Compare commits
9 Commits
91fbfed2a6
...
c47de0a6cb
Author | SHA1 | Date | |
---|---|---|---|
|
c47de0a6cb | ||
|
d909c1bc07 | ||
|
b600c06489 | ||
|
e1e3b0ccc8 | ||
|
fba81f3ea7 | ||
|
b4b9004ac6 | ||
|
f885e0239e | ||
|
c064d27191 | ||
|
00b025e4d1 |
File diff suppressed because it is too large
Load Diff
Before Width: | Height: | Size: 133 KiB |
@ -1,21 +0,0 @@
|
||||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
@ -1,6 +0,0 @@
|
||||
apiVersion: v1
|
||||
appVersion: "1.0"
|
||||
description: Jenkins stack for MOLGENIS
|
||||
name: jenkins
|
||||
version: 0.1.0
|
||||
icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/jenkins/v0.1.x/catalogIcon-molgenis-jenkins.svg
|
@ -1,32 +0,0 @@
|
||||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "jenkins.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "jenkins.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "jenkins.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
@ -1,38 +0,0 @@
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: {{ .Values.jenkins.agent.name }}
|
||||
labels:
|
||||
app: {{ .Values.jenkins.agent.name }}
|
||||
environment: {{ .Values.environment }}
|
||||
spec:
|
||||
replicas: {{ .Values.replicaCount}}
|
||||
strategy:
|
||||
type: {{ .Values.jenkins.strategy.type }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ .Values.jenkins.agent.selector }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ .Values.jenkins.agent.name }}
|
||||
creationTimestamp: null
|
||||
spec:
|
||||
restartPolicy: {{ .Values.agent.restartPolicy }}
|
||||
containers:
|
||||
- name: {{ .Values.jenkins.agent.name }}
|
||||
image: "{{ .Values.jenkins.agent.image.repository }}:{{ .Values.jenkins.agent.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.jenkins.agent.image.pullPolicy }}
|
||||
- name: JENKINS_SLAVE_SSH_PUBKEY
|
||||
value: {{ .Values.jenkins.agent.ssh.public.key }}
|
||||
ports:
|
||||
- containerPort: {{ .Values.jenkins.agent.port }}
|
||||
volumeMounts:
|
||||
- mountPath: /var/run/docker.sock
|
||||
name: jenkins-agent-worker-claim
|
||||
volumes:
|
||||
- name: jenkins-agent-worker-claim
|
||||
persistentVolumeClaim:
|
||||
claimName: jenkins-agent-worker-claim
|
||||
|
@ -1,41 +0,0 @@
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: {{ .Values.jenkins.master.name }}
|
||||
labels:
|
||||
app: {{ .Values.jenkins.master.name }}
|
||||
environment: {{ .Values.environment }}
|
||||
spec:
|
||||
replicas: {{ .Values.replicaCount}}
|
||||
strategy:
|
||||
type: {{ .Values.jenkins.strategy.type }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ .Values.jenkins.master.selector }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ .Values.jenkins.master.name }}
|
||||
creationTimestamp: null
|
||||
spec:
|
||||
restartPolicy: {{ .Values.jenkins.restartPolicy }}
|
||||
containers:
|
||||
- name: {{ .Values.jenkins.master.name }}
|
||||
image: "{{ .Values.jenkins.master.image.repository }}:{{ .Values.jenkins.master.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.jenkins.master.image.pullPolicy }}
|
||||
- env:
|
||||
- name: JENKINS_ADMIN_PASS
|
||||
- name: JENKINS_ADMIN_USER
|
||||
ports:
|
||||
- containerPort: {{ .Values.jenkins.master.port }}
|
||||
resources: {}
|
||||
volumeMounts:
|
||||
- name: jenkins-master-claim
|
||||
mountPath: /var/jenkins-home
|
||||
- name: jenkins-master-claim
|
||||
mountPath: /var/run/docker.sock
|
||||
volumes:
|
||||
- name: jenkins-master-claim
|
||||
persistentVolumeClaim:
|
||||
claimName: jenkins-master-claim
|
@ -1,36 +0,0 @@
|
||||
{{- if .Values.ingress.enabled }}
|
||||
{{- range .Values.ingress.hosts }}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: "{{ $.Release.Name }}-ingress"
|
||||
labels:
|
||||
app: {{ template "jenkins.fullname" $ }}
|
||||
chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}"
|
||||
release: "{{ $.Release.Name }}"
|
||||
heritage: "{{ $.Release.Service }}"
|
||||
annotations:
|
||||
{{- if .tls }}
|
||||
ingress.kubernetes.io/secure-backends: "true"
|
||||
{{- end }}
|
||||
{{- range $key, $value := .annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
spec:
|
||||
rules:
|
||||
- host: {{ .name }}
|
||||
http:
|
||||
paths:
|
||||
- path: {{ default "/" .path }}
|
||||
backend:
|
||||
serviceName: {{ template "jenkins.fullname" $ }}
|
||||
servicePort: 80
|
||||
{{- if .tls }}
|
||||
tls:
|
||||
- hosts:
|
||||
- {{ .name }}
|
||||
secretName: {{ .tlsSecret }}
|
||||
{{- end }}
|
||||
---
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -1,13 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ .Values.jenkins.agent.name }}
|
||||
labels:
|
||||
app: {{ .Values.jenkins.agent.name }}
|
||||
spec:
|
||||
type: NodePort
|
||||
ports:
|
||||
- name: {{ .Values.jenkins.agent.name }}
|
||||
port: {{ .Values.jenkins.agent.port }}
|
||||
selector:
|
||||
app: {{ .Values.jenkins.agent.selector }}
|
@ -1,13 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ .Values.jenkins.master.name }}
|
||||
labels:
|
||||
app: {{ .Values.jenkins.master.name }}
|
||||
spec:
|
||||
type: NodePort
|
||||
ports:
|
||||
- name: {{ .Values.jenkins.master.name }}
|
||||
port: {{ .Values.jenkins.master.port }}
|
||||
selector:
|
||||
app: {{ .Values.jenkins.master.selector }}
|
@ -1,12 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: jenkins-agent-data
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 100Mi
|
||||
status: {}
|
@ -1,12 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: jenkins-master-data
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 100Mi
|
||||
status: {}
|
@ -1,68 +0,0 @@
|
||||
# Default values for jenkins.
|
||||
# This is a YAML-formatted file.
|
||||
# Declare variables to be passed into your templates.
|
||||
|
||||
replicaCount: 1
|
||||
|
||||
environment: production
|
||||
|
||||
service:
|
||||
type: NodePort
|
||||
port: 8080
|
||||
|
||||
jenkins:
|
||||
strategy:
|
||||
type: Recreate
|
||||
restartPolicy: Always
|
||||
master:
|
||||
name: jenkins-master
|
||||
selector: jenkins-master
|
||||
image:
|
||||
repository: registry.webhosting.rug.nl/molgenis/jenkins-master
|
||||
tag: lts
|
||||
pullPolicy: Always
|
||||
port: 8080
|
||||
agent:
|
||||
name: jenkins-agent
|
||||
selector: jenkins-agent
|
||||
image:
|
||||
repository: registry.webhosting.rug.nl/molgenis/jenkins-agent
|
||||
tag: lts
|
||||
pullPolicy: Always
|
||||
port: 22
|
||||
ssh:
|
||||
public:
|
||||
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6+L3I5Dh1oKCxRktAhKwX20vQq5+hp40D2HCN+JSOT1WmiZOKQQ2U73HyRlukXV1MJGn6NM0pZS1W12IiAiSeu6xl+YFlEJykRK+9NnpSGwTMXXirCmCyWAlMUb6pcXmCqa1Pk1HqiUUfvflkvFHNT+26LBNXj0LbrT6KFd0xhm/KH9gMTKnYoBQqezE7D5jjPki5lKAfBL7IQkwgs5wFdaQicRYAUsuI7gV6EsDgVmLmF6f2d8+/AJ0fwYIFpzaYqQfgrpilMCvHXcuskpHj2RtJFMiPZ4WZSMZ3sMTD0MmZxdNU32qc/TR7mILHEB9/10EzmE4F7X1NdWYeJqK5VKH8RfwLHtiFDPPoqttc2AuaMrSPiRJxtww0oLsEN3toE9qauXpVcJUgaxpj0hE7UQP026Et3LZDQCD8w+3VPVUCfGHy7LTZdPzxDYuWmSMGF/VjYYKbv3WgPEVomRdB1TlaSEb8JfnHI1CVo4C+dImwxppVRbiAkjK/D+TnTavgx+zl85Fo1oNO49kjg9Avp2sOoHBSCBk6ceywIdvvaIzQSxQZfj3PbSWRg+ywJMS8tM6m6riEQola8EmHA7pP/Aj70453ip08MUnz1vsM/e396nqdw55KhR5dPEPHrfqmONMgr6IUa+6zyeWBQ7LTpkWztQ4lQcPl48jRE0ijTQ== sido@client-145-100-225-240.surfnet.eduroam.rug.nl
|
||||
|
||||
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
annotations: {}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
path: /
|
||||
hosts:
|
||||
- jenkins.molgenis.org
|
||||
tls: []
|
||||
# - secretName: chart-example-tls
|
||||
# hosts:
|
||||
# - chart-example.local
|
||||
|
||||
resources: {}
|
||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
||||
# choice for the user. This also increases chances charts run on environments with little
|
||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
||||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
|
||||
nodeSelector: {}
|
||||
|
||||
tolerations: []
|
||||
|
||||
affinity: {}
|
@ -1,45 +0,0 @@
|
||||
1. Get your '{{ .Values.Master.AdminUser }}' user password by running:
|
||||
printf $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "jenkins.fullname" . }} -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode);echo
|
||||
|
||||
{{- if .Values.Master.HostName }}
|
||||
|
||||
2. Visit http://{{ .Values.Master.HostName }}
|
||||
{{- else }}
|
||||
2. Get the Jenkins URL to visit by running these commands in the same shell:
|
||||
{{- if contains "NodePort" .Values.Master.ServiceType }}
|
||||
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "jenkins.fullname" . }})
|
||||
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
|
||||
echo http://$NODE_IP:$NODE_PORT/login
|
||||
|
||||
{{- else if contains "LoadBalancer" .Values.Master.ServiceType }}
|
||||
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
|
||||
You can watch the status of by running 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "jenkins.fullname" . }}'
|
||||
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "jenkins.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}")
|
||||
echo http://$SERVICE_IP:{{ .Values.Master.ServicePort }}/login
|
||||
|
||||
{{- else if contains "ClusterIP" .Values.Master.ServiceType }}
|
||||
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "component={{ template "jenkins.fullname" . }}-master" -o jsonpath="{.items[0].metadata.name}")
|
||||
echo http://127.0.0.1:{{ .Values.Master.ServicePort }}
|
||||
kubectl port-forward $POD_NAME {{ .Values.Master.ServicePort }}:{{ .Values.Master.ServicePort }}
|
||||
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
3. Login with the password from step 1 and the username: {{ .Values.Master.AdminUser }}
|
||||
|
||||
For more information on running Jenkins on Kubernetes, visit:
|
||||
https://cloud.google.com/solutions/jenkins-on-container-engine
|
||||
|
||||
{{- if .Values.Persistence.Enabled }}
|
||||
{{- else }}
|
||||
#################################################################################
|
||||
###### WARNING: Persistence is disabled!!! You will lose your data when #####
|
||||
###### the Jenkins pod is terminated. #####
|
||||
#################################################################################
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.rbac.install }}
|
||||
Configure the Kubernetes plugin in Jenkins to use the following Service Account name {{ template "jenkins.fullname" . }} using the following steps:
|
||||
Create a Jenkins credential of type Kubernetes service account with service account name {{ template "jenkins.fullname" . }}
|
||||
Under configure Jenkins -- Update the credentials config in the cloud section to use the service account credential you created in the step above.
|
||||
{{- end }}
|
@ -1,34 +0,0 @@
|
||||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "jenkins.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "jenkins.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "jenkins.kubernetes-version" -}}
|
||||
{{- range .Values.Master.InstallPlugins -}}
|
||||
{{ if hasPrefix "kubernetes:" . }}
|
||||
{{- $split := splitList ":" . }}
|
||||
{{- printf "%s" (index $split 1 ) -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
@ -1,208 +0,0 @@
|
||||
{{- if not .Values.Master.CustomConfigMap }}
|
||||
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "jenkins.fullname" . }}
|
||||
data:
|
||||
config.xml: |-
|
||||
<?xml version='1.0' encoding='UTF-8'?>
|
||||
<hudson>
|
||||
<disabledAdministrativeMonitors/>
|
||||
<version>{{ .Values.Master.ImageTag }}</version>
|
||||
<numExecutors>0</numExecutors>
|
||||
<mode>NORMAL</mode>
|
||||
<useSecurity>{{ .Values.Master.UseSecurity }}</useSecurity>
|
||||
<authorizationStrategy class="hudson.security.FullControlOnceLoggedInAuthorizationStrategy">
|
||||
<denyAnonymousReadAccess>true</denyAnonymousReadAccess>
|
||||
</authorizationStrategy>
|
||||
<securityRealm class="hudson.security.LegacySecurityRealm"/>
|
||||
<disableRememberMe>false</disableRememberMe>
|
||||
<projectNamingStrategy class="jenkins.model.ProjectNamingStrategy$DefaultProjectNamingStrategy"/>
|
||||
<workspaceDir>${JENKINS_HOME}/workspace/${ITEM_FULLNAME}</workspaceDir>
|
||||
<buildsDir>${ITEM_ROOTDIR}/builds</buildsDir>
|
||||
<markupFormatter class="hudson.markup.EscapedMarkupFormatter"/>
|
||||
<jdks/>
|
||||
<viewsTabBar class="hudson.views.DefaultViewsTabBar"/>
|
||||
<myViewsTabBar class="hudson.views.DefaultMyViewsTabBar"/>
|
||||
<clouds>
|
||||
<org.csanchez.jenkins.plugins.kubernetes.KubernetesCloud plugin="kubernetes@{{ template "jenkins.kubernetes-version" . }}">
|
||||
<name>kubernetes</name>
|
||||
<templates>
|
||||
{{- if .Values.Agent.Enabled }}
|
||||
<org.csanchez.jenkins.plugins.kubernetes.PodTemplate>
|
||||
<inheritFrom></inheritFrom>
|
||||
<name>default</name>
|
||||
<instanceCap>2147483647</instanceCap>
|
||||
<idleMinutes>0</idleMinutes>
|
||||
<label>{{ .Release.Name }}-{{ .Values.Agent.Component }}</label>
|
||||
<nodeSelector>
|
||||
{{- $local := dict "first" true }}
|
||||
{{- range $key, $value := .Values.Agent.NodeSelector }}
|
||||
{{- if not $local.first }},{{- end }}
|
||||
{{- $key }}={{ $value }}
|
||||
{{- $_ := set $local "first" false }}
|
||||
{{- end }}</nodeSelector>
|
||||
<nodeUsageMode>NORMAL</nodeUsageMode>
|
||||
<volumes>
|
||||
{{- range $index, $volume := .Values.Agent.volumes }}
|
||||
<org.csanchez.jenkins.plugins.kubernetes.volumes.{{ $volume.type }}Volume>
|
||||
{{- range $key, $value := $volume }}{{- if not (eq $key "type") }}
|
||||
<{{ $key }}>{{ $value }}</{{ $key }}>
|
||||
{{- end }}{{- end }}
|
||||
</org.csanchez.jenkins.plugins.kubernetes.volumes.{{ $volume.type }}Volume>
|
||||
{{- end }}
|
||||
</volumes>
|
||||
<containers>
|
||||
<org.csanchez.jenkins.plugins.kubernetes.ContainerTemplate>
|
||||
<name>jnlp</name>
|
||||
<image>{{ .Values.Agent.Image }}:{{ .Values.Agent.ImageTag }}</image>
|
||||
{{- if .Values.Agent.Privileged }}
|
||||
<privileged>true</privileged>
|
||||
{{- else }}
|
||||
<privileged>false</privileged>
|
||||
{{- end }}
|
||||
<alwaysPullImage>{{ .Values.Agent.AlwaysPullImage }}</alwaysPullImage>
|
||||
<workingDir>/home/jenkins</workingDir>
|
||||
<command></command>
|
||||
<args>${computer.jnlpmac} ${computer.name}</args>
|
||||
<ttyEnabled>false</ttyEnabled>
|
||||
<resourceRequestCpu>{{.Values.Agent.Cpu}}</resourceRequestCpu>
|
||||
<resourceRequestMemory>{{.Values.Agent.Memory}}</resourceRequestMemory>
|
||||
<resourceLimitCpu>{{.Values.Agent.Cpu}}</resourceLimitCpu>
|
||||
<resourceLimitMemory>{{.Values.Agent.Memory}}</resourceLimitMemory>
|
||||
<envVars>
|
||||
<org.csanchez.jenkins.plugins.kubernetes.ContainerEnvVar>
|
||||
<key>JENKINS_URL</key>
|
||||
<value>http://{{ template "jenkins.fullname" . }}:{{.Values.Master.ServicePort}}{{ default "" .Values.Master.JenkinsUriPrefix }}</value>
|
||||
</org.csanchez.jenkins.plugins.kubernetes.ContainerEnvVar>
|
||||
</envVars>
|
||||
</org.csanchez.jenkins.plugins.kubernetes.ContainerTemplate>
|
||||
</containers>
|
||||
<envVars/>
|
||||
<annotations/>
|
||||
{{- if .Values.Agent.ImagePullSecret }}
|
||||
<imagePullSecrets>
|
||||
<org.csanchez.jenkins.plugins.kubernetes.PodImagePullSecret>
|
||||
<name>{{ .Values.Agent.ImagePullSecret }}</name>
|
||||
</org.csanchez.jenkins.plugins.kubernetes.PodImagePullSecret>
|
||||
</imagePullSecrets>
|
||||
{{- else }}
|
||||
<imagePullSecrets/>
|
||||
{{- end }}
|
||||
<nodeProperties/>
|
||||
</org.csanchez.jenkins.plugins.kubernetes.PodTemplate>
|
||||
{{- end -}}
|
||||
</templates>
|
||||
<serverUrl>https://kubernetes.default</serverUrl>
|
||||
<skipTlsVerify>false</skipTlsVerify>
|
||||
<namespace>{{ .Release.Namespace }}</namespace>
|
||||
<jenkinsUrl>http://{{ template "jenkins.fullname" . }}:{{.Values.Master.ServicePort}}{{ default "" .Values.Master.JenkinsUriPrefix }}</jenkinsUrl>
|
||||
<jenkinsTunnel>{{ template "jenkins.fullname" . }}-agent:50000</jenkinsTunnel>
|
||||
<containerCap>10</containerCap>
|
||||
<retentionTimeout>5</retentionTimeout>
|
||||
<connectTimeout>0</connectTimeout>
|
||||
<readTimeout>0</readTimeout>
|
||||
</org.csanchez.jenkins.plugins.kubernetes.KubernetesCloud>
|
||||
</clouds>
|
||||
<quietPeriod>5</quietPeriod>
|
||||
<scmCheckoutRetryCount>0</scmCheckoutRetryCount>
|
||||
<views>
|
||||
<hudson.model.AllView>
|
||||
<owner class="hudson" reference="../../.."/>
|
||||
<name>All</name>
|
||||
<filterExecutors>false</filterExecutors>
|
||||
<filterQueue>false</filterQueue>
|
||||
<properties class="hudson.model.View$PropertyList"/>
|
||||
</hudson.model.AllView>
|
||||
</views>
|
||||
<primaryView>All</primaryView>
|
||||
<slaveAgentPort>50000</slaveAgentPort>
|
||||
<disabledAgentProtocols>
|
||||
{{- range .Values.Master.DisabledAgentProtocols }}
|
||||
<string>{{ . }}</string>
|
||||
{{- end }}
|
||||
</disabledAgentProtocols>
|
||||
<label></label>
|
||||
{{- if .Values.Master.CSRF.DefaultCrumbIssuer.Enabled }}
|
||||
<crumbIssuer class="hudson.security.csrf.DefaultCrumbIssuer">
|
||||
{{- if .Values.Master.CSRF.DefaultCrumbIssuer.ProxyCompatability }}
|
||||
<excludeClientIPFromCrumb>true</excludeClientIPFromCrumb>
|
||||
{{- end }}
|
||||
</crumbIssuer>
|
||||
{{- end }}
|
||||
<nodeProperties/>
|
||||
<globalNodeProperties/>
|
||||
<noUsageStatistics>true</noUsageStatistics>
|
||||
</hudson>
|
||||
{{- if .Values.Master.ScriptApproval }}
|
||||
scriptapproval.xml: |-
|
||||
<?xml version='1.0' encoding='UTF-8'?>
|
||||
<scriptApproval plugin="script-security@1.27">
|
||||
<approvedScriptHashes/>
|
||||
<approvedSignatures>
|
||||
{{- range $key, $val := .Values.Master.ScriptApproval }}
|
||||
<string>{{ $val }}</string>
|
||||
{{- end }}
|
||||
</approvedSignatures>
|
||||
<aclApprovedSignatures/>
|
||||
<approvedClasspathEntries/>
|
||||
<pendingScripts/>
|
||||
<pendingSignatures/>
|
||||
<pendingClasspathEntries/>
|
||||
</scriptApproval>
|
||||
{{- end }}
|
||||
jenkins.CLI.xml: |-
|
||||
<?xml version='1.1' encoding='UTF-8'?>
|
||||
<jenkins.CLI>
|
||||
{{- if .Values.Master.CLI }}
|
||||
<enabled>true</enabled>
|
||||
{{- else }}
|
||||
<enabled>false</enabled>
|
||||
{{- end }}
|
||||
</jenkins.CLI>
|
||||
apply_config.sh: |-
|
||||
mkdir -p /usr/share/jenkins/ref/secrets/;
|
||||
echo "false" > /usr/share/jenkins/ref/secrets/slave-to-master-security-kill-switch;
|
||||
cp -n /var/jenkins_config/config.xml /var/jenkins_home;
|
||||
cp -n /var/jenkins_config/jenkins.CLI.xml /var/jenkins_home;
|
||||
{{- if .Values.Master.InstallPlugins }}
|
||||
# Install missing plugins
|
||||
cp /var/jenkins_config/plugins.txt /var/jenkins_home;
|
||||
rm -rf /usr/share/jenkins/ref/plugins/*.lock
|
||||
/usr/local/bin/install-plugins.sh `echo $(cat /var/jenkins_home/plugins.txt)`;
|
||||
# Copy plugins to shared volume
|
||||
cp -n /usr/share/jenkins/ref/plugins/* /var/jenkins_plugins;
|
||||
{{- end }}
|
||||
{{- if .Values.Master.ScriptApproval }}
|
||||
cp -n /var/jenkins_config/scriptapproval.xml /var/jenkins_home/scriptApproval.xml;
|
||||
{{- end }}
|
||||
{{- if .Values.Master.InitScripts }}
|
||||
mkdir -p /var/jenkins_home/init.groovy.d/;
|
||||
cp -n /var/jenkins_config/*.groovy /var/jenkins_home/init.groovy.d/
|
||||
{{- end }}
|
||||
{{- if .Values.Master.CredentialsXmlSecret }}
|
||||
cp -n /var/jenkins_credentials/credentials.xml /var/jenkins_home;
|
||||
{{- end }}
|
||||
{{- if .Values.Master.SecretsFilesSecret }}
|
||||
cp -n /var/jenkins_secrets/* /usr/share/jenkins/ref/secrets;
|
||||
{{- end }}
|
||||
{{- if .Values.Master.Jobs }}
|
||||
for job in $(ls /var/jenkins_jobs); do
|
||||
mkdir -p /var/jenkins_home/jobs/$job
|
||||
cp -n /var/jenkins_jobs/$job /var/jenkins_home/jobs/$job/config.xml
|
||||
done
|
||||
{{- end }}
|
||||
{{- range $key, $val := .Values.Master.InitScripts }}
|
||||
init{{ $key }}.groovy: |-
|
||||
{{ $val | indent 4 }}
|
||||
{{- end }}
|
||||
plugins.txt: |-
|
||||
{{- if .Values.Master.InstallPlugins }}
|
||||
{{- range $index, $val := .Values.Master.InstallPlugins }}
|
||||
{{ $val | indent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{ else }}
|
||||
{{ include "override_config_map" . }}
|
||||
{{- end -}}
|
@ -1,28 +0,0 @@
|
||||
{{- if and .Values.Persistence.Enabled (not .Values.Persistence.ExistingClaim) -}}
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
{{- if .Values.Persistence.Annotations }}
|
||||
annotations:
|
||||
{{ toYaml .Values.Persistence.Annotations | indent 4 }}
|
||||
{{- end }}
|
||||
name: {{ template "jenkins.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "jenkins.fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
spec:
|
||||
accessModes:
|
||||
- {{ .Values.Persistence.AccessMode | quote }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.Persistence.Size | quote }}
|
||||
{{- if .Values.Persistence.StorageClass }}
|
||||
{{- if (eq "-" .Values.Persistence.StorageClass) }}
|
||||
storageClassName: ""
|
||||
{{- else }}
|
||||
storageClassName: "{{ .Values.Persistence.StorageClass }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -1,20 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "jenkins.fullname" . }}-agent
|
||||
labels:
|
||||
app: {{ template "jenkins.fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Release.Name }}-{{ .Values.Master.Component }}"
|
||||
{{- if .Values.Master.SlaveListenerServiceAnnotations }}
|
||||
annotations:
|
||||
{{ toYaml .Values.Master.SlaveListenerServiceAnnotations | indent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
ports:
|
||||
- port: {{ .Values.Master.SlaveListenerPort }}
|
||||
targetPort: {{ .Values.Master.SlaveListenerPort }}
|
||||
name: slavelistener
|
||||
selector:
|
||||
component: "{{ .Release.Name }}-{{ .Values.Master.Component }}"
|
||||
type: {{ .Values.Master.SlaveListenerServiceType }}
|
@ -1,222 +0,0 @@
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ template "jenkins.fullname" . }}
|
||||
labels:
|
||||
heritage: {{ .Release.Service | quote }}
|
||||
release: {{ .Release.Name | quote }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Release.Name }}-{{ .Values.Master.Name }}"
|
||||
spec:
|
||||
replicas: 1
|
||||
strategy:
|
||||
type: RollingUpdate
|
||||
selector:
|
||||
matchLabels:
|
||||
component: "{{ .Release.Name }}-{{ .Values.Master.Component }}"
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ template "jenkins.fullname" . }}
|
||||
heritage: {{ .Release.Service | quote }}
|
||||
release: {{ .Release.Name | quote }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
component: "{{ .Release.Name }}-{{ .Values.Master.Component }}"
|
||||
annotations:
|
||||
checksum/config: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }}
|
||||
spec:
|
||||
{{- if .Values.Master.NodeSelector }}
|
||||
nodeSelector:
|
||||
{{ toYaml .Values.Master.NodeSelector | indent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.Master.Tolerations }}
|
||||
tolerations:
|
||||
{{ toYaml .Values.Master.Tolerations | indent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.Master.Affinity }}
|
||||
affinity:
|
||||
{{ toYaml .Values.Master.Affinity | indent 8 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
runAsUser: {{ default 0 .Values.Master.RunAsUser }}
|
||||
{{- if and (.Values.Master.RunAsUser) (.Values.Master.FsGroup) }}
|
||||
{{- if not (eq .Values.Master.RunAsUser 0.0) }}
|
||||
fsGroup: {{ .Values.Master.FsGroup }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ if .Values.rbac.install }}{{ template "jenkins.fullname" . }}{{ else }}"{{ .Values.rbac.serviceAccountName }}"{{ end }}
|
||||
initContainers:
|
||||
- name: "copy-default-config"
|
||||
image: "{{ .Values.Master.Image }}:{{ .Values.Master.ImageTag }}"
|
||||
imagePullPolicy: "{{ .Values.Master.ImagePullPolicy }}"
|
||||
command: [ "sh", "/var/jenkins_config/apply_config.sh" ]
|
||||
{{- if .Values.Master.InitContainerEnv }}
|
||||
env:
|
||||
{{ toYaml .Values.Master.InitContainerEnv | indent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
-
|
||||
mountPath: /var/jenkins_home
|
||||
name: jenkins-home
|
||||
-
|
||||
mountPath: /var/jenkins_config
|
||||
name: jenkins-config
|
||||
{{- if .Values.Master.CredentialsXmlSecret }}
|
||||
-
|
||||
mountPath: /var/jenkins_credentials
|
||||
name: jenkins-credentials
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.Master.SecretsFilesSecret }}
|
||||
-
|
||||
mountPath: /var/jenkins_secrets
|
||||
name: jenkins-secrets
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.Master.Jobs }}
|
||||
-
|
||||
mountPath: /var/jenkins_jobs
|
||||
name: jenkins-jobs
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.Master.InstallPlugins }}
|
||||
-
|
||||
mountPath: /var/jenkins_plugins
|
||||
name: plugin-dir
|
||||
{{- end }}
|
||||
-
|
||||
mountPath: /usr/share/jenkins/ref/secrets/
|
||||
name: secrets-dir
|
||||
containers:
|
||||
- name: {{ template "jenkins.fullname" . }}
|
||||
image: "{{ .Values.Master.Image }}:{{ .Values.Master.ImageTag }}"
|
||||
imagePullPolicy: "{{ .Values.Master.ImagePullPolicy }}"
|
||||
{{- if .Values.Master.UseSecurity }}
|
||||
args: [ "--argumentsRealm.passwd.$(ADMIN_USER)=$(ADMIN_PASSWORD)", "--argumentsRealm.roles.$(ADMIN_USER)=admin"]
|
||||
{{- end }}
|
||||
env:
|
||||
- name: JAVA_OPTS
|
||||
value: "{{ default "" .Values.Master.JavaOpts}}"
|
||||
- name: JENKINS_OPTS
|
||||
value: "{{ if .Values.Master.JenkinsUriPrefix }}--prefix={{ .Values.Master.JenkinsUriPrefix }} {{ end }}{{ default "" .Values.Master.JenkinsOpts}}"
|
||||
{{- if .Values.Master.UseSecurity }}
|
||||
- name: ADMIN_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "jenkins.fullname" . }}
|
||||
key: jenkins-admin-password
|
||||
- name: ADMIN_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ template "jenkins.fullname" . }}
|
||||
key: jenkins-admin-user
|
||||
{{- end }}
|
||||
{{- if .Values.Master.ContainerEnv }}
|
||||
{{ toYaml .Values.Master.ContainerEnv | indent 12 }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- containerPort: {{ .Values.Master.ContainerPort }}
|
||||
name: http
|
||||
- containerPort: {{ .Values.Master.SlaveListenerPort }}
|
||||
name: slavelistener
|
||||
{{- if .Values.Master.JMXPort }}
|
||||
- containerPort: {{ .Values.Master.JMXPort }}
|
||||
name: jmx
|
||||
{{- end }}
|
||||
{{- if .Values.Master.HealthProbes }}
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /login
|
||||
port: http
|
||||
initialDelaySeconds: {{ .Values.Master.HealthProbesLivenessTimeout }}
|
||||
timeoutSeconds: 5
|
||||
failureThreshold: {{ .Values.Master.HealthProbeLivenessFailureThreshold }}
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /login
|
||||
port: http
|
||||
initialDelaySeconds: {{ .Values.Master.HealthProbesReadinessTimeout }}
|
||||
{{- end }}
|
||||
resources:
|
||||
requests:
|
||||
cpu: "{{ .Values.Master.Cpu }}"
|
||||
memory: "{{ .Values.Master.Memory }}"
|
||||
volumeMounts:
|
||||
{{- if .Values.Persistence.mounts }}
|
||||
{{ toYaml .Values.Persistence.mounts | indent 12 }}
|
||||
{{- end }}
|
||||
-
|
||||
mountPath: /var/jenkins_home
|
||||
name: jenkins-home
|
||||
readOnly: false
|
||||
-
|
||||
mountPath: /var/jenkins_config
|
||||
name: jenkins-config
|
||||
readOnly: true
|
||||
{{- if .Values.Master.CredentialsXmlSecret }}
|
||||
-
|
||||
mountPath: /var/jenkins_credentials
|
||||
name: jenkins-credentials
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.Master.SecretsFilesSecret }}
|
||||
-
|
||||
mountPath: /var/jenkins_secrets
|
||||
name: jenkins-secrets
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.Master.Jobs }}
|
||||
-
|
||||
mountPath: /var/jenkins_jobs
|
||||
name: jenkins-jobs
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.Master.InstallPlugins }}
|
||||
-
|
||||
mountPath: /usr/share/jenkins/ref/plugins/
|
||||
name: plugin-dir
|
||||
readOnly: false
|
||||
{{- end }}
|
||||
-
|
||||
mountPath: /usr/share/jenkins/ref/secrets/
|
||||
name: secrets-dir
|
||||
readOnly: false
|
||||
volumes:
|
||||
{{- if .Values.Persistence.volumes }}
|
||||
{{ toYaml .Values.Persistence.volumes | indent 6 }}
|
||||
{{- end }}
|
||||
- name: jenkins-config
|
||||
configMap:
|
||||
name: {{ template "jenkins.fullname" . }}
|
||||
{{- if .Values.Master.CredentialsXmlSecret }}
|
||||
- name: jenkins-credentials
|
||||
secret:
|
||||
secretName: {{ .Values.Master.CredentialsXmlSecret }}
|
||||
{{- end }}
|
||||
{{- if .Values.Master.SecretsFilesSecret }}
|
||||
- name: jenkins-secrets
|
||||
secret:
|
||||
secretName: {{ .Values.Master.SecretsFilesSecret }}
|
||||
{{- end }}
|
||||
{{- if .Values.Master.Jobs }}
|
||||
- name: jenkins-jobs
|
||||
configMap:
|
||||
name: {{ template "jenkins.fullname" . }}-jobs
|
||||
{{- end }}
|
||||
{{- if .Values.Master.InstallPlugins }}
|
||||
- name: plugin-dir
|
||||
emptyDir: {}
|
||||
{{- end }}
|
||||
- name: secrets-dir
|
||||
emptyDir: {}
|
||||
- name: jenkins-home
|
||||
{{- if .Values.Persistence.Enabled }}
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Values.Persistence.ExistingClaim | default (include "jenkins.fullname" .) }}
|
||||
{{- else }}
|
||||
emptyDir: {}
|
||||
{{- end -}}
|
||||
{{- if .Values.Master.ImagePullSecret }}
|
||||
imagePullSecrets:
|
||||
- name: {{ .Values.Master.ImagePullSecret }}
|
||||
{{- end -}}
|
@ -1,22 +0,0 @@
|
||||
{{- if .Values.Master.HostName }}
|
||||
apiVersion: {{ .Values.Master.Ingress.ApiVersion }}
|
||||
kind: Ingress
|
||||
metadata:
|
||||
{{- if .Values.Master.Ingress.Annotations }}
|
||||
annotations:
|
||||
{{ toYaml .Values.Master.Ingress.Annotations | indent 4 }}
|
||||
{{- end }}
|
||||
name: {{ template "jenkins.fullname" . }}
|
||||
spec:
|
||||
rules:
|
||||
- host: {{ .Values.Master.HostName | quote }}
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
serviceName: {{ template "jenkins.fullname" . }}
|
||||
servicePort: {{ .Values.Master.ServicePort }}
|
||||
{{- if .Values.Master.Ingress.TLS }}
|
||||
tls:
|
||||
{{ toYaml .Values.Master.Ingress.TLS | indent 4 }}
|
||||
{{- end -}}
|
||||
{{- end }}
|
@ -1,33 +0,0 @@
|
||||
{{- if .Values.NetworkPolicy.Enabled }}
|
||||
kind: NetworkPolicy
|
||||
apiVersion: {{ .Values.NetworkPolicy.ApiVersion }}
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-{{ .Values.Master.Component }}"
|
||||
spec:
|
||||
podSelector:
|
||||
matchLabels:
|
||||
component: "{{ .Release.Name }}-{{ .Values.Master.Component }}"
|
||||
ingress:
|
||||
# Allow web access to the UI
|
||||
- ports:
|
||||
- port: {{ .Values.Master.ContainerPort }}
|
||||
# Allow inbound connections from slave
|
||||
- from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
"jenkins/{{ .Release.Name }}-{{ .Values.Agent.Component }}": "true"
|
||||
ports:
|
||||
- port: {{ .Values.Master.SlaveListenerPort }}
|
||||
{{- if .Values.Agent.Enabled }}
|
||||
---
|
||||
kind: NetworkPolicy
|
||||
apiVersion: {{ .Values.NetworkPolicy.ApiVersion }}
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-{{ .Values.Agent.Component }}"
|
||||
spec:
|
||||
podSelector:
|
||||
matchLabels:
|
||||
# DefaultDeny
|
||||
"jenkins/{{ .Release.Name }}-{{ .Values.Agent.Component }}": "true"
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -1,31 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{template "jenkins.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "jenkins.fullname" . }}
|
||||
heritage: {{.Release.Service | quote }}
|
||||
release: {{.Release.Name | quote }}
|
||||
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
|
||||
component: "{{.Release.Name}}-{{.Values.Master.Component}}"
|
||||
{{- if .Values.Master.ServiceAnnotations }}
|
||||
annotations:
|
||||
{{ toYaml .Values.Master.ServiceAnnotations | indent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
ports:
|
||||
- port: {{.Values.Master.ServicePort}}
|
||||
name: http
|
||||
targetPort: {{.Values.Master.ContainerPort}}
|
||||
{{if (and (eq .Values.Master.ServiceType "NodePort") (not (empty .Values.Master.NodePort)))}}
|
||||
nodePort: {{.Values.Master.NodePort}}
|
||||
{{end}}
|
||||
selector:
|
||||
component: "{{.Release.Name}}-{{.Values.Master.Component}}"
|
||||
type: {{.Values.Master.ServiceType}}
|
||||
{{if eq .Values.Master.ServiceType "LoadBalancer"}}
|
||||
loadBalancerSourceRanges: {{.Values.Master.LoadBalancerSourceRanges}}
|
||||
{{if .Values.Master.LoadBalancerIP}}
|
||||
loadBalancerIP: {{.Values.Master.LoadBalancerIP}}
|
||||
{{end}}
|
||||
{{end}}
|
@ -1,45 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-ui-test-{{ randAlphaNum 5 | lower }}"
|
||||
annotations:
|
||||
"helm.sh/hook": test-success
|
||||
spec:
|
||||
{{- if .Values.Master.NodeSelector }}
|
||||
nodeSelector:
|
||||
{{ toYaml .Values.Master.NodeSelector | indent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.Master.Tolerations }}
|
||||
tolerations:
|
||||
{{ toYaml .Values.Master.Tolerations | indent 4 }}
|
||||
{{- end }}
|
||||
initContainers:
|
||||
- name: "test-framework"
|
||||
image: "dduportal/bats:0.4.0"
|
||||
command:
|
||||
- "bash"
|
||||
- "-c"
|
||||
- |
|
||||
set -ex
|
||||
# copy bats to tools dir
|
||||
cp -R /usr/local/libexec/ /tools/bats/
|
||||
volumeMounts:
|
||||
- mountPath: /tools
|
||||
name: tools
|
||||
containers:
|
||||
- name: {{ .Release.Name }}-ui-test
|
||||
image: {{ .Values.Master.Image }}:{{ .Values.Master.ImageTag }}
|
||||
command: ["/tools/bats/bats", "-t", "/tests/run.sh"]
|
||||
volumeMounts:
|
||||
- mountPath: /tests
|
||||
name: tests
|
||||
readOnly: true
|
||||
- mountPath: /tools
|
||||
name: tools
|
||||
volumes:
|
||||
- name: tests
|
||||
configMap:
|
||||
name: {{ template "jenkins.fullname" . }}-tests
|
||||
- name: tools
|
||||
emptyDir: {}
|
||||
restartPolicy: Never
|
@ -1,8 +0,0 @@
|
||||
{{- if .Values.Master.Jobs }}
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "jenkins.fullname" . }}-jobs
|
||||
data:
|
||||
{{ .Values.Master.Jobs | indent 2 }}
|
||||
{{- end -}}
|
@ -1,20 +0,0 @@
|
||||
{{ if .Values.rbac.install }}
|
||||
{{- $serviceName := include "jenkins.fullname" . -}}
|
||||
apiVersion: rbac.authorization.k8s.io/{{ required "A valid .Values.rbac.apiVersion entry required!" .Values.rbac.apiVersion }}
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ $serviceName }}-role-binding
|
||||
labels:
|
||||
app: {{ $serviceName }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ .Values.rbac.roleRef }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ $serviceName }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
{{ end }}
|
@ -1,19 +0,0 @@
|
||||
{{- if .Values.Master.UseSecurity }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ template "jenkins.fullname" . }}
|
||||
labels:
|
||||
app: {{ template "jenkins.fullname" . }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
type: Opaque
|
||||
data:
|
||||
{{ if .Values.Master.AdminPassword }}
|
||||
jenkins-admin-password: {{ .Values.Master.AdminPassword | b64enc | quote }}
|
||||
{{ else }}
|
||||
jenkins-admin-password: {{ randAlphaNum 10 | b64enc | quote }}
|
||||
{{ end }}
|
||||
jenkins-admin-user: {{ .Values.Master.AdminUser | b64enc | quote }}
|
||||
{{- end }}
|
@ -1,12 +0,0 @@
|
||||
{{ if .Values.rbac.install }}
|
||||
{{- $serviceName := include "jenkins.fullname" . -}}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ $serviceName }}
|
||||
labels:
|
||||
app: {{ $serviceName }}
|
||||
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
|
||||
release: "{{ .Release.Name }}"
|
||||
heritage: "{{ .Release.Service }}"
|
||||
{{ end }}
|
@ -1,9 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "jenkins.fullname" . }}-tests
|
||||
data:
|
||||
run.sh: |-
|
||||
@test "Testing Jenkins UI is accessible" {
|
||||
curl --retry 48 --retry-delay 10 {{ template "jenkins.fullname" . }}:{{ .Values.Master.ServicePort }}{{ default "" .Values.Master.JenkinsUriPrefix }}/login
|
||||
}
|
@ -1,240 +0,0 @@
|
||||
# Default values for jenkins.
|
||||
# This is a YAML-formatted file.
|
||||
# Declare name/value pairs to be passed into your templates.
|
||||
# name: value
|
||||
|
||||
## Overrides for generated resource names
|
||||
# See templates/_helpers.tpl
|
||||
# nameOverride:
|
||||
# fullnameOverride:
|
||||
|
||||
Master:
|
||||
Name: jenkins-master
|
||||
Image: "jenkins/jenkins"
|
||||
ImageTag: "lts"
|
||||
ImagePullPolicy: "Always"
|
||||
# ImagePullSecret: jenkins
|
||||
Component: "jenkins-master"
|
||||
UseSecurity: true
|
||||
AdminUser: admin
|
||||
# AdminPassword: <defaults to random>
|
||||
Cpu: "200m"
|
||||
Memory: "256Mi"
|
||||
# Environment variables that get added to the init container (useful for e.g. http_proxy)
|
||||
# InitContainerEnv:
|
||||
# - name: http_proxy
|
||||
# value: "http://192.168.64.1:3128"
|
||||
# ContainerEnv:
|
||||
# - name: http_proxy
|
||||
# value: "http://192.168.64.1:3128"
|
||||
# Set min/max heap here if needed with:
|
||||
# JavaOpts: "-Xms512m -Xmx512m"
|
||||
# JenkinsOpts: ""
|
||||
# JenkinsUriPrefix: "/jenkins"
|
||||
# Set RunAsUser to 1000 to let Jenkins run as non-root user 'jenkins' which exists in 'jenkins/jenkins' docker image.
|
||||
# When setting RunAsUser to a different value than 0 also set FsGroup to the same value:
|
||||
# RunAsUser: <defaults to 0>
|
||||
# FsGroup: <will be omitted in deployment if RunAsUser is 0>
|
||||
ServicePort: 8080
|
||||
# For minikube, set this to NodePort, elsewhere use LoadBalancer
|
||||
# Use ClusterIP if your setup includes ingress controller
|
||||
ServiceType: ClusterIP
|
||||
# Master Service annotations
|
||||
ServiceAnnotations: {}
|
||||
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: https
|
||||
# Used to create Ingress record (should used with ServiceType: ClusterIP)
|
||||
# HostName: jenkins.cluster.local
|
||||
HostName: jenkins.molgenis.org
|
||||
# NodePort: <to set explicitly, choose port between 30000-32767
|
||||
ContainerPort: 8080
|
||||
# Enable Kubernetes Liveness and Readiness Probes
|
||||
# ~ 2 minutes to allow Jenkins to restart when upgrading plugins. Set ReadinessTimeout to be shorter than LivenessTimeout.
|
||||
HealthProbes: true
|
||||
HealthProbesLivenessTimeout: 90
|
||||
HealthProbesReadinessTimeout: 60
|
||||
HealthProbeLivenessFailureThreshold: 12
|
||||
SlaveListenerPort: 50000
|
||||
DisabledAgentProtocols:
|
||||
- JNLP-connect
|
||||
- JNLP2-connect
|
||||
CSRF:
|
||||
DefaultCrumbIssuer:
|
||||
Enabled: true
|
||||
ProxyCompatability: true
|
||||
CLI: false
|
||||
# Kubernetes service type for the JNLP slave service
|
||||
# SETTING THIS TO "LoadBalancer" IS A HUGE SECURITY RISK: https://github.com/kubernetes/charts/issues/1341
|
||||
SlaveListenerServiceType: ClusterIP
|
||||
SlaveListenerServiceAnnotations: {}
|
||||
LoadBalancerSourceRanges:
|
||||
- 0.0.0.0/0
|
||||
# Optionally assign a known public LB IP
|
||||
# LoadBalancerIP: 1.2.3.4
|
||||
# Optionally configure a JMX port
|
||||
# requires additional JavaOpts, ie
|
||||
# JavaOpts: >
|
||||
# -Dcom.sun.management.jmxremote.port=4000
|
||||
# -Dcom.sun.management.jmxremote.authenticate=false
|
||||
# -Dcom.sun.management.jmxremote.ssl=false
|
||||
# JMXPort: 4000
|
||||
# List of plugins to be install during Jenkins master start
|
||||
InstallPlugins:
|
||||
- kubernetes:1.8.4
|
||||
- workflow-aggregator:2.5
|
||||
- workflow-job:2.21
|
||||
- credentials-binding:1.16
|
||||
- git:3.9.1
|
||||
# Used to approve a list of groovy functions in pipelines used the script-security plugin. Can be viewed under /scriptApproval
|
||||
# ScriptApproval:
|
||||
# - "method groovy.json.JsonSlurperClassic parseText java.lang.String"
|
||||
# - "new groovy.json.JsonSlurperClassic"
|
||||
# List of groovy init scripts to be executed during Jenkins master start
|
||||
InitScripts:
|
||||
# - |
|
||||
# print 'adding global pipeline libraries, register properties, bootstrap jobs...'
|
||||
# Kubernetes secret that contains a 'credentials.xml' for Jenkins
|
||||
# CredentialsXmlSecret: jenkins-credentials
|
||||
# Kubernetes secret that contains files to be put in the Jenkins 'secrets' directory,
|
||||
# useful to manage encryption keys used for credentials.xml for instance (such as
|
||||
# master.key and hudson.util.Secret)
|
||||
# SecretsFilesSecret: jenkins-secrets
|
||||
# Jenkins XML job configs to provision
|
||||
# Jobs: |-
|
||||
# test: |-
|
||||
# <<xml here>>
|
||||
Jobs: |-
|
||||
molgenis: |-
|
||||
<?xml version='1.1' encoding='UTF-8'?>
|
||||
<org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject plugin="workflow-multibranch@2.19">
|
||||
<actions/>
|
||||
<description></description>
|
||||
<properties>
|
||||
<org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig plugin="pipeline-model-definition@1.3">
|
||||
<dockerLabel></dockerLabel>
|
||||
<registry plugin="docker-commons@1.13"/>
|
||||
</org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig>
|
||||
</properties>
|
||||
<folderViews class="jenkins.branch.MultiBranchProjectViewHolder" plugin="branch-api@2.0.20">
|
||||
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
||||
</folderViews>
|
||||
<healthMetrics>
|
||||
<com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric plugin="cloudbees-folder@6.5.1">
|
||||
<nonRecursive>false</nonRecursive>
|
||||
</com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric>
|
||||
</healthMetrics>
|
||||
<icon class="jenkins.branch.MetadataActionFolderIcon" plugin="branch-api@2.0.20">
|
||||
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
||||
</icon>
|
||||
<orphanedItemStrategy class="com.cloudbees.hudson.plugins.folder.computed.DefaultOrphanedItemStrategy" plugin="cloudbees-folder@6.5.1">
|
||||
<pruneDeadBranches>true</pruneDeadBranches>
|
||||
<daysToKeep>-1</daysToKeep>
|
||||
<numToKeep>-1</numToKeep>
|
||||
</orphanedItemStrategy>
|
||||
<triggers/>
|
||||
<disabled>false</disabled>
|
||||
<sources class="jenkins.branch.MultiBranchProject$BranchSourceList" plugin="branch-api@2.0.20">
|
||||
<data>
|
||||
<jenkins.branch.BranchSource>
|
||||
<source class="jenkins.plugins.git.GitSCMSource" plugin="git@3.9.1">
|
||||
<id>a1f535cd-ab83-4d42-8993-0c3e59cf139f</id>
|
||||
<remote>http://github.com/molgenis/molgenis.git</remote>
|
||||
<credentialsId></credentialsId>
|
||||
<traits>
|
||||
<jenkins.plugins.git.traits.BranchDiscoveryTrait/>
|
||||
</traits>
|
||||
</source>
|
||||
<strategy class="jenkins.branch.DefaultBranchPropertyStrategy">
|
||||
<properties class="empty-list"/>
|
||||
</strategy>
|
||||
</jenkins.branch.BranchSource>
|
||||
</data>
|
||||
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
||||
</sources>
|
||||
<factory class="org.jenkinsci.plugins.workflow.multibranch.WorkflowBranchProjectFactory">
|
||||
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
||||
<scriptPath>Jenkinsfile</scriptPath>
|
||||
</factory>
|
||||
</org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject>
|
||||
CustomConfigMap: false
|
||||
# Node labels and tolerations for pod assignment
|
||||
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
|
||||
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
|
||||
NodeSelector: {}
|
||||
Tolerations: {}
|
||||
|
||||
Ingress:
|
||||
ApiVersion: extensions/v1beta1
|
||||
Annotations:
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
|
||||
TLS:
|
||||
# - secretName: jenkins.cluster.local
|
||||
# hosts:
|
||||
# - jenkins.cluster.local
|
||||
|
||||
Agent:
|
||||
Enabled: true
|
||||
Image: jenkins/jnlp-slave
|
||||
ImageTag: 3.10-1
|
||||
# ImagePullSecret: jenkins
|
||||
Component: "jenkins-slave"
|
||||
Privileged: false
|
||||
Cpu: "200m"
|
||||
Memory: "256Mi"
|
||||
# You may want to change this to true while testing a new image
|
||||
AlwaysPullImage: false
|
||||
# You can define the volumes that you want to mount for this container
|
||||
# Allowed types are: ConfigMap, EmptyDir, HostPath, Nfs, Pod, Secret
|
||||
# Configure the attributes as they appear in the corresponding Java class for that type
|
||||
# https://github.com/jenkinsci/kubernetes-plugin/tree/master/src/main/java/org/csanchez/jenkins/plugins/kubernetes/volumes
|
||||
volumes:
|
||||
# - type: Secret
|
||||
# secretName: mysecret
|
||||
# mountPath: /var/myapp/mysecret
|
||||
NodeSelector: {}
|
||||
# Key Value selectors. Ex:
|
||||
# jenkins-agent: v1
|
||||
|
||||
Persistence:
|
||||
Enabled: false
|
||||
## A manually managed Persistent Volume and Claim
|
||||
## Requires Persistence.Enabled: true
|
||||
## If defined, PVC must be created manually before volume will be bound
|
||||
# ExistingClaim:
|
||||
|
||||
## jenkins data Persistent Volume Storage Class
|
||||
## If defined, storageClassName: <storageClass>
|
||||
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
||||
## If undefined (the default) or set to null, no storageClassName spec is
|
||||
## set, choosing the default provisioner. (gp2 on AWS, standard on
|
||||
## GKE, AWS & OpenStack)
|
||||
##
|
||||
# StorageClass: "-"
|
||||
|
||||
Annotations: {}
|
||||
AccessMode: ReadWriteOnce
|
||||
Size: 8Gi
|
||||
volumes:
|
||||
# - name: nothing
|
||||
# emptyDir: {}
|
||||
mounts:
|
||||
# - mountPath: /var/nothing
|
||||
# name: nothing
|
||||
# readOnly: true
|
||||
|
||||
NetworkPolicy:
|
||||
# Enable creation of NetworkPolicy resources.
|
||||
Enabled: false
|
||||
# For Kubernetes v1.4, v1.5 and v1.6, use 'extensions/v1beta1'
|
||||
# For Kubernetes v1.7, use 'networking.k8s.io/v1'
|
||||
ApiVersion: extensions/v1beta1
|
||||
|
||||
## Install Default RBAC roles and bindings
|
||||
rbac:
|
||||
install: false
|
||||
serviceAccountName: default
|
||||
# RBAC api version (currently either v1beta1 or v1alpha1)
|
||||
apiVersion: v1beta1
|
||||
# Cluster role reference
|
||||
roleRef: cluster-admin
|
@ -1,10 +1,8 @@
|
||||
name: jenkins
|
||||
name: molgenis-jenkins
|
||||
home: https://jenkins.io/
|
||||
version: 0.2.0
|
||||
version: 0.2.1
|
||||
appVersion: 2.107
|
||||
description: Open source continuous integration server. It supports multiple SCM tools
|
||||
including CVS, Subversion and Git. It can execute Apache Ant and Apache Maven-based
|
||||
projects as well as arbitrary scripts.
|
||||
description: Molgenis installation for the jenkins chart.
|
||||
sources:
|
||||
- https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm.git
|
||||
icon: https://git.webhosting.rug.nl/molgenis/molgenis-ops-docker-helm/raw/master/jenkins/catalogIcon-molgenis-jenkins.svg
|
@ -1,4 +1,4 @@
|
||||
# Jenkins Helm Chart
|
||||
# Molgenis Jenkins Helm Chart
|
||||
|
||||
Jenkins master and slave cluster utilizing the Jenkins Kubernetes plugin
|
||||
|
||||
@ -23,8 +23,9 @@ The following tables list the configurable parameters of the Jenkins chart and t
|
||||
You can paste these values into the Rancher Answers if you like.
|
||||
Array values can be added as {value, value, value}, e.g.
|
||||
```
|
||||
Master.InstallPlugins={kubernetes:1.8.4, workflow-aggregator:2.5, workflow-job:2.21, credentials-binding:1.16, git:3.9.1}
|
||||
jenkins.Master.InstallPlugins={kubernetes:1.8.4, workflow-aggregator:2.5, workflow-job:2.21, credentials-binding:1.16, git:3.9.1}
|
||||
```
|
||||
> Because we use jenkins as a sub-chart, you should prefix all values with `jenkins`!
|
||||
|
||||
### Jenkins Master
|
||||
| Parameter | Description | Default |
|
BIN
molgenis-jenkins/charts/jenkins-0.16.4.tgz
Normal file
BIN
molgenis-jenkins/charts/jenkins-0.16.4.tgz
Normal file
Binary file not shown.
6
molgenis-jenkins/requirements.lock
Normal file
6
molgenis-jenkins/requirements.lock
Normal file
@ -0,0 +1,6 @@
|
||||
dependencies:
|
||||
- name: jenkins
|
||||
repository: https://kubernetes-charts.storage.googleapis.com/
|
||||
version: 0.16.4
|
||||
digest: sha256:39f694515489598fa545c9a5a4f1347749e8f2a8d7fae6ccae3e2acae1564685
|
||||
generated: 2018-06-27T14:36:23.172954738+02:00
|
4
molgenis-jenkins/requirements.yaml
Normal file
4
molgenis-jenkins/requirements.yaml
Normal file
@ -0,0 +1,4 @@
|
||||
dependencies:
|
||||
- name: jenkins
|
||||
version: ^0.16
|
||||
repository: https://kubernetes-charts.storage.googleapis.com/
|
0
molgenis-jenkins/templates/config.tpl
Normal file
0
molgenis-jenkins/templates/config.tpl
Normal file
72
molgenis-jenkins/values.yaml
Normal file
72
molgenis-jenkins/values.yaml
Normal file
@ -0,0 +1,72 @@
|
||||
jenkins:
|
||||
Master:
|
||||
HostName: jenkins.molgenis.org
|
||||
ServiceType: ClusterIP
|
||||
InstallPlugins:
|
||||
- kubernetes:1.8.4
|
||||
- workflow-aggregator:2.5
|
||||
- workflow-job:2.21
|
||||
- credentials-binding:1.16
|
||||
- git:3.9.1
|
||||
Jobs: |-
|
||||
molgenis: |-
|
||||
<?xml version='1.1' encoding='UTF-8'?>
|
||||
<org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject plugin="workflow-multibranch@2.19">
|
||||
<actions/>
|
||||
<description></description>
|
||||
<properties>
|
||||
<org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig plugin="pipeline-model-definition@1.3">
|
||||
<dockerLabel></dockerLabel>
|
||||
<registry plugin="docker-commons@1.13"/>
|
||||
</org.jenkinsci.plugins.pipeline.modeldefinition.config.FolderConfig>
|
||||
</properties>
|
||||
<folderViews class="jenkins.branch.MultiBranchProjectViewHolder" plugin="branch-api@2.0.20">
|
||||
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
||||
</folderViews>
|
||||
<healthMetrics>
|
||||
<com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric plugin="cloudbees-folder@6.5.1">
|
||||
<nonRecursive>false</nonRecursive>
|
||||
</com.cloudbees.hudson.plugins.folder.health.WorstChildHealthMetric>
|
||||
</healthMetrics>
|
||||
<icon class="jenkins.branch.MetadataActionFolderIcon" plugin="branch-api@2.0.20">
|
||||
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
||||
</icon>
|
||||
<orphanedItemStrategy class="com.cloudbees.hudson.plugins.folder.computed.DefaultOrphanedItemStrategy" plugin="cloudbees-folder@6.5.1">
|
||||
<pruneDeadBranches>true</pruneDeadBranches>
|
||||
<daysToKeep>-1</daysToKeep>
|
||||
<numToKeep>-1</numToKeep>
|
||||
</orphanedItemStrategy>
|
||||
<triggers/>
|
||||
<disabled>false</disabled>
|
||||
<sources class="jenkins.branch.MultiBranchProject$BranchSourceList" plugin="branch-api@2.0.20">
|
||||
<data>
|
||||
<jenkins.branch.BranchSource>
|
||||
<source class="jenkins.plugins.git.GitSCMSource" plugin="git@3.9.1">
|
||||
<id>a1f535cd-ab83-4d42-8993-0c3e59cf139f</id>
|
||||
<remote>http://github.com/molgenis/molgenis.git</remote>
|
||||
<credentialsId></credentialsId>
|
||||
<traits>
|
||||
<jenkins.plugins.git.traits.BranchDiscoveryTrait/>
|
||||
</traits>
|
||||
</source>
|
||||
<strategy class="jenkins.branch.DefaultBranchPropertyStrategy">
|
||||
<properties class="empty-list"/>
|
||||
</strategy>
|
||||
</jenkins.branch.BranchSource>
|
||||
</data>
|
||||
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
||||
</sources>
|
||||
<factory class="org.jenkinsci.plugins.workflow.multibranch.WorkflowBranchProjectFactory">
|
||||
<owner class="org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject" reference="../.."/>
|
||||
<scriptPath>Jenkinsfile</scriptPath>
|
||||
</factory>
|
||||
</org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject>
|
||||
# Kubernetes secret that contains a 'credentials.xml' for Jenkins
|
||||
# CredentialsXmlSecret: jenkins-credentials
|
||||
# Kubernetes secret that contains files to be put in the Jenkins 'secrets' directory,
|
||||
# useful to manage encryption keys used for credentials.xml for instance (such as
|
||||
# master.key and hudson.util.Secret)
|
||||
# SecretsFilesSecret: jenkins-secrets
|
||||
CustomConfigMap: false
|
||||
rbac:
|
||||
install: true
|
@ -19,6 +19,10 @@ spec:
|
||||
app: {{ .Values.nexus.name }}
|
||||
creationTimestamp: null
|
||||
spec:
|
||||
volumes:
|
||||
- name: molgenis-nexus-data
|
||||
persistentVolumeClaim:
|
||||
claimName: molgenis-nexus-data
|
||||
restartPolicy: {{ .Values.nexus.restartPolicy }}
|
||||
containers:
|
||||
- name: {{ .Values.nexus.name }}
|
||||
@ -27,3 +31,7 @@ spec:
|
||||
ports:
|
||||
- containerPort: {{ .Values.nexus.port.ui }}
|
||||
- containerPort: {{ .Values.nexus.port.docker }}
|
||||
volumeMounts:
|
||||
- name: molgenis-nexus-data
|
||||
mountPath: "/nexus-data"
|
||||
|
||||
|
@ -7,10 +7,10 @@ metadata:
|
||||
spec:
|
||||
storageClassName: nfs-class
|
||||
capacity:
|
||||
storage: 5Gi
|
||||
storage: 50Gi
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
persistentVolumeReclaimPolicy: Retain
|
||||
nfs:
|
||||
server: 192.168.64.10
|
||||
path: /home/gcc/molgenis-nexus-data
|
||||
server: 192.168.64.12
|
||||
path: /gcc/molgenis/nexus-data
|
||||
|
@ -8,4 +8,4 @@ spec:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 5Gi
|
||||
storage: 50Gi
|
Loading…
Reference in New Issue
Block a user