From d9b1c09cd3c06b0330e4988f13d98a612e1cd663 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Lino?= Date: Wed, 15 Apr 2020 17:24:17 +0100 Subject: [PATCH] Add test repo job. Add docker agent. --- values-default.yaml | 628 ++++++++++++++++++++++++++++++++++++++++++++ values.yaml | 72 ++++- 2 files changed, 696 insertions(+), 4 deletions(-) create mode 100644 values-default.yaml diff --git a/values-default.yaml b/values-default.yaml new file mode 100644 index 0000000..cd56ce1 --- /dev/null +++ b/values-default.yaml @@ -0,0 +1,628 @@ +# Default values for jenkins. +# This is a YAML-formatted file. +# Declare name/value pairs to be passed into your templates. +# name: value + +## Overrides for generated resource names +# See templates/_helpers.tpl +# nameOverride: +# fullnameOverride: +# namespaceOverride: + +# For FQDN resolving of the master service. Change this value to match your existing configuration. +# ref: https://github.com/kubernetes/dns/blob/master/docs/specification.md +clusterZone: "cluster.local" + +master: + httpsKeyStore: + jenkinsHttpsJksSecretName: '' + enable: false + httpPort: 8081 + path: "/var/jenkins_keystore" + fileName: "keystore.jks" + password: "password" + # Convert keystore.jks files content to base64 ( cat keystore.jks | base64 ) and put the output here + jenkinsKeyStoreBase64Encoded: | + /u3+7QAAAAIAAAABAAAAAQANamVua2luc2NpLmNvbQAAAW2r/b1ZAAAFATCCBP0wDgYKKwYBBAEq + AhEBAQUABIIE6QbCqasvoHS0pSwYqSvdydMCB9t+VNfwhFIiiuAelJfO5sSe2SebJbtwHgLcRz1Z + gMtWgOSFdl3bWSzA7vrW2LED52h+jXLYSWvZzuDuh8hYO85m10ikF6QR+dTi4jra0whIFDvq3pxe + TnESxEsN+DvbZM3jA3qsjQJSeISNpDjO099dqQvHpnCn18lyk7J4TWJ8sOQQb1EM2zDAfAOSqA/x + QuPEFl74DlY+5DIk6EBvpmWhaMSvXzWZACGA0sYqa157dq7O0AqmuLG/EI5EkHETO4CrtBW+yLcy + 2dUCXOMA+j+NjM1BjrQkYE5vtSfNO6lFZcISyKo5pTFlcA7ut0Fx2nZ8GhHTn32CpeWwNcZBn1gR + pZVt6DxVVkhTAkMLhR4rL2wGIi/1WRs23ZOLGKtyDNvDHnQyDiQEoJGy9nAthA8aNHa3cfdF10vB + Drb19vtpFHmpvKEEhpk2EBRF4fTi644Fuhu2Ied6118AlaPvEea+n6G4vBz+8RWuVCmZjLU+7h8l + Hy3/WdUPoIL5eW7Kz+hS+sRTFzfu9C48dMkQH3a6f3wSY+mufizNF9U298r98TnYy+PfDJK0bstG + Ph6yPWx8DGXKQBwrhWJWXI6JwZDeC5Ny+l8p1SypTmAjpIaSW3ge+KgcL6Wtt1R5hUV1ajVwVSUi + HF/FachKqPqyLJFZTGjNrxnmNYpt8P1d5JTvJfmfr55Su/P9n7kcyWp7zMcb2Q5nlXt4tWogOHLI + OzEWKCacbFfVHE+PpdrcvCVZMDzFogIq5EqGTOZe2poPpBVE+1y9mf5+TXBegy5HToLWvmfmJNTO + NCDuBjgLs2tdw2yMPm4YEr57PnMX5gGTC3f2ZihXCIJDCRCdQ9sVBOjIQbOCzxFXkVITo0BAZhCi + Yz61wt3Ud8e//zhXWCkCsSV+IZCxxPzhEFd+RFVjW0Nm9hsb2FgAhkXCjsGROgoleYgaZJWvQaAg + UyBzMmKDPKTllBHyE3Gy1ehBNGPgEBChf17/9M+j8pcm1OmlM434ctWQ4qW7RU56//yq1soFY0Te + fu2ei03a6m68fYuW6s7XEEK58QisJWRAvEbpwu/eyqfs7PsQ+zSgJHyk2rO95IxdMtEESb2GRuoi + Bs+AHNdYFTAi+GBWw9dvEgqQ0Mpv0//6bBE/Fb4d7b7f56uUNnnE7mFnjGmGQN+MvC62pfwfvJTT + EkT1iZ9kjM9FprTFWXT4UmO3XTvesGeE50sV9YPm71X4DCQwc4KE8vyuwj0s6oMNAUACW2ClU9QQ + y0tRpaF1tzs4N42Q5zl0TzWxbCCjAtC3u6xf+c8MCGrr7DzNhm42LOQiHTa4MwX4x96q7235oiAU + iQqSI/hyF5yLpWw4etyUvsx2/0/0wkuTU1FozbLoCWJEWcPS7QadMrRRISxHf0YobIeQyz34regl + t1qSQ3dCU9D6AHLgX6kqllx4X0fnFq7LtfN7fA2itW26v+kAT2QFZ3qZhINGfofCja/pITC1uNAZ + gsJaTMcQ600krj/ynoxnjT+n1gmeqThac6/Mi3YlVeRtaxI2InL82ZuD+w/dfY9OpPssQjy3xiQa + jPuaMWXRxz/sS9syOoGVH7XBwKrWpQcpchozWJt40QV5DslJkclcr8aC2AGlzuJMTdEgz1eqV0+H + bAXG9HRHN/0eJTn1/QAAAAEABVguNTA5AAADjzCCA4swggJzAhRGqVxH4HTLYPGO4rzHcCPeGDKn + xTANBgkqhkiG9w0BAQsFADCBgTELMAkGA1UEBhMCY2ExEDAOBgNVBAgMB29udGFyaW8xEDAOBgNV + BAcMB3Rvcm9udG8xFDASBgNVBAoMC2plbmtpbnN0ZXN0MRkwFwYDVQQDDBBqZW5raW5zdGVzdC5p + bmZvMR0wGwYJKoZIhvcNAQkBFg50ZXN0QHRlc3QuaW5mbzAeFw0xOTEwMDgxNTI5NTVaFw0xOTEx + MDcxNTI5NTVaMIGBMQswCQYDVQQGEwJjYTEQMA4GA1UECAwHb250YXJpbzEQMA4GA1UEBwwHdG9y + b250bzEUMBIGA1UECgwLamVua2luc3Rlc3QxGTAXBgNVBAMMEGplbmtpbnN0ZXN0LmluZm8xHTAb + BgkqhkiG9w0BCQEWDnRlc3RAdGVzdC5pbmZvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC + AQEA02q352JTHGvROMBhSHvSv+vnoOTDKSTz2aLQn0tYrIRqRo+8bfmMjXuhkwZPSnCpvUGNAJ+w + Jrt/dqMoYUjCBkjylD/qHmnXN5EwS1cMg1Djh65gi5JJLFJ7eNcoSsr/0AJ+TweIal1jJSP3t3PF + 9Uv21gm6xdm7HnNK66WpUUXLDTKaIs/jtagVY1bLOo9oEVeLN4nT2CYWztpMvdCyEDUzgEdDbmrP + F5nKUPK5hrFqo1Dc5rUI4ZshL3Lpv398aMxv6n2adQvuL++URMEbXXBhxOrT6rCtYzbcR5fkwS9i + d3Br45CoWOQro02JAepoU0MQKY5+xQ4Bq9Q7tB9BAwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAe + 4xc+mSvKkrKBHg9/zpkWgZUiOp4ENJCi8H4tea/PCM439v6y/kfjT/okOokFvX8N5aa1OSz2Vsrl + m8kjIc6hiA7bKzT6lb0EyjUShFFZ5jmGVP4S7/hviDvgB5yEQxOPpumkdRP513YnEGj/o9Pazi5h + /MwpRxxazoda9r45kqQpyG+XoM4pB+Fd3JzMc4FUGxfVPxJU4jLawnJJiZ3vqiSyaB0YyUL+Er1Q + 6NnqtR4gEBF0ZVlQmkycFvD4EC2boP943dLqNUvop+4R3SM1QMM6P5u8iTXtHd/VN4MwMyy1wtog + hYAzODo1Jt59pcqqKJEas0C/lFJEB3frw4ImNx5fNlJYOpx+ijfQs9m39CevDq0= + # Used for label app.kubernetes.io/component + componentName: "jenkins-master" + image: "jenkins/jenkins" + tag: "lts" + imagePullPolicy: "Always" + imagePullSecretName: + # Optionally configure lifetime for master-container + lifecycle: + # postStart: + # exec: + # command: + # - "uname" + # - "-a" + numExecutors: 0 + customJenkinsLabels: [] + # configAutoReload requires UseSecurity is set to true: + useSecurity: true + + # enables configuration done directly via XML files + # People who want to configure Jenkins via https://github.com/jenkinsci/configuration-as-code-plugin only can set it to false + enableXmlConfig: true + # Allows to configure different SecurityRealm using Jenkins XML + securityRealm: |- + + # Allows to configure different AuthorizationStrategy using Jenkins XML + authorizationStrategy: |- + + true + + hostNetworking: false + # When enabling LDAP or another non-Jenkins identity source, the built-in admin account will no longer exist. + # If you disable the non-Jenkins identity store and instead use the Jenkins internal one, + # you should revert master.adminUser to your preferred admin user: + adminUser: "admin" + # adminPassword: + # This values should not be changed unless you use your custom image of jenkins or any devired from. If you want to use + # Cloudbees Jenkins Distribution docker, you should set jenkinsHome: "/var/cloudbees-jenkins-distribution" + jenkinsHome: "/var/jenkins_home" + # This values should not be changed unless you use your custom image of jenkins or any devired from. If you want to use + # Cloudbees Jenkins Distribution docker, you should set jenkinsRef: "/usr/share/cloudbees-jenkins-distribution/ref" + jenkinsRef: "/usr/share/jenkins/ref" + rollingUpdate: {} + # Ignored if Persistence is enabled + # maxSurge: 1 + # maxUnavailable: 25% + resources: + requests: + cpu: "50m" + memory: "256Mi" + limits: + cpu: "2000m" + memory: "4096Mi" + # Environment variables that get added to the init container (useful for e.g. http_proxy) + # initContainerEnv: + # - name: http_proxy + # value: "http://192.168.64.1:3128" + # containerEnv: + # - name: http_proxy + # value: "http://192.168.64.1:3128" + # Set min/max heap here if needed with: + # javaOpts: "-Xms512m -Xmx512m" + # jenkinsOpts: "" + # jenkinsUrl: "" + # If you set this prefix and use ingress controller then you might want to set the ingress path below + # jenkinsUriPrefix: "/jenkins" + # Enable pod security context (must be `true` if runAsUser or fsGroup are set) + usePodSecurityContext: true + # Set runAsUser to 1000 to let Jenkins run as non-root user 'jenkins' which exists in 'jenkins/jenkins' docker image. + # When setting runAsUser to a different value than 0 also set fsGroup to the same value: + # runAsUser: + # fsGroup: + servicePort: 8080 + targetPort: 8080 + # For minikube, set this to NodePort, elsewhere use LoadBalancer + # Use ClusterIP if your setup includes ingress controller + serviceType: ClusterIP + # Jenkins master service annotations + serviceAnnotations: {} + # Jenkins master custom labels + deploymentLabels: {} + # foo: bar + # bar: foo + # Jenkins master service labels + serviceLabels: {} + # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: https + # Put labels on Jenkins master pod + podLabels: {} + # Used to create Ingress record (should used with ServiceType: ClusterIP) + # nodePort: + # -Dcom.sun.management.jmxremote.port=4000 + # -Dcom.sun.management.jmxremote.authenticate=false + # -Dcom.sun.management.jmxremote.ssl=false + # jmxPort: 4000 + # Optionally configure other ports to expose in the master container + extraPorts: [] + # - name: BuildInfoProxy + # port: 9000 + + # List of plugins to be install during Jenkins master start + installPlugins: + - kubernetes:1.25.1 + - workflow-job:2.36 + - workflow-aggregator:2.6 + - credentials-binding:1.21 + - git:4.2.0 + + # Enable to always override the installed plugins with the values of 'master.installPlugins' on upgrade or redeployment. + # overwritePlugins: true + # Enable HTML parsing using OWASP Markup Formatter Plugin (antisamy-markup-formatter), useful with ghprb plugin. + # The plugin is not installed by default, please update master.installPlugins. + enableRawHtmlMarkupFormatter: false + # Used to approve a list of groovy functions in pipelines used the script-security plugin. Can be viewed under /scriptApproval + scriptApproval: [] + # - "method groovy.json.JsonSlurperClassic parseText java.lang.String" + # - "new groovy.json.JsonSlurperClassic" + # List of groovy init scripts to be executed during Jenkins master start + initScripts: [] + # - | + # print 'adding global pipeline libraries, register properties, bootstrap jobs...' + # Kubernetes secret that contains a 'credentials.xml' for Jenkins + # credentialsXmlSecret: jenkins-credentials + # Kubernetes secret that contains files to be put in the Jenkins 'secrets' directory, + # useful to manage encryption keys used for credentials.xml for instance (such as + # master.key and hudson.util.Secret) + # secretsFilesSecret: jenkins-secrets + # Jenkins XML job configs to provision + jobs: {} + # test: |- + # <> + + # Below is the implementation of Jenkins Configuration as Code. Add a key under configScripts for each configuration area, + # where each corresponds to a plugin or section of the UI. Each key (prior to | character) is just a label, and can be any value. + # Keys are only used to give the section a meaningful name. The only restriction is they may only contain RFC 1123 \ DNS label + # characters: lowercase letters, numbers, and hyphens. The keys become the name of a configuration yaml file on the master in + # /var/jenkins_home/casc_configs (by default) and will be processed by the Configuration as Code Plugin. The lines after each | + # become the content of the configuration yaml file. The first line after this is a JCasC root element, eg jenkins, credentials, + # etc. Best reference is https:///configuration-as-code/reference. The example below creates a welcome message: + JCasC: + enabled: false + defaultConfig: false + pluginVersion: "1.36" + configScripts: {} + # welcome-message: | + # jenkins: + # systemMessage: Welcome to our CI\CD server. This Jenkins is configured and managed 'as code'. + # Optionally specify additional init-containers + customInitContainers: [] + # - name: custom-init + # image: "alpine:3.7" + # imagePullPolicy: Always + # command: [ "uname", "-a" ] + + sidecars: + configAutoReload: + # If enabled: true, Jenkins Configuration as Code will be reloaded on-the-fly without a reboot. If false or not-specified, + # jcasc changes will cause a reboot and will only be applied at the subsequent start-up. Auto-reload uses the + # http:///reload-configuration-as-code endpoint to reapply config when changes to the configScripts are detected. + enabled: false + image: kiwigrid/k8s-sidecar:0.1.20 + imagePullPolicy: IfNotPresent + resources: {} + # limits: + # cpu: 100m + # memory: 100Mi + # requests: + # cpu: 50m + # memory: 50Mi + # folder in the pod that should hold the collected dashboards: + folder: "/var/jenkins_home/casc_configs" + # If specified, the sidecar will search for JCasC config-maps inside this namespace. + # Otherwise the namespace in which the sidecar is running will be used. + # It's also possible to specify ALL to search in all namespaces: + # searchNamespace: + + # Allows you to inject additional/other sidecars + other: [] + ## The example below runs the client for https://smee.io as sidecar container next to Jenkins, + ## that allows to trigger build behind a secure firewall. + ## https://jenkins.io/blog/2019/01/07/webhook-firewalls/#triggering-builds-with-webhooks-behind-a-secure-firewall + ## + ## Note: To use it you should go to https://smee.io/new and update the url to the generete one. + # - name: smee + # image: docker.io/twalter/smee-client:1.0.2 + # args: ["--port", "{{ .Values.master.servicePort }}", "--path", "/github-webhook/", "--url", "https://smee.io/new"] + # resources: + # limits: + # cpu: 50m + # memory: 128Mi + # requests: + # cpu: 10m + # memory: 32Mi + # Node labels and tolerations for pod assignment + # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector + # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature + nodeSelector: {} + + terminationGracePeriodSeconds: + + tolerations: [] + # Leverage a priorityClass to ensure your pods survive resource shortages + # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ + # priorityClass: system-cluster-critical + podAnnotations: {} + # Add deployment annotation + deploymentAnnotations: {} + + # The below two configuration-related values are deprecated and replaced by Jenkins Configuration as Code (see above + # JCasC key). They will be deleted in an upcoming version. + customConfigMap: false + # By default, the configMap is only used to set the initial config the first time + # that the chart is installed. Setting `overwriteConfig` to `true` will overwrite + # the jenkins config with the contents of the configMap every time the pod starts. + # This will also overwrite all init scripts + overwriteConfig: false + + # By default, the Jobs Map is only used to set the initial jobs the first time + # that the chart is installed. Setting `overwriteJobs` to `true` will overwrite + # the jenkins jobs configuration with the contents of Jobs every time the pod starts. + overwriteJobs: false + + ingress: + enabled: false + # For Kubernetes v1.14+, use 'networking.k8s.io/v1beta1' + apiVersion: "extensions/v1beta1" + labels: {} + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + # Set this path to jenkinsUriPrefix above or use annotations to rewrite path + # path: "/jenkins" + # configures the hostname e.g. jenkins.example.com + hostName: + tls: + # - secretName: jenkins.cluster.local + # hosts: + # - jenkins.cluster.local + + # If you're running on GKE and need to configure a backendconfig + # to finish ingress setup, use the following values. + # Docs: https://cloud.google.com/kubernetes-engine/docs/concepts/backendconfig + backendconfig: + enabled: false + apiVersion: "extensions/v1beta1" + name: + labels: {} + annotations: {} + spec: {} + + # Openshift route + route: + enabled: false + labels: {} + annotations: {} + # path: "/jenkins" + + additionalConfig: {} + + # master.hostAliases allows for adding entries to Pod /etc/hosts: + # https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ + hostAliases: [] + # - ip: 192.168.50.50 + # hostnames: + # - something.local + # - ip: 10.0.50.50 + # hostnames: + # - other.local + + # Expose Prometheus metrics + prometheus: + # If enabled, add the prometheus plugin to the list of plugins to install + # https://plugins.jenkins.io/prometheus + enabled: false + # Additional labels to add to the ServiceMonitor object + serviceMonitorAdditionalLabels: {} + # Set a custom namespace where to deploy ServiceMonitor resource + # serviceMonitorNamespace: monitoring + scrapeInterval: 60s + # This is the default endpoint used by the prometheus plugin + scrapeEndpoint: /prometheus + # Additional labels to add to the PrometheusRule object + alertingRulesAdditionalLabels: {} + # An array of prometheus alerting rules + # See here: https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/ + # The `groups` root object is added by default, simply add the rule entries + alertingrules: [] + + # Can be used to disable rendering master test resources when using helm template + testEnabled: true + +agent: + enabled: true + image: "jenkins/jnlp-slave" + tag: "3.27-1" + customJenkinsLabels: [] + # name of the secret to be used for image pulling + imagePullSecretName: + componentName: "jenkins-slave" + privileged: false + resources: + requests: + cpu: "512m" + memory: "512Mi" + limits: + cpu: "512m" + memory: "512Mi" + # You may want to change this to true while testing a new image + alwaysPullImage: false + # Controls how agent pods are retained after the Jenkins build completes + # Possible values: Always, Never, OnFailure + podRetention: "Never" + # You can define the volumes that you want to mount for this container + # Allowed types are: ConfigMap, EmptyDir, HostPath, Nfs, Pod, Secret + # Configure the attributes as they appear in the corresponding Java class for that type + # https://github.com/jenkinsci/kubernetes-plugin/tree/master/src/main/java/org/csanchez/jenkins/plugins/kubernetes/volumes + # Pod-wide ennvironment, these vars are visible to any container in the agent pod + envVars: [] + # - name: PATH + # value: /usr/local/bin + volumes: [] + # - type: Secret + # secretName: mysecret + # mountPath: /var/myapp/mysecret + # - type: EmptyDir + # mountPath: "/var/lib/containers" + # memory: false + nodeSelector: {} + # Key Value selectors. Ex: + # jenkins-agent: v1 + + # Executed command when side container gets started + command: + args: "${computer.jnlpmac} ${computer.name}" + # Side container name + sideContainerName: "jnlp" + # Doesn't allocate pseudo TTY by default + TTYEnabled: false + # Max number of spawned agent + containerCap: 10 + # Pod name + podName: "default" + # Allows the Pod to remain active for reuse until the configured number of + # minutes has passed since the last step was executed on it. + idleMinutes: 0 + # Raw yaml template for the Pod. For example this allows usage of toleration for agent pods. + # https://github.com/jenkinsci/kubernetes-plugin#using-yaml-to-define-pod-templates + # https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + yamlTemplate: "" + # yamlTemplate: |- + # apiVersion: v1 + # kind: Pod + # spec: + # tolerations: + # - key: "key" + # operator: "Equal" + # value: "value" + # Timeout in seconds for an agent to be online + slaveConnectTimeout: 100 + + # Below is the implementation of custom pod templates for the default configured kubernetes cloud. + # Add a key under podTemplates for each pod template. Each key (prior to | character) is just a label, and can be any value. + # Keys are only used to give the pod template a meaningful name. The only restriction is they may only contain RFC 1123 \ DNS label + # characters: lowercase letters, numbers, and hyphens. Each pod template can contain multiple containers. + # For this pod templates configuration to be loaded the following values must be set: + # master.JCasC.enabled: true + # master.JCasC.defaultConfig: true + # Best reference is https:///configuration-as-code/reference#Cloud-kubernetes. The example below creates a python pod template. + podTemplates: {} + # python: | + # - name: python + # label: jenkins-python + # serviceAccount: jenkins + # containers: + # - name: python + # image: python:3 + # command: "/bin/sh -c" + # args: "cat" + # ttyEnabled: true + # privileged: true + # resourceRequestCpu: "400m" + # resourceRequestMemory: "512Mi" + # resourceLimitCpu: "1" + # resourceLimitMemory: "1024Mi" + +# Here you can add additional agents +# They inherit all values from `agent` so you only need to specify values which differ +additionalAgents: {} +# maven: +# podName: maven +# customJenkinsLabels: maven +# # An example of overriding the jnlp container +# # sideContainerName: jnlp +# image: jenkins/jnlp-agent-maven +# tag: latest +# python: +# podName: python +# customJenkinsLabels: python +# sideContainerName: python +# image: python +# tag: "3" +# command: "/bin/sh -c" +# args: "cat" +# TTYEnabled: true + +persistence: + enabled: true + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + existingClaim: + ## jenkins data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + storageClass: + annotations: {} + accessMode: "ReadWriteOnce" + size: "8Gi" + volumes: + # - name: nothing + # emptyDir: {} + mounts: + # - mountPath: /var/nothing + # name: nothing + # readOnly: true + +networkPolicy: + # Enable creation of NetworkPolicy resources. + enabled: false + # For Kubernetes v1.4, v1.5 and v1.6, use 'extensions/v1beta1' + # For Kubernetes v1.7, use 'networking.k8s.io/v1' + apiVersion: networking.k8s.io/v1 + # You can allow agents to connect from both within the cluster (from within specific/all namespaces) AND/OR from a given external IP range + internalAgents: + allowed: true + namespaceLabels: {} + # project: myproject + externalAgents: {} + # ipCIDR: 172.17.0.0/16 + # except: + # - 172.17.1.0/24 + +## Install Default RBAC roles and bindings +rbac: + create: true + readSecrets: false + +serviceAccount: + create: true + # The name of the service account is autogenerated by default + name: + annotations: {} + +serviceAccountAgent: + # Specifies whether a ServiceAccount should be created + create: false + # The name of the ServiceAccount to use. + # If not set and create is true, a name is generated using the fullname template + name: + annotations: {} + +## Backup cronjob configuration +## Ref: https://github.com/maorfr/kube-tasks +backup: + # Backup must use RBAC + # So by enabling backup you are enabling RBAC specific for backup + enabled: false + # Used for label app.kubernetes.io/component + componentName: "backup" + # Schedule to run jobs. Must be in cron time format + # Ref: https://crontab.guru/ + schedule: "0 2 * * *" + labels: {} + annotations: {} + # Example for authorization to AWS S3 using kube2iam + # Can also be done using environment variables + # iam.amazonaws.com/role: "jenkins" + image: + repository: "maorfr/kube-tasks" + tag: "0.2.0" + # Additional arguments for kube-tasks + # Ref: https://github.com/maorfr/kube-tasks#simple-backup + extraArgs: [] + # Add existingSecret for AWS credentials + existingSecret: {} + ## Example for using an existing secret + # jenkinsaws: + ## Use this key for AWS access key ID + # awsaccesskey: jenkins_aws_access_key + ## Use this key for AWS secret access key + # awssecretkey: jenkins_aws_secret_key + # Add additional environment variables + # jenkinsgcp: + ## Use this key for GCP credentials + # gcpcredentials: credentials.json + env: [] + # Example environment variable required for AWS credentials chain + # - name: "AWS_REGION" + # value: "us-east-1" + resources: + requests: + memory: 1Gi + cpu: 1 + limits: + memory: 1Gi + cpu: 1 + # Destination to store the backup artifacts + # Supported cloud storage services: AWS S3, Minio S3, Azure Blob Storage, Google Cloud Storage + # Additional support can added. Visit this repository for details + # Ref: https://github.com/maorfr/skbn + destination: "s3://jenkins-data/backup" +checkDeprecation: true diff --git a/values.yaml b/values.yaml index cd56ce1..f47739c 100644 --- a/values.yaml +++ b/values.yaml @@ -238,9 +238,70 @@ master: # master.key and hudson.util.Secret) # secretsFilesSecret: jenkins-secrets # Jenkins XML job configs to provision - jobs: {} - # test: |- - # <> + jobs: + # test: |- + # <> + demo-infra-jenkins-test: |- + + + + + demo-infra-jenkins-test + + + + + + + + + + + + + + + false + + + + + + + true + -1 + -1 + + + + * * * * * + 60000 + + + false + + + + + c689a231-de4b-41e9-8683-205cc0fd94af + https://www.joaolino.com/gitlab/demo/demo-infra-jenkins-test + + + + + + + + + + + + + + + Jenkinsfile + + # Below is the implementation of Jenkins Configuration as Code. Add a key under configScripts for each configuration area, # where each corresponds to a plugin or section of the UI. Each key (prior to | character) is just a label, and can be any value. @@ -497,7 +558,10 @@ agent: # Here you can add additional agents # They inherit all values from `agent` so you only need to specify values which differ -additionalAgents: {} +additionalAgents: + docker: + podName: docker + customJenkinsLabels: docker # maven: # podName: maven # customJenkinsLabels: maven -- 2.24.1