feat: update jenkins 5.1.26, and updated repo to better mirror SWF

chart/templates/uds-package.yaml

@@ -4,7 +4,7 @@ metadata:
   name: jenkins
   namespace: {{ .Release.Namespace }}
 spec:
-  {{- if .Values.sso }}
+  {{- if .Values.sso.enabled }}
   sso:
     - name: Jenkins SSO
       clientId: uds-core-jenkins

chart/values.yaml

@@ -1,2 +1,3 @@
 domain: "###ZARF_VAR_DOMAIN###"
-sso: true
+sso:
+  enabled: true

common/zarf.yaml

@@ -0,0 +1,40 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/defenseunicorns/zarf/main/zarf.schema.json
+kind: ZarfPackageConfig
+metadata:
+  name: jenkins-common
+  description: "UDS jenkins Common Package"
+
+components:
+  - name: jenkins-config
+    required: true
+    description: "SSO secret for jenkins"
+    charts:
+      - name: uds-jenkins-config
+        namespace: jenkins
+        version: 0.1.0
+        localPath: ../chart
+    actions:
+      onDeploy:
+        after:
+          - wait:
+              cluster:
+                kind: package
+                name: jenkins
+                namespace: jenkins
+                condition: "'{.status.phase}'=Ready"
+          - cmd: zarf tools kubectl get secrets sso-client-uds-core-jenkins -n jenkins -o=jsonpath='{.data.secret}' | base64 -d
+            mute: true
+            setVariables:
+              - name: JENKINS_CLIENT_SECRET
+                sensitive: true
+  - name: jenkins
+    required: true
+    charts:
+      - name: jenkins
+        namespace: jenkins
+        url: https://charts.jenkins.io
+        version: 5.1.26
+        repoName: jenkins
+        releaseName: jenkins
+        valuesFiles:
+          - ../values/common.yaml

renovate.json

@@ -1,151 +1,25 @@
 {
-  "enabled": true,
-  "forkProcessing": "enabled",
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
   "extends": [
-    ":dependencyDashboard",
+    "github>defenseunicorns/uds-common//config/renovate.json5",
+    ":semanticCommits",
     ":semanticPrefixFixDepsChoreOthers",
-    "config:base",
     "group:all",
     "replacements:all",
     "workarounds:all"
   ],
-  "timezone": "America/New_York",
-  "rebaseStalePrs": true,
   "schedule": ["after 7am and before 9am every weekday"],
-  "dependencyDashboard": true,
-  "platform": "github",
-  "onboarding": false,
-  "requireConfig": false,
-  "dependencyDashboardTitle": "Renovate Dashboard 🤖",
-  "rebaseWhen": "conflicted",
-  "commitBodyTable": true,
-  "ignorePaths": ["archive/**"],
-  "suppressNotifications": ["prIgnoreNotification"],
-  "pre-commit": {
-    "enabled": true
-  },
-  "helm-values": {
-    "fileMatch": ["./.+\\.yaml$"]
-  },
-  "kubernetes": {
-    "fileMatch": ["\\.yaml$"],
-    "ignorePaths": [
-      "ansible",
-      "scripts",
-      ".github"
-    ]
-  },
-  "hostRules": [
-    {
-      "matchHost": "registry1.dso.mil",
-      "hostType": "docker",
-      "description": "Encrypted creds for registry1, scoped to this Github org using: https://github.com/renovatebot/renovate/blob/main/docs/usage/configuration-options.md#encrypted",
-      "encrypted": {
-        "username": "wcFMA/xDdHCJBTolAQ//a+5GNAOsD/UOKnqJDdbPRr73EXRgyRdtMOIqDyjGZIKcdVo64StgUb1O37O5bazoyGeYkcISaWjInxRuoBOxqFhdo5cTUIJavjm2Sn75OWCDBUr2Q5/OSluQDbp7QO9g4+cHxcjtldlMswZg0RIoSX8rtAcNvJePvuWDKRHmUSDbWrNoAPaqOUvBIUF+BUR8o2UtKY4c986B9sqz1/ZiyL7vmenuoFi36MPpq123b6xra9/Q8Zb+AGZY6guhI0kmmSvLPwuNpU/W9ocpaUW1jOgJdYDowZqoTC27uozw1rCq38ybL94GMeG+pzWJd7LBVbfpDnU10j5UC5l5coxghh8dBYNzirsRbYW9KMV3CSeRNxOqfUuJ9AfWekCBWQMkueDtop+lzZhpvsPnXYTV6V0+TE+W5lg0wApcGUNM5XsEHV/gchSULZCWUTHpyZfkUoyc3dXax7K9LawrNLLpJg3Oz0c5Y4WXS1SqfY3U6n84Q95URZC+uRl5BqzBwQSQYbWsnon+g3My+GukdhHlynoiJwQo/ch5gIfgiA59VrL/H9L/ABAyYzQ7KUEguQrNh8hbNG0dfpMLMIrdUDhno5vTeccx2k5R/EOQopxZCY+k2Xfqgg5okAG9eQKhhGKcQD+A8y6X2V0cPkHQ35TCi5AObrcQiiemBZUy3G6IJIrSdQFEs+WcBPT4GPgOAsZWUJKU4RU3qdhdUGZy/VwJSsB05/E65fRTGl5i0e5PhIoIbh4uaPgWnbJyvKi87bIIJhe9bxP/m2lDs5GPeXSrvBb0GT3t9l3aHUYW3uKp5GABwmvX6ptMbNoYoQRSLptR/gE80RPFSQ",
-        "password": "wcFMA/xDdHCJBTolAQ//bu2ZFKmMysjpkOkwQSgLigvUMDw1SHpp1YN8y1LerOqMfTocdswihRFbB/FFRP/bYG1ByhnAvxqhbdV0TRQqYTRXZehrlT+SDEVEJyK9eGS+ozClbccG64ebZSJ4y9rMFW3sK4Ja9ZyAEsX0S4vO88XwJhtOYmMGTXLlcSfiANQB8a9jISzov27FQOzdPx6cEd19FGxmX5vAdH9FWDwhVA6QSTrip4h5tZ6THylNc3md2TGRYUVTxMtsZdp/bnhv+I3LqmodR0vEP9Or/dbhtqnMy2sdS6HsANUaZ+7j4D0qDL7EEcxk+CHM5lM2sSz6u4+J4u01XDkn0HJ/mShPDSWUoU01Va/ZpRL8zw/bjKApDBSgvBOwF7eXfUKqLrg2zURm2quUf7XwuVTXmBMg3DSEuRBlW8kM0rGWGyv7U62sx+2zjK0v2uNHJz0hzWaEfriOQu4B7/avb+CIupfVYGNllyMTuB2ySDMLKN3Q/EB7q97apWqwcnThxRhK7t3e59ea4JDxodxeeTG3m/UgBLBlXCutk7BsC7NQPaSeOzV7mw6AOVQz+Bn0DAGd1x03ITYAcgfYvSW7VCfhrvnmuSVICHA7GTYevC7RBYhexWdgHZb98mIt1vVA2C+h7eqsx+xWhHQFE2+lNRTRmj9ccU/6qz1+3zqHdMQ/WD8MLofSdgFLU/A7qljUm/dk1MEVMtGznukdRpJJV4PsEcwh2OV/9is5KPyFQ83M7sl3/fY+CBaHFEiT4j/bSBznmxL3TuAjMdIT7j0cNsOxnsHllgRHL1qG3S2ZmAQ0Ex4gIUUGn2VbZLyRogJspsjxx5ZYuuYVfhtSaTU"
-      }
-    }
-  ],
-  "regexManagers": [
-    {
-      "fileMatch": ["values\\/.*\\.ya?ml$"],
-      "matchStrings": [
-        "-\\s(?<depName>pipeline\\-stage\\-tags\\-.*):(?<currentValue>.*)"
-      ],
-      "versioningTemplate": "maven",
-      "depNameTemplate": "jenkinsci/pipeline-model-definition-plugin",
-      "datasourceTemplate": "github-tags"
-    },
-    {
-      "fileMatch": ["values\\/.*\\.ya?ml$"],
-      "matchStrings": [
-        "-\\s(?<depName>pipeline\\-model\\-.*):(?<currentValue>.*)"
-      ],
-      "versioningTemplate": "maven",
-      "depNameTemplate": "jenkinsci/pipeline-model-definition-plugin",
-      "datasourceTemplate": "github-tags"
-    },
-    {
-      "fileMatch": [".*\\.ya?ml$"],
-      "matchStrings": [
-        "# renovate: repo-file depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\n.*\\/(?<currentValue>v.*?)\\/"
-      ],
-      "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}",
-      "datasourceTemplate": "github-tags"
-    },
-    {
-      "fileMatch": ["values\\/.*\\.ya?ml$"],
-      "matchStrings": [
-        "-\\s(?<depName>mina\\-sshd\\-api\\-.*):(?<currentValue>.*)"
-      ],
-      "versioningTemplate": "maven",
-      "depNameTemplate": "jenkinsci/mina-sshd-api-plugin",
-      "datasourceTemplate": "github-tags"
-    },
-    {
-      "fileMatch": ["values\\/.*\\.ya?ml$"],
-      "matchStrings": [
-        "-\\s(?<depName>[aA0-zZ9\\-]*):(?<currentValue>.*)"
-      ],
-      "versioningTemplate": "maven",
-      "depNameTemplate": "jenkinsci/{{{depName}}}-plugin",
-      "datasourceTemplate": "github-tags"
-    },
-    {
-      "fileMatch": [".*\\.ya?ml$"],
-      "matchStrings": [
-        "# renovate: datasource=helm\n .*- name: (?<depName>.*?)\n *url: (?<registryUrl>.*?)\n *version: (?<currentValue>.*)\n"
-      ],
-      "datasourceTemplate": "helm",
-      "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?<version>.*)${{/if}}"
-    },
-    {
-      "fileMatch": [".*\\.ya?ml$"],
-      "matchStrings": [
-        "# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?( extractVersion=(?<extractVersion>.*?))?( registryUrl=(?<registryUrl>.*?))?\\s.*?:\\s*['\"]?(?<currentValue>.*?)['\"]?\\s"
-      ],
-      "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}",
-      "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?<version>.*)${{/if}}"
-    },
-    {
-      "fileMatch": [".*\\.ya?ml$"],
-      "matchStrings": [
-        "# renovate: zarf-uri datasource=github-tags depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\s.*?uri: ['\"]https:\\/\\/github.com\\/defenseunicorns\\/zarf\\/releases\\/download\\/(?<currentValue>.*)\\/zarf_.*_Linux_amd64['\"]",
-        "# renovate: zarf-uri datasource=github-tags depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\s.*?uri: ['\"]https:\\/\\/github.com\\/defenseunicorns\\/zarf\\/releases\\/download\\/.*\\/zarf_(?<currentValue>.*)_Linux_amd64['\"]"
-      ],
-      "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}",
-      "datasourceTemplate": "github-tags"
-    },
-    {
-      "fileMatch": [".*\/?zarf\\.ya?ml$"],
-      "matchStrings": [
-        "-\\s+['\"](?<depName>[^:]+):(?<currentValue>.*)['\"]"
-      ],
-      "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}",
-      "datasourceTemplate": "docker",
-      "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?<version>.*)${{/if}}"
-    },
-    {
-      "fileMatch": ["^Makefile$"],
-      "matchStrings": [
-        "renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?( extractVersion=(?<extractVersion>.*?))?( registryUrl=(?<registryUrl>.*?))?\\s.*?=\\s*['\"]?(?<currentValue>.*?)['\"]?\\s"
-      ],
-      "versioningTemplate": "{{#if versioning}}{{{versioning}}}{{else}}semver-coerced{{/if}}",
-      "extractVersionTemplate": "{{#if extractVersion}}{{{extractVersion}}}{{else}}^(?<version>.*)${{/if}}"
-    }
-  ],
   "packageRules": [
     {
-      "matchManagers": ["terraform"],
-      "matchDepTypes": ["module"],
-      "matchDatasources": ["github-tags", "git-tags"],
-      "versioning": "loose"
+      "groupName": "jenkins Support Dependencies",
+      "labels": ["support-deps"],
+      "commitMessageTopic": "support-deps",
+      "packagePatterns": ["*"]
     },
     {
-      "matchPackagePatterns": ["big-bang/.*"],
-      "matchDatasources": ["gitlab-tags"],
-      "allowedVersions": "!/^v.*$/"
+      "groupName": "jenkins Package Dependencies",
+      "labels": ["package-deps"],
+      "commitMessageTopic": "package-deps",
+      "matchDatasources": ["docker", "helm", "git-tags"]
     }
   ]
 }

tasks.yaml

@@ -1,11 +1,11 @@
 includes:
   - cleanup: ./tasks/cleanup.yaml
   - test: ./tasks/test.yaml
-  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/create.yaml
-  - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/lint.yaml
-  - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/pull.yaml
-  - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/deploy.yaml
-  - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/setup.yaml
+  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/create.yaml
+  - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/lint.yaml
+  - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/pull.yaml
+  - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/deploy.yaml
+  - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/setup.yaml
 
 tasks:
   - name: default

tasks/publish.yaml

@@ -1,7 +1,7 @@
 includes:
   - dependencies: ./dependencies.yaml
-  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/create.yaml
-  - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.2/tasks/publish.yaml
+  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/create.yaml
+  - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.5/tasks/publish.yaml
 
 tasks:
   - name: package

values/common.yaml

@@ -1,14 +1,4 @@
 controller:
-  image:
-    registry: "registry1.dso.mil"
-    repository: "ironbank/opensource/jenkins/jenkins"
-    tag: "2.440.3-lts"
-  sidecars:
-    configAutoReload:
-      image:
-        registry: "registry1.dso.mil"
-        repository: "ironbank/kiwigrid/k8s-sidecar"
-        tag: "1.26.1"
   jenkinsUrl: https://jenkins.###ZARF_VAR_DOMAIN###
   disableRememberMe: true
   resources:
@@ -26,11 +16,11 @@ controller:
       cpu: "2000m"
       memory: "8192Mi"
   installPlugins:
-    - kubernetes:4209.vc646b_71e5269
+    - kubernetes:4238.v41b_3ef14a_5d8
     - workflow-aggregator:596.v8c21c963d92d
-    - git:5.2.1
-    - configuration-as-code:1775.v810dc950b_514
-    - oic-auth:4.257.v5360e8489e8b_
+    - git:5.2.2
+    - configuration-as-code:1810.v9b_c30a_249a_4c
+    - oic-auth:4.269.va_7526f34f306
   overwritePlugins: true
   JCasC:
     defaultConfig: true
@@ -64,11 +54,6 @@ controller:
 agent:
   enabled: true
   jenkinsUrl: https://jenkins.###ZARF_VAR_DOMAIN###
-  image:
-    # -- Repository to pull the agent jnlp image from
-    repository: "registry1.dso.mil/ironbank/opensource/jenkins/inbound-agent"
-    # -- Tag of the image to pull
-    tag: "3186.vc3b_7249b_87eb_-1"
   resources:
     requests:
       cpu: "512m"
@@ -81,15 +66,6 @@ persistence:
   enabled: true
 #  storageClass: "your-storage-class-here"
 
-helmtest:
-  # A testing framework for bash
-  bats:
-    # Bash Automated Testing System (BATS)
-    image:
-      registry: "registry1.dso.mil"
-      repository: "ironbank/opensource/bats/bats"
-      tag: "v1.10.0-ubi9"
-
 monitoring:
   enabled: false
 

values/registry1.yaml

@@ -0,0 +1,27 @@
+controller:
+  image:
+    registry: "registry1.dso.mil"
+    repository: "ironbank/opensource/jenkins/jenkins"
+    tag: "2.452.1-lts"
+  sidecars:
+    configAutoReload:
+      image:
+        registry: "registry1.dso.mil"
+        repository: "ironbank/kiwigrid/k8s-sidecar"
+        tag: "1.27.2"
+
+agent:
+  image:
+    # -- Repository to pull the agent jnlp image from
+    repository: "registry1.dso.mil/ironbank/opensource/jenkins/inbound-agent"
+    # -- Tag of the image to pull
+    tag: "3186.vc3b_7249b_87eb_-1"
+
+helmtest:
+  # A testing framework for bash
+  bats:
+    # Bash Automated Testing System (BATS)
+    image:
+      registry: "registry1.dso.mil"
+      repository: "ironbank/opensource/bats/bats"
+      tag: "v1.10.0-ubi9"

zarf.yaml

@@ -17,40 +17,24 @@ variables:
 components:
   - name: jenkins-config
     required: true
-    description: "Deploy jenkins config"
-    actions:
-      onDeploy:
-        after:
-          - wait:
-              cluster:
-                kind: package
-                name: jenkins
-                namespace: jenkins
-                condition: "'{.status.phase}'=Ready"
-          - cmd: zarf tools kubectl get secrets sso-client-uds-core-jenkins -n jenkins -o=jsonpath='{.data.secret}' | base64 -d
-            mute: true
-            setVariables:
-              - name: JENKINS_CLIENT_SECRET
-                sensitive: true
-    charts:
-      - name: uds-jenkins-config
-        namespace: jenkins
-        version: 0.1.0
-        localPath: chart
+    description: "SSO secret for jenkins"
+    import:
+      path: common
   - name: jenkins
     required: true
-    description: "Deploy jenkins"
+    description: "Deploy jenkins with registry1 images"
+    import:
+      path: common
+    only:
+      flavor: registry1
+      cluster:
+        architecture: amd64
     charts:
       - name: jenkins
-        namespace: jenkins
-        url: https://charts.jenkins.io
-        version: 5.1.8
-        repoName: jenkins
-        releaseName: jenkins
         valuesFiles:
-          - values/common.yaml
+          - values/registry1.yaml
     images:
-      - registry1.dso.mil/ironbank/opensource/jenkins/jenkins:2.440.3-lts
+      - registry1.dso.mil/ironbank/opensource/jenkins/jenkins:2.452.1-lts
       - registry1.dso.mil/ironbank/opensource/jenkins/inbound-agent:3186.vc3b_7249b_87eb_-1
-      - registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar:1.26.1
+      - registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar:1.27.2
       - registry1.dso.mil/ironbank/opensource/bats/bats:v1.10.0-ubi9