public_git
/
kubernetes-operator
mirror of https://github.com/jenkinsci/kubernetes-operator.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Add preview docs and Github Actions e2e test workflow

This commit is contained in:
Sylwia Brant 2021-02-10 16:14:50 +01:00
parent d225cc113e
commit ce081bfd28
51 changed files with 9636 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
.github/workflows/auto-tests.yaml vendored
View File

@ -23,9 +23,6 @@ jobs:
echo "MINIKUBE_WANTUPDATENOTIFICATION=false" >> $GITHUB_ENV echo "MINIKUBE_WANTUPDATENOTIFICATION=false" >> $GITHUB_ENV
echo "MINIKUBE_WANTREPORTERRORPROMPT=false" >> $GITHUB_ENV echo "MINIKUBE_WANTREPORTERRORPROMPT=false" >> $GITHUB_ENV
echo "GO_VERSION=v$(sed -n 's/GO_VERSION=//p' config.base.env)" >> $GITHUB_ENV echo "GO_VERSION=v$(sed -n 's/GO_VERSION=//p' config.base.env)" >> $GITHUB_ENV
echo "MINIKUBE_VERSION=v$(sed -n 's/MINIKUBE_VERSION=//p' config.minikube.env)" >> $GITHUB_ENV
echo "OPERATOR_SDK_VERSION=v$(sed -n 's/OPERATOR_SDK_VERSION=//p' config.base.env)" >> $GITHUB_ENV
echo "MINIKUBE_KUBERNETES_VERSION=$(sed -n 's/MINIKUBE_KUBERNETES_VERSION=//p' config.minikube.env)" >> $GITHUB_ENV
echo "HELM_VERSION=v$(sed -n 's/HELM_VERSION=//p' config.base.env)" >> $GITHUB_ENV echo "HELM_VERSION=v$(sed -n 's/HELM_VERSION=//p' config.base.env)" >> $GITHUB_ENV
echo "GOPATH=/home/runner/go" >> $GITHUB_ENV echo "GOPATH=/home/runner/go" >> $GITHUB_ENV
@ -44,17 +41,12 @@ jobs:
run: | run: |
sudo apt-get update sudo apt-get update
sudo apt-get install socat sudo apt-get install socat
curl -Lo kubectl https://storage.googleapis.com/kubernetes-release/release/$MINIKUBE_KUBERNETES_VERSION/bin/linux/amd64/kubectl && chmod +x kubectl && sudo mv kubectl /usr/local/bin/
curl -Lo minikube https://storage.googleapis.com/minikube/releases/$MINIKUBE_VERSION/minikube-linux-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/
curl -Lo operator-sdk https://github.com/operator-framework/operator-sdk/releases/download/$OPERATOR_SDK_VERSION/operator-sdk-$OPERATOR_SDK_VERSION-x86_64-linux-gnu && chmod +x operator-sdk && sudo mv operator-sdk /usr/local/bin/
curl -Lo helm.tar.gz https://get.helm.sh/helm-$HELM_VERSION-linux-amd64.tar.gz && tar xzfv helm.tar.gz && sudo mv linux-amd64/helm /usr/local/bin/
sudo mkdir -p $HOME/.kube $HOME/.minikube sudo mkdir -p $HOME/.kube $HOME/.minikube
touch KUBECONFIG
sudo minikube start --vm-driver=none --kubernetes-version=$MINIKUBE_KUBERNETES_VERSION
sudo chown -R $USER $HOME/.kube $HOME/.minikube sudo chown -R $USER $HOME/.kube $HOME/.minikube
make minikube-start MINIKUBE_DRIVER='docker' CPUS_NUMBER=2
- name: Jenkins Operator - e2e - name: Jenkins Operator - e2e
run: make build e2e run: |
make e2e E2E_TEST_ARGS='-ginkgo.v'
- name: Jenkins Operator Helm Chart - e2e #TODO Helm e2e test
run: make e2e BUILDTAGS=Helm E2E_TEST_SELECTOR='^.*Helm.*$'

15
Makefile
View File

@ -315,7 +315,7 @@ endif
minikube-start: minikube check-minikube ## Start minikube minikube-start: minikube check-minikube ## Start minikube
@echo "+ $@" @echo "+ $@"
bin/minikube status && exit 0 || \ bin/minikube status && exit 0 || \
bin/minikube start --kubernetes-version $(MINIKUBE_KUBERNETES_VERSION) --dns-domain=$(CLUSTER_DOMAIN) --extra-config=kubelet.cluster-domain=$(CLUSTER_DOMAIN) --vm-driver=$(MINIKUBE_DRIVER) --memory 4096 --cpus 3 bin/minikube start --kubernetes-version $(MINIKUBE_KUBERNETES_VERSION) --dns-domain=$(CLUSTER_DOMAIN) --extra-config=kubelet.cluster-domain=$(CLUSTER_DOMAIN) --driver=$(MINIKUBE_DRIVER) --memory 4096 --cpus $(CPUS_NUMBER)
.PHONY: crc-start .PHONY: crc-start
crc-start: check-crc ## Start CodeReady Containers Kubernetes cluster crc-start: check-crc ## Start CodeReady Containers Kubernetes cluster
@ -405,6 +405,17 @@ generate-docs: hugo ## Re-generate docs directory from the website directory
rm -rf docs || echo "Cannot remove docs dir, ignoring" rm -rf docs || echo "Cannot remove docs dir, ignoring"
bin/hugo -s website -d ../docs bin/hugo -s website -d ../docs
.PHONY: all-in-one-build
FILENAME := config/all_in_one_$(API_VERSION).yaml
all-in-one-build: ## Re-generate all-in-one yaml
@echo "+ $@"
> $(FILENAME)
cat config/rbac/leader_election_role.yaml >> $(FILENAME)
cat config/rbac/leader_election_role_binding.yaml >> $(FILENAME)
cat config/rbac/role.yaml >> $(FILENAME)
cat config/rbac/role_binding.yaml >> $(FILENAME)
cat config/manager/manager.yaml >> $(FILENAME)
##################### FROM OPERATOR SDK ######################## ##################### FROM OPERATOR SDK ########################
# Install CRDs into a cluster # Install CRDs into a cluster
install-crds: manifests kustomize install-crds: manifests kustomize
@ -424,7 +435,7 @@ undeploy:
$(KUSTOMIZE) build config/default | kubectl delete -f - $(KUSTOMIZE) build config/default | kubectl delete -f -
# Generate manifests e.g. CRD, RBAC etc. # Generate manifests e.g. CRD, RBAC etc.
manifests: controller-gen manifests: controller-gen all-in-one-build
$(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases
# Generate code # Generate code

227
config/all_in_one_v1alpha2.yaml Normal file
View File

@ -0,0 +1,227 @@
---
# permissions to do leader election.
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: leader-election-role
rules:
- apiGroups:
- ""
- coordination.k8s.io
resources:
- configmaps
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: leader-election-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: leader-election-role
subjects:
- kind: ServiceAccount
name: default
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: manager-role
rules:
- apiGroups:
- ""
resources:
- services
- configmaps
- secrets
- serviceaccounts
verbs:
- get
- create
- update
- list
- watch
- apiGroups:
- apps
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
verbs:
- '*'
- apiGroups:
- rbac.authorization.k8s.io
resources:
- roles
- rolebindings
verbs:
- create
- update
- list
- watch
- apiGroups:
- ""
resources:
- pods/portforward
verbs:
- create
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- pods
- pods/exec
verbs:
- "*"
- apiGroups:
- ""
resources:
- events
verbs:
- watch
- list
- create
- patch
- apiGroups:
- apps
resourceNames:
- jenkins-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- jenkins.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- ""
resources:
- persistentvolumeclaims
verbs:
- get
- list
- watch
- apiGroups:
- "route.openshift.io"
resources:
- routes
verbs:
- get
- list
- watch
- create
- update
- apiGroups:
- "image.openshift.io"
resources:
- imagestreams
verbs:
- get
- list
- watch
- apiGroups:
- "build.openshift.io"
resources:
- builds
- buildconfigs
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: manager-role
subjects:
- kind: ServiceAccount
name: default
namespace: default
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins-operator
namespace: default
labels:
control-plane: controller-manager
spec:
selector:
matchLabels:
control-plane: controller-manager
replicas: 1
template:
metadata:
labels:
control-plane: controller-manager
spec:
securityContext:
runAsUser: 65532
containers:
- command:
- /manager
args:
- --leader-elect
image: jenkins-operator:305dbeda-dirty-dirty
name: jenkins-operator
imagePullPolicy: Never
securityContext:
allowPrivilegeEscalation: false
livenessProbe:
httpGet:
path: /healthz
port: 8081
initialDelaySeconds: 15
periodSeconds: 20
readinessProbe:
httpGet:
path: /readyz
port: 8081
initialDelaySeconds: 5
periodSeconds: 10
resources:
limits:
cpu: 100m
memory: 30Mi
requests:
cpu: 100m
memory: 20Mi
env:
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
terminationGracePeriodSeconds: 10

4
config/certmanager/certificate.yaml
View File

@ -5,7 +5,7 @@ apiVersion: cert-manager.io/v1
kind: Issuer kind: Issuer
metadata: metadata:
name: selfsigned-issuer name: selfsigned-issuer
namespace: system namespace: default
spec: spec:
selfSigned: {} selfSigned: {}
--- ---
@ -13,7 +13,7 @@ apiVersion: cert-manager.io/v1
kind: Certificate kind: Certificate
metadata: metadata:
name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
namespace: system namespace: default
spec: spec:
# $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize
dnsNames: dnsNames:

2
config/crd/patches/webhook_in_jenkins.yaml
View File

@ -9,6 +9,6 @@ spec:
webhook: webhook:
clientConfig: clientConfig:
service: service:
namespace: system namespace: default
name: webhook-service name: webhook-service
path: /convert path: /convert

2
config/default/kustomization.yaml
View File

@ -1,5 +1,5 @@
# Adds namespace to all resources. # Adds namespace to all resources.
namespace: jenkins-operator-system namespace: jenkins-operator
# Value of this field is prepended to the # Value of this field is prepended to the
# names of all resources, e.g. a deployment named # names of all resources, e.g. a deployment named

2
config/default/manager_auth_proxy_patch.yaml
View File

@ -4,7 +4,7 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: controller-manager name: controller-manager
namespace: system namespace: default
spec: spec:
template: template:
spec: spec:

2
config/default/manager_config_patch.yaml
View File

@ -2,7 +2,7 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: controller-manager name: controller-manager
namespace: system namespace: default
spec: spec:
template: template:
spec: spec:

15
config/manager/manager.yaml
View File

@ -1,15 +1,9 @@
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: controller-manager
name: system
--- ---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: controller-manager name: jenkins-operator
namespace: system namespace: default
labels: labels:
control-plane: controller-manager control-plane: controller-manager
spec: spec:
@ -29,8 +23,9 @@ spec:
- /manager - /manager
args: args:
- --leader-elect - --leader-elect
image: controller:latest image: jenkins-operator:305dbeda-dirty-dirty
name: manager name: jenkins-operator
imagePullPolicy: Never
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
livenessProbe: livenessProbe:

2
config/prometheus/monitor.yaml
View File

@ -6,7 +6,7 @@ metadata:
labels: labels:
control-plane: controller-manager control-plane: controller-manager
name: controller-manager-metrics-monitor name: controller-manager-metrics-monitor
namespace: system namespace: default
spec: spec:
endpoints: endpoints:
- path: /metrics - path: /metrics

2
config/rbac/auth_proxy_role_binding.yaml
View File

@ -9,4 +9,4 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: default name: default
namespace: system namespace: default

2
config/rbac/auth_proxy_service.yaml
View File

@ -4,7 +4,7 @@ metadata:
labels: labels:
control-plane: controller-manager control-plane: controller-manager
name: controller-manager-metrics-service name: controller-manager-metrics-service
namespace: system namespace: default
spec: spec:
ports: ports:
- name: https - name: https

1
config/rbac/leader_election_role.yaml
View File

@ -1,3 +1,4 @@
---
# permissions to do leader election. # permissions to do leader election.
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: Role kind: Role

3
config/rbac/leader_election_role_binding.yaml
View File

@ -1,3 +1,4 @@
---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding kind: RoleBinding
metadata: metadata:
@ -9,4 +10,4 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: default name: default
namespace: system namespace: default

118
config/rbac/role.yaml
View File

@ -1,4 +1,3 @@
--- ---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
@ -9,54 +8,111 @@ rules:
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- services
- configmaps - configmaps
- secrets
- serviceaccounts
verbs: verbs:
- get - get
- create
- update
- list
- watch
- apiGroups:
- apps
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
verbs:
- '*'
- apiGroups:
- rbac.authorization.k8s.io
resources:
- roles
- rolebindings
verbs:
- create
- update
- list - list
- watch - watch
- apiGroups: - apiGroups:
- "" - ""
resources: resources:
- pods - pods/portforward
verbs: verbs:
- create - create
- delete
- get
- list
- patch
- update
- watch
- apiGroups: - apiGroups:
- jenkins.io - ""
resources: resources:
- jenkins - pods/log
verbs: verbs:
- create - get
- delete - list
- get - watch
- list
- patch
- update
- watch
- apiGroups: - apiGroups:
- jenkins.io - ""
resources: resources:
- jenkins/finalizers - pods
- pods/exec
verbs: verbs:
- update - "*"
- apiGroups: - apiGroups:
- jenkins.io - ""
resources: resources:
- jenkins/status - events
verbs: verbs:
- get - watch
- patch - list
- update - create
- patch
- apiGroups: - apiGroups:
- v1 - apps
resourceNames:
- jenkins-operator
resources: resources:
- secrets - deployments/finalizers
verbs: verbs:
- get - update
- list - apiGroups:
- watch - jenkins.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- ""
resources:
- persistentvolumeclaims
verbs:
- get
- list
- watch
- apiGroups:
- "route.openshift.io"
resources:
- routes
verbs:
- get
- list
- watch
- create
- update
- apiGroups:
- "image.openshift.io"
resources:
- imagestreams
verbs:
- get
- list
- watch
- apiGroups:
- "build.openshift.io"
resources:
- builds
- buildconfigs
verbs:
- get
- list
- watch

3
config/rbac/role_binding.yaml
View File

@ -1,3 +1,4 @@
---
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
@ -9,4 +10,4 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: default name: default
namespace: system namespace: default

2
config/samples/jenkins.io_v1alpha2_jenkins.yaml
View File

@ -1,7 +1,7 @@
apiVersion: jenkins.io/v1alpha2 apiVersion: jenkins.io/v1alpha2
kind: Jenkins kind: Jenkins
metadata: metadata:
name: jenkins-example name: example
namespace: default namespace: default
spec: spec:
configurationAsCode: configurationAsCode:

168
deploy/all-in-one-v1alpha2.yaml Normal file
View File

@ -0,0 +1,168 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins-operator
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: jenkins-operator
rules:
- apiGroups:
- ""
resources:
- services
- configmaps
- secrets
- serviceaccounts
verbs:
- get
- create
- update
- list
- watch
- apiGroups:
- apps
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
verbs:
- '*'
- apiGroups:
- rbac.authorization.k8s.io
resources:
- roles
- rolebindings
verbs:
- create
- update
- list
- watch
- apiGroups:
- ""
resources:
- pods/portforward
verbs:
- create
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- pods
- pods/exec
verbs:
- "*"
- apiGroups:
- ""
resources:
- events
verbs:
- watch
- list
- create
- patch
- apiGroups:
- apps
resourceNames:
- jenkins-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- jenkins.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- ""
resources:
- persistentvolumeclaims
verbs:
- get
- list
- watch
- apiGroups:
- "route.openshift.io"
resources:
- routes
verbs:
- get
- list
- watch
- create
- update
- apiGroups:
- "image.openshift.io"
resources:
- imagestreams
verbs:
- get
- list
- watch
- apiGroups:
- "build.openshift.io"
resources:
- builds
- buildconfigs
verbs:
- get
- list
- watch
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: jenkins-operator
subjects:
- kind: ServiceAccount
name: jenkins-operator
roleRef:
kind: Role
name: jenkins-operator
apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins-operator
spec:
replicas: 1
selector:
matchLabels:
name: jenkins-operator
template:
metadata:
labels:
name: jenkins-operator
spec:
serviceAccountName: jenkins-operator
containers:
- name: jenkins-operator
image: virtuslab/jenkins-operator:v0.5.0
command:
- jenkins-operator
args: []
imagePullPolicy: IfNotPresent
env:
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: OPERATOR_NAME
value: "jenkins-operator"

3027
deploy/crds/jenkins.io_jenkins_crd.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

85
deploy/crds/jenkins.io_jenkinsimages_crd.yaml Normal file
View File

@ -0,0 +1,85 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: jenkinsimages.jenkins.io
spec:
group: jenkins.io
names:
kind: JenkinsImage
listKind: JenkinsImageList
plural: jenkinsimages
singular: jenkinsimage
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
description: JenkinsImage is the Schema for the jenkinsimages API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: JenkinsImageSpec defines the desired state of JenkinsImage
properties:
image:
description: Defines Jenkins Plugin structure
properties:
name:
type: string
version:
type: string
required:
- name
type: object
plugins:
items:
description: Defines Jenkins Plugin structure
properties:
name:
type: string
version:
type: string
required:
- name
type: object
type: array
required:
- image
- plugins
type: object
status:
description: JenkinsImageStatus defines the observed state of JenkinsImage
properties:
image:
type: string
installedPlugins:
items:
description: Defines Jenkins Plugin structure
properties:
name:
type: string
version:
type: string
required:
- name
type: object
type: array
md5sum:
type: string
type: object
type: object
version: v1alpha2
versions:
- name: v1alpha2
served: true
storage: true

15
deploy/crds/jenkins_v1alpha2_jenkins_cr.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
name: example
spec:
master:
containers:
- name: jenkins-master
image: jenkins/jenkins:2.263.2-lts-alpine
seedJobs:
- id: jenkins-operator
targets: "cicd/jobs/*.jenkins"
description: "Jenkins Operator repository"
repositoryBranch: master
repositoryUrl: https://github.com/jenkinsci/kubernetes-operator.git

106
deploy/crds/jenkins_v1alpha2_jenkins_crd.yaml Normal file
View File

@ -0,0 +1,106 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: jenkins.jenkins.io
spec:
group: jenkins.io
names:
kind: Jenkins
listKind: JenkinsList
plural: jenkins
singular: jenkins
scope: Namespaced
versions:
- name : v1alpha2
served: true
storage: true
- name : v1alpha1
served: true
storage: false
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: jenkinsimages.jenkins.io
spec:
group: jenkins.io
names:
kind: JenkinsImage
listKind: JenkinsImageList
plural: jenkinsimages
singular: jenkinsimage
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
description: JenkinsImage is the Schema for the jenkinsimages API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: JenkinsImageSpec defines the desired state of JenkinsImage
properties:
image:
description: Defines Jenkins Plugin structure
properties:
name:
type: string
version:
type: string
required:
- name
type: object
plugins:
items:
description: Defines Jenkins Plugin structure
properties:
name:
type: string
version:
type: string
required:
- name
type: object
type: array
required:
- image
- plugins
type: object
status:
description: JenkinsImageStatus defines the observed state of JenkinsImage
properties:
image:
type: string
installedPlugins:
items:
description: Defines Jenkins Plugin structure
properties:
name:
type: string
version:
type: string
required:
- name
type: object
type: array
md5sum:
type: string
type: object
type: object
version: v1alpha2
versions:
- name: v1alpha2
served: true
storage: true

24
deploy/crds/jenkins_v1alpha2_jenkinsimage_cr.yaml Normal file
View File

@ -0,0 +1,24 @@
apiVersion: jenkins.io/v1alpha2
kind: JenkinsImage
metadata:
name: simple-jenkinsimage
spec:
image:
name: jenkins/jenkins
tag: 2.263.1-lts-alpine
plugins:
- name: kubernetes
version: "1.28.6"
- name: workflow-job
version: "2.40"
- name: workflow-aggregator
version: "2.6"
- name: git
version: "4.5.0"
- name: job-dsl
version: "1.77"
- name: configuration-as-code
version: "1.46"
- name: kubernetes-credentials-provider
version: "0.15"

85
deploy/crds/jenkins_v1alpha2_jenkinsimage_crd.yaml Normal file
View File

@ -0,0 +1,85 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: jenkinsimages.jenkins.io
spec:
group: jenkins.io
names:
kind: JenkinsImage
listKind: JenkinsImageList
plural: jenkinsimages
singular: jenkinsimage
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
description: JenkinsImage is the Schema for the jenkinsimages API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: JenkinsImageSpec defines the desired state of JenkinsImage
properties:
image:
description: Defines Jenkins Plugin structure
properties:
name:
type: string
version:
type: string
required:
- name
type: object
plugins:
items:
description: Defines Jenkins Plugin structure
properties:
name:
type: string
version:
type: string
required:
- name
type: object
type: array
required:
- image
- plugins
type: object
status:
description: JenkinsImageStatus defines the observed state of JenkinsImage
properties:
image:
type: string
installedPlugins:
items:
description: Defines Jenkins Plugin structure
properties:
name:
type: string
version:
type: string
required:
- name
type: object
type: array
md5sum:
type: string
type: object
type: object
version: v1alpha2
versions:
- name: v1alpha2
served: true
storage: true

73
deploy/crds/openshift_jenkins_v1alpha2_jenkins_cr.yaml Normal file
View File

@ -0,0 +1,73 @@
apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
annotations:
jenkins.io/openshift-mode: 'true'
name: jenkins
spec:
master:
containers:
- name: jenkins-master
command:
- /usr/bin/go-init
- '-main'
- /usr/libexec/s2i/run
env:
- name: OPENSHIFT_ENABLE_OAUTH
value: 'true'
- name: OPENSHIFT_ENABLE_REDIRECT_PROMPT
value: 'true'
- name: DISABLE_ADMINISTRATIVE_MONITORS
value: 'false'
- name: KUBERNETES_MASTER
value: 'https://kubernetes.default:443'
- name: KUBERNETES_TRUST_CERTIFICATES
value: 'true'
- name: JENKINS_SERVICE_NAME
value: jenkins-operator-http-jenkins
- name: JNLP_SERVICE_NAME
value: jenkins-operator-slave-jenkins
- name: JENKINS_UC_INSECURE
value: 'false'
- name: JENKINS_HOME
value: /var/lib/jenkins
- name: JAVA_OPTS
value: >-
-XX:+UnlockExperimentalVMOptions -XX:+UnlockExperimentalVMOptions
-XX:+UseCGroupMemoryLimitForHeap -XX:MaxRAMFraction=1
-Djenkins.install.runSetupWizard=false -Djava.awt.headless=true
image: 'quay.io/openshift/origin-jenkins:latest'
imagePullPolicy: Always
livenessProbe:
httpGet:
path: /login
port: 8080
scheme: HTTP
initialDelaySeconds: 420
periodSeconds: 360
timeoutSeconds: 240
readinessProbe:
httpGet:
path: /login
port: 8080
scheme: HTTP
initialDelaySeconds: 3
periodSeconds: 0
timeoutSeconds: 240
resources:
limits:
cpu: 600m
memory: 4Gi
requests:
cpu: 500m
memory: 3Gi
service:
port: 8080
type: ClusterIP
slaveService:
port: 50000
type: ClusterIP
serviceAccount:
annotations:
serviceaccounts.openshift.io/oauth-redirectreference.jenkins: '{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"jenkins-operator"}}'

244
deploy/olm-catalog/jenkins-operator/0.2.2/jenkins-operator.v0.2.2.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

20
deploy/olm-catalog/jenkins-operator/0.2.2/jenkins_v1alpha2_jenkins_crd.yaml Normal file
View File

@ -0,0 +1,20 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: jenkins.jenkins.io
spec:
group: jenkins.io
names:
kind: Jenkins
listKind: JenkinsList
plural: jenkins
singular: jenkins
scope: Namespaced
version: v1alpha2
versions:
- name : v1alpha2
served: true
storage: true
- name : v1alpha1
served: true
storage: false

226
deploy/olm-catalog/jenkins-operator/0.3.0/jenkins-operator.v0.3.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

20
deploy/olm-catalog/jenkins-operator/0.3.0/jenkins_v1alpha2_jenkins_crd.yaml Normal file
View File

@ -0,0 +1,20 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: jenkins.jenkins.io
spec:
group: jenkins.io
names:
kind: Jenkins
listKind: JenkinsList
plural: jenkins
singular: jenkins
scope: Namespaced
version: v1alpha2
versions:
- name : v1alpha2
served: true
storage: true
- name : v1alpha1
served: true
storage: false

5
deploy/olm-catalog/jenkins-operator/jenkins-operator.package.yaml Normal file
View File

@ -0,0 +1,5 @@
channels:
- currentCSV: jenkins-operator.v0.3.0
name: alpha
defaultChannel: alpha
packageName: jenkins-operator

34
deploy/operator.yaml Normal file
View File

@ -0,0 +1,34 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins-operator
spec:
replicas: 1
selector:
matchLabels:
name: jenkins-operator
template:
metadata:
labels:
name: jenkins-operator
spec:
serviceAccountName: jenkins-operator
containers:
- name: jenkins-operator
image: virtuslab/jenkins-operator:v0.5.0
command:
- jenkins-operator
args: []
imagePullPolicy: IfNotPresent
env:
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: OPERATOR_NAME
value: "jenkins-operator"

117
deploy/role.yaml Normal file
View File

@ -0,0 +1,117 @@
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: jenkins-operator
rules:
- apiGroups:
- ""
resources:
- services
- configmaps
- secrets
- serviceaccounts
verbs:
- get
- create
- update
- list
- watch
- apiGroups:
- apps
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
verbs:
- '*'
- apiGroups:
- rbac.authorization.k8s.io
resources:
- roles
- rolebindings
verbs:
- create
- update
- list
- watch
- apiGroups:
- ""
resources:
- pods/portforward
verbs:
- create
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- pods
- pods/exec
verbs:
- "*"
- apiGroups:
- ""
resources:
- events
verbs:
- watch
- list
- create
- patch
- apiGroups:
- apps
resourceNames:
- jenkins-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- jenkins.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- ""
resources:
- persistentvolumeclaims
verbs:
- get
- list
- watch
- apiGroups:
- "route.openshift.io"
resources:
- routes
verbs:
- get
- list
- watch
- create
- update
- apiGroups:
- "image.openshift.io"
resources:
- imagestreams
verbs:
- get
- list
- watch
- apiGroups:
- "build.openshift.io"
resources:
- builds
- buildconfigs
verbs:
- get
- list
- watch

12
deploy/role_binding.yaml Normal file
View File

@ -0,0 +1,12 @@
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: jenkins-operator
subjects:
- kind: ServiceAccount
name: jenkins-operator
roleRef:
kind: Role
name: jenkins-operator
apiGroup: rbac.authorization.k8s.io

5
deploy/service_account.yaml Normal file
View File

@ -0,0 +1,5 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: jenkins-operator

3
variables.mk
View File

@ -69,7 +69,8 @@ OPERATOR_ARGS ?= --jenkins-api-hostname=$(JENKINS_API_HOSTNAME) --jenkins-api-po
.DEFAULT_GOAL := help .DEFAULT_GOAL := help
PLATFORM = $(shell echo $(UNAME_S) | tr A-Z a-z) PLATFORM = $(shell echo $(UNAME_S) | tr A-Z a-z)
CPUS_NUMBER = 3
##################### FROM OPERATOR SDK ######################## ##################### FROM OPERATOR SDK ########################
# Default bundle image tag # Default bundle image tag

301
website/content/en/docs/Developer Guide/Preview/_index.md Normal file
View File

@ -0,0 +1,301 @@
---
title: "Developer Guide"
linkTitle: "Developer Guide - Preview"
weight: 60
date: 2020-02-09
description: >
Jenkins Operator for developers
---
{{% pageinfo %}}
This document explains how to setup your development environment.
{{% /pageinfo %}}
## Prerequisites
- [operator_sdk][operator_sdk] version 1.3.0
- [git][git_tool]
- [go][go_tool] version 1.15.6
- [goimports, golint, checkmake and staticcheck][install_dev_tools]
- [minikube][minikube] version 1.17.1 (preferred Hypervisor - [virtualbox][virtualbox]) (automatically downloaded)
- [docker][docker_tool] version 17.03+
## Clone repository and download dependencies
```bash
git clone git@github.com:jenkinsci/kubernetes-operator.git
cd kubernetes-operator
make go-dependencies
```
## Build and run with a minikube
Start minikube instance configured for **Jenkins Operator**. Appropriate minikube version will be downloaded to bin folder.
```bash
make minikube-start
```
Next run **Jenkins Operator** locally.
```bash
make run
```
Console output indicating readiness of this phase:
```bash
+ build
+ run
kubectl config use-context minikube
Switched to context "minikube".
Watching 'default' namespace
bin/manager --jenkins-api-hostname=192.168.99.252 --jenkins-api-port=0 --jenkins-api-use-nodeport=true --cluster-domain=cluster.local
2021-02-08T14:14:45.263+0100 INFO cmd Version: v0.5.0
2021-02-08T14:14:45.263+0100 INFO cmd Git commit: 305dbeda-dirty-dirty
2021-02-08T14:14:45.264+0100 INFO cmd Go Version: go1.15.6
2021-02-08T14:14:45.264+0100 INFO cmd Go OS/Arch: darwin/amd64
2021-02-08T14:14:45.264+0100 INFO cmd Watch namespace: default
2021-02-08T14:14:45.592+0100 INFO controller-runtime.metrics metrics server is starting to listen {"addr": "0.0.0.0:8383"}
2021-02-08T14:14:45.599+0100 INFO cmd starting manager
2021-02-08T14:14:45.599+0100 INFO controller-runtime.manager starting metrics server {"path": "/metrics"}
2021-02-08T14:14:45.599+0100 INFO controller-runtime.manager.controller.jenkins Starting EventSource {"reconciler group": "jenkins.io", "reconciler kind": "Jenkins", "source": "kind source: jenkins.io/v1alpha2, Kind=Jenkins"}
2021-02-08T14:14:45.700+0100 INFO controller-runtime.manager.controller.jenkins Starting EventSource {"reconciler group": "jenkins.io", "reconciler kind": "Jenkins", "source": "kind source: /, Kind="}
2021-02-08T14:14:45.800+0100 INFO controller-runtime.manager.controller.jenkins Starting EventSource {"reconciler group": "jenkins.io", "reconciler kind": "Jenkins", "source": "kind source: /, Kind="}
2021-02-08T14:14:45.901+0100 INFO controller-runtime.manager.controller.jenkins Starting EventSource {"reconciler group": "jenkins.io", "reconciler kind": "Jenkins", "source": "kind source: /, Kind="}
2021-02-08T14:14:46.003+0100 INFO controller-runtime.manager.controller.jenkins Starting EventSource {"reconciler group": "jenkins.io", "reconciler kind": "Jenkins", "source": "kind source: core/v1, Kind=Secret"}
2021-02-08T14:14:46.004+0100 INFO controller-runtime.manager.controller.jenkins Starting EventSource {"reconciler group": "jenkins.io", "reconciler kind": "Jenkins", "source": "kind source: core/v1, Kind=ConfigMap"}
2021-02-08T14:14:46.004+0100 INFO controller-runtime.manager.controller.jenkins Starting EventSource {"reconciler group": "jenkins.io", "reconciler kind": "Jenkins", "source": "kind source: jenkins.io/v1alpha2, Kind=Jenkins"}
2021-02-08T14:14:46.004+0100 INFO controller-runtime.manager.controller.jenkins Starting Controller {"reconciler group": "jenkins.io", "reconciler kind": "Jenkins"}
2021-02-08T14:14:46.004+0100 INFO controller-runtime.manager.controller.jenkins Starting workers {"reconciler group": "jenkins.io", "reconciler kind": "Jenkins", "worker count": 1}
```
Lastly apply Jenkins Custom Resource to minikube cluster:
```bash
kubectl apply -f config/samples/jenkins.io_v1alpha2_jenkins.yaml
{"level":"info","ts":1612790690.875426,"logger":"controller-jenkins","msg":"Setting default Jenkins container command","cr":"jenkins-example"}
{"level":"info","ts":1612790690.8754492,"logger":"controller-jenkins","msg":"Setting default Jenkins container JAVA_OPTS environment variable","cr":"jenkins-example"}
{"level":"info","ts":1612790690.875456,"logger":"controller-jenkins","msg":"Setting default operator plugins","cr":"jenkins-example"}
{"level":"info","ts":1612790690.875463,"logger":"controller-jenkins","msg":"Setting default Jenkins master service","cr":"jenkins-example"}
{"level":"info","ts":1612790690.875467,"logger":"controller-jenkins","msg":"Setting default Jenkins slave service","cr":"jenkins-example"}
{"level":"info","ts":1612790690.881811,"logger":"controller-jenkins","msg":"*v1alpha2.Jenkins/jenkins-example has been updated","cr":"jenkins-example"}
{"level":"info","ts":1612790691.252834,"logger":"controller-jenkins","msg":"Creating a new Jenkins Master Pod default/jenkins-jenkins-example","cr":"jenkins-example"}
{"level":"info","ts":1612790691.322793,"logger":"controller-jenkins","msg":"Jenkins master pod restarted by operator:","cr":"jenkins-example"}
{"level":"info","ts":1612790691.322817,"logger":"controller-jenkins","msg":"Jenkins Operator version has changed, actual '' new 'v0.5.0'","cr":"jenkins-example"}
{"level":"info","ts":1612790691.3228202,"logger":"controller-jenkins","msg":"Jenkins CR has been replaced","cr":"jenkins-example"}
{"level":"info","ts":1612790695.8789551,"logger":"controller-jenkins","msg":"Creating a new Jenkins Master Pod default/jenkins-jenkins-example","cr":"jenkins-example"}
{"level":"warn","ts":1612790817.9423082,"logger":"controller-jenkins","msg":"Reconcile loop failed: couldn't init Jenkins API client: Get \"http://192.168.99.254:31998/api/json\": dial tcp 192.168.99.254:31998: connect: connection refused","cr":"jenkins-example"}
{"level":"warn","ts":1612790817.9998221,"logger":"controller-jenkins","msg":"Reconcile loop failed: couldn't init Jenkins API client: Get \"http://192.168.99.254:31998/api/json\": dial tcp 192.168.99.254:31998: connect: connection refused","cr":"jenkins-example"}
{"level":"info","ts":1612790818.581316,"logger":"controller-jenkins","msg":"base-groovy ConfigMap 'jenkins-operator-base-configuration-jenkins-example' name '1-basic-settings.groovy' running groovy script","cr":"jenkins-example"}
...
{"level":"info","ts":1612790820.9473379,"logger":"controller-jenkins","msg":"base-groovy ConfigMap 'jenkins-operator-base-configuration-jenkins-example' name '8-disable-job-dsl-script-approval.groovy' running groovy script","cr":"jenkins-example"}
{"level":"info","ts":1612790821.244055,"logger":"controller-jenkins","msg":"Base configuration phase is complete, took 2m6s","cr":"jenkins-example"}
{"level":"info","ts":1612790821.7953842,"logger":"controller-jenkins","msg":"Waiting for Seed Job Agent `seed-job-agent`...","cr":"jenkins-example"}
...
{"level":"info","ts":1612790851.843638,"logger":"controller-jenkins","msg":"Waiting for Seed Job Agent `seed-job-agent`...","cr":"jenkins-example"}
{"level":"info","ts":1612790853.489524,"logger":"controller-jenkins","msg":"User configuration phase is complete, took 2m38s","cr":"jenkins-example"}
Two log lines says that Jenkins Operator works correctly:
* `Base configuration phase is complete` - ensures manifests, Jenkins pod, Jenkins configuration and Jenkins API token
* `User configuration phase is complete` - ensures Jenkins restore, backup and seed jobs along with user configuration
> Details about base and user phase can be found [here](https://jenkinsci.github.io/kubernetes-operator/docs/how-it-works/architecture-and-design/).
```bash
kubectl get jenkins -o yaml
apiVersion: v1
items:
- apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
...
spec:
backup:
action: {}
containerName: ""
interval: 0
makeBackupBeforePodDeletion: false
configurationAsCode:
configurations: []
secret:
name: ""
groovyScripts:
configurations: []
secret:
name: ""
jenkinsAPISettings:
authorizationStrategy: createUser
master:
basePlugins:
...
containers:
- command:
- bash
- -c
- /var/jenkins/scripts/init.sh && exec /sbin/tini -s -- /usr/local/bin/jenkins.sh
env:
- name: JAVA_OPTS
value: -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap
-XX:MaxRAMFraction=1 -Djenkins.install.runSetupWizard=false -Djava.awt.headless=true
image: jenkins/jenkins:2.263.3-lts-alpine
imagePullPolicy: Always
livenessProbe:
...
readinessProbe:
...
resources:
limits:
cpu: 1500m
memory: 3Gi
requests:
cpu: "1"
memory: 500Mi
disableCSRFProtection: false
restore:
action: {}
containerName: ""
getLatestAction: {}
seedJobs:
- additionalClasspath: ""
bitbucketPushTrigger: false
buildPeriodically: ""
description: Jenkins Operator repository
failOnMissingPlugin: false
githubPushTrigger: false
id: jenkins-operator
ignoreMissingFiles: false
pollSCM: ""
repositoryBranch: master
repositoryUrl: https://github.com/jenkinsci/kubernetes-operator.git
targets: cicd/jobs/*.jenkins
unstableOnDeprecation: false
service:
port: 8080
type: NodePort
serviceAccount: {}
slaveService:
port: 50000
type: ClusterIP
status:
appliedGroovyScripts:
- configurationType: base-groovy
hash: 2ownqpRyBjQYmzTRttUx7axok3CKe2E45frI5iRwH0w=
name: 1-basic-settings.groovy
source: jenkins-operator-base-configuration-jenkins-example
...
baseConfigurationCompletedTime: "2021-02-08T13:27:01Z"
createdSeedJobs:
- jenkins-operator
operatorVersion: v0.5.0
provisionStartTime: "2021-02-08T13:24:55Z"
userAndPasswordHash: nnfZsWmFfAYlYyVYeKhWW2KB4L8mE61JUfetAsr9IMM=
userConfigurationCompletedTime: "2021-02-08T13:27:33Z"
kind: List
metadata:
resourceVersion: ""
selfLink: ""
```
```bash
kubectl get po
NAME READY STATUS RESTARTS AGE
jenkins-jenkins-example 1/1 Running 0 23m
seed-job-agent-jenkins-example-758cc7cc5c-82hbl 1/1 Running 0 21m
```
### Debug Jenkins Operator
```bash
make run OPERATOR_EXTRA_ARGS="--debug"
```
## Build and run with a remote Kubernetes cluster
You can also run the controller locally and make it listen to a remote Kubernetes server.
```bash
make run NAMESPACE=default KUBECTL_CONTEXT=remote-k8s EXTRA_ARGS='--kubeconfig ~/.kube/config'
```
Once **Jenkins Operator** are up and running, apply Jenkins custom resource:
```bash
kubectl --context remote-k8s --namespace default apply -f deploy/crds/jenkins_v1alpha2_jenkins_cr.yaml
kubectl --context remote-k8s --namespace default get jenkins -o yaml
kubectl --context remote-k8s --namespace default get po
```
## Testing
Tests are written using [Ginkgo](https://onsi.github.io/ginkgo/) with [Gomega](https://onsi.github.io/gomega/).
Run unit tests with go fmt, lint, statickcheck, vet:
```bash
make verify
```
Run unit tests only:
```bash
make test
```
### Running E2E tests
Run e2e tests with minikube:
```bash
make minikube-start
make e2e
```
Run the specific e2e test:
```bash
make e2e E2E_TEST_SELECTOR='^TestConfiguration$'
```
### Building docker image on minikube
To be able to work with the docker daemon on `minikube` machine run the following command before building an image:
```bash
eval $(bin/minikube docker-env)
```
### When `api/v1alpha2/jenkins_types.go` has changed
Run:
```bash
make manifests
```
### Getting the Jenkins URL and basic credentials
```bash
minikube service jenkins-operator-http-<cr_name> --url
kubectl get secret jenkins-operator-credentials-<cr_name> -o 'jsonpath={.data.user}' | base64 -d
kubectl get secret jenkins-operator-credentials-<cr_name> -o 'jsonpath={.data.password}' | base64 -d
```
[dep_tool]:https://golang.github.io/dep/docs/installation.html
[git_tool]:https://git-scm.com/downloads
[go_tool]:https://golang.org/dl/
[operator_sdk]:https://github.com/operator-framework/operator-sdk
[fork_guide]:https://help.github.com/articles/fork-a-repo/
[docker_tool]:https://docs.docker.com/install/
[kubectl_tool]:https://kubernetes.io/docs/tasks/tools/install-kubectl/
[minikube]:https://kubernetes.io/docs/tasks/tools/install-minikube/
[virtualbox]:https://www.virtualbox.org/wiki/Downloads
[install_dev_tools]:https://jenkinsci.github.io/kubernetes-operator/docs/developer-guide/tools/
## Self-learning
* [Tutorial: Deep Dive into the Operator Framework for... Melvin Hillsman, Michael Hrivnak, & Matt Dorn
](https://www.youtube.com/watch?v=8_DaCcRMp5I)
* [Operator Framework Training By OpenShift](https://www.katacoda.com/openshift/courses/operatorframework)

2
website/content/en/docs/Developer Guide/_index.md
View File

@ -152,6 +152,7 @@ items:
restore: restore:
action: {} action: {}
containerName: "" containerName: ""
getLatestAction: {}
seedJobs: seedJobs:
- additionalClasspath: "" - additionalClasspath: ""
bitbucketPushTrigger: false bitbucketPushTrigger: false
@ -244,7 +245,6 @@ Run e2e tests with minikube:
```bash ```bash
make minikube-start make minikube-start
eval $(minikube docker-env)
make e2e make e2e
``` ```

18
website/content/en/docs/Getting Started/Preview/_index.md Normal file
View File

@ -0,0 +1,18 @@
---
title: "Preview"
linkTitle: "Preview"
weight: 10
date: 2021-01-18
description: >
How to work with jenkins-operator to be released version
---
{{% pageinfo %}}
This document describes a getting started guide for **Jenkins Operator** currently in preview version and an additional configuration.
{{% /pageinfo %}}
## First Steps
Prepare your Kubernetes cluster and set up your `kubectl` access.
Once you have running Kubernetes cluster you can focus on installing **Jenkins Operator** according to the [Installation](/kubernetes-operator/docs/installation/) guide.

24
website/content/en/docs/Getting Started/Preview/aks.md Normal file
View File

@ -0,0 +1,24 @@
---
title: "AKS"
linkTitle: "AKS"
weight: 10
date: 2021-01-18
description: >
Additional configuration for Azure Kubernetes Service
---
Azure AKS managed Kubernetes service adds to every pod the following environment variables:
```yaml
- name: KUBERNETES_PORT_443_TCP_ADDR
value:
- name: KUBERNETES_PORT
value: tcp://
- name: KUBERNETES_PORT_443_TCP
value: tcp://
- name: KUBERNETES_SERVICE_HOST
value:
```
The operator is aware of it and omits these environment variables when checking if a Jenkins pod environment has been changed. It prevents the
restart of a Jenkins pod over and over again.

315
website/content/en/docs/Getting Started/Preview/configuration.md Normal file
View File

@ -0,0 +1,315 @@
---
title: "Configuration"
linkTitle: "Configuration"
weight: 2
date: 2021-01-25
description: >
How to configure Jenkins with Operator
---
## Configure Seed Jobs and Pipelines
Jenkins operator uses [job-dsl][job-dsl] and [kubernetes-credentials-provider][kubernetes-credentials-provider] plugins for configuring jobs
and deploy keys.
## Prepare job definitions and pipelines
First you have to prepare pipelines and job definition in your GitHub repository using the following structure:
```
cicd/
├── jobs
│   └── k8s.jenkins
└── pipelines
└── k8s.jenkins
```
**`cicd/jobs/k8s.jenkins`** is a job definition:
```
#!/usr/bin/env groovy
pipelineJob('k8s-e2e') {
displayName('Kubernetes Plugin E2E Test')
logRotator {
numToKeep(10)
daysToKeep(30)
}
configure { project ->
project / 'properties' / 'org.jenkinsci.plugins.workflow.job.properties.DurabilityHintJobProperty' {
hint('PERFORMANCE_OPTIMIZED')
}
}
definition {
cpsScm {
scm {
git {
remote {
url('https://github.com/jenkinsci/kubernetes-operator.git')
credentials('jenkins-operator')
}
branches('*/master')
}
}
scriptPath('cicd/pipelines/k8s.jenkins')
}
}
}
```
**`cicd/pipelines/k8s.jenkins`** is an actual Jenkins pipeline:
```
#!/usr/bin/env groovy
def label = "k8s-${UUID.randomUUID().toString()}"
def home = "/home/jenkins"
def workspace = "${home}/workspace/build-jenkins-operator"
def workdir = "${workspace}/src/github.com/jenkinsci/kubernetes-operator/"
podTemplate(label: label,
containers: [
containerTemplate(name: 'alpine', image: 'alpine:3.11', ttyEnabled: true, command: 'cat'),
],
) {
node(label) {
stage('Run shell') {
container('alpine') {
sh 'echo "hello world"'
}
}
}
}
```
## Configure Seed Jobs
Jenkins Seed Jobs are configured using `Jenkins.spec.seedJobs` section from your custom resource manifest:
```
apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
name: example
spec:
seedJobs:
- id: jenkins-operator
targets: "cicd/jobs/*.jenkins"
description: "Jenkins Operator repository"
repositoryBranch: master
repositoryUrl: https://github.com/jenkinsci/kubernetes-operator.git
```
**Jenkins Operator** will automatically discover and configure all the seed jobs.
You can verify if deploy keys were successfully configured in the Jenkins **Credentials** tab.
![jenkins](/kubernetes-operator/img/jenkins-credentials.png)
You can verify if your pipelines were successfully configured in the Jenkins Seed Job console output.
![jenkins](/kubernetes-operator/img/jenkins-seed.png)
If your GitHub repository is **private** you have to configure SSH or username/password authentication.
### SSH authentication
#### Generate SSH Keys
There are two methods of SSH private key generation:
```bash
$ openssl genrsa -out <filename> 2048
```
or
```bash
$ ssh-keygen -t rsa -b 2048
$ ssh-keygen -p -f <filename> -m pem
```
Then copy content from generated file.
#### Public key
If you want to upload your public key to your Git server you need to extract it.
If key was generated by `openssl` then you need to type this to extract public key:
```bash
$ openssl rsa -in <filename> -pubout > <filename>.pub
```
If key was generated by `ssh-keygen` the public key content is located in <filename>.pub and there is no need to extract public key
#### Configure SSH authentication
Configure a seed job like this:
```
apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
name: example
spec:
seedJobs:
- id: jenkins-operator-ssh
credentialType: basicSSHUserPrivateKey
credentialID: k8s-ssh
targets: "cicd/jobs/*.jenkins"
description: "Jenkins Operator repository"
repositoryBranch: master
repositoryUrl: ssh://git@github.com:jenkinsci/kubernetes-operator.git
```
and create a Kubernetes Secret (name of secret should be the same from `credentialID` field):
```
apiVersion: v1
kind: Secret
metadata:
name: k8s-ssh
labels:
"jenkins.io/credentials-type": "basicSSHUserPrivateKey"
annotations:
"jenkins.io/credentials-description" : "ssh github.com:jenkinsci/kubernetes-operator"
stringData:
privateKey: |
-----BEGIN RSA PRIVATE KEY-----
MIIJKAIBAAKCAgEAxxDpleJjMCN5nusfW/AtBAZhx8UVVlhhhIKXvQ+dFODQIdzO
oDXybs1zVHWOj31zqbbJnsfsVZ9Uf3p9k6xpJ3WFY9b85WasqTDN1xmSd6swD4N8
...
username: github_user_name
```
### Username & password authentication
Configure the seed job like:
```
apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
name: example
spec:
seedJobs:
- id: jenkins-operator-user-pass
credentialType: usernamePassword
credentialID: k8s-user-pass
targets: "cicd/jobs/*.jenkins"
description: "Jenkins Operator repository"
repositoryBranch: master
repositoryUrl: https://github.com/jenkinsci/kubernetes-operator.git
```
and create a Kubernetes Secret (name of secret should be the same from `credentialID` field):
```
apiVersion: v1
kind: Secret
metadata:
name: k8s-user-pass
stringData:
username: github_user_name
password: password_or_token
```
### External authentication
You can use `external` credential type if you want to configure authentication using Configuration As Code or Groovy Script.
## HTTP Proxy for downloading plugins
To use forwarding proxy with an operator to download plugins you need to add the following environment variable to Jenkins Custom Resource (CR), e.g.:
```yaml
spec:
master:
containers:
- name: jenkins-master
env:
- name: CURL_OPTIONS
value: -L -x <proxy_url>
```
In `CURL_OPTIONS` var you can set additional arguments to `curl` command.
## Pulling Docker images from private repositories
To pull a Docker Image from private repository you can use `imagePullSecrets`.
Please follow the instructions on [creating a secret with a docker config](https://kubernetes.io/docs/concepts/containers/images/?origin_team=T42NTAGHM#creating-a-secret-with-a-docker-config).
### Docker Hub Configuration
To use Docker Hub additional steps are required.
Edit the previously created secret:
```bash
kubectl -n <namespace> edit secret <name>
```
The `.dockerconfigjson` key's value needs to be replaced with a modified version.
After modifications, it needs to be encoded as a Base64 value before setting the `.dockerconfigjson` key.
Example config file to modify and use:
```
{
"auths":{
"https://index.docker.io/v1/":{
"username":"user",
"password":"password",
"email":"yourdockeremail@gmail.com",
"auth":"base64 of string user:password"
},
"auth.docker.io":{
"username":"user",
"password":"password",
"email":"yourdockeremail@gmail.com",
"auth":"base64 of string user:password"
},
"registry.docker.io":{
"username":"user",
"password":"password",
"email":"yourdockeremail@gmail.com",
"auth":"base64 of string user:password"
},
"docker.io":{
"username":"user",
"password":"password",
"email":"yourdockeremail@gmail.com",
"auth":"base64 of string user:password"
},
"https://registry-1.docker.io/v2/": {
"username":"user",
"password":"password",
"email":"yourdockeremail@gmail.com",
"auth":"base64 of string user:password"
},
"registry-1.docker.io/v2/": {
"username":"user",
"password":"password",
"email":"yourdockeremail@gmail.com",
"auth":"base64 of string user:password"
},
"registry-1.docker.io": {
"username":"user",
"password":"password",
"email":"yourdockeremail@gmail.com",
"auth":"base64 of string user:password"
},
"https://registry-1.docker.io": {
"username":"user",
"password":"password",
"email":"yourdockeremail@gmail.com",
"auth":"base64 of string user:password"
}
}
}
```
[job-dsl]:https://github.com/jenkinsci/job-dsl-plugin
[kubernetes-credentials-provider]:https://jenkinsci.github.io/kubernetes-credentials-provider-plugin/

90
website/content/en/docs/Getting Started/Preview/configure-backup-and-restore.md Normal file
View File

@ -0,0 +1,90 @@
---
title: "Configure backup and restore"
linkTitle: "Configure backup and restore"
weight: 10
date: 2021-01-25
description: >
Prevent loss of job history
---
Backup and restore is done by a container sidecar.
### PVC
#### Create PVC
Save to the file named pvc.yaml:
```yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: <pvc_name>
namespace: <namespace>
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 500Gi
```
Run the following command:
```bash
$ kubectl -n <namespace> create -f pvc.yaml
```
#### Configure Jenkins CR
```yaml
apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
name: <cr_name>
namespace: <namespace>
spec:
master:
securityContext:
runAsUser: 1000
fsGroup: 1000
containers:
- name: jenkins-master
image: jenkins/jenkins:2.263.2-lts-alpine
- name: backup # container responsible for the backup and restore
env:
- name: BACKUP_DIR
value: /backup
- name: JENKINS_HOME
value: /jenkins-home
- name: BACKUP_COUNT
value: "3" # keep only the 2 most recent backups
image: virtuslab/jenkins-operator-backup-pvc:v0.1.0 # look at backup/pvc directory
imagePullPolicy: IfNotPresent
volumeMounts:
- mountPath: /jenkins-home # Jenkins home volume
name: jenkins-home
- mountPath: /backup # backup volume
name: backup
volumes:
- name: backup # PVC volume where backups will be stored
persistentVolumeClaim:
claimName: <pvc_name>
backup:
containerName: backup # container name is responsible for backup
action:
exec:
command:
- /home/user/bin/backup.sh # this command is invoked on "backup" container to make backup, for example /home/user/bin/backup.sh <backup_number>, <backup_number> is passed by operator
getLatestAction:
exec:
command:
- /home/user/bin/get-latest.sh # this command is invoked on "backup" container to get last backup number before pod deletion. If you don't omit it in CR, you can lose data
interval: 30 # how often make backup in seconds
makeBackupBeforePodDeletion: true # make a backup before pod deletion
restore:
containerName: backup # container name is responsible for restore backup
action:
exec:
command:
- /home/user/bin/restore.sh # this command is invoked on "backup" container to make restore backup, for example /home/user/bin/restore.sh <backup_number>, <backup_number> is passed by operator
#recoveryOnce: <backup_number> # if want to restore specific backup configure this field and then Jenkins will be restarted and desired backup will be restored
```

184
website/content/en/docs/Getting Started/Preview/custom-backup-and-restore.md Normal file
View File

@ -0,0 +1,184 @@
---
title: "Custom Backup and Restore Providers"
linkTitle: "Custom Backup and Restore Providers"
weight: 10
date: 2021-01-18
description: >
Custom backup and restore provider
---
With enough effort one can create a custom backup and restore provider
for the Jenkins Operator.
## Requirements
Two commands (e.g. scripts) are required:
- a backup command, e.g. `backup.sh` that takes one argument, a **backup number**
- a restore command, e.g. `backup.sh` that takes one argument, a **backup number**
Both scripts need to return an exit code of `0` on success and `1` or greater for failure.
One of those scripts (or the entry point of the container) needs to be responsible
for backup cleanup or rotation if required, or an external system.
## How it works
The mechanism relies on basic Kubernetes and UNIX functionalities.
The backup (and restore) container runs as a sidecar in the same
Kubernetes pod as the Jenkins master.
Name of the backup and restore containers can be set as necessary using
`spec.backup.containerName` and `spec.restore.containerName`.
In most cases it will be the same container, but we allow for less common use cases.
The operator will call a backup or restore commands inside a sidecar container when necessary:
- backup command (defined in `spec.backup.action.exec.command`)
will be called every `N` seconds configurable in: `spec.backup.interval`
and on pod shutdown (if enabled in `spec.backup.makeBackupBeforePodDeletion`)
with an integer representing the current backup number as first and only argument
- restore command (defined in `spec.restore.action.exec.command`)
will be called at Jenkins startup
with an integer representing the backup number to restore as first and only argument
(can be overridden using `spec.restore.recoveryOnce`)
## Example AWS S3 backup using the CLI
This example shows abbreviated version of a simple AWS S3 backup implementation
using: `aws-cli`, `bash` and `kube2iam`.
In addition to your normal `Jenkins` `CustomResource` some additional settings
for backup and restore are required, e.g.:
```yaml
kind: Jenkins
apiVersion: jenkins.io/v1alpha1
metadata:
name: example
namespace: jenkins
spec:
master:
masterAnnotations:
iam.amazonaws.com/role: "my-example-backup-role" # tell kube2iam where the AWS IAM role is
containers:
- name: jenkins-master
...
- name: backup # container responsible for backup and restore
image: quay.io/virtuslab/aws-cli:1.16.263-2
workingDir: /home/user/bin/
command: # our container entry point
- sleep
- infinity
env:
- name: BACKUP_BUCKET
value: my-example-bucket # the S3 bucket name to use
- name: BACKUP_PATH
value: my-backup-path # the S3 bucket path prefix to use
- name: JENKINS_HOME
value: /jenkins-home # the path to mount jenkins home dir in the backup container
volumeMounts:
- mountPath: /jenkins-home # Jenkins home volume
name: jenkins-home
- mountPath: /home/user/bin/backup.sh
name: backup-scripts
subPath: backup.sh
readOnly: true
- mountPath: /home/user/bin/restore.sh
name: backup-scripts
subPath: restore.sh
readOnly: true
volumes:
- name: backup-scripts
configMap:
defaultMode: 0754
name: jenkins-operator-backup-s3
securityContext: # make sure both containers use the same UID and GUID
runAsUser: 1000
fsGroup: 1000
...
backup:
containerName: backup # container name responsible for backup
interval: 3600 # how often make a backup in seconds
makeBackupBeforePodDeletion: true # trigger backup just before deleting the pod
action:
exec:
command:
# this command is invoked on "backup" container to create a backup,
# <backup_number> is passed by operator,
# for example /home/user/bin/backup.sh <backup_number>
- /home/user/bin/backup.sh
restore:
containerName: backup # container name is responsible for restore backup
action:
exec:
command:
# this command is invoked on "backup" container to restore a backup,
# <backup_number> is passed by operator
# for example /home/user/bin/restore.sh <backup_number>
- /home/user/bin/restore.sh
# recoveryOnce: <backup_number> # if want to restore specific backup configure this field and then Jenkins will be restarted and desired backup will be restored
```
The actual backup and restore scripts will be provided in a `ConfigMap`:
```yaml
kind: ConfigMap
apiVersion: v1
metadata:
name: jenkins-operator-backup-s3
namespace: jenkins
labels:
app: jenkins-operator
data:
backup.sh: |-
#!/bin/bash -xeu
[[ ! $# -eq 1 ]] && echo "Usage: $0 backup_number" && exit 1;
[[ -z "${BACKUP_BUCKET}" ]] && echo "Required 'BACKUP_BUCKET' env not set" && exit 1;
[[ -z "${BACKUP_PATH}" ]] && echo "Required 'BACKUP_PATH' env not set" && exit 1;
[[ -z "${JENKINS_HOME}" ]] && echo "Required 'JENKINS_HOME' env not set" && exit 1;
backup_number=$1
echo "Running backup #${backup_number}"
BACKUP_TMP_DIR=$(mktemp -d)
tar -C ${JENKINS_HOME} -czf "${BACKUP_TMP_DIR}/${backup_number}.tar.gz" --exclude jobs/*/workspace* -c jobs && \
aws s3 cp ${BACKUP_TMP_DIR}/${backup_number}.tar.gz s3://${BACKUP_BUCKET}/${BACKUP_PATH}/${backup_number}.tar.gz
echo Done
restore.sh: |-
#!/bin/bash -xeu
[[ ! $# -eq 1 ]] && echo "Usage: $0 backup_number" && exit 1
[[ -z "${BACKUP_BUCKET}" ]] && echo "Required 'BACKUP_BUCKET' env not set" && exit 1;
[[ -z "${BACKUP_PATH}" ]] && echo "Required 'BACKUP_PATH' env not set" && exit 1;
[[ -z "${JENKINS_HOME}" ]] && echo "Required 'JENKINS_HOME' env not set" && exit 1;
backup_number=$1
echo "Running restore #${backup_number}"
BACKUP_TMP_DIR=$(mktemp -d)
aws s3 cp s3://${BACKUP_BUCKET}/${BACKUP_PATH}/${backup_number}.tar.gz ${BACKUP_TMP_DIR}/${backup_number}.tar.gz
tar -C ${JENKINS_HOME} -zxf "${BACKUP_TMP_DIR}/${backup_number}.tar.gz"
echo Done
```
In our example we will use S3 bucket lifecycle policy to keep
the number of backups under control, e.g. Cloud Formation fragment:
```yaml
Type: AWS::S3::Bucket
Properties:
BucketName: my-example-bucket
...
LifecycleConfiguration:
Rules:
- Id: BackupCleanup
Status: Enabled
Prefix: my-backup-path
ExpirationInDays: 7
NoncurrentVersionExpirationInDays: 14
AbortIncompleteMultipartUpload:
DaysAfterInitiation: 3
```

202
website/content/en/docs/Getting Started/Preview/customization.md Normal file
View File

@ -0,0 +1,202 @@
---
title: "Customization"
linkTitle: "Customization"
weight: 3
date: 2021-01-25
description: >
How to customize Jenkins
---
## How to customize Jenkins
Jenkins can be customized with plugins.
Plugin's configuration is applied as groovy scripts or the [configuration as code plugin](https://github.com/jenkinsci/configuration-as-code-plugin).
Any plugin working for Jenkins can be installed by the Jenkins Operator.
Pre-installed plugins:
* configuration-as-code v1.47
* git v4.5.0
* job-dsl v1.77
* kubernetes-credentials-provider v0.15
* kubernetes v1.29.0
* workflow-aggregator v2.6
* workflow-job v2.40
Rest of the plugins can be found in [plugins repository](https://plugins.jenkins.io/).
#### Install plugins
Edit Custom Resource under `spec.master.plugins`:
```yaml
apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
name: example
spec:
master:
plugins:
- name: simple-theme-plugin
version: "0.6"
```
Under `spec.master.basePlugins` you can find plugins for a valid **Jenkins Operator**:
```yaml
apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
name: example
spec:
master:
basePlugins:
- name: kubernetes
version: "1.28.6"
- name: workflow-job
version: "2.40"
- name: workflow-aggregator
version: "2.6"
- name: git
version: "4.5.0"
- name: job-dsl
version: "1.77"
- name: configuration-as-code
version: "1.46"
- name: kubernetes-credentials-provider
version: "0.15"
```
You can change their versions.
The **Jenkins Operator** will then automatically install plugins after the Jenkins master pod restart.
#### Apply plugin's config
By using a [ConfigMap](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/) you can create your own **Jenkins** customized configuration.
Then you must reference the **`ConfigMap`** in the **Jenkins** pod customization file in `spec.groovyScripts` or `spec.configurationAsCode`
Create a **`ConfigMap`** with specific name (eg. `jenkins-operator-user-configuration`). Then, modify the **Jenkins** manifest:
```yaml
apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
name: example
spec:
configurationAsCode:
configurations:
- name: jenkins-operator-user-configuration
groovyScripts:
configurations:
- name: jenkins-operator-user-configuration
```
Here is an example of `jenkins-operator-user-configuration`:
```yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: jenkins-operator-user-configuration
data:
1-configure-theme.groovy: |
import jenkins.*
import jenkins.model.*
import hudson.*
import hudson.model.*
import org.jenkinsci.plugins.simpletheme.ThemeElement
import org.jenkinsci.plugins.simpletheme.CssTextThemeElement
import org.jenkinsci.plugins.simpletheme.CssUrlThemeElement
Jenkins jenkins = Jenkins.getInstance()
def decorator = Jenkins.instance.getDescriptorByType(org.codefirst.SimpleThemeDecorator.class)
List<ThemeElement> configElements = new ArrayList<>();
configElements.add(new CssTextThemeElement("DEFAULT"));
configElements.add(new CssUrlThemeElement("https://cdn.rawgit.com/afonsof/jenkins-material-theme/gh-pages/dist/material-light-green.css"));
decorator.setElements(configElements);
decorator.save();
jenkins.save()
1-system-message.yaml: |
jenkins:
systemMessage: "Configuration as Code integration works!!!"
```
* `*.groovy` is Groovy script configuration
* `*.yaml is` configuration as code
If you want to correct your configuration you can edit it while the **Jenkins Operator** is running.
Jenkins will reconcile and apply the new configuration.
## How to use secrets from a Groovy scripts
If you configured `spec.groovyScripts.secret.name`, then this secret is available to use from map Groovy scripts.
The secrets are loaded to `secrets` map.
Create a [secret](https://kubernetes.io/docs/concepts/configuration/secret/) with for example the name `jenkins-conf-secrets`.
```yaml
kind: Secret
apiVersion: v1
type: Opaque
metadata:
name: jenkins-conf-secrets
namespace: default
data:
SYSTEM_MESSAGE: SGVsbG8gd29ybGQ=
```
Then modify the **Jenkins** pod manifest by changing `spec.groovyScripts.secret.name` to `jenkins-conf-secrets`.
```yaml
apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
name: example
spec:
configurationAsCode:
configurations:
- name: jenkins-operator-user-configuration
secret:
name: jenkins-conf-secrets
groovyScripts:
configurations:
- name: jenkins-operator-user-configuration
secret:
name: jenkins-conf-secrets
```
Now you can test that the secret is mounted by applying this `ConfigMap` for Groovy script:
```yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: jenkins-operator-user-configuration
data:
1-system-message.groovy: |
import jenkins.*
import jenkins.model.*
import hudson.*
import hudson.model.*
Jenkins jenkins = Jenkins.getInstance()
jenkins.setSystemMessage(secrets["SYSTEM_MESSAGE"])
jenkins.save()
```
Or by applying this configuration as code:
```yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: jenkins-operator-user-configuration
data:
1-system-message.yaml: |
jenkins:
systemMessage: ${SYSTEM_MESSAGE}
```
After this, you should see the `Hello world` system message from the **Jenkins** homepage.

90
website/content/en/docs/Getting Started/Preview/deploy-jenkins.md Normal file
View File

@ -0,0 +1,90 @@
---
title: "Deploy Jenkins"
linkTitle: "Deploy Jenkins"
weight: 1
date: 2021-01-25
description: >
Deploy production ready Jenkins Operator manifest
---
Once Jenkins Operator is up and running let's deploy actual Jenkins instance.
Create manifest e.g. **`jenkins_instance.yaml`** with following data and save it on drive.
```yaml
apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
name: example
spec:
master:
containers:
- name: jenkins-master
image: jenkins/jenkins:2.263.2-lts-alpine
imagePullPolicy: Always
livenessProbe:
failureThreshold: 12
httpGet:
path: /login
port: http
scheme: HTTP
initialDelaySeconds: 80
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
failureThreshold: 3
httpGet:
path: /login
port: http
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources:
limits:
cpu: 1500m
memory: 3Gi
requests:
cpu: "1"
memory: 500Mi
seedJobs:
- id: jenkins-operator
targets: "cicd/jobs/*.jenkins"
description: "Jenkins Operator repository"
repositoryBranch: master
repositoryUrl: https://github.com/jenkinsci/kubernetes-operator.git
```
Deploy a Jenkins to Kubernetes:
```bash
kubectl create -f jenkins_instance.yaml
```
Watch the Jenkins instance being created:
```bash
kubectl get pods -w
```
Get the Jenkins credentials:
```bash
kubectl get secret jenkins-operator-credentials-<cr_name> -o 'jsonpath={.data.user}' | base64 -d
kubectl get secret jenkins-operator-credentials-<cr_name> -o 'jsonpath={.data.password}' | base64 -d
```
Connect to the Jenkins instance (minikube):
```bash
minikube service jenkins-operator-http-<cr_name> --url
```
Connect to the Jenkins instance (actual Kubernetes cluster):
```bash
kubectl port-forward jenkins-<cr_name> 8080:8080
```
Then open browser with address `http://localhost:8080`.
![jenkins](/kubernetes-operator/img/jenkins.png)

42
website/content/en/docs/Getting Started/Preview/diagnostics.md Normal file
View File

@ -0,0 +1,42 @@
---
title: "Diagnostics"
linkTitle: "Diagnostics"
weight: 40
date: 2021-01-18
description: >
How to deal with Jenkins Operator problems
---
Turn on debug in **Jenkins Operator** deployment:
```bash
sed -i 's|\(args:\).*|\1\ ["--debug"\]|' deploy/operator.yaml
kubectl apply -f deploy/operator.yaml
```
Watch Kubernetes events:
```bash
kubectl get events --sort-by='{.lastTimestamp}'
```
Verify Jenkins master logs:
```bash
kubectl logs -f jenkins-<cr_name>
```
Verify the `jenkins-operator` logs:
```bash
kubectl logs deployment/jenkins-operator
```
## Troubleshooting
Delete the Jenkins master pod and wait for the new one to come up:
```bash
kubectl delete pod jenkins-<cr_name>
```

114
website/content/en/docs/Getting Started/Preview/notifications.md Normal file
View File

@ -0,0 +1,114 @@
---
title: "Notifications"
linkTitle: "Notifications"
weight: 10
date: 2021-01-18
description: >
How to setup operator notifications.
---
## Slack
Please follow [this](https://api.slack.com/incoming-webhooks) instructions to get web hook URL.
Create web hook secret with name `jenkins-operator-notification-data`. Contains key `url` with provided web hook URL.
```bash
$ kubectl create secret generic jenkins-operator-notification-data --from-literal=url=<webhook_url>
```
Example configuration for Slack:
```yaml
kind: Jenkins
spec:
master:
notifications:
- level: info
verbose: true
name: <name>
slack:
webHookURLSecretKeySelector:
secret:
name: <secret_name>
key: <key>
```
## Microsoft Teams
Please follow [this](https://docs.microsoft.com/en-gb/outlook/actionable-messages/send-via-connectors) instructions to get web hook URL.
Example configuration for Microsoft Teams:
```yaml
kind: Jenkins
spec:
master:
notifications:
- level: info
verbose: true
name: <name>
teams:
webHookURLSecretKeySelector:
secret:
name: <secret_name>
key: <key>
```
## Mailgun
Example configuration for Mailgun:
```yaml
kind: Jenkins
spec:
master:
notifications:
- level: info
verbose: true
name: <name>
mailgun:
domain: <domain>
apiKeySecretKeySelector:
secret:
name: <secret_name>
key: <key>
recipient: <your_email>
from: <mailgun_email>
```
## Debug options
As you see there is two debugging options:
* `level` (warning/info) - Set level of messages to send.
* `verbose` - Print stacktrace and additional error messages
## Multiple providers
You can use multiple providers to send notification to another communication channels at the same time.
For example you will send notifications to Slack and Teams.
```yaml
kind: Jenkins
spec:
master:
notifications:
- level: info
verbose: true
name: nslack
slack:
webHookURLSecretKeySelector:
secret:
name: <secret_name>
key: <key>
- level: info
verbose: true
name: nteams
teams:
webHookURLSecretKeySelector:
secret:
name: <secret_name>
key: <key>
```

104
website/content/en/docs/Getting Started/Preview/openshift.md Normal file
View File

@ -0,0 +1,104 @@
---
title: "OpenShift"
linkTitle: "OpenShift"
weight: 20
date: 2020-04-29
description: >
Additional configuration for OpenShift
---
## SecurityContext
OpenShift enforces Security Constraints Context (scc) when deploying an image.
By default, container images run in restricted scc which prevents from setting
a fixed user id to run with. You need to have ensure that you do not provide a
securityContext with a runAsUser and that your image does not use a hardcoded user.
```yaml
securityContext: {}
```
## OpenShift Jenkins image
OpenShift provides a pre-configured Jenkins image containing 3 openshift plugins for
jenkins (openshift-login-plugin, openshift-sync-plugin and openshift-client-plugin)
which allows better jenkins integration with kubernetes and OpenShift.
The OpenShift Jenkins image requires additional configuration to be fully enabled.
### Sample OpenShift CR
The following Custom Resource can be used to create a Jenkins instance using the
OpenShift Jenkins image and sets values for:
- `image: 'quay.io/openshift/origin-jenkins:latest' : This is the OpenShift Jenkins image.
- serviceAccount: to allow oauth authentication to work, the service account needs
a specific annotation pointing to the route exposing the jenkins service. Here,
the route is named `jenkins-route`
- `OPENSHIFT_ENABLE_OAUTH` environment variable for the master container is set to true.
Here is a complete Jenkins CR allowing the deployment of the Jenkins OpenShift image.
```yaml
apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
annotations:
jenkins.io/openshift-mode: 'true'
name: jenkins
spec:
serviceAccount:
annotations:
serviceaccounts.openshift.io/oauth-redirectreference.jenkins: '{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"jenkins-route"}}'
master:
containers:
- name: jenkins-master
image: 'quay.io/openshift/origin-jenkins:latest'
command:
- /usr/bin/go-init
- '-main'
- /usr/libexec/s2i/run
env:
- name: OPENSHIFT_ENABLE_OAUTH
value: 'true'
- name: OPENSHIFT_ENABLE_REDIRECT_PROMPT
value: 'true'
- name: DISABLE_ADMINISTRATIVE_MONITORS
value: 'false'
- name: KUBERNETES_MASTER
value: 'https://kubernetes.default:443'
- name: KUBERNETES_TRUST_CERTIFICATES
value: 'true'
- name: JENKINS_SERVICE_NAME
value: jenkins-operator-http-jenkins
- name: JNLP_SERVICE_NAME
value: jenkins-operator-slave-jenkins
- name: JENKINS_UC_INSECURE
value: 'false'
- name: JENKINS_HOME
value: /var/lib/jenkins
- name: JAVA_OPTS
value: >-
-XX:+UnlockExperimentalVMOptions -XX:+UnlockExperimentalVMOptions
-XX:+UseCGroupMemoryLimitForHeap -XX:MaxRAMFraction=1
-Djenkins.install.runSetupWizard=false -Djava.awt.headless=true
imagePullPolicy: Always
service:
port: 8080
type: ClusterIP
slaveService:
port: 50000
type: ClusterIP
```
### OpenShift OAuth integration
The creation of a Route is required for the integraiton of Jenkins with
OpenShift oauth authentication. By default, the jenkins http service is named
`jenkins-operator-http-${jenkins-cr-name}`
```bash
oc create route edge jenkins-route --service=jenkins-operator-http-jenkins
```
Note: the route name (jenkins-route) must match the pointed route on the serviceaccount annotation.
After the creation of the Route. It can be used to navigate to the Jenkins Login Page and login with your Openshift Credentials.

2642
website/content/en/docs/Getting Started/Preview/schema.md Normal file
View File

File diff suppressed because it is too large Load Diff

12
website/content/en/docs/Getting Started/latest/configuration.md
View File

@ -106,7 +106,7 @@ podTemplate(label: label,
Jenkins Seed Jobs are configured using `Jenkins.spec.seedJobs` section from your custom resource manifest: Jenkins Seed Jobs are configured using `Jenkins.spec.seedJobs` section from your custom resource manifest:
``` ```yaml
apiVersion: jenkins.io/v1alpha2 apiVersion: jenkins.io/v1alpha2
kind: Jenkins kind: Jenkins
metadata: metadata:
@ -167,7 +167,7 @@ If key was generated by `ssh-keygen` the public key content is located in <filen
Configure a seed job like this: Configure a seed job like this:
``` ```yaml
apiVersion: jenkins.io/v1alpha2 apiVersion: jenkins.io/v1alpha2
kind: Jenkins kind: Jenkins
metadata: metadata:
@ -185,7 +185,7 @@ spec:
and create a Kubernetes Secret (name of secret should be the same from `credentialID` field): and create a Kubernetes Secret (name of secret should be the same from `credentialID` field):
``` ```yaml
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
@ -207,7 +207,7 @@ stringData:
Configure the seed job like: Configure the seed job like:
``` ```yaml
apiVersion: jenkins.io/v1alpha2 apiVersion: jenkins.io/v1alpha2
kind: Jenkins kind: Jenkins
metadata: metadata:
@ -225,7 +225,7 @@ spec:
and create a Kubernetes Secret (name of secret should be the same from `credentialID` field): and create a Kubernetes Secret (name of secret should be the same from `credentialID` field):
``` ```yaml
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
@ -273,7 +273,7 @@ The `.dockerconfigjson` key's value needs to be replaced with a modified version
After modifications, it needs to be encoded as a Base64 value before setting the `.dockerconfigjson` key. After modifications, it needs to be encoded as a Base64 value before setting the `.dockerconfigjson` key.
Example config file to modify and use: Example config file to modify and use:
``` ```json
{ {
"auths":{ "auths":{
"https://index.docker.io/v1/":{ "https://index.docker.io/v1/":{

4
website/content/en/docs/How it works/jenkins-docker-images.md
View File

@ -7,6 +7,8 @@ description: >
Jenkins default image details Jenkins default image details
--- ---
**Jenkins Operator** is fully compatible with **`jenkins:lts`** Docker image and does not introduce any hidden changes to the upstream Jenkins. **Jenkins Operator** is fully compatible with **`jenkins:lts`** Docker image and does not introduce any hidden changes
to the upstream Jenkins. However due to problems with plugins and images version compatibility we are using specific tags
in the exemplary Custom Resource, so you know a working configuration.
If needed, the Docker image can be easily changed in custom resource manifest as long as it supports standard Jenkins file system structure. If needed, the Docker image can be easily changed in custom resource manifest as long as it supports standard Jenkins file system structure.

881
website/content/en/docs/Installation/Preview/_index.md Normal file
View File

@ -0,0 +1,881 @@
---
title: "Installation - Preview"
linkTitle: "Installation - Preview"
weight: 1
date: 2020-10-05
description: >
How to install Jenkins Operator
---
{{% pageinfo %}}
This document describes installation procedure for **Jenkins Operator**.
All container images can be found at [virtuslab/jenkins-operator](https://hub.docker.com/r/virtuslab/jenkins-operator)
{{% /pageinfo %}}
## Requirements
To run **Jenkins Operator**, you will need:
- access to a Kubernetes cluster version `1.17+`
- `kubectl` version `1.17+`
## Configure Custom Resource Definition
Install Jenkins Custom Resource Definition:
```bash
kubectl apply -f https://raw.githubusercontent.com/jenkinsci/kubernetes-operator/master/deploy/crds/jenkins_v1alpha2_jenkins_crd.yaml
```
## Deploy Jenkins Operator
There are two ways to deploy the Jenkins Operator.
### Using YAML's
Apply Service Account and RBAC roles:
```bash
kubectl apply -f https://raw.githubusercontent.com/jenkinsci/kubernetes-operator/master/config/all-in-one-v1alpha2.yaml
```
Watch **Jenkins Operator** instance being created:
```bash
kubectl get pods -w
```
Now **Jenkins Operator** should be up and running in the `default` namespace.
### Using Helm Chart
There is an option to use Helm to install the operator. It requires the Helm 3+ for deployment.
Create a namespace for the operator:
```bash
$ kubectl create namespace <your-namespace>
```
To install, you need only to type these commands:
```bash
$ helm repo add jenkins https://raw.githubusercontent.com/jenkinsci/kubernetes-operator/master/chart
$ helm install <name> jenkins/jenkins-operator -n <your-namespace>
```
In case you want to use released Chart **v0.4.1**, before installing/upgrading please install additional CRD into the cluster:
```bash
$ kubectl apply -f https://raw.githubusercontent.com/jenkinsci/kubernetes-operator/master/chart/jenkins-operator/crds/jenkinsimage-crd.yaml
```
To add custom labels and annotations, you can use `values.yaml` file or pass them into `helm install` command, e.g.:
```bash
$ helm install <name> jenkins/jenkins-operator -n <your-namespace> --set jenkins.labels.LabelKey=LabelValue,jenkins.annotations.AnnotationKey=AnnotationValue
```
You can further customize Jenkins using `values.yaml`:
<h3 id="JenkinsConfiguration">Jenkins instance configuration
</h3>
<table aria-colspan="4">
<thead aria-colspan="4">
<tr>
<th></th>
<th>Field</th>
<th>Default value</th>
<th>Description</th>
</tr>
</thead>
<tbody aria-colspan="4">
<tr></tr>
<tr>
<td colspan="1">
<code>jenkins</code>
</td>
<td colspan="3">
<p>operator is section for configuring operator deployment</p>
<table>
<tr>
<td>
<code>enabled</code>
</td>
<td>
true
</td>
<td>
Enabled can enable or disable the Jenkins instance.
Set to false if you have configured CR already and/or you want to deploy an operator only.
</td>
</tr>
<tr>
<td>
<code>apiVersion</code>
</td>
<td>jenkins.io/v1alpha2</td>
<td>
Version of the CR manifest. The recommended and default value is <code>jenkins.io/v1alpha2</code>.
<a href="#github.io/kubernetes-operator/docs/getting-started/v0.1.x/migration-guide-v1alpha1-to-v1alpha2/">More info</a>
</td>
</tr>
<tr>
<td>
<code>name</code>
</td>
<td>
jenkins
</td>
<td>
Name of resource. The pod name will be <code>jenkins-&lt;name&gt;</code> (name will be set as suffix).
</td>
</tr>
<tr>
<td>
<code>namespace</code>
</td>
<td>
default
</td>
<td>
Namespace the resources will be deployed to. It's not recommended to use default namespace.
Create new namespace for jenkins (e.g. <code>kubectl create -n jenkins</code>)
</td>
</tr>
<tr>
<td>
<code>labels</code>
</td>
<td>
{}
</td>
<td>
Labels are injected into metadata labels field.
</td>
</tr>
<tr>
<td>
<code>annotations</code>
</td>
<td>
{}
</td>
<td>
Annotations are injected into metadata annotations field.
</td>
</tr>
<tr>
<td>
<code>image</code>
</td>
<td>
jenkins/jenkins:lts
</td>
<td>
Image is the name (and tag) of the Jenkins instance.
It's recommended to use LTS (tag: "lts") version.
</td>
</tr>
<tr>
<td>
<code>env</code>
</td>
<td>
[]
</td>
<td>
Env contains jenkins container environment variables.
</td>
</tr>
<tr>
<td>
<code>imagePullPolicy</code>
</td>
<td>
Always
</td>
<td>
Defines policy for pulling images
</td>
</tr>
<tr>
<td>
<code>priorityClassName</code>
</td>
<td>
""
</td>
<td>
PriorityClassName indicates the importance of a Pod relative to other Pods.
<a href="https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/">More info</a>
</td>
</tr>
<tr>
<td>
<code>disableCSRFProtection</code>
</td>
<td>
false
</td>
<td>
disableCSRFProtection can enable or disable operator built-in CSRF protection.
Set it to true if you are using OpenShift Jenkins Plugin.
<a href="https://github.com/jenkinsci/kubernetes-operator/pull/193">More info</a>
</td>
</tr>
<tr>
<td>
<code>imagePullSecrets</code>
</td>
<td>
[]
</td>
<td>
Used if you want to pull images from private repository
<a href="https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/configuration/#pulling-docker-images-from-private-repositories">More info</a>
</td>
</tr>
<tr>
<td>
<code>notifications</code>
</td>
<td>
[]
</td>
<td>
Notifications is feature that notify user about Jenkins reconcilation status
<a href="https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/notifications/">More info</a>
</td>
</tr>
<tr>
<td>
<code>basePlugins</code>
</td>
<td>
<pre>
- name: kubernetes
version: "1.25.2"
- name: workflow-job
version: "2.39"
- name: workflow-aggregator
version: "2.6"
- name: git
version: "4.2.2"
- name: job-dsl
version: "1.77"
- name: configuration-as-code
version: "1.38"
- name: kubernetes-credentials
-provider
version: "0.13"
</pre>
</td>
<td>
Plugins installed and required by the operator
shouldn't contain plugins defined by user
You can change their versions here
<a href="https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/customization/#install-plugins">More info</a>
</td>
</tr>
<tr>
<td>
<code>plugins</code>
</td>
<td>
[]
</td>
<td>
Plugins required by the user. You can define plugins here.
<a href="https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/customization/#install-plugins">More info</a>
Example:
<pre>
plugins:
- name: simple-theme-plugin
version: 0.5.1
</pre>
</td>
</tr>
<tr>
<td>
<code>seedJobs</code>
</td>
<td>
[]
</td>
<td>
Placeholder for jenkins seed jobs
For seed job creation tutorial, check:<br /> <a href="https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/configuration/#prepare-job-definitions-and-pipelines">Prepare seed jobs</a>
<br /><a href="https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/configuration/#configure-seed-jobs">Configure seed jobs</a>
<br />Example:
<code>
<pre>
seedJobs:
- id: jenkins-operator
targets: "cicd/jobs/*.jenkins"
description: "Jenkins Operator repository"
repositoryBranch: master
repositoryUrl:
- https://github.com/jenkinsci/kubernetes-operator.git
</pre>
</code>
</td>
</tr>
<tr>
<td>
<code>resources</code>
</td>
<td>
<pre>
limits:
cpu: 1500m
memory: 3Gi
requests:
cpu: 1
memory: 500M
</pre>
</td>
<td>
Resource limit/request for Jenkins
<a href="https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container">More info</a>
</td>
</tr>
<tr>
<td>
<code>volumes</code>
</td>
<td>
<pre>
- name: backup
persistentVolumeClaim:
claimName: jenkins-backup
</pre>
</td>
<td>
Volumes used by Jenkins
By default, we are only using PVC volume for storing backups.
</td>
</tr>
<tr>
<td>
<code>volumeMounts</code>
</td>
<td>
[]
</td>
<td>
volumeMounts are mounts for Jenkins pod.
</td>
</tr>
<tr>
<td>
<code>securityContext</code>
</td>
<td>
runAsUser: 1000
fsGroup: 1000
</td>
<td>
SecurityContext for pod.
</td>
</tr>
<tr>
<td><code>service</code></td>
<td>not implemented</td>
<td>Http Jenkins service. See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/schema/#github.com/jenkinsci/kubernetes-operator/pkg/apis/jenkins/v1alpha2.Service for details.</td>
</tr>
<tr>
<td><code>slaveService</code></td>
<td>not implemented</td>
<td>Slave Jenkins service. See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/schema/#github.com/jenkinsci/kubernetes-operator/pkg/apis/jenkins/v1alpha2.Service for details.</td>
</tr>
<tr>
<td>
<code>livenessProbe</code>
</td>
<td>
<pre>
livenessProbe:
failureThreshold: 12
httpGet:
path: /login
port: http
scheme: HTTP
initialDelaySeconds: 80
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
</pre>
</td>
<td>
livenessProbe for Pod
</td>
</tr>
<tr>
<td>
<code>readinessProbe</code>
</td>
<td>
<pre>
readinessProbe:
failureThreshold: 3
httpGet:
path: /login
port: http
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
</pre>
</td>
<td>
readinessProbe for Pod
</td>
</tr>
<tr>
<td>
<code>
backup
</code>
<p>
<em>
<a href="#Backup">
Backup
</a>
</em>
</p>
</td>
<td>
</td>
<td>
Backup is section for configuring operator's backup feature
By default backup feature is enabled and pre-configured
This section simplifies the configuration described here: <a href="https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/configure-backup-and-restore/">Configure backup and restore</a>
For customization tips see <a href="https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/custom-backup-and-restore/">Custom backup and restore</a>
</td>
</tr>
<tr>
<td>
<code>configuration</code>
<p>
<em>
<a href="#Configuration">
Configuration
</a>
</em>
</p>
</td>
<td></td>
<td>
Section where we can configure Jenkins instance.
See <a href="https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/customization/">Customization</a> for details
</td>
</tr>
</table>
</td>
</tr>
</tbody>
</table>
### Configuring operator deployment
<table aria-colspan="4">
<thead aria-colspan="4">
<tr>
<th></th>
<th>Field</th>
<th>Default value</th>
<th>Description</th>
</tr>
</thead>
<tbody aria-colspan="4">
<tr></tr>
<tr>
<td colspan="1">
<code>operator</code>
</td>
<td colspan="3">
<p>operator is section for configuring operator deployment</p>
<table>
<tr>
<td>
<code>replicaCount</code></br>
</td>
<td>
1
</td>
<td>
Number of Replicas.
</td>
</tr>
<tr>
<td>
<code>image</code>
</td>
<td>
virtuslab/jenkins-operator:v0.4.0
</td>
<td>
Name (and tag) of the Jenkins Operator image.
</td>
</tr>
<tr>
<td>
<code>imagePullPolicy</code>
</td>
<td>
IfNotPresent
</td>
<td>
Defines policy for pulling images.
</td>
</tr>
<tr>
<td>
<code>imagePullSecrets</code>
</td>
<td>
[]
</td>
<td>
Used if you want to pull images from private repository.
</td>
</tr>
<tr>
<td>
<code>nameOverride</code>
</td>
<td>
""
</td>
<td>
nameOverride overrides the app name.
</td>
</tr>
<tr>
<td>
<code>fullnameOverride</code>
</td>
<td>
""
</td>
<td>
fullnameOverride overrides the deployment name
</td>
</tr>
<tr>
<td>
<code>resources</code>
</td>
<td>
{}
</td>
<td>
</td>
</tr>
<tr>
<td>
<code>nodeSelector</code>
</td>
<td>
{}
</td>
<td>
</td>
</tr>
<tr>
<td>
<code>tolerations</code>
</td>
<td>
{}
</td>
<td>
</td>
</tr>
<tr>
<td>
<code>affinity</code>
</td>
<td>
{}
</td>
<td>
</td>
</tr>
</table>
</td>
</tr>
</tbody>
</table>
<h3 id="Backup">Backup
</h3>
<p>
(<em>Appears on:</em>
<a href="#JenkinsConfiguration">JenkinsConfiguration</a>)
</p>
<p>
Backup defines configuration of Jenkins backup.
</p>
<table>
<thead>
<tr>
<th>Field</th>
<th>Default value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>
<code>enabled</code>
</td>
<td>
true
</td>
<td>
Enabled is enable/disable switch for backup feature.
</td>
</tr>
<tr>
<td>
<code>image</code>
</td>
<td>
virtuslab/jenkins-operator-backup-pvc:v0.0.8
</td>
<td>
Image used by backup feature.
</td>
</tr>
<tr>
<td>
<code>containerName</code>
</td>
<td>
backup
</td>
<td>
Backup container name.
</td>
</tr>
<tr>
<td>
<code>interval</code>
</td>
<td>
30
</td>
<td>
Defines how often make backup in seconds.
</td>
</tr>
<tr>
<td>
<code>makeBackupBeforePodDeletion</code>
</td>
<td>
true
</td>
<td>
When enabled will make backup before pod deletion.
</td>
</tr>
<tr>
<td>
<code>backupCommand</code>
</td>
<td>
/home/user/bin/backup.sh
</td>
<td>
Backup container command.
</td>
</tr>
<tr>
<td>
<code>restoreCommand</code>
</td>
<td>
/home/user/bin/restore.sh
</td>
<td>
Backup restore command.
</td>
</tr>
<tr>
<td>
<code>pvc</code>
</td>
<td colspan="2">
<p>Persistent Volume Claim Kubernetes resource</p>
<br/>
<table colspan="2" style="width:100%">
<tbody>
<tr>
<td>
<code>enabled</code>
</td>
<td>
true
</td>
<td>
Enable/disable switch for PVC
</td>
</tr>
<tr>
<td>
<code>enabled</code>
</td>
<td>
true
</td>
<td>
Enable/disable switch for PVC
</td>
</tr>
<tr>
<td>
<code>size</code>
</td>
<td>
5Gi
</td>
<td>
Size of PVC
</td>
</tr>
<tr>
<td>
<code>className</code>
</td>
<td>
""
</td>
<td>
StorageClassName for PVC
<a href="https://kubernetes.io/docs/concepts/storage/persistent-volumes/#class-1">More info</a>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td>
<code>env</code>
</td>
<td>
<pre>
- name: BACKUP_DIR
value: /backup
- name: JENKINS_HOME
value: /jenkins-home
- name: BACKUP_COUNT
value: "3"
</pre>
</td>
<td>
Contains container environment variables.
PVC backup provider handles these variables:<br />
BACKUP_DIR - path for storing backup files (default: "/backup")<br />
JENKINS_HOME - path to jenkins home (default: "/jenkins-home")<br />
BACKUP_COUNT - define how much recent backups will be kept<br />
</td>
</td>
</tr>
<tr>
<td>
<code>volumeMounts</code>
</td>
<td>
<pre>
- name: jenkins-home
mountPath: /jenkins-home
- mountPath: /backup
name: backup
</pre>
</td>
<td>
Holds the mount points for volumes.
</td>
</tr>
</tbody>
</table>
<h4 id="Configuration">Configuration
</h3>
<p>
(<em>Appears on:</em>
<a href="#JenkinsConfiguration">Jenkins instance configuration</a>)
</p>
<table>
<thead>
<tr>
<th>Field</th>
<th>Default value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td>
<code>configurationAsCode</code>
</td>
<td>
{}
</td>
<td>
ConfigurationAsCode defines configuration of Jenkins customization via Configuration as Code Jenkins plugin.
Example:<br />
<pre>
- configMapName: jenkins-casc
content: {}
</pre>
</td>
</tr>
<tr>
<td>
<code>groovyScripts</code>
</td>
<td>
{}
</td>
<td>
GroovyScripts defines configuration of Jenkins customization via groovy scripts.
Example:<br />
<pre>
- configMapName: jenkins-gs
content: {}
</pre>
</td>
</tr>
<tr>
<td>
<code>secretRefName</code>
</td>
<td>
""
</td>
<td>
secretRefName of existing secret (previously created).
</td>
</tr>
<tr>
<td>
<code>secretData</code>
</td>
<td>
{}
</td>
<td>
If secretRefName is empty, secretData creates new secret and fills with data provided in secretData.
</td>
</tr>
</tbody>
</table>