Created
November 28, 2019 12:43
-
-
Save rcosnita/dee6946c0e00560403d251338e70f2ed to your computer and use it in GitHub Desktop.
Jenkins operator k8s definition
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: apiextensions.k8s.io/v1beta1 | |
| kind: CustomResourceDefinition | |
| metadata: | |
| name: jenkins.jenkins.io | |
| spec: | |
| group: jenkins.io | |
| names: | |
| kind: Jenkins | |
| listKind: JenkinsList | |
| plural: jenkins | |
| singular: jenkins | |
| scope: Namespaced | |
| versions: | |
| - name : v1alpha2 | |
| served: true | |
| storage: true | |
| - name : v1alpha1 | |
| served: true | |
| storage: false | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: jenkins-operator | |
| namespace: ${NAMESPACE} | |
| --- | |
| kind: Role | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: jenkins-operator | |
| namespace: ${NAMESPACE} | |
| rules: | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - services | |
| - configmaps | |
| - secrets | |
| verbs: | |
| - get | |
| - create | |
| - update | |
| - list | |
| - watch | |
| - apiGroups: | |
| - apps | |
| resources: | |
| - deployments | |
| - daemonsets | |
| - replicasets | |
| - statefulsets | |
| verbs: | |
| - "*" | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - serviceaccounts | |
| verbs: | |
| - create | |
| - apiGroups: | |
| - rbac.authorization.k8s.io | |
| resources: | |
| - roles | |
| - rolebindings | |
| verbs: | |
| - create | |
| - update | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - pods/portforward | |
| verbs: | |
| - create | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - pods/log | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - pods | |
| - pods/exec | |
| verbs: | |
| - "*" | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - events | |
| verbs: | |
| - watch | |
| - list | |
| - create | |
| - patch | |
| - apiGroups: | |
| - apps | |
| resourceNames: | |
| - jenkins-operator | |
| resources: | |
| - deployments/finalizers | |
| verbs: | |
| - update | |
| - apiGroups: | |
| - jenkins.io | |
| resources: | |
| - "*" | |
| verbs: | |
| - "*" | |
| - apiGroups: | |
| - "" | |
| resources: | |
| - persistentvolumeclaims | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| --- | |
| kind: RoleBinding | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: jenkins-operator | |
| namespace: ${NAMESPACE} | |
| subjects: | |
| - kind: ServiceAccount | |
| name: jenkins-operator | |
| roleRef: | |
| kind: Role | |
| name: jenkins-operator | |
| apiGroup: rbac.authorization.k8s.io | |
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: jenkins-operator | |
| namespace: ${NAMESPACE} | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| name: jenkins-operator | |
| template: | |
| metadata: | |
| labels: | |
| name: jenkins-operator | |
| spec: | |
| serviceAccountName: jenkins-operator | |
| nodeSelector: | |
| os: linux | |
| high_cpu: "true" | |
| high_networking: "true" | |
| public: "false" | |
| containers: | |
| - name: jenkins-operator | |
| image: "${JENKINS_OPERATOR_VERSION}" | |
| ports: | |
| - name: http | |
| containerPort: 80 | |
| protocol: TCP | |
| command: | |
| - jenkins-operator | |
| args: [] | |
| env: | |
| - name: WATCH_NAMESPACE | |
| valueFrom: | |
| fieldRef: | |
| fieldPath: metadata.namespace | |
| - name: POD_NAME | |
| valueFrom: | |
| fieldRef: | |
| fieldPath: metadata.name | |
| - name: OPERATOR_NAME | |
| value: "jenkins-operator" | |
| resources: | |
| requests: | |
| cpu: 1 | |
| memory: 1Gi | |
| --- | |
| apiVersion: jenkins.io/v1alpha2 | |
| kind: Jenkins | |
| metadata: | |
| name: veridium | |
| namespace: ${NAMESPACE} | |
| spec: | |
| master: | |
| basePlugins: | |
| - name: kubernetes | |
| version: 1.21.3 | |
| - name: command-launcher | |
| version: "1.3" | |
| - name: workflow-job | |
| version: "2.34" | |
| - name: workflow-aggregator | |
| version: "2.6" | |
| - name: git | |
| version: 4.0.0 | |
| - name: job-dsl | |
| version: "1.76" | |
| - name: configuration-as-code | |
| version: "1.33" | |
| - name: configuration-as-code-support | |
| version: "1.19" | |
| - name: kubernetes-credentials-provider | |
| version: "0.13" | |
| - name: bouncycastle-api | |
| version: "2.17" | |
| containers: | |
| - name: jenkins-master | |
| image: ${JENKINS_VERSION} | |
| imagePullPolicy: Always | |
| livenessProbe: | |
| failureThreshold: 12 | |
| httpGet: | |
| path: /login | |
| port: http | |
| scheme: HTTP | |
| initialDelaySeconds: 80 | |
| periodSeconds: 10 | |
| successThreshold: 1 | |
| timeoutSeconds: 5 | |
| readinessProbe: | |
| failureThreshold: 3 | |
| httpGet: | |
| path: /login | |
| port: http | |
| scheme: HTTP | |
| initialDelaySeconds: 30 | |
| periodSeconds: 10 | |
| successThreshold: 1 | |
| timeoutSeconds: 1 | |
| resources: | |
| requests: | |
| cpu: 2 | |
| memory: 3Gi | |
| seedJobs: | |
| - id: *** | |
| credentialType: basicSSHUserPrivateKey | |
| credentialID: *** | |
| targets: "cicd/jobs/*.jenkins" | |
| description: "*** repository" | |
| repositoryBranch: develop | |
| repositoryUrl: *** | |
| --- | |
| apiVersion: v1 | |
| kind: Secret | |
| metadata: | |
| name: *** | |
| namespace: ${NAMESPACE} | |
| data: | |
| privateKey: *** | |
| username: *** | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: jenkins-internal-lb | |
| namespace: ${NAMESPACE} | |
| labels: | |
| name: jenkins-internal-lb | |
| spec: | |
| type: NodePort | |
| ports: | |
| - port: 8080 | |
| targetPort: 8080 | |
| name: http | |
| - port: 50000 | |
| targetPort: 50000 | |
| name: jenkins-slave | |
| selector: | |
| app: jenkins-operator | |
| jenkins-cr: veridium | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: jenkins-public | |
| namespace: ${NAMESPACE} | |
| labels: | |
| name: jenkins-public | |
| spec: | |
| type: NodePort | |
| ports: | |
| - port: 8080 | |
| targetPort: 8080 | |
| nodePort: ${SERVICE_PORT} | |
| name: http | |
| selector: | |
| app: jenkins-operator | |
| jenkins-cr: veridium |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment