forked from VirtusLab/jenkins-operator
-
Notifications
You must be signed in to change notification settings - Fork 240
/
Copy pathvalues.yaml
358 lines (296 loc) · 11.9 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
# Jenkins Operator Helm chart
# Jenkins instance configuration
jenkins:
# enabled can enable or disable the Jenkins instance
# Set to false if you have configured CR already and/or you want to deploy an operator only
enabled: true
# apiVersion is the version of the CR manifest
# The recommended and default value is "jenkins.io/v1alpha2"
# See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/v0.1.x/migration-guide-v1alpha1-to-v1alpha2/ for more migration guide
apiVersion: jenkins.io/v1alpha2
# name of resource
# The pod name will be jenkins-<name> (name will be set as suffix)
name: jenkins
# namespace is the namespace where the resources will be deployed
# It's not recommended to use default namespace
# Create new namespace for jenkins (called e.g. jenkins)
# Note: this affects roles and rolebindings for jenkins operator itself
namespace: default
# labels are injected into metadata labels field
labels: {}
# nodeSelector are injected into metadata nodeSelector field
nodeSelector: {}
# tolerations are injected into metadata tolerations field
tolerations: []
# annotations are injected into metadata annotations field
annotations: {}
# image is the name (and tag) of the Jenkins instance
# Default: jenkins/jenkins:lts
# It's recommended to use LTS (tag: "lts") version
image: jenkins/jenkins:2.452.2-lts
# env contains jenkins container environment variables
env: []
# imagePullPolicy defines policy for pulling images
imagePullPolicy: Always
# priorityClassName indicates the importance of a Pod relative to other Pods
# See: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
priorityClassName: ""
# disableCSRFProtection can enable or disable operator built-in CSRF protection
# Set it to true if you are using OpenShift Jenkins Plugin
# See https://github.com/jenkinsci/kubernetes-operator/pull/193 for more info
disableCSRFProtection: false
# adding entries to a pod's /etc/hosts file provides pod-level override of hostname
# resolution when DNS and other options are not applicable.
hostAliases: {}
# - ip: "127.0.0.1"
# hostnames:
# - "foo.local"
# - "bar.local"
# - ip: "10.1.2.3"
# hostnames:
# - "foo.remote"
# - "bar.remote"
# Optional duration in seconds the pod needs to terminate gracefully.
# Default 30sec
terminationGracePeriodSeconds: 30
# validateSecurityWarnings enables or disables validating potential security warnings in Jenkins plugins via admission webhooks.
validateSecurityWarnings: false
# imagePullSecrets is used if you want to pull images from private repository
# See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/configuration/#pulling-docker-images-from-private-repositories for more info
imagePullSecrets: []
# notifications is feature that notify user about Jenkins reconciliation status
# See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/notifications/ for more info
notifications: []
# Enables customization of the Service Account attached to the master Jenkins instance via annotations
# https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/schema/#github.com/jenkinsci/kubernetes-operator/api/v1alpha2.ServiceAccount
serviceAccount:
annotations: {}
# basePlugins are plugins installed and required by the operator
# Shouldn't contain plugins defined by user
# You can change their versions here
# See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/customization/#install-plugins for more details
#
# Example:
#
# basePlugins:
# - name: kubernetes
# version: 4246.v5a_12b_1fe120e
# - name: workflow-job
# version: 1400.v7fd111b_ec82f
# - name: workflow-aggregator
# version: 596.v8c21c963d92d
# - name: git
# version: 5.2.2
# - name: job-dsl
# version: "1.87"
# - name: configuration-as-code
# version: 1810.v9b_c30a_249a_4c
# - name: kubernetes-credentials-provider
# version: 1.262.v2670ef7ea_0c5
basePlugins: []
# plugins are plugins required by the user
# You can define plugins here
# See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/customization/#install-plugins for more details
#
# Example:
#
# plugins:
# - name: simple-theme-plugin
# version: "0.6"
plugins: []
# latestPlugins: Allow to override jenkins-plugin-cli default behavior
# while downloading the plugin and dependencies
# see: https://github.com/jenkinsci/plugin-installation-manager-tool#cli-options
# default to true
latestPlugins: true
# seedJobs is placeholder for jenkins seed jobs
# For seed job creation tutorial, check https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/configuring-seed-jobs-and-pipelines/
# Example:
#
# seedJobs:
# - id: jenkins-operator
# targets: "cicd/jobs/*.jenkins"
# description: "Jenkins Operator repository"
# repositoryBranch: master
# repositoryUrl: https://github.com/jenkinsci/kubernetes-operator.git
seedJobs: []
# SeedJobAgentImage defines the image that will be used by the seed job agent. If not defined jenkins/inbound-agent:3248.v65ecb_254c298-6 will be used.
seedJobAgentImage: ""
# Resource limit/request for Jenkins
# See https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ for details
resources:
limits:
cpu: 1000m
memory: 3Gi
requests:
cpu: 250m
memory: 500Mi
# volumes used by Jenkins
# By default, we are only using backup
volumes:
- name: backup # PVC volume where backups will be stored
persistentVolumeClaim:
claimName: jenkins-backup
# volumeMounts are mounts for Jenkins pod
# Note that attempting to overwrite default mount settings for restricted,
# non-configurable volumeMounts will result in Operator error
# See https://jenkinsci.github.io/kubernetes-operator/docs/installation/#note-on-restricted-jenkins-controller-pod-volumemounts for details
volumeMounts: []
# defines authorization strategy of the operator for the Jenkins API
authorizationStrategy: createUser
# securityContext for pod
securityContext:
runAsUser: 1000
fsGroup: 1000
# http Jenkins service
# See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/schema/#github.com/jenkinsci/kubernetes-operator/pkg/apis/jenkins/v1alpha2.Service for details
#service:
# slave Jenkins service
# See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/schema/#github.com/jenkinsci/kubernetes-operator/pkg/apis/jenkins/v1alpha2.Service for details
#slaveService:
# LivenessProbe for Jenkins Master pod
livenessProbe:
failureThreshold: 20
httpGet:
path: /login
port: http
scheme: HTTP
initialDelaySeconds: 100
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 8
# ReadinessProbe for Jenkins Master pod
readinessProbe:
failureThreshold: 60
httpGet:
path: /login
port: http
scheme: HTTP
initialDelaySeconds: 120
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 8
# backup is section for configuring operator's backup feature
# By default backup feature is enabled and pre-configured
# This section simplifies the configuration described here: https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/configure-backup-and-restore/
# For customization tips see https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/custom-backup-and-restore/
backup:
# enabled is enable/disable switch for backup feature
# By default the feature is enabled
enabled: true
# image used by backup feature
# By default using prebuilt backup PVC image
image: quay.io/jenkins-kubernetes-operator/backup-pvc:v0.4.1
# containerName is backup container name
containerName: backup
# interval defines how often make backup in seconds
interval: 30
# makeBackupBeforePodDeletion when enabled will make backup before pod deletion
makeBackupBeforePodDeletion: true
# backupCommand is backup container command
backupCommand:
- /home/user/bin/backup.sh
# restoreCommand is backup restore command
restoreCommand:
- /home/user/bin/restore.sh
getLatestAction:
- /home/user/bin/get-latest.sh
# pvc is Persistent Volume Claim Kubernetes resource
pvc:
# enabled is enable/disable switch for PVC
enabled: true
# size is size of PVC
size: 5Gi
# className is storageClassName for PVC
# See https://kubernetes.io/docs/concepts/storage/persistent-volumes/#class-1 for more details
className: ""
# resources used by backup container
resources:
limits:
cpu: 1000m
memory: 2Gi
requests:
cpu: 100m
memory: 500Mi
# env contains container environment variables
# PVC backup provider handles these variables:
# BACKUP_DIR - path for storing backup files (default: "/backup")
# JENKINS_HOME - path to jenkins home (default: "/jenkins-home")
# BACKUP_COUNT - define how much recent backups will be kept
# Optional in case you want to modify the backup and restore retry logic
# BACKUP_RETRY_COUNT
# BACKUP_RETRY_INTERVAL
# RESTORE_RETRY_COUNT
# RESTORE_RETRY_INTERVAL
env:
- name: BACKUP_DIR
value: /backup
- name: JENKINS_HOME
value: /jenkins-home
- name: BACKUP_COUNT
value: "3" # keep only the 3 most recent backups
#- name: BACKUP_RETRY_COUNT
# value: "3"
#- name: BACKUP_RETRY_INTERVAL
# value: "60"
#- name: RESTORE_RETRY_COUNT
# value: "10"
#- name: RESTORE_RETRY_INTERVAL
# value: "10"
# volumeMounts holds the mount points for volumes
volumeMounts:
- name: jenkins-home
mountPath: /jenkins-home # Jenkins home volume
- mountPath: /backup # backup volume
name: backup
# configuration is section where we can configure Jenkins instance
# See https://jenkinsci.github.io/kubernetes-operator/docs/getting-started/latest/customization/ for details
configuration:
configurationAsCode: []
# - configMapName: jenkins-casc
# content: {}
groovyScripts: []
# - configMapName: jenkins-gs
# content: {}
# secretRefName of existing secret (previously created)
secretRefName: ""
# secretData creates new secret if secretRefName is empty and fills with data provided in secretData
secretData: {}
# operator is section for configuring operator deployment
operator:
replicaCount: 1
# image is the name (and tag) of the Jenkins Operator image
image: quay.io/jenkins-kubernetes-operator/operator:v0.8.1
# imagePullPolicy defines policy for pulling images
imagePullPolicy: IfNotPresent
# imagePullSecrets is used if you want to pull images from private repository
imagePullSecrets: []
# nameOverride overrides the app name
nameOverride: ""
# fullnameOverride overrides the deployment name
fullnameOverride: ""
# Select a different namespace to look for the Jenkins CR and deploy Jenkins in. Defaults to the same namespace as
# the operator.
# watchNamespace: "jenkins-namespace"
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}
webhook:
# TLS certificates for webhook
certificate:
name: webhook-certificate
# validity of the certificate
duration: 2160h
# time after which the certificate will be automatically renewed
renewbefore: 360h
# enable or disable the validation webhook
enabled: false
cert-manager:
# cert-manager is required to generate certificates for webhook. If you don't have cert-manager installed in your cluster,
# you can install it as a subordinate chart
enabled: false
# This startupapicheck is a Helm post-install hook that waits for the webhook
# endpoints to become available.
startupapicheck:
enabled: false