--- # Based on # https://github.com/kubernetes/charts/blob/master/stable/jenkins/templates/jenkins-master-deployment.yaml # apiVersion: v1 kind: "List" items: - apiVersion: v1 kind: Namespace metadata: name: "jenkins-@@USER@@" - apiVersion: v1 kind: Service metadata: name: 'jenkins-@@USER@@' namespace: 'jenkins-@@USER@@' spec: ports: - name: 'http' port: 80 targetPort: 80 protocol: TCP - name: 'jnlp' port: 50000 targetPort: 50000 protocol: TCP selector: app: 'jenkins-@@USER@@' - apiVersion: extensions/v1beta1 kind: Ingress metadata: name: 'http-ingress' namespace: 'jenkins-@@USER@@' annotations: kubernetes.io/tls-acme: "true" kubernetes.io/ingress.class: "nginx" spec: tls: - hosts: - '@@USER@@.codevalet.io' secretName: ingress-tls rules: - host: '@@USER@@.codevalet.io' http: paths: - path: '/' backend: serviceName: 'jenkins-@@USER@@' servicePort: 80 - apiVersion: apps/v1beta1 kind: StatefulSet metadata: name: "jenkins-@@USER@@" namespace: "jenkins-@@USER@@" labels: name: "jenkins-@@USER@@" spec: serviceName: 'jenkins-@@USER@@' replicas: 1 selector: matchLabels: app: 'jenkins-@@USER@@' volumeClaimTemplates: - metadata: name: "jenkins-@@USER@@" namespace: "jenkins-@@USER@@" spec: accessModes: - ReadWriteOnce resources: requests: storage: 5Gi template: metadata: labels: app: 'jenkins-@@USER@@' owner: '@@USER@@' kind: 'master' annotations: spec: securityContext: fsGroup: 1000 # https://github.com/kubernetes/kubernetes/issues/2630#issuecomment-344091454 runAsUser: 0 containers: - name: "jenkins-@@USER@@" image: "codevalet/master:latest" imagePullPolicy: Always ports: - containerPort: 80 name: http - containerPort: 50000 name: jnlp resources: requests: memory: 384M limits: memory: 1G volumeMounts: - name: "jenkins-@@USER@@" mountPath: "/var/jenkins_home" env: - name: CPU_REQUEST valueFrom: resourceFieldRef: resource: requests.cpu - name: CPU_LIMIT valueFrom: resourceFieldRef: resource: limits.cpu - name: MEM_REQUEST valueFrom: resourceFieldRef: resource: requests.memory divisor: "1Mi" - name: MEM_LIMIT valueFrom: resourceFieldRef: resource: limits.memory divisor: "1Mi" - name: JAVA_OPTS value: "-Dhudson.DNSMultiCast.disabled=true -Djenkins.CLI.disabled=true -Djenkins.install.runSetupWizard=false -Xmx$(MEM_REQUEST)m -Dhudson.slaves.NodeProvisioner.MARGIN=50 -Dhudson.slaves.NodeProvisioner.MARGIN0=0.85" - name: GITHUB_USER value: @@USER@@ - name: CLIENT_ID value: '790a28783a813e2b2b3c' - name: SENTRY_DSN valueFrom: secretKeyRef: name: jenkins-masters key: sentry - name: SENTRY_PUBLIC_DSN value: 'https://6879decf237b4307ad697c8dc56731c3@sentry.io/206607' - name: JENKINS_OPTS value: '' - name: DATADOG_API_KEY valueFrom: secretKeyRef: name: datadog key: api_key - name: CLIENT_SECRET valueFrom: secretKeyRef: name: oauth key: secret - name: AZURE_CLIENT_SECRET valueFrom: secretKeyRef: name: jenkins-masters key: azure_client_secret - name: AZURE_CLIENT_ID valueFrom: secretKeyRef: name: jenkins-masters key: azure_client - name: AZURE_TENANT_ID valueFrom: secretKeyRef: name: jenkins-masters key: azure_tenant - name: AZURE_SUBSCRIPTION_ID valueFrom: secretKeyRef: name: jenkins-masters key: azure_subscription # vim: ft=yaml