[stage-5] improve jenkins helm chart, add scripts for jenkins pipeline

2025-12-25 15:22:36 +03:00 · 2023-04-01 11:53:06 +07:00
parent b050b04af8
commit 6c1f175616
13 changed files with 244 additions and 43 deletions
--- a/k8s/helm/jenkins/templates/NOTES.txt
+++ b/k8s/helm/jenkins/templates/NOTES.txt
@@ -1,6 +1,6 @@
 ---------------------------------------------------------

 Jenkins CI/CD main instance.
-Deployed version {{ .Values.image.tag | default .Chart.AppVersion }}.
+Deployed version {{ .Values.image.tag | default .Chart.AppVersion }} in namespace {{ .Values.namespace }}.

 ---------------------------------------------------------
--- a/k8s/helm/jenkins/templates/_helper.tpl
+++ b/k8s/helm/jenkins/templates/_helper.tpl
@@ -0,0 +1,6 @@
+{{- define "docker_config" -}}
+{{ $auth := printf "%s:%s" .Values.docker.dockerHubUser .Values.docker.dockerHubPassword }}
+auths:
+  "https://index.docker.io/v1/":
+    auth: {{ $auth | b64enc }}
+{{- end -}}
--- a/k8s/helm/jenkins/templates/ingress.yaml
+++ b/k8s/helm/jenkins/templates/ingress.yaml
@@ -3,7 +3,7 @@ apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  name: {{ .Chart.Name }}-{{ .Values.environment }}-ingress
-  namespace: devops-tools
+  namespace: {{ .Values.namespace }}
  annotations:
    kubernetes.io/ingress.class: nginx
 spec:
--- a/k8s/helm/jenkins/templates/namespace.yaml
+++ b/k8s/helm/jenkins/templates/namespace.yaml
@@ -2,4 +2,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: devops-tools
+  name: {{ .Values.namespace }}
--- a/k8s/helm/jenkins/templates/secret.yaml
+++ b/k8s/helm/jenkins/templates/secret.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: docker-config
+  namespace: {{ .Values.namespace }}
+data:
+  config.json: {{ include "docker_config" . | fromYaml | toJson | b64enc }}
--- a/k8s/helm/jenkins/templates/service-account.yaml
+++ b/k8s/helm/jenkins/templates/service-account.yaml
@@ -7,14 +7,12 @@ rules:
  - apiGroups: [""]
    resources: ["*"]
    verbs: ["*"]
-
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: jenkins-admin
-  namespace: devops-tools
-
+  namespace: {{ .Values.namespace }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
@@ -27,4 +25,17 @@ roleRef:
 subjects:
  - kind: ServiceAccount
    name: jenkins-admin
-    namespace: devops-tools
+    namespace: {{ .Values.namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: jenkins-cluster-admin
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+  - kind: ServiceAccount
+    name: jenkins-admin
+    namespace: {{ .Values.namespace }}
--- a/k8s/helm/jenkins/templates/service.yaml
+++ b/k8s/helm/jenkins/templates/service.yaml
@@ -3,7 +3,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ .Chart.Name }}-{{ .Values.environment }}-main
-  namespace: devops-tools
+  namespace: {{ .Values.namespace }}
 spec:
  ports:
    - name: web
@@ -16,7 +16,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ .Chart.Name }}-{{ .Values.environment }}-main-np
-  namespace: devops-tools
+  namespace: {{ .Values.namespace }}
 spec:
  type: NodePort
  ports:
--- a/k8s/helm/jenkins/templates/statefulset.yaml
+++ b/k8s/helm/jenkins/templates/statefulset.yaml
@@ -1,13 +1,14 @@
 ---
 apiVersion: apps/v1
-kind: Deployment
+kind: StatefulSet
 metadata:
  labels:
    app: {{ .Chart.Name }}-{{ .Values.environment }}-main
    service: jenkins
  name: {{ .Chart.Name }}-{{ .Values.environment }}-main
-  namespace: devops-tools
+  namespace: {{ .Values.namespace }}
 spec:
+  serviceName: jenkins
  replicas: 1
  selector:
    matchLabels:
@@ -35,10 +36,12 @@ spec:
            - name: web
              containerPort: 8080
            - name: jnlp
-              containerPort: 50000
+              containerPort: 30000
          env:
            - name: JENKINS_OPTS
              value: "--prefix=/jenkins"
+            - name: JENKINS_SLAVE_AGENT_PORT
+              value: '30000'
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
          volumeMounts:
--- a/k8s/helm/jenkins/templates/volume.yaml
+++ b/k8s/helm/jenkins/templates/volume.yaml
@@ -3,17 +3,15 @@ apiVersion: v1
 kind: PersistentVolume
 metadata:
  name: jenkins-pv-volume
-  labels:
-    type: local
 spec:
  storageClassName: manual
  claimRef:
    name: jenkins-pv-claim
-    namespace: devops-tools
+    namespace: {{ .Values.namespace }}
  capacity:
    storage: 10Gi
  accessModes:
-    - ReadWriteOnce
+    - ReadWriteMany
  hostPath:
    path: /mnt/jenkins
  nodeAffinity:
@@ -31,11 +29,11 @@ apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: jenkins-pv-claim
-  namespace: devops-tools
+  namespace: {{ .Values.namespace }}
 spec:
-  storageClassName: local-storage
+  storageClassName: manual
  accessModes:
-    - ReadWriteOnce
+    - ReadWriteMany
  resources:
    requests:
      storage: 3Gi
--- a/k8s/helm/jenkins/values.yaml
+++ b/k8s/helm/jenkins/values.yaml
@@ -1,4 +1,5 @@
 environment: production
+namespace: ci-cd

 image:
  name: jenkins/jenkins
@@ -11,3 +12,7 @@ resources:
  requests:
    cpu: 500m
    memory: 500Mi
+
+docker:
+  dockerHubUser: user
+  dockerHubPassword: pass