forked from ikhripunov/connect-jenkins-bootstrap
-
Notifications
You must be signed in to change notification settings - Fork 0
/
jenkins.yml
108 lines (107 loc) · 3.47 KB
/
jenkins.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: jenkins
namespace: jenkins
spec:
replicas: 1
template:
metadata:
labels:
app: master
spec:
containers:
- name: master
image: jenkins/jenkins:lts
ports:
- containerPort: 8080
- containerPort: 50000
readinessProbe:
httpGet:
path: /login
port: 8080
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 2
failureThreshold: 5
env:
- name: JAVA_OPTS
value: "-Djenkins.install.runSetupWizard=false -Dpermissive-script-security.enabled=NO_SECURITY"
volumeMounts:
- mountPath: /usr/share/jenkins/ref
name: ref-volume
- mountPath: /var/jenkins_home/.ssh
name: ssh-volume
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "/usr/share/jenkins/ref/connect-jenkins-bootstrap/scripts/wait-for-jenkins-and-run-job.sh meta-job"]
initContainers:
- name: clone-repo
image: jenkins/jenkins:lts
command:
- /bin/sh
- -c
- cp /etc/secret-volume/ssh-privatekey ~/.ssh/id_rsa;
cp /etc/secret-volume/ssh-publickey ~/.ssh/id_rsa.pub;
chmod 400 ~/.ssh/*;
printf "host github.com\n HostName github.com\n IdentityFile ~/.ssh/id_rsa\n User jenkins" > ~/.ssh/config;
ssh-keyscan github.com >> ~/.ssh/known_hosts;
cd /usr/share/jenkins/ref;
git clone [email protected]:ClearPointNZ/connect-jenkins-bootstrap.git
volumeMounts:
- mountPath: /usr/share/jenkins/ref
name: ref-volume
- mountPath: /etc/secret-volume
name: secret-volume
readOnly: true
- mountPath: /var/jenkins_home/.ssh
name: ssh-volume
- name: install-plugins
image: jenkins/jenkins:lts
command:
- /bin/sh
- -c
- install-plugins.sh < /usr/share/jenkins/ref/connect-jenkins-bootstrap/plugins
volumeMounts:
- mountPath: /usr/share/jenkins/ref
name: ref-volume
- name: override-config
image: jenkins/jenkins:lts
env:
- name: MY_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: MASTER_URL
valueFrom:
configMapKeyRef:
name: kube-master
key: master.url
command:
- /bin/sh
- -c
- mkdir /usr/share/jenkins/ref/init.groovy.d;
cp /usr/share/jenkins/ref/connect-jenkins-bootstrap/overrides/* /usr/share/jenkins/ref/;
cp /usr/share/jenkins/ref/connect-jenkins-bootstrap/scripts/security.groovy /usr/share/jenkins/ref/init.groovy.d/security.groovy;
/usr/share/jenkins/ref/connect-jenkins-bootstrap/scripts/hack-jenkins-env.sh;
volumeMounts:
- mountPath: /usr/share/jenkins/ref
name: ref-volume
- name: copy-jobs
image: jenkins/jenkins:lts
command:
- /bin/sh
- -c
- cp -r /usr/share/jenkins/ref/connect-jenkins-bootstrap/jobs /usr/share/jenkins/ref/
volumeMounts:
- mountPath: /usr/share/jenkins/ref
name: ref-volume
volumes:
- name: ref-volume
emptyDir: {}
- name: ssh-volume
emptyDir: {}
- name: secret-volume
secret:
secretName: ssh-key-secret