
|
|
||||||
creationTimestamp: null
|
|
||||||
name: jenkins-agent-data
|
|
||||||
spec:
|
|
||||||
accessModes:
|
|
||||||
- ReadWriteOnce
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: 100Mi
|
|
||||||
status: {}
|
|
@ -1,12 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: PersistentVolumeClaim
|
|
||||||
metadata:
|
|
||||||
creationTimestamp: null
|
|
||||||
name: jenkins-master-data
|
|
||||||
spec:
|
|
||||||
accessModes:
|
|
||||||
- ReadWriteOnce
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: 100Mi
|
|
||||||
status: {}
|
|
@ -1,68 +0,0 @@
|
|||||||
# Default values for jenkins.
|
|
||||||
# This is a YAML-formatted file.
|
|
||||||
# Declare variables to be passed into your templates.
|
|
||||||
|
|
||||||
replicaCount: 1
|
|
||||||
|
|
||||||
environment: production
|
|
||||||
|
|
||||||
service:
|
|
||||||
type: NodePort
|
|
||||||
port: 8080
|
|
||||||
|
|
||||||
jenkins:
|
|
||||||
strategy:
|
|
||||||
type: Recreate
|
|
||||||
restartPolicy: Always
|
|
||||||
master:
|
|
||||||
name: jenkins-master
|
|
||||||
selector: jenkins-master
|
|
||||||
image:
|
|
||||||
repository: registry.webhosting.rug.nl/molgenis/jenkins-master
|
|
||||||
tag: lts
|
|
||||||
pullPolicy: Always
|
|
||||||
port: 8080
|
|
||||||
agent:
|
|
||||||
name: jenkins-agent
|
|
||||||
selector: jenkins-agent
|
|
||||||
image:
|
|
||||||
repository: registry.webhosting.rug.nl/molgenis/jenkins-agent
|
|
||||||
tag: lts
|
|
||||||
pullPolicy: Always
|
|
||||||
port: 22
|
|
||||||
ssh:
|
|
||||||
public:
|
|
||||||
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6+L3I5Dh1oKCxRktAhKwX20vQq5+hp40D2HCN+JSOT1WmiZOKQQ2U73HyRlukXV1MJGn6NM0pZS1W12IiAiSeu6xl+YFlEJykRK+9NnpSGwTMXXirCmCyWAlMUb6pcXmCqa1Pk1HqiUUfvflkvFHNT+26LBNXj0LbrT6KFd0xhm/KH9gMTKnYoBQqezE7D5jjPki5lKAfBL7IQkwgs5wFdaQicRYAUsuI7gV6EsDgVmLmF6f2d8+/AJ0fwYIFpzaYqQfgrpilMCvHXcuskpHj2RtJFMiPZ4WZSMZ3sMTD0MmZxdNU32qc/TR7mILHEB9/10EzmE4F7X1NdWYeJqK5VKH8RfwLHtiFDPPoqttc2AuaMrSPiRJxtww0oLsEN3toE9qauXpVcJUgaxpj0hE7UQP026Et3LZDQCD8w+3VPVUCfGHy7LTZdPzxDYuWmSMGF/VjYYKbv3WgPEVomRdB1TlaSEb8JfnHI1CVo4C+dImwxppVRbiAkjK/D+TnTavgx+zl85Fo1oNO49kjg9Avp2sOoHBSCBk6ceywIdvvaIzQSxQZfj3PbSWRg+ywJMS8tM6m6riEQola8EmHA7pP/Aj70453ip08MUnz1vsM/e396nqdw55KhR5dPEPHrfqmONMgr6IUa+6zyeWBQ7LTpkWztQ4lQcPl48jRE0ijTQ== sido@client-145-100-225-240.surfnet.eduroam.rug.nl
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
ingress:
|
|
||||||
enabled: true
|
|
||||||
annotations: {}
|
|
||||||
# kubernetes.io/ingress.class: nginx
|
|
||||||
# kubernetes.io/tls-acme: "true"
|
|
||||||
path: /
|
|
||||||
hosts:
|
|
||||||
- jenkins.molgenis.org
|
|
||||||
tls: []
|
|
||||||
# - secretName: chart-example-tls
|
|
||||||
# hosts:
|
|
||||||
# - chart-example.local
|
|
||||||
|
|
||||||
resources: {}
|
|
||||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
||||||
# choice for the user. This also increases chances charts run on environments with little
|
|
||||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
||||||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
||||||
# limits:
|
|
||||||
# cpu: 100m
|
|
||||||
# memory: 128Mi
|
|
||||||
# requests:
|
|
||||||
# cpu: 100m
|
|
||||||
# memory: 128Mi
|
|
||||||
|
|
||||||
nodeSelector: {}
|
|
||||||
|
|
||||||
tolerations: []
|
|
||||||
|
|
||||||
affinity: {}
|
|
@ -1,45 +0,0 @@
|
|||||||
1. Get your '{{ .Values.Master.AdminUser }}' user password by running:
|
|
||||||
printf $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "jenkins.fullname" . }} -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode);echo
|
|
||||||
|
|
||||||
{{- if .Values.Master.HostName }}
|
|
||||||
|
|
||||||
2. Visit http://{{ .Values.Master.HostName }}
|
|
||||||
{{- else }}
|
|
||||||
2. Get the Jenkins URL to visit by running these commands in the same shell:
|
|
||||||
{{- if contains "NodePort" .Values.Master.ServiceType }}
|
|
||||||
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "jenkins.fullname" . }})
|
|
||||||
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
|
|
||||||
echo http://$NODE_IP:$NODE_PORT/login
|
|
||||||
|
|
||||||
{{- else if contains "LoadBalancer" .Values.Master.ServiceType }}
|
|
||||||
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
|
|
||||||
You can watch the status of by running 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "jenkins.fullname" . }}'
|
|
||||||
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "jenkins.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}")
|
|
||||||
echo http://$SERVICE_IP:{{ .Values.Master.ServicePort }}/login
|
|
||||||
|
|
||||||
{{- else if contains "ClusterIP" .Values.Master.ServiceType }}
|
|
||||||
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "component={{ template "jenkins.fullname" . }}-master" -o jsonpath="{.items[0].metadata.name}")
|
|
||||||
echo http://127.0.0.1:{{ .Values.Master.ServicePort }}
|
|
||||||
kubectl port-forward $POD_NAME {{ .Values.Master.ServicePort }}:{{ .Values.Master.ServicePort }}
|
|
||||||
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
3. Login with the password from step 1 and the username: {{ .Values.Master.AdminUser }}
|
|
||||||
|
|
||||||
For more information on running Jenkins on Kubernetes, visit:
|
|
||||||
https://cloud.google.com/solutions/jenkins-on-container-engine
|
|
||||||
|
|
||||||
{{- if .Values.Persistence.Enabled }}
|
|
||||||
{{- else }}
|
|
||||||
#################################################################################
|
|
||||||
###### WARNING: Persistence is disabled!!! You will lose your data when #####
|
|
||||||
###### the Jenkins pod is terminated. #####
|
|
||||||
#################################################################################
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- if .Values.rbac.install }}
|
|
||||||
Configure the Kubernetes plugin in Jenkins to use the following Service Account name {{ template "jenkins.fullname" . }} using the following steps:
|
|
||||||
Create a Jenkins credential of type Kubernetes service account with service account name {{ template "jenkins.fullname" . }}
|
|
||||||
Under configure Jenkins -- Update the credentials config in the cloud section to use the service account credential you created in the step above.
|
|
||||||
{{- end }}
|
|
@ -1,34 +0,0 @@
|
|||||||
{{/* vim: set filetype=mustache: */}}
|
|
||||||
{{/*
|
|
||||||
Expand the name of the chart.
|
|
||||||
*/}}
|
|
||||||
{{- define "jenkins.name" -}}
|
|
||||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{/*
|
|
||||||
Create a default fully qualified app name.
|
|
||||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
|
||||||
If release name contains chart name it will be used as a full name.
|
|
||||||
*/}}
|
|
||||||
{{- define "jenkins.fullname" -}}
|
|
||||||
{{- if .Values.fullnameOverride -}}
|
|
||||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- else -}}
|
|
||||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
|
||||||
{{- if contains $name .Release.Name -}}
|
|
||||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- else -}}
|
|
||||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
||||||
{{- define "jenkins.kubernetes-version" -}}
|
|
||||||
{{- range .Values.Master.InstallPlugins -}}
|
|
||||||
{{ if hasPrefix "kubernetes:" . }}
|
|
||||||
{{- $split := splitList ":" . }}
|
|
||||||
{{- printf "%s" (index $split 1 ) -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end -}}
|
|
@ -1,208 +0,0 @@
|
|||||||
{{- if not .Values.Master.CustomConfigMap }}
|
|
||||||
|
|
||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: {{ template "jenkins.fullname" . }}
|
|
||||||
data:
|
|
||||||
config.xml: |-
|
|
||||||
<?xml version='1.0' encoding='UTF-8'?>
|
|
||||||
<hudson>
|
|
||||||
<disabledAdministrativeMonitors/>
|
|
||||||
<version>{{ .Values.Master.ImageTag }}</version>
|
|
||||||
<numExecutors>0</numExecutors>
|
|
||||||
<mode>NORMAL</mode>
|
|
||||||
<useSecurity>{{ .Values.Master.UseSecurity }}</useSecurity>
|
|
||||||
<authorizationStrategy class="hudson.security.FullControlOnceLoggedInAuthorizationStrategy">
|
|
||||||
<denyAnonymousReadAccess>true</denyAnonymousReadAccess>
|
|
||||||
</authorizationStrategy>
|
|
||||||
<securityRealm class="hudson.security.LegacySecurityRealm"/>
|
|
||||||
<disableRememberMe>false</disableRememberMe>
|
|
||||||
<projectNamingStrategy class="jenkins.model.ProjectNamingStrategy$DefaultProjectNamingStrategy"/>
|
|
||||||
<workspaceDir>${JENKINS_HOME}/workspace/${ITEM_FULLNAME}</workspaceDir>
|
|
||||||
<buildsDir>${ITEM_ROOTDIR}/builds</buildsDir>
|
|
||||||
<markupFormatter class="hudson.markup.EscapedMarkupFormatter"/>
|
|
||||||
<jdks/>
|
|
||||||
<viewsTabBar class="hudson.views.DefaultViewsTabBar"/>
|
|
||||||
<myViewsTabBar class="hudson.views.DefaultMyViewsTabBar"/>
|
|
||||||
<clouds>
|
|
||||||
<org.csanchez.jenkins.plugins.kubernetes.KubernetesCloud plugin="kubernetes@{{ template "jenkins.kubernetes-version" . }}">
|
|
||||||
<name>kubernetes</name>
|
|
||||||
<templates>
|
|
||||||
{{- if .Values.Agent.Enabled }}
|
|
||||||
<org.csanchez.jenkins.plugins.kubernetes.PodTemplate>
|
|
||||||
<inheritFrom></inheritFrom>
|
|
||||||
<name>default</name>
|
|
||||||
<instanceCap>2147483647</instanceCap>
|
|
||||||
<idleMinutes>0</idleMinutes>
|
|
||||||
<label>{{ .Release.Name }}-{{ .Values.Agent.Component }}</label>
|
|
||||||
<nodeSelector>
|
|
||||||
{{- $local := dict "first" true }}
|
|
||||||
{{- range $key, $value := .Values.Agent.NodeSelector }}
|
|
||||||
{{- if not $local.first }},{{- end }}
|
|
||||||
{{- $key }}={{ $value }}
|
|
||||||
{{- $_ := set $local "first" false }}
|
|
||||||
{{- end }}</nodeSelector>
|
|
||||||
<nodeUsageMode>NORMAL</nodeUsageMode>
|
|
||||||
<volumes>
|
|
||||||
{{- range $index, $volume := .Values.Agent.volumes }}
|
|
||||||
<org.csanchez.jenkins.plugins.kubernetes.volumes.{{ $volume.type }}Volume>
|
|
||||||
{{- range $key, $value := $volume }}{{- if not (eq $key "type") }}
|
|
||||||
<{{ $key }}>{{ $value }}</{{ $key }}>
|
|
||||||
{{- end }}{{- end }}
|
|
||||||
</org.csanchez.jenkins.plugins.kubernetes.volumes.{{ $volume.type }}Volume>
|
|
||||||
{{- end }}
|
|
||||||
</volumes>
|
|
||||||
<containers>
|
|
||||||
<org.csanchez.jenkins.plugins.kubernetes.ContainerTemplate>
|
|
||||||
<name>jnlp</name>
|
|
||||||
<image>{{ .Values.Agent.Image }}:{{ .Values.Agent.ImageTag }}</image>
|
|
||||||
{{- if .Values.Agent.Privileged }}
|
|
||||||
<privileged>true</privileged>
|
|
||||||
{{- else }}
|
|
||||||
<privileged>false</privileged>
|
|
||||||
{{- end }}
|
|
||||||
<alwaysPullImage>{{ .Values.Agent.AlwaysPullImage }}</alwaysPullImage>
|
|
||||||
<workingDir>/home/jenkins</workingDir>
|
|
||||||
<command></command>
|
|
||||||
<args>${computer.jnlpmac} ${computer.name}</args>
|
|
||||||
<ttyEnabled>false</ttyEnabled>
|
|
||||||
<resourceRequestCpu>{{.Values.Agent.Cpu}}</resourceRequestCpu>
|
|
||||||
<resourceRequestMemory>{{.Values.Agent.Memory}}</resourceRequestMemory>
|
|
||||||
<resourceLimitCpu>{{.Values.Agent.Cpu}}</resourceLimitCpu>
|
|
||||||
<resourceLimitMemory>{{.Values.Agent.Memory}}</resourceLimitMemory>
|
|
||||||
<envVars>
|
|
||||||
<org.csanchez.jenkins.plugins.kubernetes.ContainerEnvVar>
|
|
||||||
<key>JENKINS_URL</key>
|
|
||||||
<value>http://{{ template "jenkins.fullname" . }}:{{.Values.Master.ServicePort}}{{ default "" .Values.Master.JenkinsUriPrefix }}</value>
|
|
||||||
</org.csanchez.jenkins.plugins.kubernetes.ContainerEnvVar>
|
|
||||||
</envVars>
|
|
||||||
</org.csanchez.jenkins.plugins.kubernetes.ContainerTemplate>
|
|
||||||
</containers>
|
|
||||||
<envVars/>
|
|
||||||
<annotations/>
|
|
||||||
{{- if .Values.Agent.ImagePullSecret }}
|
|
||||||
<imagePullSecrets>
|
|
||||||
<org.csanchez.jenkins.plugins.kubernetes.PodImagePullSecret>
|
|
||||||
<name>{{ .Values.Agent.ImagePullSecret }}</name>
|
|
||||||
</org.csanchez.jenkins.plugins.kubernetes.PodImagePullSecret>
|
|
||||||
</imagePullSecrets>
|
|
||||||
{{- else }}
|
|
||||||
<imagePullSecrets/>
|
|
||||||
{{- end }}
|
|
||||||
<nodeProperties/>
|
|
||||||
</org.csanchez.jenkins.plugins.kubernetes.PodTemplate>
|
|
||||||
{{- end -}}
|
|
||||||
</templates>
|
|
||||||
<serverUrl>https://kubernetes.default</serverUrl>
|
|
||||||
<skipTlsVerify>false</skipTlsVerify>
|
|
||||||
<namespace>{{ .Release.Namespace }}</namespace>
|
|
||||||
<jenkinsUrl>http://{{ template "jenkins.fullname" . }}:{{.Values.Master.ServicePort}}{{ default "" .Values.Master.JenkinsUriPrefix }}</jenkinsUrl>
|
|
||||||
<jenkinsTunnel>{{ template "jenkins.fullname" . }}-agent:50000</jenkinsTunnel>
|
|
||||||
<containerCap>10</containerCap>
|
|
||||||
<retentionTimeout>5</retentionTimeout>
|
|
||||||
<connectTimeout>0</connectTimeout>
|
|
||||||
<readTimeout>0</readTimeout>
|
|
||||||
</org.csanchez.jenkins.plugins.kubernetes.KubernetesCloud>
|
|
||||||
</clouds>
|
|
||||||
<quietPeriod>5</quietPeriod>
|
|
||||||
<scmCheckoutRetryCount>0</scmCheckoutRetryCount>
|
|
||||||
<views>
|
|
||||||
<hudson.model.AllView>
|
|
||||||
<owner class="hudson" reference="../../.."/>
|
|
||||||
<name>All</name>
|
|
||||||
<filterExecutors>false</filterExecutors>
|
|
||||||
<filterQueue>false</filterQueue>
|
|
||||||
<properties class="hudson.model.View$PropertyList"/>
|
|
||||||
</hudson.model.AllView>
|
|
||||||
</views>
|
|
||||||
<primaryView>All</primaryView>
|
|
||||||
<slaveAgentPort>50000</slaveAgentPort>
|
|
||||||
<disabledAgentProtocols>
|
|
||||||
{{- range .Values.Master.DisabledAgentProtocols }}
|
|
||||||
<string>{{ . }}</string>
|
|
||||||
{{- end }}
|
|
||||||
</disabledAgentProtocols>
|
|
||||||
<label></label>
|
|
||||||
{{- if .Values.Master.CSRF.DefaultCrumbIssuer.Enabled }}
|
|
||||||
<crumbIssuer class="hudson.security.csrf.DefaultCrumbIssuer">
|
|
||||||
{{- if .Values.Master.CSRF.DefaultCrumbIssuer.ProxyCompatability }}
|
|
||||||
<excludeClientIPFromCrumb>true</excludeClientIPFromCrumb>
|
|
||||||
{{- end }}
|
|
||||||
</crumbIssuer>
|
|
||||||
{{- end }}
|
|
||||||
<nodeProperties/>
|
|
||||||
<globalNodeProperties/>
|
|
||||||
<noUsageStatistics>true</noUsageStatistics>
|
|
||||||
</hudson>
|
|
||||||
{{- if .Values.Master.ScriptApproval }}
|
|
||||||
scriptapproval.xml: |-
|
|
||||||
<?xml version='1.0' encoding='UTF-8'?>
|
|
||||||
<scriptApproval plugin="script-security@1.27">
|
|
||||||
<approvedScriptHashes/>
|
|
||||||
<approvedSignatures>
|
|
||||||
{{- range $key, $val := .Values.Master.ScriptApproval }}
|
|
||||||
<string>{{ $val }}</string>
|
|
||||||
{{- end }}
|
|
||||||
</approvedSignatures>
|
|
||||||
<aclApprovedSignatures/>
|
|
||||||
<approvedClasspathEntries/>
|
|
||||||
<pendingScripts/>
|
|
||||||
<pendingSignatures/>
|
|
||||||
<pendingClasspathEntries/>
|
|
||||||
</scriptApproval>
|
|
||||||
{{- end }}
|
|
||||||
jenkins.CLI.xml: |-
|
|
||||||
<?xml version='1.1' encoding='UTF-8'?>
|
|
||||||
<jenkins.CLI>
|
|
||||||
{{- if .Values.Master.CLI }}
|
|
||||||
<enabled>true</enabled>
|
|
||||||
{{- else }}
|
|
||||||
<enabled>false</enabled>
|
|
||||||
{{- end }}
|
|
||||||
</jenkins.CLI>
|
|
||||||
apply_config.sh: |-
|
|
||||||
mkdir -p /usr/share/jenkins/ref/secrets/;
|
|
||||||
echo "false" > /usr/share/jenkins/ref/secrets/slave-to-master-security-kill-switch;
|
|
||||||
cp -n /var/jenkins_config/config.xml /var/jenkins_home;
|
|
||||||
cp -n /var/jenkins_config/jenkins.CLI.xml /var/jenkins_home;
|
|
||||||
{{- if .Values.Master.InstallPlugins }}
|
|
||||||
# Install missing plugins
|
|
||||||
cp /var/jenkins_config/plugins.txt /var/jenkins_home;
|
|
||||||
rm -rf /usr/share/jenkins/ref/plugins/*.lock
|
|
||||||
/usr/local/bin/install-plugins.sh `echo $(cat /var/jenkins_home/plugins.txt)`;
|
|
||||||
# Copy plugins to shared volume
|
|
||||||
cp -n /usr/share/jenkins/ref/plugins/* /var/jenkins_plugins;
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.ScriptApproval }}
|
|
||||||
cp -n /var/jenkins_config/scriptapproval.xml /var/jenkins_home/scriptApproval.xml;
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.InitScripts }}
|
|
||||||
mkdir -p /var/jenkins_home/init.groovy.d/;
|
|
||||||
cp -n /var/jenkins_config/*.groovy /var/jenkins_home/init.groovy.d/
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.CredentialsXmlSecret }}
|
|
||||||
cp -n /var/jenkins_credentials/credentials.xml /var/jenkins_home;
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.SecretsFilesSecret }}
|
|
||||||
cp -n /var/jenkins_secrets/* /usr/share/jenkins/ref/secrets;
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.Jobs }}
|
|
||||||
for job in $(ls /var/jenkins_jobs); do
|
|
||||||
mkdir -p /var/jenkins_home/jobs/$job
|
|
||||||
cp -n /var/jenkins_jobs/$job /var/jenkins_home/jobs/$job/config.xml
|
|
||||||
done
|
|
||||||
{{- end }}
|
|
||||||
{{- range $key, $val := .Values.Master.InitScripts }}
|
|
||||||
init{{ $key }}.groovy: |-
|
|
||||||
{{ $val | indent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
plugins.txt: |-
|
|
||||||
{{- if .Values.Master.InstallPlugins }}
|
|
||||||
{{- range $index, $val := .Values.Master.InstallPlugins }}
|
|
||||||
{{ $val | indent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{ else }}
|
|
||||||
{{ include "override_config_map" . }}
|
|
||||||
{{- end -}}
|
|
@ -1,28 +0,0 @@
|
|||||||
{{- if and .Values.Persistence.Enabled (not .Values.Persistence.ExistingClaim) -}}
|
|
||||||
kind: PersistentVolumeClaim
|
|
||||||
apiVersion: v1
|
|
||||||
metadata:
|
|
||||||
{{- if .Values.Persistence.Annotations }}
|
|
||||||
annotations:
|
|
||||||
{{ toYaml .Values.Persistence.Annotations | indent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
name: {{ template "jenkins.fullname" . }}
|
|
||||||
labels:
|
|
||||||
app: {{ template "jenkins.fullname" . }}
|
|
||||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
|
||||||
release: "{{ .Release.Name }}"
|
|
||||||
heritage: "{{ .Release.Service }}"
|
|
||||||
spec:
|
|
||||||
accessModes:
|
|
||||||
- {{ .Values.Persistence.AccessMode | quote }}
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: {{ .Values.Persistence.Size | quote }}
|
|
||||||
{{- if .Values.Persistence.StorageClass }}
|
|
||||||
{{- if (eq "-" .Values.Persistence.StorageClass) }}
|
|
||||||
storageClassName: ""
|
|
||||||
{{- else }}
|
|
||||||
storageClassName: "{{ .Values.Persistence.StorageClass }}"
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
@ -1,20 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: {{ template "jenkins.fullname" . }}-agent
|
|
||||||
labels:
|
|
||||||
app: {{ template "jenkins.fullname" . }}
|
|
||||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
|
||||||
component: "{{ .Release.Name }}-{{ .Values.Master.Component }}"
|
|
||||||
{{- if .Values.Master.SlaveListenerServiceAnnotations }}
|
|
||||||
annotations:
|
|
||||||
{{ toYaml .Values.Master.SlaveListenerServiceAnnotations | indent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
spec:
|
|
||||||
ports:
|
|
||||||
- port: {{ .Values.Master.SlaveListenerPort }}
|
|
||||||
targetPort: {{ .Values.Master.SlaveListenerPort }}
|
|
||||||
name: slavelistener
|
|
||||||
selector:
|
|
||||||
component: "{{ .Release.Name }}-{{ .Values.Master.Component }}"
|
|
||||||
type: {{ .Values.Master.SlaveListenerServiceType }}
|
|
@ -1,222 +0,0 @@
|
|||||||
apiVersion: extensions/v1beta1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: {{ template "jenkins.fullname" . }}
|
|
||||||
labels:
|
|
||||||
heritage: {{ .Release.Service | quote }}
|
|
||||||
release: {{ .Release.Name | quote }}
|
|
||||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
|
||||||
component: "{{ .Release.Name }}-{{ .Values.Master.Name }}"
|
|
||||||
spec:
|
|
||||||
replicas: 1
|
|
||||||
strategy:
|
|
||||||
type: RollingUpdate
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
component: "{{ .Release.Name }}-{{ .Values.Master.Component }}"
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: {{ template "jenkins.fullname" . }}
|
|
||||||
heritage: {{ .Release.Service | quote }}
|
|
||||||
release: {{ .Release.Name | quote }}
|
|
||||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
|
||||||
component: "{{ .Release.Name }}-{{ .Values.Master.Component }}"
|
|
||||||
annotations:
|
|
||||||
checksum/config: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }}
|
|
||||||
spec:
|
|
||||||
{{- if .Values.Master.NodeSelector }}
|
|
||||||
nodeSelector:
|
|
||||||
{{ toYaml .Values.Master.NodeSelector | indent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.Tolerations }}
|
|
||||||
tolerations:
|
|
||||||
{{ toYaml .Values.Master.Tolerations | indent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.Affinity }}
|
|
||||||
affinity:
|
|
||||||
{{ toYaml .Values.Master.Affinity | indent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
securityContext:
|
|
||||||
runAsUser: {{ default 0 .Values.Master.RunAsUser }}
|
|
||||||
{{- if and (.Values.Master.RunAsUser) (.Values.Master.FsGroup) }}
|
|
||||||
{{- if not (eq .Values.Master.RunAsUser 0.0) }}
|
|
||||||
fsGroup: {{ .Values.Master.FsGroup }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
serviceAccountName: {{ if .Values.rbac.install }}{{ template "jenkins.fullname" . }}{{ else }}"{{ .Values.rbac.serviceAccountName }}"{{ end }}
|
|
||||||
initContainers:
|
|
||||||
- name: "copy-default-config"
|
|
||||||
image: "{{ .Values.Master.Image }}:{{ .Values.Master.ImageTag }}"
|
|
||||||
imagePullPolicy: "{{ .Values.Master.ImagePullPolicy }}"
|
|
||||||
command: [ "sh", "/var/jenkins_config/apply_config.sh" ]
|
|
||||||
{{- if .Values.Master.InitContainerEnv }}
|
|
||||||
env:
|
|
||||||
{{ toYaml .Values.Master.InitContainerEnv | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
volumeMounts:
|
|
||||||
-
|
|
||||||
mountPath: /var/jenkins_home
|
|
||||||
name: jenkins-home
|
|
||||||
-
|
|
||||||
mountPath: /var/jenkins_config
|
|
||||||
name: jenkins-config
|
|
||||||
{{- if .Values.Master.CredentialsXmlSecret }}
|
|
||||||
-
|
|
||||||
mountPath: /var/jenkins_credentials
|
|
||||||
name: jenkins-credentials
|
|
||||||
readOnly: true
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.SecretsFilesSecret }}
|
|
||||||
-
|
|
||||||
mountPath: /var/jenkins_secrets
|
|
||||||
name: jenkins-secrets
|
|
||||||
readOnly: true
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.Jobs }}
|
|
||||||
-
|
|
||||||
mountPath: /var/jenkins_jobs
|
|
||||||
name: jenkins-jobs
|
|
||||||
readOnly: true
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.InstallPlugins }}
|
|
||||||
-
|
|
||||||
mountPath: /var/jenkins_plugins
|
|
||||||
name: plugin-dir
|
|
||||||
{{- end }}
|
|
||||||
-
|
|
||||||
mountPath: /usr/share/jenkins/ref/secrets/
|
|
||||||
name: secrets-dir
|
|
||||||
containers:
|
|
||||||
- name: {{ template "jenkins.fullname" . }}
|
|
||||||
image: "{{ .Values.Master.Image }}:{{ .Values.Master.ImageTag }}"
|
|
||||||
imagePullPolicy: "{{ .Values.Master.ImagePullPolicy }}"
|
|
||||||
{{- if .Values.Master.UseSecurity }}
|
|
||||||
args: [ "--argumentsRealm.passwd.$(ADMIN_USER)=$(ADMIN_PASSWORD)", "--argumentsRealm.roles.$(ADMIN_USER)=admin"]
|
|
||||||
{{- end }}
|
|
||||||
env:
|
|
||||||
- name: JAVA_OPTS
|
|
||||||
value: "{{ default "" .Values.Master.JavaOpts}}"
|
|
||||||
- name: JENKINS_OPTS
|
|
||||||
value: "{{ if .Values.Master.JenkinsUriPrefix }}--prefix={{ .Values.Master.JenkinsUriPrefix }} {{ end }}{{ default "" .Values.Master.JenkinsOpts}}"
|
|
||||||
{{- if .Values.Master.UseSecurity }}
|
|
||||||
- name: ADMIN_PASSWORD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: {{ template "jenkins.fullname" . }}
|
|
||||||
key: jenkins-admin-password
|
|
||||||
- name: ADMIN_USER
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: {{ template "jenkins.fullname" . }}
|
|
||||||
key: jenkins-admin-user
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.ContainerEnv }}
|
|
||||||
{{ toYaml .Values.Master.ContainerEnv | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
ports:
|
|
||||||
- containerPort: {{ .Values.Master.ContainerPort }}
|
|
||||||
name: http
|
|
||||||
- containerPort: {{ .Values.Master.SlaveListenerPort }}
|
|
||||||
name: slavelistener
|
|
||||||
{{- if .Values.Master.JMXPort }}
|
|
||||||
- containerPort: {{ .Values.Master.JMXPort }}
|
|
||||||
name: jmx
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.HealthProbes }}
|
|
||||||
livenessProbe:
|
|
||||||
httpGet:
|
|
||||||
path: /login
|
|
||||||
port: http
|
|
||||||
initialDelaySeconds: {{ .Values.Master.HealthProbesLivenessTimeout }}
|
|
||||||
timeoutSeconds: 5
|
|
||||||
failureThreshold: {{ .Values.Master.HealthProbeLivenessFailureThreshold }}
|
|
||||||
readinessProbe:
|
|
||||||
httpGet:
|
|
||||||
path: /login
|
|
||||||
port: http
|
|
||||||
initialDelaySeconds: {{ .Values.Master.HealthProbesReadinessTimeout }}
|
|
||||||
{{- end }}
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
cpu: "{{ .Values.Master.Cpu }}"
|
|
||||||
memory: "{{ .Values.Master.Memory }}"
|
|
||||||
volumeMounts:
|
|
||||||
{{- if .Values.Persistence.mounts }}
|
|
||||||
{{ toYaml .Values.Persistence.mounts | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
-
|
|
||||||
mountPath: /var/jenkins_home
|
|
||||||
name: jenkins-home
|
|
||||||
readOnly: false
|
|
||||||
-
|
|
||||||
mountPath: /var/jenkins_config
|
|
||||||
name: jenkins-config
|
|
||||||
readOnly: true
|
|
||||||
{{- if .Values.Master.CredentialsXmlSecret }}
|
|
||||||
-
|
|
||||||
mountPath: /var/jenkins_credentials
|
|
||||||
name: jenkins-credentials
|
|
||||||
readOnly: true
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.SecretsFilesSecret }}
|
|
||||||
-
|
|
||||||
mountPath: /var/jenkins_secrets
|
|
||||||
name: jenkins-secrets
|
|
||||||
readOnly: true
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.Jobs }}
|
|
||||||
-
|
|
||||||
mountPath: /var/jenkins_jobs
|
|
||||||
name: jenkins-jobs
|
|
||||||
readOnly: true
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.InstallPlugins }}
|
|
||||||
-
|
|
||||||
mountPath: /usr/share/jenkins/ref/plugins/
|
|
||||||
name: plugin-dir
|
|
||||||
readOnly: false
|
|
||||||
{{- end }}
|
|
||||||
-
|
|
||||||
mountPath: /usr/share/jenkins/ref/secrets/
|
|
||||||
name: secrets-dir
|
|
||||||
readOnly: false
|
|
||||||
volumes:
|
|
||||||
{{- if .Values.Persistence.volumes }}
|
|
||||||
{{ toYaml .Values.Persistence.volumes | indent 6 }}
|
|
||||||
{{- end }}
|
|
||||||
- name: jenkins-config
|
|
||||||
configMap:
|
|
||||||
name: {{ template "jenkins.fullname" . }}
|
|
||||||
{{- if .Values.Master.CredentialsXmlSecret }}
|
|
||||||
- name: jenkins-credentials
|
|
||||||
secret:
|
|
||||||
secretName: {{ .Values.Master.CredentialsXmlSecret }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.SecretsFilesSecret }}
|
|
||||||
- name: jenkins-secrets
|
|
||||||
secret:
|
|
||||||
secretName: {{ .Values.Master.SecretsFilesSecret }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.Jobs }}
|
|
||||||
- name: jenkins-jobs
|
|
||||||
configMap:
|
|
||||||
name: {{ template "jenkins.fullname" . }}-jobs
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.InstallPlugins }}
|
|
||||||
- name: plugin-dir
|
|
||||||
emptyDir: {}
|
|
||||||
{{- end }}
|
|
||||||
- name: secrets-dir
|
|
||||||
emptyDir: {}
|
|
||||||
- name: jenkins-home
|
|
||||||
{{- if .Values.Persistence.Enabled }}
|
|
||||||
persistentVolumeClaim:
|
|
||||||
claimName: {{ .Values.Persistence.ExistingClaim | default (include "jenkins.fullname" .) }}
|
|
||||||
{{- else }}
|
|
||||||
emptyDir: {}
|
|
||||||
{{- end -}}
|
|
||||||
{{- if .Values.Master.ImagePullSecret }}
|
|
||||||
imagePullSecrets:
|
|
||||||
- name: {{ .Values.Master.ImagePullSecret }}
|
|
||||||
{{- end -}}
|
|
@ -1,22 +0,0 @@
|
|||||||
{{- if .Values.Master.HostName }}
|
|
||||||
apiVersion: {{ .Values.Master.Ingress.ApiVersion }}
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
{{- if .Values.Master.Ingress.Annotations }}
|
|
||||||
annotations:
|
|
||||||
{{ toYaml .Values.Master.Ingress.Annotations | indent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
name: {{ template "jenkins.fullname" . }}
|
|
||||||
spec:
|
|
||||||
rules:
|
|
||||||
- host: {{ .Values.Master.HostName | quote }}
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- backend:
|
|
||||||
serviceName: {{ template "jenkins.fullname" . }}
|
|
||||||
servicePort: {{ .Values.Master.ServicePort }}
|
|
||||||
{{- if .Values.Master.Ingress.TLS }}
|
|
||||||
tls:
|
|
||||||
{{ toYaml .Values.Master.Ingress.TLS | indent 4 }}
|
|
||||||
{{- end -}}
|
|
||||||
{{- end }}
|
|
@ -1,33 +0,0 @@
|
|||||||
{{- if .Values.NetworkPolicy.Enabled }}
|
|
||||||
kind: NetworkPolicy
|
|
||||||
apiVersion: {{ .Values.NetworkPolicy.ApiVersion }}
|
|
||||||
metadata:
|
|
||||||
name: "{{ .Release.Name }}-{{ .Values.Master.Component }}"
|
|
||||||
spec:
|
|
||||||
podSelector:
|
|
||||||
matchLabels:
|
|
||||||
component: "{{ .Release.Name }}-{{ .Values.Master.Component }}"
|
|
||||||
ingress:
|
|
||||||
# Allow web access to the UI
|
|
||||||
- ports:
|
|
||||||
- port: {{ .Values.Master.ContainerPort }}
|
|
||||||
# Allow inbound connections from slave
|
|
||||||
- from:
|
|
||||||
- podSelector:
|
|
||||||
matchLabels:
|
|
||||||
"jenkins/{{ .Release.Name }}-{{ .Values.Agent.Component }}": "true"
|
|
||||||
ports:
|
|
||||||
- port: {{ .Values.Master.SlaveListenerPort }}
|
|
||||||
{{- if .Values.Agent.Enabled }}
|
|
||||||
---
|
|
||||||
kind: NetworkPolicy
|
|
||||||
apiVersion: {{ .Values.NetworkPolicy.ApiVersion }}
|
|
||||||
metadata:
|
|
||||||
name: "{{ .Release.Name }}-{{ .Values.Agent.Component }}"
|
|
||||||
spec:
|
|
||||||
podSelector:
|
|
||||||
matchLabels:
|
|
||||||
# DefaultDeny
|
|
||||||
"jenkins/{{ .Release.Name }}-{{ .Values.Agent.Component }}": "true"
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
@ -1,31 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: {{template "jenkins.fullname" . }}
|
|
||||||
labels:
|
|
||||||
app: {{ template "jenkins.fullname" . }}
|
|
||||||
heritage: {{.Release.Service | quote }}
|
|
||||||
release: {{.Release.Name | quote }}
|
|
||||||
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
|
|
||||||
component: "{{.Release.Name}}-{{.Values.Master.Component}}"
|
|
||||||
{{- if .Values.Master.ServiceAnnotations }}
|
|
||||||
annotations:
|
|
||||||
{{ toYaml .Values.Master.ServiceAnnotations | indent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
spec:
|
|
||||||
ports:
|
|
||||||
- port: {{.Values.Master.ServicePort}}
|
|
||||||
name: http
|
|
||||||
targetPort: {{.Values.Master.ContainerPort}}
|
|
||||||
{{if (and (eq .Values.Master.ServiceType "NodePort") (not (empty .Values.Master.NodePort)))}}
|
|
||||||
nodePort: {{.Values.Master.NodePort}}
|
|
||||||
{{end}}
|
|
||||||
selector:
|
|
||||||
component: "{{.Release.Name}}-{{.Values.Master.Component}}"
|
|
||||||
type: {{.Values.Master.ServiceType}}
|
|
||||||
{{if eq .Values.Master.ServiceType "LoadBalancer"}}
|
|
||||||
loadBalancerSourceRanges: {{.Values.Master.LoadBalancerSourceRanges}}
|
|
||||||
{{if .Values.Master.LoadBalancerIP}}
|
|
||||||
loadBalancerIP: {{.Values.Master.LoadBalancerIP}}
|
|
||||||
{{end}}
|
|
||||||
{{end}}
|
|
@ -1,45 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Pod
|
|
||||||
metadata:
|
|
||||||
name: "{{ .Release.Name }}-ui-test-{{ randAlphaNum 5 | lower }}"
|
|
||||||
annotations:
|
|
||||||
"helm.sh/hook": test-success
|
|
||||||
spec:
|
|
||||||
{{- if .Values.Master.NodeSelector }}
|
|
||||||
nodeSelector:
|
|
||||||
{{ toYaml .Values.Master.NodeSelector | indent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.Master.Tolerations }}
|
|
||||||
tolerations:
|
|
||||||
{{ toYaml .Values.Master.Tolerations | indent 4 }}
|
|
||||||
{{- end }}
|
|
||||||
initContainers:
|
|
||||||
- name: "test-framework"
|
|
||||||
image: "dduportal/bats:0.4.0"
|
|
||||||
command:
|
|
||||||
- "bash"
|
|
||||||
- "-c"
|
|
||||||
- |
|
|
||||||
set -ex
|
|
||||||
# copy bats to tools dir
|
|
||||||
cp -R /usr/local/libexec/ /tools/bats/
|
|
||||||
volumeMounts:
|
|
||||||
- mountPath: /tools
|
|
||||||
name: tools
|
|
||||||
containers:
|
|
||||||
- name: {{ .Release.Name }}-ui-test
|
|
||||||
image: {{ .Values.Master.Image }}:{{ .Values.Master.ImageTag }}
|
|
||||||
command: ["/tools/bats/bats", "-t", "/tests/run.sh"]
|
|
||||||
volumeMounts:
|
|
||||||
- mountPath: /tests
|
|
||||||
name: tests
|
|
||||||
readOnly: true
|
|
||||||
- mountPath: /tools
|
|
||||||
name: tools
|
|
||||||
volumes:
|
|
||||||
- name: tests
|
|
||||||
configMap:
|
|
||||||
name: {{ template "jenkins.fullname" . }}-tests
|
|
||||||
- name: tools
|
|
||||||
emptyDir: {}
|
|
||||||
restartPolicy: Never
|
|
@ -1,8 +0,0 @@
|
|||||||
{{- if .Values.Master.Jobs }}
|
|
||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: {{ template "jenkins.fullname" . }}-jobs
|
|
||||||
data:
|
|
||||||
{{ .Values.Master.Jobs | indent 2 }}
|
|
||||||
{{- end -}}
|
|
@ -1,20 +0,0 @@
|
|||||||
{{ if .Values.rbac.install }}
|
|
||||||
{{- $serviceName := include "jenkins.fullname" . -}}
|
|
||||||
apiVersion: rbac.authorization.k8s.io/{{ required "A valid .Values.rbac.apiVersion entry required!" .Values.rbac.apiVersion }}
|
|
||||||
kind: ClusterRoleBinding
|
|
||||||
metadata:
|
|
||||||
name: {{ $serviceName }}-role-binding
|
|
||||||
labels:
|
|
||||||
app: {{ $serviceName }}
|
|
||||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
|
||||||
release: "{{ .Release.Name }}"
|
|
||||||
heritage: "{{ .Release.Service }}"
|
|
||||||
roleRef:
|
|
||||||
apiGroup: rbac.authorization.k8s.io
|
|
||||||
kind: ClusterRole
|
|
||||||
name: {{ .Values.rbac.roleRef }}
|
|
||||||
subjects:
|
|
||||||
- kind: ServiceAccount
|
|
||||||
name: {{ $serviceName }}
|
|
||||||
namespace: {{ .Release.Namespace }}
|
|
||||||
{{ end }}
|
|
@ -1,19 +0,0 @@
|
|||||||
{{- if .Values.Master.UseSecurity }}
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: {{ template "jenkins.fullname" . }}
|
|
||||||
labels:
|
|
||||||
app: {{ template "jenkins.fullname" . }}
|
|
||||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
|
||||||
release: "{{ .Release.Name }}"
|
|
||||||
heritage: "{{ .Release.Service }}"
|
|
||||||
type: Opaque
|
|
||||||
data:
|
|
||||||
{{ if .Values.Master.AdminPassword }}
|
|
||||||
jenkins-admin-password: {{ .Values.Master.AdminPassword | b64enc | quote }}
|
|
||||||
{{ else }}
|
|
||||||
jenkins-admin-password: {{ randAlphaNum 10 | b64enc | quote }}
|
|
||||||
{{ end }}
|
|
||||||
jenkins-admin-user: {{ .Values.Master.AdminUser | b64enc | quote }}
|
|
||||||
{{- end }}
|
|
@ -1,12 +0,0 @@
|
|||||||
{{ if .Values.rbac.install }}
|
|
||||||
{{- $serviceName := include "jenkins.fullname" . -}}
|
|
||||||
apiVersion: v1
|
|
||||||
kind: ServiceAccount
|
|
||||||
metadata:
|
|
||||||
name: {{ $serviceName }}
|
|
||||||
labels:
|
|
||||||
app: {{ $serviceName }}
|
|
||||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
|
||||||
release: "{{ .Release.Name }}"
|
|
||||||
heritage: "{{ .Release.Service }}"
|
|
||||||
{{ end }}
|
|
@ -1,9 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: {{ template "jenkins.fullname" . }}-tests
|
|
||||||
data:
|
|
||||||
run.sh: |-
|
|
||||||
@test "Testing Jenkins UI is accessible" {
|
|
||||||
curl --retry 48 --retry-delay 10 {{ template "jenkins.fullname" . }}:{{ .Values.Master.ServicePort }}{{ default "" .Values.Master.JenkinsUriPrefix }}/login
|
|
||||||
}
|
|
@ -1,240 +0,0 @@
|
|||||||
# Default values for jenkins.
|
|
||||||
# This is a YAML-formatted file.
|
|
||||||
# Declare name/value pairs to be passed into your templates.
|
|
||||||
# name: value
|
|
||||||
|
|
||||||
## Overrides for generated resource names
|
|
||||||
# See templates/_helpers.tpl
|
|
||||||
# nameOverride:
|
|
||||||
# fullnameOverride:
|
|
||||||
|
|
||||||
Master:
|
|
||||||
Name: jenkins-master
|
|
||||||
Image: "jenkins/jenkins"
|
|
||||||
ImageTag: "lts"
|
|
||||||
ImagePullPolicy: "Always"
|
|
||||||
# ImagePullSecret: jenkins
|
|
||||||
Component: "jenkins-master"
|
|
||||||
UseSecurity: true
|
|
||||||
AdminUser: admin
|
|
||||||
# AdminPassword: <defaults to random>
|
|
||||||
Cpu: "200m"
|
|
||||||
Memory: "256Mi"
|
|
||||||
# Environment variables that get added to the init container (useful for e.g. http_proxy)
|
|
||||||
# InitContainerEnv:
|
|
||||||
# - name: http_proxy
|
|
||||||
# value: "http://192.168.64.1:3128"
|
|
||||||
# ContainerEnv:
|
|
||||||
# - name: http_proxy
|
|
||||||
# value: "http://192.168.64.1:3128"
|
|
||||||
# Set min/max heap here if needed with:
|
|
||||||
# JavaOpts: "-Xms512m -Xmx512m"
|
|
||||||
# JenkinsOpts: ""
|
|
||||||
# JenkinsUriPrefix: "/jenkins"
|
|
||||||
# Set RunAsUser to 1000 to let Jenkins run as non-root user 'jenkins' which exists in 'jenkins/jenkins' docker image.
|
|
||||||
# When setting RunAsUser to a different value than 0 also set FsGroup to the same value:
|
|
||||||
# RunAsUser: <defaults to 0>
|
|
||||||
# FsGroup: <will be omitted in deployment if RunAsUser is 0>
|
|
||||||
ServicePort: 8080
|
|
||||||
# For minikube, set this to NodePort, elsewhere use LoadBalancer
|
|
||||||
# Use ClusterIP if your setup includes ingress controller
|
|
||||||
ServiceType: ClusterIP
|
|
||||||
# Master Service annotations
|
|
||||||
ServiceAnnotations: {}
|
|
||||||
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: https
|
|
||||||
# Used to create Ingress record (should used with ServiceType: ClusterIP)
|
|
||||||
# HostName: jenkins.cluster.local
|
|
||||||
HostName: jenkins.molgenis.org
|
|
||||||
# NodePort: <to set explicitly, choose port between 30000-32767
|
|
||||||
ContainerPort: 8080
|
|
||||||
# Enable Kubernetes Liveness and Readiness Probes
|
|
||||||
# ~ 2 minutes to allow Jenkins to restart when upgrading plugins. Set ReadinessTimeout to be shorter than LivenessTimeout.
|
|
||||||
HealthProbes: true
|
|
||||||
HealthProbesLivenessTimeout: 90
|
|
||||||
HealthProbesReadinessTimeout: 60
|
|
||||||
HealthProbeLivenessFailureThreshold: 12
|
|
||||||
SlaveListenerPort: 50000
|
|
||||||
DisabledAgentProtocols:
|
|
||||||
- JNLP-connect
|
|
||||||
- JNLP2-connect
|
|
||||||
CSRF:
|
|
||||||
DefaultCrumbIssuer:
|
|
||||||
Enabled: true
|
|
||||||
ProxyCompatability: true
|
|
||||||
CLI: false
|
|
||||||
# Kubernetes service type for the JNLP slave service
|
|
||||||
# SETTING THIS TO "LoadBalancer" IS A HUGE SECURITY RISK: https://github.com/kubernetes/charts/issues/1341
|
|
||||||
SlaveListenerServiceType: ClusterIP
|
|
||||||
SlaveListenerServiceAnnotations: {}
|
|
||||||
LoadBalancerSourceRanges:
|
|
||||||
- 0.0.0.0/0
|
|
||||||
# Optionally assign a known public LB IP
|
|
||||||
# LoadBalancerIP: 1.2.3.4
|
|
||||||
# Optionally configure a JMX port
|
|
||||||
# requires additional JavaOpts, ie
|
|
||||||
# JavaOpts: >
|
|
||||||
# -Dcom.sun.management.jmxremote.port=4000
|
|
||||||
# -Dcom.sun.management.jmxremote.authenticate=false
|
|
||||||
# -Dcom.sun.management.jmxremote.ssl=false
|
|
||||||
# JMXPort: 4000
|
|
||||||
# List of plugins to be install during Jenkins master start
|
|
||||||
InstallPlugins:
|
|
||||||
- kubernetes:1.8.4
|
|
||||||
- workflow-aggregator:2.5
|
|
||||||
- workflow-job:2.21
|
|
||||||
- credentials-binding:1.16
|
|
||||||
- git:3.9.1
|
|
||||||
# Used to approve a list of groovy functions in pipelines used the script-security plugin. Can be viewed under /scriptApproval
|
|
||||||
# ScriptApproval:
|
|
||||||
# - "method groovy.json.JsonSlurperClassic parseText java.lang.String"
|
|
||||||
# - "new groovy.json.JsonSlurperClassic"
|
|
||||||
# List of groovy init scripts to be executed during Jenkins master start
|
|
||||||
InitScripts:
|
|
||||||
# - |
|
|
||||||
# print 'adding global pipeline libraries, register properties, bootstrap jobs...'
|
|
||||||
# Kubernetes secret that contains a 'credentials.xml' for Jenkins
|
|
||||||
# CredentialsXmlSecret: jenkins-credentials
|
|
||||||
# Kubernetes secret that contains files to be put in the Jenkins 'secrets' directory,
|
|
||||||
# useful to manage encryption keys used for credentials.xml for instance (such as
|
|
||||||
# master.key and hudson.util.Secret)
|
|
||||||
# SecretsFilesSecret: jenkins-secrets
|
|
||||||
# Jenkins XML job configs to provision
|
|
||||||
# Jobs: |-
|
|
||||||
# test: |-
|
|
||||||
# <<xml here>>
|
|
||||||
Jobs: |-
|
|
||||||
molgenis: |-
|
|
||||||
<?xml version='1.1' encoding='UTF-8'?>
|
|
||||||
<org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject plugin="workflow-multibranch@2.19">
|
|
||||||
<actions/>
|
|
||||||
<description></description>
|
|
||||||
<properties>
|
|
||||||
<org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig plugin="pipeline-model-definition@1.3">
|
|
||||||
<dockerLabel></dockerLabel>
|
|
||||||
<registry plugin="docker-commons@1.13"/>
|
|
||||||
</org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig>
|
|
||||||
</properties>
|
|
||||||
<folderViews class="jenkins.branch.MultiBranchProjectViewHolder" plugin="branch-api@2.0.20">
|
|
||||||
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
|
||||||
</folderViews>
|
|
||||||
<healthMetrics>
|
|
||||||
<com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric plugin="cloudbees-folder@6.5.1">
|
|
||||||
<nonRecursive>false</nonRecursive>
|
|
||||||
</com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric>
|
|
||||||
</healthMetrics>
|
|
||||||
<icon class="jenkins.branch.MetadataActionFolderIcon" plugin="branch-api@2.0.20">
|
|
||||||
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
|
||||||
</icon>
|
|
||||||
<orphanedItemStrategy class="com.cloudbees.hudson.plugins.folder.computed.DefaultOrphanedItemStrategy" plugin="cloudbees-folder@6.5.1">
|
|
||||||
<pruneDeadBranches>true</pruneDeadBranches>
|
|
||||||
<daysToKeep>-1</daysToKeep>
|
|
||||||
<numToKeep>-1</numToKeep>
|
|
||||||
</orphanedItemStrategy>
|
|
||||||
<triggers/>
|
|
||||||
<disabled>false</disabled>
|
|
||||||
<sources class="jenkins.branch.MultiBranchProject$BranchSourceList" plugin="branch-api@2.0.20">
|
|
||||||
<data>
|
|
||||||
<jenkins.branch.BranchSource>
|
|
||||||
<source class="jenkins.plugins.git.GitSCMSource" plugin="git@3.9.1">
|
|
||||||
<id>a1f535cd-ab83-4d42-8993-0c3e59cf139f</id>
|
|
||||||
<remote>http://github.com/molgenis/molgenis.git</remote>
|
|
||||||
<credentialsId></credentialsId>
|
|
||||||
<traits>
|
|
||||||
<jenkins.plugins.git.traits.BranchDiscoveryTrait/>
|
|
||||||
</traits>
|
|
||||||
</source>
|
|
||||||
<strategy class="jenkins.branch.DefaultBranchPropertyStrategy">
|
|
||||||
<properties class="empty-list"/>
|
|
||||||
</strategy>
|
|
||||||
</jenkins.branch.BranchSource>
|
|
||||||
</data>
|
|
||||||
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
|
||||||
</sources>
|
|
||||||
<factory class="org.jenkinsci.plugins.workflow.multibranch.WorkflowBranchProjectFactory">
|
|
||||||
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
|
||||||
<scriptPath>Jenkinsfile</scriptPath>
|
|
||||||
</factory>
|
|
||||||
</org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject>
|
|
||||||
CustomConfigMap: false
|
|
||||||
# Node labels and tolerations for pod assignment
|
|
||||||
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
|
|
||||||
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
|
|
||||||
NodeSelector: {}
|
|
||||||
Tolerations: {}
|
|
||||||
|
|
||||||
Ingress:
|
|
||||||
ApiVersion: extensions/v1beta1
|
|
||||||
Annotations:
|
|
||||||
# kubernetes.io/ingress.class: nginx
|
|
||||||
# kubernetes.io/tls-acme: "true"
|
|
||||||
|
|
||||||
TLS:
|
|
||||||
# - secretName: jenkins.cluster.local
|
|
||||||
# hosts:
|
|
||||||
# - jenkins.cluster.local
|
|
||||||
|
|
||||||
Agent:
|
|
||||||
Enabled: true
|
|
||||||
Image: jenkins/jnlp-slave
|
|
||||||
ImageTag: 3.10-1
|
|
||||||
# ImagePullSecret: jenkins
|
|
||||||
Component: "jenkins-slave"
|
|
||||||
Privileged: false
|
|
||||||
Cpu: "200m"
|
|
||||||
Memory: "256Mi"
|
|
||||||
# You may want to change this to true while testing a new image
|
|
||||||
AlwaysPullImage: false
|
|
||||||
# You can define the volumes that you want to mount for this container
|
|
||||||
# Allowed types are: ConfigMap, EmptyDir, HostPath, Nfs, Pod, Secret
|
|
||||||
# Configure the attributes as they appear in the corresponding Java class for that type
|
|
||||||
# https://github.com/jenkinsci/kubernetes-plugin/tree/master/src/main/java/org/csanchez/jenkins/plugins/kubernetes/volumes
|
|
||||||
volumes:
|
|
||||||
# - type: Secret
|
|
||||||
# secretName: mysecret
|
|
||||||
# mountPath: /var/myapp/mysecret
|
|
||||||
NodeSelector: {}
|
|
||||||
# Key Value selectors. Ex:
|
|
||||||
# jenkins-agent: v1
|
|
||||||
|
|
||||||
Persistence:
|
|
||||||
Enabled: false
|
|
||||||
## A manually managed Persistent Volume and Claim
|
|
||||||
## Requires Persistence.Enabled: true
|
|
||||||
## If defined, PVC must be created manually before volume will be bound
|
|
||||||
# ExistingClaim:
|
|
||||||
|
|
||||||
## jenkins data Persistent Volume Storage Class
|
|
||||||
## If defined, storageClassName: <storageClass>
|
|
||||||
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
|
||||||
## If undefined (the default) or set to null, no storageClassName spec is
|
|
||||||
## set, choosing the default provisioner. (gp2 on AWS, standard on
|
|
||||||
## GKE, AWS & OpenStack)
|
|
||||||
##
|
|
||||||
# StorageClass: "-"
|
|
||||||
|
|
||||||
Annotations: {}
|
|
||||||
AccessMode: ReadWriteOnce
|
|
||||||
Size: 8Gi
|
|
||||||
volumes:
|
|
||||||
# - name: nothing
|
|
||||||
# emptyDir: {}
|
|
||||||
mounts:
|
|
||||||
# - mountPath: /var/nothing
|
|
||||||
# name: nothing
|
|
||||||
# readOnly: true
|
|
||||||
|
|
||||||
NetworkPolicy:
|
|
||||||
# Enable creation of NetworkPolicy resources.
|
|
||||||
Enabled: false
|
|
||||||
# For Kubernetes v1.4, v1.5 and v1.6, use 'extensions/v1beta1'
|
|
||||||
# For Kubernetes v1.7, use 'networking.k8s.io/v1'
|
|
||||||
ApiVersion: extensions/v1beta1
|
|
||||||
|
|
||||||
## Install Default RBAC roles and bindings
|
|
||||||
rbac:
|
|
||||||
install: false
|
|
||||||
serviceAccountName: default
|
|
||||||
# RBAC api version (currently either v1beta1 or v1alpha1)
|
|
||||||
apiVersion: v1beta1
|
|
||||||
# Cluster role reference
|
|
||||||
roleRef: cluster-admin
|
|
@ -1,10 +1,8 @@
|
|||||||
name: jenkins
|
name: molgenis-jenkins
|
||||||
home: https://jenkins.io/
|
home: https://jenkins.io/
|
||||||
version: 0.2.0
|
version: 0.2.1
|
||||||
appVersion: 2.107
|
appVersion: 2.107
|
||||||
description: Open source continuous integration server. It supports multiple SCM tools
|
description: Molgenis installation for the jenkins chart.
|
||||||
including CVS, Subversion and Git. It can execute Apache Ant and Apache Maven-based
|
|
||||||
projects as well as arbitrary scripts.
|
|
||||||
sources:
|
sources:
|
||||||
- https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git
|
- https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git
|
||||||
icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/jenkins/catalogIcon-molgenis-jenkins.svg
|
icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/jenkins/catalogIcon-molgenis-jenkins.svg
|
@ -1,4 +1,4 @@
|
|||||||
# Jenkins Helm Chart
|
# Molgenis Jenkins Helm Chart
|
||||||
|
|
||||||
Jenkins master and slave cluster utilizing the Jenkins Kubernetes plugin
|
Jenkins master and slave cluster utilizing the Jenkins Kubernetes plugin
|
||||||
|
|
||||||
@ -23,8 +23,9 @@ The following tables list the configurable parameters of the Jenkins chart and t
|
|||||||
You can paste these values into the Rancher Answers if you like.
|
You can paste these values into the Rancher Answers if you like.
|
||||||
Array values can be added as {value, value, value}, e.g.
|
Array values can be added as {value, value, value}, e.g.
|
||||||
```
|
```
|
||||||
Master.InstallPlugins={kubernetes:1.8.4, workflow-aggregator:2.5, workflow-job:2.21, credentials-binding:1.16, git:3.9.1}
|
jenkins.Master.InstallPlugins={kubernetes:1.8.4, workflow-aggregator:2.5, workflow-job:2.21, credentials-binding:1.16, git:3.9.1}
|
||||||
```
|
```
|
||||||
|
> Because we use jenkins as a sub-chart, you should prefix all values with `jenkins`!
|
||||||
|
|
||||||
### Jenkins Master
|
### Jenkins Master
|
||||||
| Parameter | Description | Default |
|
| Parameter | Description | Default |
|
BIN
molgenis-jenkins/charts/jenkins-0.16.4.tgz
Normal file
BIN
molgenis-jenkins/charts/jenkins-0.16.4.tgz
Normal file
Binary file not shown.
6
molgenis-jenkins/requirements.lock
Normal file
6
molgenis-jenkins/requirements.lock
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
dependencies:
|
||||||
|
- name: jenkins
|
||||||
|
repository: https://kubernetes-charts.storage.googleapis.com/
|
||||||
|
version: 0.16.4
|
||||||
|
digest: sha256:39f694515489598fa545c9a5a4f1347749e8f2a8d7fae6ccae3e2acae1564685
|
||||||
|
generated: 2018-06-27T14:36:23.172954738+02:00
|
4
molgenis-jenkins/requirements.yaml
Normal file
4
molgenis-jenkins/requirements.yaml
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
dependencies:
|
||||||
|
- name: jenkins
|
||||||
|
version: ^0.16
|
||||||
|
repository: https://kubernetes-charts.storage.googleapis.com/
|
0
molgenis-jenkins/templates/config.tpl
Normal file
0
molgenis-jenkins/templates/config.tpl
Normal file
72
molgenis-jenkins/values.yaml
Normal file
72
molgenis-jenkins/values.yaml
Normal file
@ -0,0 +1,72 @@
|
|||||||
|
jenkins:
|
||||||
|
Master:
|
||||||
|
HostName: jenkins.molgenis.org
|
||||||
|
ServiceType: ClusterIP
|
||||||
|
InstallPlugins:
|
||||||
|
- kubernetes:1.8.4
|
||||||
|
- workflow-aggregator:2.5
|
||||||
|
- workflow-job:2.21
|
||||||
|
- credentials-binding:1.16
|
||||||
|
- git:3.9.1
|
||||||
|
Jobs: |-
|
||||||
|
molgenis: |-
|
||||||
|
<?xml version='1.1' encoding='UTF-8'?>
|
||||||
|
<org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject plugin="workflow-multibranch@2.19">
|
||||||
|
<actions/>
|
||||||
|
<description></description>
|
||||||
|
<properties>
|
||||||
|
<org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig plugin="pipeline-model-definition@1.3">
|
||||||
|
<dockerLabel></dockerLabel>
|
||||||
|
<registry plugin="docker-commons@1.13"/>
|
||||||
|
</org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig>
|
||||||
|
</properties>
|
||||||
|
<folderViews class="jenkins.branch.MultiBranchProjectViewHolder" plugin="branch-api@2.0.20">
|
||||||
|
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
||||||
|
</folderViews>
|
||||||
|
<healthMetrics>
|
||||||
|
<com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric plugin="cloudbees-folder@6.5.1">
|
||||||
|
<nonRecursive>false</nonRecursive>
|
||||||
|
</com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric>
|
||||||
|
</healthMetrics>
|
||||||
|
<icon class="jenkins.branch.MetadataActionFolderIcon" plugin="branch-api@2.0.20">
|
||||||
|
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
||||||
|
</icon>
|
||||||
|
<orphanedItemStrategy class="com.cloudbees.hudson.plugins.folder.computed.DefaultOrphanedItemStrategy" plugin="cloudbees-folder@6.5.1">
|
||||||
|
<pruneDeadBranches>true</pruneDeadBranches>
|
||||||
|
<daysToKeep>-1</daysToKeep>
|
||||||
|
<numToKeep>-1</numToKeep>
|
||||||
|
</orphanedItemStrategy>
|
||||||
|
<triggers/>
|
||||||
|
<disabled>false</disabled>
|
||||||
|
<sources class="jenkins.branch.MultiBranchProject$BranchSourceList" plugin="branch-api@2.0.20">
|
||||||
|
<data>
|
||||||
|
<jenkins.branch.BranchSource>
|
||||||
|
<source class="jenkins.plugins.git.GitSCMSource" plugin="git@3.9.1">
|
||||||
|
<id>a1f535cd-ab83-4d42-8993-0c3e59cf139f</id>
|
||||||
|
<remote>http://github.com/molgenis/molgenis.git</remote>
|
||||||
|
<credentialsId></credentialsId>
|
||||||
|
<traits>
|
||||||
|
<jenkins.plugins.git.traits.BranchDiscoveryTrait/>
|
||||||
|
</traits>
|
||||||
|
</source>
|
||||||
|
<strategy class="jenkins.branch.DefaultBranchPropertyStrategy">
|
||||||
|
<properties class="empty-list"/>
|
||||||
|
</strategy>
|
||||||
|
</jenkins.branch.BranchSource>
|
||||||
|
</data>
|
||||||
|
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
||||||
|
</sources>
|
||||||
|
<factory class="org.jenkinsci.plugins.workflow.multibranch.WorkflowBranchProjectFactory">
|
||||||
|
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
||||||
|
<scriptPath>Jenkinsfile</scriptPath>
|
||||||
|
</factory>
|
||||||
|
</org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject>
|
||||||
|
# Kubernetes secret that contains a 'credentials.xml' for Jenkins
|
||||||
|
# CredentialsXmlSecret: jenkins-credentials
|
||||||
|
# Kubernetes secret that contains files to be put in the Jenkins 'secrets' directory,
|
||||||
|
# useful to manage encryption keys used for credentials.xml for instance (such as
|
||||||
|
# master.key and hudson.util.Secret)
|
||||||
|
# SecretsFilesSecret: jenkins-secrets
|
||||||
|
CustomConfigMap: false
|
||||||
|
rbac:
|
||||||
|
install: true
|
@ -19,6 +19,10 @@ spec:
|
|||||||
app: {{ .Values.nexus.name }}
|
app: {{ .Values.nexus.name }}
|
||||||
creationTimestamp: null
|
creationTimestamp: null
|
||||||
spec:
|
spec:
|
||||||
|
volumes:
|
||||||
|
- name: molgenis-nexus-data
|
||||||
|
persistentVolumeClaim:
|
||||||
|
claimName: molgenis-nexus-data
|
||||||
restartPolicy: {{ .Values.nexus.restartPolicy }}
|
restartPolicy: {{ .Values.nexus.restartPolicy }}
|
||||||
containers:
|
containers:
|
||||||
- name: {{ .Values.nexus.name }}
|
- name: {{ .Values.nexus.name }}
|
||||||
@ -27,3 +31,7 @@ spec:
|
|||||||
ports:
|
ports:
|
||||||
- containerPort: {{ .Values.nexus.port.ui }}
|
- containerPort: {{ .Values.nexus.port.ui }}
|
||||||
- containerPort: {{ .Values.nexus.port.docker }}
|
- containerPort: {{ .Values.nexus.port.docker }}
|
||||||
|
volumeMounts:
|
||||||
|
- name: molgenis-nexus-data
|
||||||
|
mountPath: "/nexus-data"
|
||||||
|
|
||||||
|
@ -7,10 +7,10 @@ metadata:
|
|||||||
spec:
|
spec:
|
||||||
storageClassName: nfs-class
|
storageClassName: nfs-class
|
||||||
capacity:
|
capacity:
|
||||||
storage: 5Gi
|
storage: 50Gi
|
||||||
accessModes:
|
accessModes:
|
||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
persistentVolumeReclaimPolicy: Retain
|
persistentVolumeReclaimPolicy: Retain
|
||||||
nfs:
|
nfs:
|
||||||
server: 192.168.64.10
|
server: 192.168.64.12
|
||||||
path: /home/gcc/molgenis-nexus-data
|
path: /gcc/molgenis/nexus-data
|
||||||
|
@ -8,4 +8,4 @@ spec:
|
|||||||
- ReadWriteMany
|
- ReadWriteMany
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
storage: 5Gi
|
storage: 50Gi
|
Loading…
Reference in New Issue
Block a user