diff --git a/library/ix-dev/community/jenkins/Chart.lock b/library/ix-dev/community/jenkins/Chart.lock new file mode 100644 index 0000000000..0c15893a68 --- /dev/null +++ b/library/ix-dev/community/jenkins/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: file://../../../common + version: 1.0.8 +digest: sha256:254efaa1285f634b7a80b7baadeadbd20a680f7fee49d1d9d3c4618aa0d657ad +generated: "2023-06-06T16:49:32.884968988+03:00" diff --git a/library/ix-dev/community/jenkins/Chart.yaml b/library/ix-dev/community/jenkins/Chart.yaml new file mode 100644 index 0000000000..7da2818af5 --- /dev/null +++ b/library/ix-dev/community/jenkins/Chart.yaml @@ -0,0 +1,26 @@ +name: jenkins +description: Jenkins is a leading open source automation server, +annotations: + title: Jenkins +type: application +version: 1.0.0 +apiVersion: v2 +appVersion: '2.401.1' +kubeVersion: '>=1.16.0-0' +maintainers: + - name: truenas + url: https://www.truenas.com/ + email: dev@ixsystems.com +dependencies: + - name: common + repository: file://../../../common + version: 1.0.8 +home: https://www.jenkins.io/ +icon: https://camo.githubusercontent.com/1babb15d046739f64d24c9a3424dd912a88683894f6f2307a969501ad84739f8/68747470733a2f2f7777772e6a656e6b696e732e696f2f696d616765732f6a656e6b696e732d6c6f676f2d7469746c652d6461726b2e737667 +sources: + - https://hub.docker.com/r/jenkins/jenkins + - https://github.com/jenkinsci/jenkins + - https://www.jenkins.io/ +keywords: + - automation + - ci/cd diff --git a/library/ix-dev/community/jenkins/README.md b/library/ix-dev/community/jenkins/README.md new file mode 100644 index 0000000000..2a7080f913 --- /dev/null +++ b/library/ix-dev/community/jenkins/README.md @@ -0,0 +1,9 @@ +# Jenkins + +[Jenkins](https://www.jenkins.io/). The leading open source automation server, Jenkins provides hundreds of +plugins to support building, deploying and automating any project. + +> When application is installed and on each startup, a container will be launched with **root** privileges. +> This is required in order to apply the correct permissions to the `Jenkins` directories. +> Afterward, the `Jenkins` container will run as a **non**-root user (`1000`). +> All mounted storage(s) will be `chown`ed only if the parent directory does not match the user and group (`1000`). diff --git a/library/ix-dev/community/jenkins/app-readme.md b/library/ix-dev/community/jenkins/app-readme.md new file mode 100644 index 0000000000..2a7080f913 --- /dev/null +++ b/library/ix-dev/community/jenkins/app-readme.md @@ -0,0 +1,9 @@ +# Jenkins + +[Jenkins](https://www.jenkins.io/). The leading open source automation server, Jenkins provides hundreds of +plugins to support building, deploying and automating any project. + +> When application is installed and on each startup, a container will be launched with **root** privileges. +> This is required in order to apply the correct permissions to the `Jenkins` directories. +> Afterward, the `Jenkins` container will run as a **non**-root user (`1000`). +> All mounted storage(s) will be `chown`ed only if the parent directory does not match the user and group (`1000`). diff --git a/library/ix-dev/community/jenkins/charts/common-1.0.8.tgz b/library/ix-dev/community/jenkins/charts/common-1.0.8.tgz new file mode 100644 index 0000000000..5a6f455592 Binary files /dev/null and b/library/ix-dev/community/jenkins/charts/common-1.0.8.tgz differ diff --git a/library/ix-dev/community/jenkins/ci/additional-values.yaml b/library/ix-dev/community/jenkins/ci/additional-values.yaml new file mode 100644 index 0000000000..47c918bfa7 --- /dev/null +++ b/library/ix-dev/community/jenkins/ci/additional-values.yaml @@ -0,0 +1,27 @@ +jenkinsStorage: + home: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/home + additionalStorages: + - type: hostPath + hostPath: /mnt/{{ .Release.Name }}/jenkinsWorkspace1 + mountPath: /workspace1 + - type: hostPath + hostPath: /mnt/{{ .Release.Name }}/jenkinsWorkspace2 + mountPath: /workspace2 + +jenkinsConfig: + jenkinsOpts: + - useJmx + - sessionTimeout=100 + jenkinsJavaOpts: + - property: hudson.footerURL + value: https://jenkins.example.com + - property: jenkins.CLI.disabled + value: "true" + + additionalEnvs: + - name: PLUGINS_FORCE_UPGRADE + value: "true" + - name: TRY_UPGRADE_IF_NO_MARKER + value: "true" diff --git a/library/ix-dev/community/jenkins/ci/basic-values.yaml b/library/ix-dev/community/jenkins/ci/basic-values.yaml new file mode 100644 index 0000000000..f6b0632022 --- /dev/null +++ b/library/ix-dev/community/jenkins/ci/basic-values.yaml @@ -0,0 +1,4 @@ +jenkinsStorage: + home: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/home diff --git a/library/ix-dev/community/jenkins/ci/http-agent-values.yaml b/library/ix-dev/community/jenkins/ci/http-agent-values.yaml new file mode 100644 index 0000000000..0108052adb --- /dev/null +++ b/library/ix-dev/community/jenkins/ci/http-agent-values.yaml @@ -0,0 +1,8 @@ +jenkinsStorage: + home: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/home + +jenkinsNetwork: + agent: true + agentPort: 31000 diff --git a/library/ix-dev/community/jenkins/ci/https-agent-values.yaml b/library/ix-dev/community/jenkins/ci/https-agent-values.yaml new file mode 100644 index 0000000000..4ad09d902e --- /dev/null +++ b/library/ix-dev/community/jenkins/ci/https-agent-values.yaml @@ -0,0 +1,96 @@ +jenkinsStorage: + home: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/home + +jenkinsNetwork: + agent: true + agentPort: 31000 + certificateID: 1 + +ixCertificates: + "1": + certificate: | + -----BEGIN CERTIFICATE----- + MIIEdjCCA16gAwIBAgIDYFMYMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz + ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD + VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + HhcNMjEwODMwMjMyMzU0WhcNMjMxMjAzMjMyMzU0WjBuMQswCQYDVQQDDAJhZDEL + MAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxDTALBgNVBAcMBGFzZGYxDTALBgNV + BAoMBGFkc2YxDTALBgNVBAsMBGFzZGYxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+1xOHRQyOnQTHFcrdasX + Zl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/AbkH7oVFWC1 + P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI4vQCdYgW + 2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2dNgsxKU0H + PGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB+Zie331t + AzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7A/FuDVg3 + AgMBAAGjggEdMIIBGTAnBgNVHREEIDAehwTAqAADhwTAqAAFhwTAqAC2hwTAqACB + hwTAqACSMB0GA1UdDgQWBBQ4G2ff4tgZl4vmo4xCfqmJhdqShzAMBgNVHRMBAf8E + AjAAMIGYBgNVHSMEgZAwgY2AFLlYf9L99nxJDcpCM/LT3V5hQ/a3oXCkbjBsMQww + CgYDVQQDDANhc2QxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQH + DAJhZjENMAsGA1UECgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkB + FgdhQGEuY29tggNgUxcwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/ + BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQA6FpOInEHB5iVk3FP67GybJ29vHZTD + KQHbQgmg8s4L7qIsA1HQ+DMCbdylpA11x+t/eL/n48BvGw2FNXpN6uykhLHJjbKR + h8yITa2KeD3LjLYhScwIigXmTVYSP3km6s8jRL6UKT9zttnIHyXVpBDya6Q4WTMx + fmfC6O7t1PjQ5ZyVtzizIUP8ah9n4TKdXU4A3QIM6WsJXpHb+vqp1WDWJ7mKFtgj + x5TKv3wcPnktx0zMPfLb5BTSE9rc9djcBG0eIAsPT4FgiatCUChe7VhuMnqskxEz + MymJLoq8+mzucRwFkOkR2EIt1x+Irl2mJVMeBow63rVZfUQBD8h++LqB + -----END CERTIFICATE----- + + -----BEGIN CERTIFICATE----- + MIIEhDCCA2ygAwIBAgIDYFMXMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz + ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD + VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + HhcNMjEwODMwMjMyMDQ1WhcNMzEwODI4MjMyMDQ1WjBsMQwwCgYDVQQDDANhc2Qx + CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQHDAJhZjENMAsGA1UE + CgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkBFgdhQGEuY29tMIIB + IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq//c0hEEr83CS1pMgsHX50jt + 2MqIbcf63UUNJTiYpUUvUQSFJFc7m/dr+RTZvu97eDCnD5K2qkHHvTPaPZwY+Djf + iy7N641Sz6u/y3Yo3xxs1Aermsfedh48vusJpjbkT2XS44VjbkrpKcWDNVpp3Evd + M7oJotXeUsZ+imiyVCfr4YhoY5gbGh/r+KN9Wf9YKoUyfLLZGwdZkhtX2zIbidsL + Thqi9YTaUHttGinjiBBum234u/CfvKXsfG3yP2gvBGnlvZnM9ktv+lVffYNqlf7H + VmB1bKKk84HtzuW5X76SGAgOG8eHX4x5ZLI1WQUuoQOVRl1I0UCjBtbz8XhwvQID + AQABo4IBLTCCASkwLQYDVR0RBCYwJIcEwKgABYcEwKgAA4cEwKgAkocEwKgAtYcE + wKgAgYcEwKgAtjAdBgNVHQ4EFgQUuVh/0v32fEkNykIz8tPdXmFD9rcwDwYDVR0T + AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBS5WH/S/fZ8SQ3KQjPy091eYUP2t6Fw + pG4wbDEMMAoGA1UEAwwDYXNkMQswCQYDVQQGEwJVUzENMAsGA1UECAwEYXNkZjEL + MAkGA1UEBwwCYWYxDTALBgNVBAoMBGFzZGYxDDAKBgNVBAsMA2FzZDEWMBQGCSqG + SIb3DQEJARYHYUBhLmNvbYIDYFMXMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF + BQcDAjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKEocOmVuWlr + zegtKYMe8NhHIkFY9oVn5ym6RHNOJpPH4QF8XYC3Z5+iC5yGh4P/jVe/4I4SF6Ql + PtofU0jNq5vzapt/y+m008eXqPQFmoUOvu+JavoRVcRx2LIP5AgBA1mF56CSREsX + TkuJAA9IUQ8EjnmAoAeKINuPaKxGDuU8BGCMqr/qd564MKNf9XYL+Fb2rlkA0O2d + 2No34DQLgqSmST/LAvPM7Cbp6knYgnKmGr1nETCXasg1cueHLnWWTvps2HiPp2D/ + +Fq0uqcZLu4Mdo0CPs4e5sHRyldEnRSKh0DVLprq9zr/GMipmPLJUsT5Jed3sj0w + M7Y3vwxshpo= + -----END CERTIFICATE----- + privatekey: | + -----BEGIN PRIVATE KEY----- + MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7+1xOHRQyOnQT + HFcrdasXZl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/Abk + H7oVFWC1P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI + 4vQCdYgW2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2d + NgsxKU0HPGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB + +Zie331tAzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7 + A/FuDVg3AgMBAAECggEAapt30rj9DitGTtxAt13pJMEhyYxvvD3WkvmJwguF/Bbu + eW0Ba1c668fMeRCA54FWi1sMqusPS4HUqqUvk+tmyAOsAF4qgD/A4MMSC7uJSVI5 + N/JWhJWyhCY94/FPakiO1nbPbVw41bcqtzU2qvparpME2CtxSCbDiqm7aaag3Kqe + EF0fGSUdZ+TYl9JM05+eIyiX+UY19Fg0OjTHMn8nGpxcNTfDBdQ68TKvdo/dtIKL + PLKzJUNNdM8odC4CvQtfGMqaslwZwXkiOl5VJcW21ncj/Y0ngEMKeD/i65ZoqGdR + 0FKCQYEAGtM2FvJcZQ92Wsw7yj2bK2MSegVUyLK32QKBgQDe8syVCepPzRsfjfxA + 6TZlWcGuTZLhwIx97Ktw3VcQ1f4rLoEYlv0xC2VWBORpzIsJo4I/OLmgp8a+Ga8z + FkVRnq90dV3t4NP9uJlHgcODHnOardC2UUka4olBSCG6zmK4Jxi34lOxhGRkshOo + L4IBeOIB5g+ZrEEXkzfYJHESRQKBgQDX2YhFhGIrT8BAnC5BbXbhm8h6Bhjz8DYL + d+qhVJjef7L/aJxViU0hX9Ba2O8CLK3FZeREFE3hJPiJ4TZSlN4evxs5p+bbNDcA + 0mhRI/o3X4ac6IxdRebyYnCOB/Cu94/MzppcZcotlCekKNike7eorCcX4Qavm7Pu + MUuQ+ifmSwKBgEnchoqZzlbBzMqXb4rRuIO7SL9GU/MWp3TQg7vQmJerTZlgvsQ2 + wYsOC3SECmhCq4117iCj2luvOdihCboTFsQDnn0mpQe6BIF6Ns3J38wAuqv0CcFd + DKsrge1uyD3rQilgSoAhKzkUc24o0PpXQurZ8YZPgbuXpbj5vPaOnCdBAoGACYc7 + wb3XS4wos3FxhUfcwJbM4b4VKeeHqzfu7pI6cU/3ydiHVitKcVe2bdw3qMPqI9Wc + nvi6e17Tbdq4OCsEJx1OiVwFD9YdO3cOTc6lw/3+hjypvZBRYo+/4jUthbu96E+S + dtOzehGZMmDvN0uSzupSi3ZOgkAAUFpyuIKickMCgYAId0PCRjonO2thn/R0rZ7P + //L852uyzYhXKw5/fjFGhQ6LbaLgIRFaCZ0L2809u0HFnNvJjHv4AKP6j+vFQYYY + qQ+66XnfsA9G/bu4MDS9AX83iahD9IdLXQAy8I19prAbpVumKegPbMnNYNB/TYEc + 3G15AKCXo7jjOUtHY01DCQ== + -----END PRIVATE KEY----- diff --git a/library/ix-dev/community/jenkins/ci/https-values.yaml b/library/ix-dev/community/jenkins/ci/https-values.yaml new file mode 100644 index 0000000000..600fde7ba0 --- /dev/null +++ b/library/ix-dev/community/jenkins/ci/https-values.yaml @@ -0,0 +1,94 @@ +jenkinsStorage: + home: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/home + +jenkinsNetwork: + certificateID: 1 + +ixCertificates: + "1": + certificate: | + -----BEGIN CERTIFICATE----- + MIIEdjCCA16gAwIBAgIDYFMYMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz + ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD + VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + HhcNMjEwODMwMjMyMzU0WhcNMjMxMjAzMjMyMzU0WjBuMQswCQYDVQQDDAJhZDEL + MAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxDTALBgNVBAcMBGFzZGYxDTALBgNV + BAoMBGFkc2YxDTALBgNVBAsMBGFzZGYxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+1xOHRQyOnQTHFcrdasX + Zl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/AbkH7oVFWC1 + P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI4vQCdYgW + 2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2dNgsxKU0H + PGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB+Zie331t + AzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7A/FuDVg3 + AgMBAAGjggEdMIIBGTAnBgNVHREEIDAehwTAqAADhwTAqAAFhwTAqAC2hwTAqACB + hwTAqACSMB0GA1UdDgQWBBQ4G2ff4tgZl4vmo4xCfqmJhdqShzAMBgNVHRMBAf8E + AjAAMIGYBgNVHSMEgZAwgY2AFLlYf9L99nxJDcpCM/LT3V5hQ/a3oXCkbjBsMQww + CgYDVQQDDANhc2QxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQH + DAJhZjENMAsGA1UECgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkB + FgdhQGEuY29tggNgUxcwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/ + BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQA6FpOInEHB5iVk3FP67GybJ29vHZTD + KQHbQgmg8s4L7qIsA1HQ+DMCbdylpA11x+t/eL/n48BvGw2FNXpN6uykhLHJjbKR + h8yITa2KeD3LjLYhScwIigXmTVYSP3km6s8jRL6UKT9zttnIHyXVpBDya6Q4WTMx + fmfC6O7t1PjQ5ZyVtzizIUP8ah9n4TKdXU4A3QIM6WsJXpHb+vqp1WDWJ7mKFtgj + x5TKv3wcPnktx0zMPfLb5BTSE9rc9djcBG0eIAsPT4FgiatCUChe7VhuMnqskxEz + MymJLoq8+mzucRwFkOkR2EIt1x+Irl2mJVMeBow63rVZfUQBD8h++LqB + -----END CERTIFICATE----- + + -----BEGIN CERTIFICATE----- + MIIEhDCCA2ygAwIBAgIDYFMXMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz + ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD + VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + HhcNMjEwODMwMjMyMDQ1WhcNMzEwODI4MjMyMDQ1WjBsMQwwCgYDVQQDDANhc2Qx + CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQHDAJhZjENMAsGA1UE + CgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkBFgdhQGEuY29tMIIB + IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq//c0hEEr83CS1pMgsHX50jt + 2MqIbcf63UUNJTiYpUUvUQSFJFc7m/dr+RTZvu97eDCnD5K2qkHHvTPaPZwY+Djf + iy7N641Sz6u/y3Yo3xxs1Aermsfedh48vusJpjbkT2XS44VjbkrpKcWDNVpp3Evd + M7oJotXeUsZ+imiyVCfr4YhoY5gbGh/r+KN9Wf9YKoUyfLLZGwdZkhtX2zIbidsL + Thqi9YTaUHttGinjiBBum234u/CfvKXsfG3yP2gvBGnlvZnM9ktv+lVffYNqlf7H + VmB1bKKk84HtzuW5X76SGAgOG8eHX4x5ZLI1WQUuoQOVRl1I0UCjBtbz8XhwvQID + AQABo4IBLTCCASkwLQYDVR0RBCYwJIcEwKgABYcEwKgAA4cEwKgAkocEwKgAtYcE + wKgAgYcEwKgAtjAdBgNVHQ4EFgQUuVh/0v32fEkNykIz8tPdXmFD9rcwDwYDVR0T + AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBS5WH/S/fZ8SQ3KQjPy091eYUP2t6Fw + pG4wbDEMMAoGA1UEAwwDYXNkMQswCQYDVQQGEwJVUzENMAsGA1UECAwEYXNkZjEL + MAkGA1UEBwwCYWYxDTALBgNVBAoMBGFzZGYxDDAKBgNVBAsMA2FzZDEWMBQGCSqG + SIb3DQEJARYHYUBhLmNvbYIDYFMXMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF + BQcDAjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKEocOmVuWlr + zegtKYMe8NhHIkFY9oVn5ym6RHNOJpPH4QF8XYC3Z5+iC5yGh4P/jVe/4I4SF6Ql + PtofU0jNq5vzapt/y+m008eXqPQFmoUOvu+JavoRVcRx2LIP5AgBA1mF56CSREsX + TkuJAA9IUQ8EjnmAoAeKINuPaKxGDuU8BGCMqr/qd564MKNf9XYL+Fb2rlkA0O2d + 2No34DQLgqSmST/LAvPM7Cbp6knYgnKmGr1nETCXasg1cueHLnWWTvps2HiPp2D/ + +Fq0uqcZLu4Mdo0CPs4e5sHRyldEnRSKh0DVLprq9zr/GMipmPLJUsT5Jed3sj0w + M7Y3vwxshpo= + -----END CERTIFICATE----- + privatekey: | + -----BEGIN PRIVATE KEY----- + MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7+1xOHRQyOnQT + HFcrdasXZl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/Abk + H7oVFWC1P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI + 4vQCdYgW2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2d + NgsxKU0HPGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB + +Zie331tAzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7 + A/FuDVg3AgMBAAECggEAapt30rj9DitGTtxAt13pJMEhyYxvvD3WkvmJwguF/Bbu + eW0Ba1c668fMeRCA54FWi1sMqusPS4HUqqUvk+tmyAOsAF4qgD/A4MMSC7uJSVI5 + N/JWhJWyhCY94/FPakiO1nbPbVw41bcqtzU2qvparpME2CtxSCbDiqm7aaag3Kqe + EF0fGSUdZ+TYl9JM05+eIyiX+UY19Fg0OjTHMn8nGpxcNTfDBdQ68TKvdo/dtIKL + PLKzJUNNdM8odC4CvQtfGMqaslwZwXkiOl5VJcW21ncj/Y0ngEMKeD/i65ZoqGdR + 0FKCQYEAGtM2FvJcZQ92Wsw7yj2bK2MSegVUyLK32QKBgQDe8syVCepPzRsfjfxA + 6TZlWcGuTZLhwIx97Ktw3VcQ1f4rLoEYlv0xC2VWBORpzIsJo4I/OLmgp8a+Ga8z + FkVRnq90dV3t4NP9uJlHgcODHnOardC2UUka4olBSCG6zmK4Jxi34lOxhGRkshOo + L4IBeOIB5g+ZrEEXkzfYJHESRQKBgQDX2YhFhGIrT8BAnC5BbXbhm8h6Bhjz8DYL + d+qhVJjef7L/aJxViU0hX9Ba2O8CLK3FZeREFE3hJPiJ4TZSlN4evxs5p+bbNDcA + 0mhRI/o3X4ac6IxdRebyYnCOB/Cu94/MzppcZcotlCekKNike7eorCcX4Qavm7Pu + MUuQ+ifmSwKBgEnchoqZzlbBzMqXb4rRuIO7SL9GU/MWp3TQg7vQmJerTZlgvsQ2 + wYsOC3SECmhCq4117iCj2luvOdihCboTFsQDnn0mpQe6BIF6Ns3J38wAuqv0CcFd + DKsrge1uyD3rQilgSoAhKzkUc24o0PpXQurZ8YZPgbuXpbj5vPaOnCdBAoGACYc7 + wb3XS4wos3FxhUfcwJbM4b4VKeeHqzfu7pI6cU/3ydiHVitKcVe2bdw3qMPqI9Wc + nvi6e17Tbdq4OCsEJx1OiVwFD9YdO3cOTc6lw/3+hjypvZBRYo+/4jUthbu96E+S + dtOzehGZMmDvN0uSzupSi3ZOgkAAUFpyuIKickMCgYAId0PCRjonO2thn/R0rZ7P + //L852uyzYhXKw5/fjFGhQ6LbaLgIRFaCZ0L2809u0HFnNvJjHv4AKP6j+vFQYYY + qQ+66XnfsA9G/bu4MDS9AX83iahD9IdLXQAy8I19prAbpVumKegPbMnNYNB/TYEc + 3G15AKCXo7jjOUtHY01DCQ== + -----END PRIVATE KEY----- diff --git a/library/ix-dev/community/jenkins/item.yaml b/library/ix-dev/community/jenkins/item.yaml new file mode 100644 index 0000000000..3d70f4b360 --- /dev/null +++ b/library/ix-dev/community/jenkins/item.yaml @@ -0,0 +1,9 @@ +icon_url: https://camo.githubusercontent.com/1babb15d046739f64d24c9a3424dd912a88683894f6f2307a969501ad84739f8/68747470733a2f2f7777772e6a656e6b696e732e696f2f696d616765732f6a656e6b696e732d6c6f676f2d7469746c652d6461726b2e737667 +categories: + - productivity +screenshots: + - https://assets.digitalocean.com/articles/jcasc_docker/step4a.png + - https://assets.digitalocean.com/articles/jcasc_docker/step7a.png +tags: + - automation + - ci/cd diff --git a/library/ix-dev/community/jenkins/metadata.yaml b/library/ix-dev/community/jenkins/metadata.yaml new file mode 100644 index 0000000000..828d5006e4 --- /dev/null +++ b/library/ix-dev/community/jenkins/metadata.yaml @@ -0,0 +1,8 @@ +runAsContext: + - userName: jenkins + groupName: jenkins + gid: 1000 + uid: 1000 + description: Jenkins runs as a non-root user. +capabilities: [] +hostMounts: [] diff --git a/library/ix-dev/community/jenkins/questions.yaml b/library/ix-dev/community/jenkins/questions.yaml new file mode 100644 index 0000000000..9ea7121330 --- /dev/null +++ b/library/ix-dev/community/jenkins/questions.yaml @@ -0,0 +1,275 @@ +groups: + - name: Jenkins Configuration + description: Configure Jenkins + - name: User and Group Configuration + description: Configure User and Group for Jenkins + - name: Network Configuration + description: Configure Network for Jenkins + - name: Storage Configuration + description: Configure Storage for Jenkins + - name: Resources Configuration + description: Configure Resources for Jenkins + +portals: + web_portal: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" + path: "$kubernetes-resource_configmap_portal_path" + +questions: + - variable: TZ + group: Jenkins Configuration + label: Timezone + schema: + type: string + default: Etc/UTC + required: true + $ref: + - definitions/timezone + + - variable: jenkinsConfig + label: "" + group: Jenkins Configuration + schema: + type: dict + attrs: + - variable: jenkinsJavaOpts + label: Additional Jenkins Java Options + description: | + Configure additional jenkins java options for Jenkins.
+ See https://www.jenkins.io/doc/book/managing/system-properties + schema: + type: list + default: [] + items: + - variable: jenkinsJavaOpt + label: Jenkins Java Option + schema: + type: dict + attrs: + - variable: property + label: Property + description: | + The property to set, see https://www.jenkins.io/doc/book/managing/system-properties
+ The prefix [-D] is automatically added. + schema: + type: string + required: true + - variable: value + description: | + The value to set for the property.
+ label: Value + schema: + type: string + required: true + - variable: jenkinsOpts + label: Additional Jenkins Options + description: | + Configure additional jenkins options for Jenkins.
+ see https://www.jenkins.io/doc/book/installing/initial-settings + schema: + type: list + default: [] + items: + - variable: jenkinsOption + label: Jenkins Option + description: | + The option to set, see https://www.jenkins.io/doc/book/installing/initial-settings
+ The prefix [--] is automatically added. + schema: + type: string + required: true + - variable: additionalEnvs + label: Additional Environment Variables + description: Configure additional environment variables for Jenkins. + schema: + type: list + default: [] + items: + - variable: env + label: Environment Variable + schema: + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + + - variable: jenkinsNetwork + label: "" + group: Network Configuration + schema: + type: dict + attrs: + - variable: webPort + label: Web Port + description: The port for the Jenkins Web UI. + schema: + type: int + default: 30036 + min: 9000 + max: 65535 + required: true + - variable: certificateID + label: Certificate + description: The certificate to use for HTTPS. + schema: + type: int + $ref: + - "definitions/certificate" + - variable: agent + label: Enable Agent + description: Enable Agent Port for Jenkins. + schema: + type: boolean + default: false + - variable: agentPort + label: Agent Port + description: The port for the Jenkins Agent. + schema: + type: int + show_if: [["agent", "=", true]] + default: 50000 + min: 9000 + max: 65535 + required: true + - variable: hostNetwork + label: Host Network + description: | + Bind to the host network. It's recommended to keep this disabled.
+ schema: + type: boolean + default: false + + - variable: jenkinsStorage + label: "" + group: Storage Configuration + schema: + type: dict + attrs: + - variable: home + label: Jenkins Home Storage + description: The path to store Jenkins Home Directory. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: datasetName + label: Dataset Name + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + hidden: true + immutable: true + default: "home" + $ref: + - "normalize/ixVolume" + - variable: hostPath + label: Host Path + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + immutable: true + required: true + + - variable: additionalStorages + label: Additional Storage + description: Additional storage for Jenkins. + schema: + type: list + default: [] + items: + - variable: storageEntry + label: Storage Entry + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: mountPath + label: Mount Path + description: The path inside the container to mount the storage. + schema: + type: path + required: true + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + required: true + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + immutable: true + default: "storage_entry" + $ref: + - "normalize/ixVolume" + + - variable: resources + group: Resources Configuration + label: "" + schema: + type: dict + attrs: + - variable: limits + label: Limits + schema: + type: dict + attrs: + - variable: cpu + label: CPU + description: CPU limit for Jenkins. + schema: + type: string + default: "4000m" + required: true + - variable: memory + label: Memory + description: Memory limit for Jenkins. + schema: + type: string + default: "8Gi" + required: true diff --git a/library/ix-dev/community/jenkins/templates/NOTES.txt b/library/ix-dev/community/jenkins/templates/NOTES.txt new file mode 100644 index 0000000000..ba4e01146c --- /dev/null +++ b/library/ix-dev/community/jenkins/templates/NOTES.txt @@ -0,0 +1 @@ +{{ include "ix.v1.common.lib.chart.notes" $ }} diff --git a/library/ix-dev/community/jenkins/templates/_certContainer.tpl b/library/ix-dev/community/jenkins/templates/_certContainer.tpl new file mode 100644 index 0000000000..9615f947ab --- /dev/null +++ b/library/ix-dev/community/jenkins/templates/_certContainer.tpl @@ -0,0 +1,48 @@ +{{- define "jenkins.certContainer" -}} +enabled: true +type: init +imageSelector: image +securityContext: + runAsUser: 1000 + runAsGroup: 1000 +command: + - /bin/sh + - -c +args: + - | + {{- $key := printf "%v/%v" .Values.jenkinsConstants.certsPath .Values.jenkinsConstants.keyName -}} + {{- $cert := printf "%v/%v" .Values.jenkinsConstants.certsPath .Values.jenkinsConstants.crtName -}} + {{- $keystore := printf "%v/%v" .Values.jenkinsConstants.keystorePath .Values.jenkinsConstants.keystoreName }} + # Create the directories for the certificates and keystore + mkdir -p "{{ .Values.jenkinsConstants.certsPath }}" + mkdir -p "{{ .Values.jenkinsConstants.keystorePath }}" + + if [ -f "/tmp/ix.p12" ]; then + echo "Cleaning up old certificate" + rm "/tmp/ix.p12" + fi + + echo "Generating new certificate from key and cert" + + if [ -f "{{ $key }}" ] && [ -f "{{ $cert }}" ]; then + echo "Found key and cert, creating p12 certificate" + + openssl pkcs12 -inkey "{{ $key }}" -in "{{ $cert }}" \ + -export -out "/tmp/ix.p12" \ + -password pass:{{ .Values.jenkinsCertRandomPass }} || exit 1 + echo "P12 Certificate created" + + if [ -f "{{ $keystore }}" ]; then + echo "Keystore already exists, removing and creating a new one" + rm "{{ $keystore }}" + fi + + echo "Importing certificate into a new java keystore" + keytool -importkeystore -srckeystore "/tmp/ix.p12" -srcstoretype pkcs12 \ + -destkeystore "{{ $keystore }}" -deststoretype JKS \ + -srcstorepass {{ .Values.jenkinsCertRandomPass }} \ + -deststorepass {{ .Values.jenkinsCertRandomPass }} || exit 1 + + echo "Certificate imported" + fi +{{- end -}} diff --git a/library/ix-dev/community/jenkins/templates/_configuration.tpl b/library/ix-dev/community/jenkins/templates/_configuration.tpl new file mode 100644 index 0000000000..5b23be5d9f --- /dev/null +++ b/library/ix-dev/community/jenkins/templates/_configuration.tpl @@ -0,0 +1,23 @@ +{{- define "jenkins.configuration" -}} +opts: + jenkinsOpts: + {{- if not .Values.jenkinsNetwork.certificateID }} + - --httpPort={{ .Values.jenkinsNetwork.webPort }} + {{- end -}} + {{- if .Values.jenkinsNetwork.certificateID }} + - --httpPort=-1 + - --httpsPort={{ .Values.jenkinsNetwork.webPort }} + - --httpsKeyStore={{ .Values.jenkinsConstants.keystorePath }}/{{ .Values.jenkinsConstants.keystoreName }} + - --httpsKeyStorePassword={{ .Values.jenkinsCertRandomPass }} + {{- end -}} + {{- range $opt := .Values.jenkinsConfig.jenkinsOpts }} + - --{{ $opt }} + {{- end }} + + jenkinsJavaOpts: + - -Djenkins.model.Jenkins.slaveAgentPortEnforce=true + - -Djenkins.model.Jenkins.slaveAgentPort={{ ternary .Values.jenkinsNetwork.agentPort "-1" .Values.jenkinsNetwork.agent }} + {{- range $opt := .Values.jenkinsConfig.jenkinsJavaOpts }} + - -D{{ $opt.property }}={{ $opt.value }} + {{- end }} +{{- end -}} diff --git a/library/ix-dev/community/jenkins/templates/_jenkins.tpl b/library/ix-dev/community/jenkins/templates/_jenkins.tpl new file mode 100644 index 0000000000..06e1355833 --- /dev/null +++ b/library/ix-dev/community/jenkins/templates/_jenkins.tpl @@ -0,0 +1,148 @@ +{{- define "jenkins.workload" -}} +workload: + jenkins: + enabled: true + primary: true + type: Deployment + podSpec: + hostNetwork: {{ .Values.jenkinsNetwork.hostNetwork }} + securityContext: + fsGroup: 1000 + containers: + jenkins: + enabled: true + primary: true + imageSelector: image + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + {{ $config := (include "jenkins.configuration" $ | fromYaml).opts }} + env: + JENKINS_SLAVE_AGENT_PORT: {{ .Values.jenkinsNetwork.agentPort }} + JENKINS_JAVA_OPTS: {{ join " " $config.jenkinsJavaOpts }} + JENKINS_OPTS: {{ join " " $config.jenkinsOpts }} + {{ with .Values.jenkinsConfig.additionalEnvs }} + envList: + {{ range $env := . }} + - name: {{ $env.name }} + values: {{ $env.value }} + {{ end }} + {{ end }} + {{ $scheme := "http" }} + {{ if .Values.jenkinsNetwork.certificateID }} + {{ $scheme = "https" }} + {{ end }} + probes: + liveness: + enabled: true + type: {{ $scheme }} + port: {{ .Values.jenkinsNetwork.webPort }} + path: /login + readiness: + enabled: true + type: {{ $scheme }} + port: {{ .Values.jenkinsNetwork.webPort }} + path: /login + startup: + enabled: true + type: {{ $scheme }} + port: {{ .Values.jenkinsNetwork.webPort }} + path: /login + initContainers: + {{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions" + "UID" 1000 + "GID" 1000 + "mode" "check" + "type" "init") | nindent 8 }} + {{- if .Values.jenkinsNetwork.certificateID }} + 02-cert-container: + {{- include "jenkins.certContainer" $ | nindent 10 }} + {{- end }} + +{{/* Service */}} +service: + jenkins: + enabled: true + primary: true + type: NodePort + targetSelector: jenkins + ports: + web: + enabled: true + primary: true + port: {{ .Values.jenkinsNetwork.webPort }} + nodePort: {{ .Values.jenkinsNetwork.webPort }} + targetSelector: jenkins + agent: + enabled: {{ .Values.jenkinsNetwork.agent }} + primary: false + type: NodePort + targetSelector: jenkins + ports: + agent: + enabled: {{ .Values.jenkinsNetwork.agent }} + primary: true + port: {{ .Values.jenkinsNetwork.agentPort }} + nodePort: {{ .Values.jenkinsNetwork.agentPort }} + targetSelector: jenkins + +{{/* Persistence */}} +persistence: + home: + enabled: true + type: {{ .Values.jenkinsStorage.home.type }} + datasetName: {{ .Values.jenkinsStorage.home.datasetName | default "" }} + hostPath: {{ .Values.jenkinsStorage.home.hostPath | default "" }} + targetSelector: + jenkins: + jenkins: + mountPath: /var/jenkins_home + 01-permissions: + mountPath: /mnt/directories/home + 02-cert-container: + mountPath: /var/jenkins_home + tmp: + enabled: true + type: emptyDir + targetSelector: + jenkins: + jenkins: + mountPath: /tmp + 02-cert-container: + mountPath: /tmp + {{- range $idx, $storage := .Values.jenkinsStorage.additionalStorages }} + {{ printf "jenkins-%v" (int $idx) }}: + enabled: true + type: {{ $storage.type }} + datasetName: {{ $storage.datasetName | default "" }} + hostPath: {{ $storage.hostPath | default "" }} + targetSelector: + jenkins: + jenkins: + mountPath: {{ $storage.mountPath }} + 01-permissions: + mountPath: /mnt/directories{{ $storage.mountPath }} + {{- end }} + {{- if .Values.jenkinsNetwork.certificateID }} + cert: + enabled: true + type: secret + objectName: jenkins-cert + defaultMode: "0600" + items: + - key: tls.key + path: {{ .Values.jenkinsConstants.keyName }} + - key: tls.crt + path: {{ .Values.jenkinsConstants.crtName }} + targetSelector: + jenkins: + 02-cert-container: + mountPath: {{ .Values.jenkinsConstants.certsPath }} + readOnly: true + +scaleCertificate: + jenkins-cert: + enabled: true + id: {{ .Values.jenkinsNetwork.certificateID }} + {{- end -}} +{{- end -}} diff --git a/library/ix-dev/community/jenkins/templates/_portal.tpl b/library/ix-dev/community/jenkins/templates/_portal.tpl new file mode 100644 index 0000000000..2e8c496f90 --- /dev/null +++ b/library/ix-dev/community/jenkins/templates/_portal.tpl @@ -0,0 +1,16 @@ +{{- define "jenkins.portal" -}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: portal +data: + {{- $protocol := "http" -}} + {{- if .Values.jenkinsNetwork.certificateID -}} + {{- $protocol = "https" -}} + {{- end }} + path: "/login" + host: $node_ip + protocol: {{ $protocol }} + port: {{ .Values.jenkinsNetwork.webPort | quote }} +{{- end -}} diff --git a/library/ix-dev/community/jenkins/templates/_validation.tpl b/library/ix-dev/community/jenkins/templates/_validation.tpl new file mode 100644 index 0000000000..fad804d740 --- /dev/null +++ b/library/ix-dev/community/jenkins/templates/_validation.tpl @@ -0,0 +1,38 @@ +{{- define "jenkins.validation" -}} + + {{- if not (deepEqual (uniq .Values.jenkinsConfig.jenkinsJavaOpts) .Values.jenkinsConfig.jenkinsJavaOpts) -}} + {{- fail "Jenkins - Jenkins Java Options must be unique" -}} + {{- end -}} + + {{- if not (deepEqual (uniq .Values.jenkinsConfig.jenkinsOpts) .Values.jenkinsConfig.jenkinsOpts) -}} + {{- fail "Jenkins - Jenkins Options must be unique" -}} + {{- end -}} + + {{- $reservedJenkinsJavaOpts := (list + "jenkins.model.Jenkins.slaveAgentPortEnforce" + "jenkins.model.Jenkins.slaveAgentPort") -}} + {{- $reservedJenkinsOpts := (list "httpPort") -}} + + {{- if .Values.jenkinsNetwork.certificateID -}} + {{- $reservedJenkinsOpts = mustAppend $reservedJenkinsOpts "httpsPort" -}} + {{- $reservedJenkinsOpts = mustAppend $reservedJenkinsOpts "httpsKeyStore" -}} + {{- end -}} + + {{- range $opt := .Values.jenkinsConfig.jenkinsOpts -}} + {{- if (hasPrefix "--" $opt) -}} + {{- fail "Jenkins - Please remove [--] prefix from Jenkins Option [%v], as it is added automatically." -}} + {{- end -}} + {{- if (mustHas $opt $reservedJenkinsOpts) -}} + {{- fail "Jenkins - Setting Jenkins Option [%v] is not allowed." -}} + {{- end -}} + {{- end -}} + + {{- range $opt := .Values.jenkinsConfig.jenkinsJavaOpts -}} + {{- if (hasPrefix "-D" $opt.property) -}} + {{- fail "Jenkins - Please remove [-D] prefix from Jenkins Java Option [%v], as it is added automatically." -}} + {{- end -}} + {{- if (mustHas $opt.property $reservedJenkinsJavaOpts) -}} + {{- fail "Jenkins - Setting Jenkins Java Option [%v] is not allowed." -}} + {{- end -}} + {{- end -}} +{{- end -}} diff --git a/library/ix-dev/community/jenkins/templates/common.yaml b/library/ix-dev/community/jenkins/templates/common.yaml new file mode 100644 index 0000000000..259bb1e190 --- /dev/null +++ b/library/ix-dev/community/jenkins/templates/common.yaml @@ -0,0 +1,19 @@ +{{- include "ix.v1.common.loader.init" . -}} + +{{/* Run the validation */}} +{{- include "jenkins.validation" $ -}} + +{{/* Generate a new random pass on each start to password protect certificate */}} +{{- if .Values.jenkinsNetwork.certificateID -}} + {{- $_ := set .Values "jenkinsCertRandomPass" (randAlphaNum 32) -}} +{{- else if .Values.jenkinsCertRandomPass -}} {{/* Cleanup if no cert is defined */}} + {{- $_ := unset .Values "jenkinsCertRandomPass" -}} +{{- end -}} + +{{/* Merge the templates with Values */}} +{{- $_ := mustMergeOverwrite .Values (include "jenkins.workload" $ | fromYaml) -}} + +{{/* Create the configmap for portal manually*/}} +{{- include "jenkins.portal" $ -}} + +{{- include "ix.v1.common.loader.apply" . -}} diff --git a/library/ix-dev/community/jenkins/upgrade_info.json b/library/ix-dev/community/jenkins/upgrade_info.json new file mode 100644 index 0000000000..767388094a --- /dev/null +++ b/library/ix-dev/community/jenkins/upgrade_info.json @@ -0,0 +1 @@ +{"filename": "values.yaml", "keys": ["image"]} diff --git a/library/ix-dev/community/jenkins/upgrade_strategy b/library/ix-dev/community/jenkins/upgrade_strategy new file mode 100755 index 0000000000..52d32d78f8 --- /dev/null +++ b/library/ix-dev/community/jenkins/upgrade_strategy @@ -0,0 +1,31 @@ +#!/usr/bin/python3 +import json +import re +import sys + +from catalog_update.upgrade_strategy import semantic_versioning + + +RE_STABLE_VERSION = re.compile(r'[0-9]+\.[0-9]+\.[0-9]+-jdk17') + + +def newer_mapping(image_tags): + key = list(image_tags.keys())[0] + tags = {t.strip('-jdk17'): t for t in image_tags[key] if RE_STABLE_VERSION.fullmatch(t)} + version = semantic_versioning(list(tags)) + if not version: + return {} + + return { + 'tags': {key: tags[version]}, + 'app_version': version, + } + + +if __name__ == '__main__': + try: + versions_json = json.loads(sys.stdin.read()) + except ValueError: + raise ValueError('Invalid json specified') + + print(json.dumps(newer_mapping(versions_json))) diff --git a/library/ix-dev/community/jenkins/values.yaml b/library/ix-dev/community/jenkins/values.yaml new file mode 100644 index 0000000000..ceb22ff439 --- /dev/null +++ b/library/ix-dev/community/jenkins/values.yaml @@ -0,0 +1,42 @@ +image: + repository: jenkins/jenkins + pullPolicy: IfNotPresent + tag: '2.401.1-jdk17' + +resources: + limits: + cpu: 4000m + memory: 8Gi + +jenkinsConfig: + jenkinsOpts: [] + jenkinsJavaOpts: [] + additionalEnvs: [] +jenkinsNetwork: + webPort: 30036 + https: false + certificateID: 0 + agent: false + agentPort: 50000 + hostNetwork: false +jenkinsStorage: + home: + type: ixVolume + datasetName: home + additionalStorages: [] + +# Not user configurable +jenkinsConstants: + certsPath: /tmp/ix-certs + keystorePath: /var/jenkins_home/ix-keystore + crtName: ix.crt + keyName: ix.key + keystoreName: ix.jks + +notes: + custom: | + The initial Admin password is generated on the + first run of Jenkins. You can retrieve it by + looking at the logs of Jenkins. + + The default username is admin.