P129679
/
molgenis-ops-docker-helm
1
0
Fork 0
Code Releases Activity
molgenis-ops-docker-helm/molgenis-jenkins
History
Fleur Kelpin f8de505ed6 fix (jenkins) Fix skip verify value in vault secret 2018-08-19 23:05:53 +02:00
..
charts
templates fix (jenkins) Fix skip verify value in vault secret 2018-08-19 23:05:53 +02:00
Chart.yaml update version 2018-08-06 20:31:10 +02:00
README.md feat (jenkins): Add vault secret 2018-08-18 23:40:57 +02:00
catalogIcon-molgenis-jenkins.svg
requirements.lock
requirements.yaml
values.yaml fix (jenkins) Fix skip verify value in vault secret 2018-08-19 23:05:53 +02:00

README.md

Molgenis Jenkins Helm Chart

Jenkins master and slave cluster utilizing the Jenkins Kubernetes plugin. Wraps the kuberenetes jenkins chart, see documentation there!

Chart Details

This chart will do the following:

  • 1 x Jenkins Master with port 8080 exposed on an external ClusterIP
  • All using Kubernetes Deployments

Installing the Chart

Usually, you'll be deploying this to the molgenis cluster. In the Rancher Catalog, add the latest version of this repository. In the molgenis cluster management page, choose the catalog, pick the molgenis-jenkins app from the catalog and deploy it.

Configuration

When deploying, you can paste values into the Rancher Answers to override the defaults in this chart. Array values can be added as {value, value, value}.

jenkins.Master.HostName=jenkins.molgenis.org
jenkins.Master.AdminPassword=pa$$word
jenkins.Persistence.Enabled=false
jenkins.Master.InstallPlugins={kubernetes:1.8.4, workflow-aggregator:2.5, workflow-job:2.21, credentials-binding:1.16, git:3.9.1, blueocean:1.6.2, github-oauth:0.29}
jenkins.Master.Security.UseGitHub=false
## if UseGitHub=true
jenkins.Master.Security.GitHub.ClientID=id
jenkins.Master.Security.GitHub.ClientSecret=S3cr3t
## end UseGitHub=true
PipelineSecrets.Env.PGPPassphrase=literal:S3cr3t

You can use all configuration values of the jenkins subchart.

Because we use jenkins as a sub-chart, you should prefix all value keys with jenkins!

GitHub Authentication delegation

You need to setup a MOLGENIS - Jenkins GitHub OAuth App. You can do this by accessing this url: add new OAuth app.

Additional configuration

There is one additional group of configuration items specific for this chart, so not prefixed with jenkins:

  • PipelineSecrets

    When deployed, the chart creates a couple of kubernetes secrets that get used by jenkins and mounted in the jenkins build pods. The secrets, like the rest of the deployment, is namespaced so multiple instances can run beside each other with their own secrets.

    You can override the values at deploy time but otherwise also configure them in Rancher or through kubectl.

  • Vault

    New vault token to be used by the pods to retrieve their tokens from the vault.

    Parameter Description Default
    PipelineSecrets.Vault.Replace Replace the molgenis-pipeline-vault secret true
    PipelineSecrets.Vault.Token Token to log into the hashicorp vault xxxx
    PipelineSecrets.Vault.Addr Address of the vault https:vault-operator.vault-operator.svc:8200
    PipelineSecrets.Vault.skipVerify Skip verification of the https connection 1

  • Env

    Environment variables stored in molgenis-pipeline-env secret, to be added as environment variables in the slave pods.

    Parameter Description Default
    PipelineSecrets.Env.Replace Replace molgenis-pipeline-env secret true
    PipelineSecrets.Env.PGPPassphrase passphrase for the pgp signing key literal:xxxx
    PipelineSecrets.Env.CodecovToken token for codecov.io xxxx
    PipelineSecrets.Env.GitHubToken token for GH molgenis-jenkins user xxxx
    PipelineSecrets.Env.NexusPassword token for molgenis-jenkins user in NEXUS xxxx
    PipelineSecrets.Env.DockerHubPassword token for molgenis user in hub.docker.com xxxx
    PipelineSecrets.Env.SonarToken token for sonarcloud.io xxxx
    PipelineSecrets.Env.NpmToken token for npmjs.org xxxx
    PipelineSecrets.Env.SauceAccessKey token for saucelabs.com xxxx

  • File

    Environment variables stored in molgenis-pipeline-file secret, to be mounted as files in the /root/.m2 directory of the slave pods.

    The settings.xml file references the

    Parameter Description Default
    PipelineSecrets.File.Replace Replace molgenis-pipeline-file secret true
    PipelineSecrets.File.PGPPrivateKeyAsc pgp signing key in ascii form -----BEGIN PGP PRIVATE KEY BLOCK-----xxxxx-----END PGP PRIVATE KEY BLOCK-----
    PipelineSecrets.File.MavenSettingsXML Maven settings.xml file <settings>[...]</settings> (see actual values.yaml)

Command line use

Specify each parameter using the --set key=value[,key=value] argument to helm install.

Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,

$ helm install --name jenkins -f values.yaml molgenis-jenkins

Tip: You can use the default values.yaml