Created
November 28, 2019 12:43
-
-
Save rcosnita/dee6946c0e00560403d251338e70f2ed to your computer and use it in GitHub Desktop.
Jenkins operator k8s definition
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
apiVersion: apiextensions.k8s.io/v1beta1 | |
kind: CustomResourceDefinition | |
metadata: | |
name: jenkins.jenkins.io | |
spec: | |
group: jenkins.io | |
names: | |
kind: Jenkins | |
listKind: JenkinsList | |
plural: jenkins | |
singular: jenkins | |
scope: Namespaced | |
versions: | |
- name : v1alpha2 | |
served: true | |
storage: true | |
- name : v1alpha1 | |
served: true | |
storage: false | |
--- | |
apiVersion: v1 | |
kind: ServiceAccount | |
metadata: | |
name: jenkins-operator | |
namespace: ${NAMESPACE} | |
--- | |
kind: Role | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: jenkins-operator | |
namespace: ${NAMESPACE} | |
rules: | |
- apiGroups: | |
- "" | |
resources: | |
- services | |
- configmaps | |
- secrets | |
verbs: | |
- get | |
- create | |
- update | |
- list | |
- watch | |
- apiGroups: | |
- apps | |
resources: | |
- deployments | |
- daemonsets | |
- replicasets | |
- statefulsets | |
verbs: | |
- "*" | |
- apiGroups: | |
- "" | |
resources: | |
- serviceaccounts | |
verbs: | |
- create | |
- apiGroups: | |
- rbac.authorization.k8s.io | |
resources: | |
- roles | |
- rolebindings | |
verbs: | |
- create | |
- update | |
- apiGroups: | |
- "" | |
resources: | |
- pods/portforward | |
verbs: | |
- create | |
- apiGroups: | |
- "" | |
resources: | |
- pods/log | |
verbs: | |
- get | |
- list | |
- watch | |
- apiGroups: | |
- "" | |
resources: | |
- pods | |
- pods/exec | |
verbs: | |
- "*" | |
- apiGroups: | |
- "" | |
resources: | |
- events | |
verbs: | |
- watch | |
- list | |
- create | |
- patch | |
- apiGroups: | |
- apps | |
resourceNames: | |
- jenkins-operator | |
resources: | |
- deployments/finalizers | |
verbs: | |
- update | |
- apiGroups: | |
- jenkins.io | |
resources: | |
- "*" | |
verbs: | |
- "*" | |
- apiGroups: | |
- "" | |
resources: | |
- persistentvolumeclaims | |
verbs: | |
- get | |
- list | |
- watch | |
--- | |
kind: RoleBinding | |
apiVersion: rbac.authorization.k8s.io/v1 | |
metadata: | |
name: jenkins-operator | |
namespace: ${NAMESPACE} | |
subjects: | |
- kind: ServiceAccount | |
name: jenkins-operator | |
roleRef: | |
kind: Role | |
name: jenkins-operator | |
apiGroup: rbac.authorization.k8s.io | |
--- | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: jenkins-operator | |
namespace: ${NAMESPACE} | |
spec: | |
replicas: 1 | |
selector: | |
matchLabels: | |
name: jenkins-operator | |
template: | |
metadata: | |
labels: | |
name: jenkins-operator | |
spec: | |
serviceAccountName: jenkins-operator | |
nodeSelector: | |
os: linux | |
high_cpu: "true" | |
high_networking: "true" | |
public: "false" | |
containers: | |
- name: jenkins-operator | |
image: "${JENKINS_OPERATOR_VERSION}" | |
ports: | |
- name: http | |
containerPort: 80 | |
protocol: TCP | |
command: | |
- jenkins-operator | |
args: [] | |
env: | |
- name: WATCH_NAMESPACE | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.namespace | |
- name: POD_NAME | |
valueFrom: | |
fieldRef: | |
fieldPath: metadata.name | |
- name: OPERATOR_NAME | |
value: "jenkins-operator" | |
resources: | |
requests: | |
cpu: 1 | |
memory: 1Gi | |
--- | |
apiVersion: jenkins.io/v1alpha2 | |
kind: Jenkins | |
metadata: | |
name: veridium | |
namespace: ${NAMESPACE} | |
spec: | |
master: | |
basePlugins: | |
- name: kubernetes | |
version: 1.21.3 | |
- name: command-launcher | |
version: "1.3" | |
- name: workflow-job | |
version: "2.34" | |
- name: workflow-aggregator | |
version: "2.6" | |
- name: git | |
version: 4.0.0 | |
- name: job-dsl | |
version: "1.76" | |
- name: configuration-as-code | |
version: "1.33" | |
- name: configuration-as-code-support | |
version: "1.19" | |
- name: kubernetes-credentials-provider | |
version: "0.13" | |
- name: bouncycastle-api | |
version: "2.17" | |
containers: | |
- name: jenkins-master | |
image: ${JENKINS_VERSION} | |
imagePullPolicy: Always | |
livenessProbe: | |
failureThreshold: 12 | |
httpGet: | |
path: /login | |
port: http | |
scheme: HTTP | |
initialDelaySeconds: 80 | |
periodSeconds: 10 | |
successThreshold: 1 | |
timeoutSeconds: 5 | |
readinessProbe: | |
failureThreshold: 3 | |
httpGet: | |
path: /login | |
port: http | |
scheme: HTTP | |
initialDelaySeconds: 30 | |
periodSeconds: 10 | |
successThreshold: 1 | |
timeoutSeconds: 1 | |
resources: | |
requests: | |
cpu: 2 | |
memory: 3Gi | |
seedJobs: | |
- id: *** | |
credentialType: basicSSHUserPrivateKey | |
credentialID: *** | |
targets: "cicd/jobs/*.jenkins" | |
description: "*** repository" | |
repositoryBranch: develop | |
repositoryUrl: *** | |
--- | |
apiVersion: v1 | |
kind: Secret | |
metadata: | |
name: *** | |
namespace: ${NAMESPACE} | |
data: | |
privateKey: *** | |
username: *** | |
--- | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: jenkins-internal-lb | |
namespace: ${NAMESPACE} | |
labels: | |
name: jenkins-internal-lb | |
spec: | |
type: NodePort | |
ports: | |
- port: 8080 | |
targetPort: 8080 | |
name: http | |
- port: 50000 | |
targetPort: 50000 | |
name: jenkins-slave | |
selector: | |
app: jenkins-operator | |
jenkins-cr: veridium | |
--- | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: jenkins-public | |
namespace: ${NAMESPACE} | |
labels: | |
name: jenkins-public | |
spec: | |
type: NodePort | |
ports: | |
- port: 8080 | |
targetPort: 8080 | |
nodePort: ${SERVICE_PORT} | |
name: http | |
selector: | |
app: jenkins-operator | |
jenkins-cr: veridium |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment