├── .gitignore ├── charts ├── httpd │ ├── README.md │ ├── Chart.yaml │ ├── templates │ │ ├── secret.yaml │ │ ├── persistentVolumeClaim.yaml │ │ ├── service.yaml │ │ ├── persistentVolume.yaml │ │ ├── ingress.yaml │ │ └── NOTES.txt │ ├── .helmignore │ └── tests │ │ ├── values │ │ ├── custom.yaml │ │ └── global.yaml │ │ └── parent_values_test.yaml ├── rsyncd │ ├── README.md │ ├── Chart.yaml │ ├── templates │ │ ├── secrets.yaml │ │ ├── configmap.rsyncd-conf.yaml │ │ └── service.yaml │ ├── .helmignore │ └── tests │ │ └── values │ │ └── custom_rsyncd.yaml ├── jenkins-jobs │ ├── .helmignore │ ├── tests │ │ ├── fixtures │ │ │ ├── multibranch_default.yaml │ │ │ ├── folders_default.yaml │ │ │ ├── folders_description.yaml │ │ │ ├── multibranch_custom.yaml │ │ │ ├── base_jenkinsname.yaml │ │ │ ├── multibranch_mainbranch_only.yaml │ │ │ ├── multibranch_customgithub.yaml │ │ │ ├── folders_children.yaml │ │ │ ├── multibranch_customadvanced.yaml │ │ │ └── credentials_override.yaml │ │ ├── manual │ │ │ ├── k3d.yaml │ │ │ ├── helmfile-k3d.yaml │ │ │ └── jenkins-jobs_values.yaml │ │ └── base_test.yaml │ ├── Chart.yaml │ └── templates │ │ └── jcasc-jobs-config.yaml ├── jenkins │ ├── templates │ │ ├── .gitignore │ │ ├── jenkins-secrets.yaml │ │ └── cluster-admin.yaml │ ├── Chart.yaml │ ├── requirements.yaml │ ├── README.md │ └── values.yaml ├── accountapp │ ├── .gitignore │ ├── Chart.yaml │ ├── templates │ │ ├── secret.yaml │ │ ├── service.yaml │ │ ├── pdb.yaml │ │ ├── ingress.yaml │ │ ├── NOTES.txt │ │ └── _helpers.tpl │ ├── .helmignore │ ├── tests │ │ ├── values │ │ │ └── custom.yaml │ │ ├── defaults_test.yaml │ │ └── custom_values_test.yaml │ └── README.md ├── plugin-site │ ├── .gitignore │ ├── Chart.yaml │ ├── templates │ │ ├── service-backend.yaml │ │ ├── service-frontend.yaml │ │ ├── pdb-frontend.yaml │ │ ├── nginx-configmap.yaml │ │ ├── secret.yaml │ │ ├── ingress.yaml │ │ └── NOTES.txt │ ├── .helmignore │ ├── tests │ │ └── values │ │ │ └── custom.yaml │ └── README.md ├── nginx-website │ ├── .gitignore │ ├── Chart.yaml │ ├── templates │ │ ├── secret.yaml │ │ ├── service.yaml │ │ ├── pdb.yaml │ │ ├── nginx-configmap.yaml │ │ ├── ingress.yaml │ │ ├── NOTES.txt │ │ └── _helpers.tpl │ ├── .helmignore │ ├── tests │ │ ├── values │ │ │ ├── custom.yaml │ │ │ └── custom-locations.yaml │ │ └── custom_values_locations_test.yaml │ └── README.md ├── rss2twitter │ ├── templates │ │ ├── NOTES.txt │ │ ├── secret.yaml │ │ ├── exclusion-patterns-configmap.yaml │ │ └── _helpers.tpl │ ├── Chart.yaml │ ├── README.md │ ├── .helmignore │ ├── tests │ │ ├── defaults_values_test.yaml │ │ └── custom_values_test.yaml │ └── values.yaml ├── wiki │ ├── tests │ │ ├── values │ │ │ └── custom.yaml │ │ ├── defaults_test.yaml │ │ └── custom_values_test.yaml │ ├── Chart.yaml │ ├── templates │ │ ├── service.yaml │ │ ├── pdb.yaml │ │ ├── _helpers.tpl │ │ └── NOTES.txt │ ├── .helmignore │ └── values.yaml ├── ipv6-lb-service │ ├── values.yaml │ ├── Chart.yaml │ ├── .helmignore │ └── templates │ │ └── ipv6-lb-service.yaml ├── rating │ ├── tests │ │ ├── values │ │ │ └── custom.yaml │ │ ├── defaults_test.yaml │ │ └── custom_values_test.yaml │ ├── Chart.yaml │ ├── .helmignore │ ├── templates │ │ ├── service.yaml │ │ ├── secret.yaml │ │ ├── ingress.yaml │ │ ├── _helpers.tpl │ │ └── NOTES.txt │ └── values.yaml ├── ldap │ ├── Chart.yaml │ ├── templates │ │ ├── secret.yaml │ │ ├── certificate.yaml │ │ ├── NOTES.txt │ │ ├── service.yaml │ │ └── _helpers.tpl │ ├── tests │ │ └── values │ │ │ └── custom.yaml │ ├── .helmignore │ └── README.md ├── artifact-caching-proxy │ ├── Chart.yaml │ ├── templates │ │ ├── secret.yaml │ │ ├── pdb.yaml │ │ ├── service.yaml │ │ ├── _helpers.tpl │ │ └── NOTES.txt │ ├── .helmignore │ └── tests │ │ └── proxy_cache_bypass_test.yaml ├── jenkins-kubernetes-agents │ ├── Chart.yaml │ ├── templates │ │ ├── resourcequota.yaml │ │ ├── registry-secret.yaml │ │ ├── serviceaccount.yaml │ │ ├── serviceaccounttoken.yaml │ │ ├── _helpers.tpl │ │ └── rbac.yaml │ ├── .helmignore │ └── values.yaml ├── incrementals-publisher │ ├── Chart.yaml │ ├── .helmignore │ ├── templates │ │ ├── service.yaml │ │ ├── secret.yaml │ │ ├── ingress.yaml │ │ ├── NOTES.txt │ │ └── _helpers.tpl │ ├── tests │ │ ├── values │ │ │ └── custom.yaml │ │ └── defaults_test.yaml │ └── README.md ├── uplink │ ├── Chart.yaml │ ├── tests │ │ ├── values │ │ │ └── custom.yaml │ │ └── defaults_test.yaml │ ├── templates │ │ ├── secret.yaml │ │ ├── service.yaml │ │ ├── pdb.yaml │ │ ├── ingress.yaml │ │ ├── NOTES.txt │ │ └── _helpers.tpl │ ├── .helmignore │ ├── README.adoc │ └── values.yaml ├── maven-cacher │ ├── Chart.yaml │ ├── tests │ │ └── values │ │ │ └── custom.yaml │ ├── values.yaml │ └── templates │ │ ├── configmap-scripts.yaml │ │ ├── _helpers.tpl │ │ └── configmap-maven-settings.yaml ├── geoipupdates │ ├── Chart.yaml │ ├── tests │ │ ├── defaults_test_rbac.yaml │ │ └── values │ │ │ └── custom_geoipupdater.yaml │ ├── templates │ │ └── secret.yaml │ └── values.yaml ├── mirrorbits │ ├── Chart.yaml │ ├── tests │ │ └── values │ │ │ ├── global.yaml │ │ │ ├── custom_samePVC.yaml │ │ │ └── custom_existingPVC.yaml │ ├── .helmignore │ ├── templates │ │ ├── pdb.yaml │ │ ├── secrets.yaml │ │ ├── persistentVolumeClaims.yaml │ │ ├── persistentVolumes.yaml │ │ └── services.yaml │ └── README.md ├── plugin-site-issues │ ├── Chart.yaml │ ├── tests │ │ ├── values │ │ │ └── custom.yaml │ │ ├── custom_values_test.yaml │ │ └── defaults_values_test.yaml │ ├── .helmignore │ ├── templates │ │ ├── service.yaml │ │ ├── secret.yaml │ │ ├── _helpers.tpl │ │ └── NOTES.txt │ └── README.md ├── acme │ ├── templates │ │ ├── secret.yaml │ │ └── clusterIssuer.yaml │ ├── Chart.yaml │ ├── tests │ │ ├── defaults_values_test.yaml │ │ └── custom_values_test.yaml │ ├── .helmignore │ ├── values.yaml │ └── README.md ├── plugin-health-scoring │ ├── Chart.yaml │ ├── tests │ │ ├── values │ │ │ └── custom.yaml │ │ └── custom_values_test.yaml │ ├── README.md │ ├── templates │ │ ├── secret.yaml │ │ ├── service.yaml │ │ ├── ingress.yaml │ │ ├── NOTES.txt │ │ └── _helpers.tpl │ └── .helmignore ├── docker-registry │ ├── templates │ │ ├── configmap.yaml │ │ ├── secret.yaml │ │ └── service.yaml │ ├── .helmignore │ └── Chart.yaml └── keycloak │ ├── templates │ ├── service.yaml │ ├── ingress.yaml │ ├── NOTES.txt │ └── _helpers.tpl │ ├── .helmignore │ ├── values.yaml │ └── Chart.yaml ├── CODEOWNERS ├── .github ├── dependabot.yml └── workflows │ └── sync-readme.yaml ├── Jenkinsfile_updatecli ├── updatecli ├── values.yaml └── updatecli.d │ ├── helm-unittest.yaml │ ├── rss2twitter.yaml │ ├── httpd.yaml │ ├── geoipupdates.yaml │ ├── rating.yaml │ ├── rsyncd.yaml │ ├── plugin-site-api.yaml │ ├── incrementals-publisher.yaml │ ├── accountapp.yaml │ ├── uplink.yaml │ └── wiki.yaml └── README.md /.gitignore: -------------------------------------------------------------------------------- 1 | *tgz 2 | *gz 3 | -------------------------------------------------------------------------------- /charts/httpd/README.md: -------------------------------------------------------------------------------- 1 | # httpd 2 | -------------------------------------------------------------------------------- /charts/rsyncd/README.md: -------------------------------------------------------------------------------- 1 | # Rsyncd 2 | -------------------------------------------------------------------------------- /charts/jenkins-jobs/.helmignore: -------------------------------------------------------------------------------- 1 | tests 2 | -------------------------------------------------------------------------------- /charts/jenkins/templates/.gitignore: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /charts/accountapp/.gitignore: -------------------------------------------------------------------------------- 1 | values.local.yaml -------------------------------------------------------------------------------- /charts/plugin-site/.gitignore: -------------------------------------------------------------------------------- 1 | values.local.yaml -------------------------------------------------------------------------------- /charts/nginx-website/.gitignore: -------------------------------------------------------------------------------- 1 | values.local.yaml 2 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | charts/plugin-health-scoring/ @alecharp 2 | -------------------------------------------------------------------------------- /charts/rss2twitter/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | Consult the pod logs to see if the app is running. 2 | -------------------------------------------------------------------------------- /charts/jenkins-jobs/tests/fixtures/multibranch_default.yaml: -------------------------------------------------------------------------------- 1 | jobsDefinition: 2 | default-job: 3 | name: Default Job 4 | -------------------------------------------------------------------------------- /charts/wiki/tests/values/custom.yaml: -------------------------------------------------------------------------------- 1 | replicaCount: 2 2 | poddisruptionbudget: 3 | minAvailable: 2 4 | maxUnavailable: 1 5 | -------------------------------------------------------------------------------- /charts/ipv6-lb-service/values.yaml: -------------------------------------------------------------------------------- 1 | ipv6PipName: "" 2 | resourceGroup: "" 3 | app: 4 | name: "" 5 | component: "" 6 | instance: "" 7 | # partOf: "" 8 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: 2 3 | updates: 4 | - package-ecosystem: "github-actions" 5 | directory: "/" 6 | schedule: 7 | interval: "weekly" 8 | -------------------------------------------------------------------------------- /charts/rating/tests/values/custom.yaml: -------------------------------------------------------------------------------- 1 | podAnnotations: 2 | ad.datadoghq.com/rating.logs: | 3 | [ 4 | {"source":"apache","service":"RELEASE-NAME"} 5 | ] 6 | -------------------------------------------------------------------------------- /Jenkinsfile_updatecli: -------------------------------------------------------------------------------- 1 | if (env.BRANCH_IS_PRIMARY) { 2 | updatecli(action: 'apply', cronTriggerExpression: '@hourly') 3 | } else { 4 | updatecli(action: 'diff') 5 | } 6 | -------------------------------------------------------------------------------- /charts/rss2twitter/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | description: A Helm chart for https://github.com/umputun/rss2twitter 3 | name: rss2twitter 4 | type: application 5 | version: 0.1.0 6 | -------------------------------------------------------------------------------- /charts/ldap/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: A Helm chart for ldap.jenkins.io 3 | maintainers: 4 | - name: jenkins-infra-team@googlegroups.com 5 | name: ldap 6 | version: 4.2.5 7 | -------------------------------------------------------------------------------- /charts/jenkins-jobs/tests/fixtures/folders_default.yaml: -------------------------------------------------------------------------------- 1 | jobsDefinition: 2 | folder-a: 3 | name: Folder A 4 | kind: folder 5 | folder-b: 6 | name: Folder B 7 | kind: folder 8 | -------------------------------------------------------------------------------- /charts/jenkins-jobs/tests/fixtures/folders_description.yaml: -------------------------------------------------------------------------------- 1 | jobsDefinition: 2 | folder-b: 3 | name: Folder B 4 | description: This is the folder of the projects of Team B 5 | kind: folder 6 | -------------------------------------------------------------------------------- /charts/ipv6-lb-service/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: ipv6-lb-service 3 | description: A Helm chart for Kubernetes to add an additional LB service dedicated to IPv6 4 | type: application 5 | version: 1.0.1 6 | -------------------------------------------------------------------------------- /charts/jenkins-jobs/tests/fixtures/multibranch_custom.yaml: -------------------------------------------------------------------------------- 1 | jenkinsFqdn: jenkins.company.com 2 | jobsDefinition: 3 | joba: 4 | name: Job A 5 | description: Job A for team A 6 | kind: multibranchPipelineJob 7 | -------------------------------------------------------------------------------- /charts/jenkins/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: Jenkins Core Release Environment 3 | icon: https://jenkins.io/images/logos/plumber/256.png 4 | maintainers: 5 | - name: Olblak 6 | name: jenkins 7 | version: 0.55.1 8 | -------------------------------------------------------------------------------- /charts/rsyncd/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: rsyncd helm chart for Kubernetes 3 | name: rsyncd 4 | version: 3.2.6 5 | maintainers: 6 | - email: jenkins-infra-team@googlegroups.com 7 | name: jenkins-infra-team 8 | -------------------------------------------------------------------------------- /charts/artifact-caching-proxy/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | description: artifact-caching-proxy is a Nginx caching proxy in front of repo.jenkins-ci.org 3 | name: artifact-caching-proxy 4 | type: application 5 | version: 1.6.9 6 | -------------------------------------------------------------------------------- /charts/jenkins-jobs/tests/fixtures/base_jenkinsname.yaml: -------------------------------------------------------------------------------- 1 | jenkinsName: admin-controller 2 | jobsDefinition: 3 | parent-folder: 4 | name: Parent Folder 5 | description: Folder hosting all the jobs 6 | kind: folder 7 | -------------------------------------------------------------------------------- /charts/jenkins-kubernetes-agents/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v2 3 | name: jenkins-kubernetes-agents 4 | description: A Helm chart for using Jenkins Kubernetes agents on a remote cluster 5 | type: application 6 | version: 1.1.1 7 | -------------------------------------------------------------------------------- /charts/plugin-site/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.0" 3 | description: A Helm chart for plugins.jenkins.io 4 | maintainers: 5 | - name: jenkins-infra-team@googlegroups.com 6 | name: plugin-site 7 | version: 0.5.2 8 | -------------------------------------------------------------------------------- /charts/wiki/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | version: 0.8.1 3 | appVersion: 0.2.31 4 | description: A Helm chart for wiki static content 5 | name: wiki 6 | type: application 7 | maintainers: 8 | - name: jenkins-infra-team@googlegroups.com 9 | -------------------------------------------------------------------------------- /charts/httpd/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: httpd helm chart for Kubernetes 3 | name: httpd 4 | version: 2.0.1 5 | appVersion: v2.4 6 | maintainers: 7 | - email: jenkins-infra-team@googlegroups.com 8 | name: jenkins-infra-team 9 | -------------------------------------------------------------------------------- /charts/incrementals-publisher/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | description: incrementals-publisher 3 | name: incrementals-publisher 4 | version: 0.8.2 5 | maintainers: 6 | - email: jenkins-infra-team@googlegroups.com 7 | name: jenkins-infra-team 8 | -------------------------------------------------------------------------------- /charts/uplink/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: A Helm chart for uplink.jenkins.io 3 | name: uplink 4 | version: 1.2.0 5 | appVersion: 1.0.3 6 | maintainers: 7 | - email: jenkins-infra-team@googlegroups.com 8 | name: jenkins-infra-team 9 | -------------------------------------------------------------------------------- /charts/jenkins-jobs/tests/fixtures/multibranch_mainbranch_only.yaml: -------------------------------------------------------------------------------- 1 | jobsDefinition: 2 | job-c: 3 | name: Job C 4 | allowUntrustedChanges: false 5 | disableTagDiscovery: true 6 | disablePullRequests: true 7 | branchIncludes: "main" 8 | -------------------------------------------------------------------------------- /charts/maven-cacher/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: Maven Cache updater for the *.jenkins.io controllers 3 | name: maven-cacher 4 | version: 0.0.4 5 | maintainers: 6 | - email: jenkins-infra-team@googlegroups.com 7 | name: jenkins-infra-team 8 | -------------------------------------------------------------------------------- /charts/accountapp/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: A Helm chart for accounts.jenkins.io 3 | maintainers: 4 | - email: jenkins-infra-team@googlegroups.com 5 | name: jenkins-infra-team 6 | name: accountapp 7 | version: 0.10.18 8 | appVersion: 0.6.79 9 | -------------------------------------------------------------------------------- /charts/geoipupdates/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: MaxMind GeoIP database updater 3 | name: geoipupdates 4 | version: 2.35.0 5 | appVersion: "v7.1.0" 6 | maintainers: 7 | - email: jenkins-infra-team@googlegroups.com 8 | name: jenkins-infra-team 9 | -------------------------------------------------------------------------------- /charts/jenkins-kubernetes-agents/templates/resourcequota.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.quotas -}} 2 | apiVersion: v1 3 | kind: ResourceQuota 4 | metadata: 5 | name: pods 6 | spec: 7 | hard: 8 | pods: {{ .Values.quotas.pods | quote }} 9 | {{- end -}} 10 | -------------------------------------------------------------------------------- /charts/mirrorbits/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: Mirrobits helm chart for Kubernetes 3 | name: mirrorbits 4 | version: 5.10.3 5 | appVersion: "v0.6.1" 6 | maintainers: 7 | - email: jenkins-infra-team@googlegroups.com 8 | name: jenkins-infra-team 9 | -------------------------------------------------------------------------------- /charts/mirrorbits/tests/values/global.yaml: -------------------------------------------------------------------------------- 1 | # Mock chart parent inherited global values passed to subcharts 2 | global: 3 | storage: 4 | enabled: true 5 | claimNameTpl: '{{ default "parent-chart-shared-data" }}' 6 | ingress: 7 | enabled: true 8 | -------------------------------------------------------------------------------- /charts/wiki/tests/defaults_test.yaml: -------------------------------------------------------------------------------- 1 | suite: default tests 2 | templates: 3 | - pdb.yaml 4 | tests: 5 | - it: should not generate any pdb with default values 6 | template: pdb.yaml 7 | asserts: 8 | - hasDocuments: 9 | count: 0 10 | -------------------------------------------------------------------------------- /charts/rss2twitter/README.md: -------------------------------------------------------------------------------- 1 | # RSS 2 Twitter 2 | 3 | This chart deploys [rss2twitter](https://github.com/umputun/rss2twitter). 4 | 5 | ## Running this yourself 6 | 7 | ``` 8 | helm install -f values.yaml -f values.local.yaml --name rss2twitter . 9 | ``` 10 | -------------------------------------------------------------------------------- /charts/rating/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | appVersion: "1.0" 3 | description: A Helm chart for Kubernetes 4 | name: rating 5 | type: application 6 | version: 0.5.2 7 | maintainers: 8 | - email: jenkins-infra-team@googlegroups.com 9 | name: jenkins-infra-team 10 | -------------------------------------------------------------------------------- /updatecli/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | github: 3 | user: "jenkins-infra-updatecli" 4 | email: "178728+jenkins-infra-updatecli[bot]@users.noreply.github.com" 5 | token: "UPDATECLI_GITHUB_TOKEN" 6 | branch: "main" 7 | owner: "jenkins-infra" 8 | repository: "helm-charts" 9 | -------------------------------------------------------------------------------- /charts/mirrorbits/tests/values/custom_samePVC.yaml: -------------------------------------------------------------------------------- 1 | # Test case: both repository and geoipdata have the same PVC 2 | repository: 3 | name: common-pvc 4 | existingPVC: true 5 | subDir: ./repository/ 6 | geoipdata: 7 | existingPVCName: common-pvc 8 | subDir: ./geoipdata/ 9 | -------------------------------------------------------------------------------- /charts/jenkins-jobs/tests/manual/k3d.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: k3d.io/v1alpha5 2 | kind: Simple 3 | metadata: 4 | name: jenkins-jobs 5 | servers: 1 6 | agents: 1 7 | image: rancher/k3s:v1.32.10-k3s1 8 | ports: 9 | - port: 80:80 10 | nodeFilters: 11 | - loadbalancer 12 | -------------------------------------------------------------------------------- /charts/nginx-website/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | appVersion: "1.0" 4 | description: A Helm chart for serving website with nginx 5 | name: nginx-website 6 | maintainers: 7 | - email: jenkins-infra-team@googlegroups.com 8 | name: jenkins-infra-team 9 | version: 0.6.0 10 | -------------------------------------------------------------------------------- /charts/plugin-site-issues/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | version: 0.4.7 3 | appVersion: 0.10.48 4 | description: plugin-site-issues 5 | name: plugin-site-issues 6 | type: application 7 | maintainers: 8 | - email: jenkins-infra-team@googlegroups.com 9 | name: jenkins-infra-team 10 | -------------------------------------------------------------------------------- /charts/jenkins-jobs/tests/fixtures/multibranch_customgithub.yaml: -------------------------------------------------------------------------------- 1 | jobsDefinition: 2 | job-b: 3 | name: Job B 4 | description: Job B for team B 5 | kind: multibranchPipelineJob 6 | repoOwner: obiwankenobi 7 | repository: lightsaber 8 | githubCredentialsId: the-force 9 | -------------------------------------------------------------------------------- /charts/ldap/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ include "ldap.fullname" . }} 6 | labels: 7 | {{ include "ldap.labels" . | indent 4 }} 8 | type: Opaque 9 | data: 10 | ldap.admin.password: {{ .Values.ldap.admin.password | b64enc }} 11 | -------------------------------------------------------------------------------- /charts/acme/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- range $clientSecret := .Values.acme.clientSecrets }} 2 | --- 3 | apiVersion: v1 4 | kind: Secret 5 | metadata: 6 | name: {{ $clientSecret.name }} 7 | type: Opaque 8 | data: 9 | CLIENT_SECRET: {{ $clientSecret.value | b64enc | quote }} 10 | {{- end }} 11 | -------------------------------------------------------------------------------- /charts/plugin-health-scoring/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | description: A Helm chart for Kubernetes 3 | name: plugin-health-scoring 4 | type: application 5 | version: 3.1.3 6 | appVersion: v5.0.0 7 | maintainers: 8 | - email: jenkins-infra-team@googlegroups.com 9 | name: jenkins-infra-team 10 | -------------------------------------------------------------------------------- /charts/plugin-health-scoring/tests/values/custom.yaml: -------------------------------------------------------------------------------- 1 | secrets: 2 | github0auth: "SuperSecret2022!" 3 | database: 4 | password: "PleaseDoNotUseWeakPasswords" 5 | podAnnotations: 6 | ad.datadoghq.com/phs.logs: | 7 | [ 8 | {"source":"java","service":"RELEASE-NAME"} 9 | ] 10 | -------------------------------------------------------------------------------- /charts/acme/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: An acme settings chart for Jenkins infra project 3 | name: acme 4 | version: 0.1.4 5 | home: "https://github.com/jenkins-infra/charts" 6 | maintainers: 7 | - name: Olblak 8 | email: me@olblak.com 9 | url: https://github.com/olblak 10 | -------------------------------------------------------------------------------- /charts/jenkins/templates/jenkins-secrets.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | # Jenkins Secrets 6 | name: "jenkins-secrets" 7 | type: Opaque 8 | data: 9 | {{- range $key, $value := .Values.secrets }} 10 | {{ $key | nindent 2 }}: {{ $value | b64enc }} 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /charts/acme/tests/defaults_values_test.yaml: -------------------------------------------------------------------------------- 1 | suite: Test with default values 2 | templates: 3 | - clusterIssuer.yaml 4 | - secret.yaml 5 | tests: 6 | - it: should create a cluster issuer by default 7 | template: clusterIssuer.yaml 8 | asserts: 9 | - hasDocuments: 10 | count: 1 11 | -------------------------------------------------------------------------------- /charts/plugin-health-scoring/README.md: -------------------------------------------------------------------------------- 1 | # Plugin Health Scoring 2 | 3 | This chart deploys [plugin-health-scoring](https://github.com/jenkins-infra/plugin-health-scoring). 4 | 5 | ## Running this yourself 6 | 7 | ``` 8 | helm install -f values.yaml -f values.local.yaml --name plugin-health-scoring . 9 | ``` 10 | -------------------------------------------------------------------------------- /charts/uplink/tests/values/custom.yaml: -------------------------------------------------------------------------------- 1 | postgresql: 2 | url: "example-url" 3 | client: 4 | id: "example-id" 5 | secret: "example-secret" 6 | sentry: 7 | dsn: "example-dsn" 8 | podAnnotations: 9 | ad.datadoghq.com/uplink.logs: | 10 | [ 11 | {"source":"nodejs","service":"RELEASE-NAME"} 12 | ] 13 | -------------------------------------------------------------------------------- /charts/jenkins-jobs/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: Jenkins Jobs Definition from YAML to job-dsl 3 | icon: https://jenkins.io/images/logos/plumber/256.png 4 | maintainers: 5 | - name: Jenkins Infra Team 6 | name: jenkins-jobs 7 | version: 3.1.0 8 | appVersion: "1.0" # unused 9 | -------------------------------------------------------------------------------- /charts/plugin-site-issues/tests/values/custom.yaml: -------------------------------------------------------------------------------- 1 | ingress: 2 | enabled: true 3 | podAnnotations: 4 | ad.datadoghq.com/plugin-site-issues.logs: | 5 | [ 6 | {"source":"nodejs","service":"RELEASE-NAME"} 7 | ] 8 | github: 9 | appId: foo 10 | appPrivateKey: bar 11 | jira: 12 | username: foo 13 | password: bar 14 | -------------------------------------------------------------------------------- /charts/mirrorbits/tests/values/custom_existingPVC.yaml: -------------------------------------------------------------------------------- 1 | repository: 2 | name: anotherPVC 3 | existingPVC: true 4 | persistentVolumeClaim: 5 | enabled: false 6 | persistentVolume: 7 | enabled: false 8 | geoipdata: 9 | existingPVCName: geodataHere 10 | subDir: ./geoipdata/ 11 | persistentData: 12 | enabled: false 13 | -------------------------------------------------------------------------------- /charts/httpd/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{ if $.Values.repository.secrets.enabled -}} 2 | --- 3 | apiVersion: v1 4 | kind: Secret 5 | metadata: 6 | name: {{ include "httpd.fullname" . }}-binary 7 | type: Opaque 8 | data: 9 | {{- range $key, $val := .Values.repository.secrets.data }} 10 | {{ $key }}: {{ $val | b64enc }} 11 | {{- end }} 12 | {{- end -}} 13 | -------------------------------------------------------------------------------- /charts/docker-registry/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ template "docker-registry.fullname" . }}-config 5 | namespace: {{ .Values.namespace | default .Release.Namespace }} 6 | labels: {{ include "docker-registry.labels" . | nindent 4 }} 7 | data: 8 | config.yml: |- 9 | {{ toYaml .Values.configData | indent 4 }} 10 | -------------------------------------------------------------------------------- /charts/keycloak/templates/service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | kind: Service 3 | apiVersion: v1 4 | metadata: 5 | name: {{ include "keycloak.fullname" . }}-404 6 | labels: 7 | {{- include "keycloak.labels" . | nindent 4 }} 8 | spec: 9 | type: ExternalName 10 | externalName: public-nginx-ingress-default-backend.kube-system.svc.cluster.local 11 | ports: 12 | - port: 80 13 | -------------------------------------------------------------------------------- /charts/jenkins-kubernetes-agents/templates/registry-secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.imageCredentials -}} 2 | {{- if .Values.imageCredentials.enabled -}} 3 | apiVersion: v1 4 | kind: Secret 5 | metadata: 6 | name: dockerhub-credential 7 | type: kubernetes.io/dockerconfigjson 8 | data: 9 | .dockerconfigjson: {{ template "imagePullSecret" . }} 10 | {{- end -}} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /charts/artifact-caching-proxy/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.auth.enabled }} 2 | --- 3 | apiVersion: v1 4 | kind: Secret 5 | metadata: 6 | name: {{ include "artifact-caching-proxy.fullname" . }}-basic-auth 7 | labels: 8 | {{ include "artifact-caching-proxy.labels" . | indent 4 }} 9 | type: Opaque 10 | data: 11 | auth: {{ .Values.auth.basicAuth | b64enc }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/nginx-website/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.azureStorageAccountName }} 2 | --- 3 | apiVersion: v1 4 | kind: Secret 5 | metadata: 6 | name: {{ include "nginx-website.fullname" . }} 7 | type: Opaque 8 | data: 9 | azurestorageaccountname: {{ .Values.azureStorageAccountName | b64enc }} 10 | azurestorageaccountkey: {{ .Values.azureStorageAccountKey | b64enc }} 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /charts/accountapp/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ include "accountapp.fullname" . }} 6 | labels: 7 | {{ include "accountapp.labels" . | indent 4 }} 8 | type: Opaque 9 | data: 10 | ldapPassword: {{ .Values.ldap.password | b64enc }} 11 | jiraPassword: {{ .Values.jira.password | b64enc }} 12 | smtpPassword: {{ .Values.smtp.password | b64enc }} 13 | -------------------------------------------------------------------------------- /charts/plugin-health-scoring/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ include "plugin-health-scoring.fullname" . }} 6 | labels: 7 | {{ include "plugin-health-scoring.labels" . | indent 4 }} 8 | type: Opaque 9 | data: 10 | databasePassword: {{ .Values.secrets.database.password | b64enc }} 11 | githubAppPrivateKey: {{ .Values.secrets.githubAppPrivateKey | b64enc }} 12 | -------------------------------------------------------------------------------- /charts/jenkins-kubernetes-agents/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.existingServiceAccount }} 2 | # From https://github.com/jenkinsci/kubernetes-plugin/blob/master/src/main/kubernetes/service-account.yml 3 | apiVersion: v1 4 | kind: ServiceAccount 5 | metadata: 6 | name: {{ template "jenkins.serviceAccountName" . }} 7 | namespace: {{ .Release.Namespace }} 8 | automountServiceAccountToken: false 9 | {{- end }} 10 | -------------------------------------------------------------------------------- /charts/ldap/tests/values/custom.yaml: -------------------------------------------------------------------------------- 1 | ldap: 2 | admin: 3 | password: name 4 | 5 | service: 6 | lbAllowSources: 7 | another: 1.2.3.4 8 | locals: "127.0.0.1, 127.0.0.0/24" 9 | 10 | persistence: 11 | customBackupClaimName: superBackup 12 | customDataClaimName: batData 13 | 14 | podAnnotations: 15 | ad.datadoghq.com/slapd.logs: | 16 | [ 17 | {"source":"openldap","service":"RELEASE-NAME"} 18 | ] 19 | -------------------------------------------------------------------------------- /charts/uplink/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: {{ include "uplink.fullname" . }} 5 | labels: 6 | {{ include "uplink.labels" . | indent 4 }} 7 | data: 8 | postgresql.url: {{ .Values.postgresql.url | toString | b64enc }} 9 | client.id: {{ .Values.client.id | b64enc }} 10 | client.secret: {{ .Values.client.secret | b64enc }} 11 | sentry.dsn: {{ .Values.sentry.dsn | b64enc }} 12 | -------------------------------------------------------------------------------- /charts/wiki/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "wiki.fullname" . }} 5 | labels: 6 | {{- include "wiki.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | {{- include "wiki.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /charts/httpd/templates/persistentVolumeClaim.yaml: -------------------------------------------------------------------------------- 1 | {{ if and .Values.repository.persistentVolumeClaim.enabled (not (dig "global" "ingress" "enabled" false .Values.AsMap)) -}} 2 | --- 3 | apiVersion: v1 4 | kind: PersistentVolumeClaim 5 | metadata: 6 | name: {{ .Values.repository.name | default (printf "%s-binary" (include "httpd.fullname" .)) }} 7 | spec: 8 | {{ toYaml .Values.repository.persistentVolumeClaim.spec | nindent 2 }} 9 | {{- end -}} 10 | -------------------------------------------------------------------------------- /charts/rsyncd/templates/secrets.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.configuration.sshd .Values.configuration.sshd.hostKeys }} 2 | --- 3 | apiVersion: v1 4 | kind: Secret 5 | metadata: 6 | name: {{ include "rsyncd.fullname" . }}-hostkeys 7 | labels: 8 | {{ include "rsyncd.labels" . | indent 4 }} 9 | type: Opaque 10 | data: 11 | {{- range $key, $val := .Values.configuration.sshd.hostKeys }} 12 | {{ $key }}: {{ $val | b64enc }} 13 | {{- end }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /charts/acme/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /charts/ldap/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /charts/rating/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /charts/uplink/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /charts/wiki/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/httpd/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | tests/ 24 | -------------------------------------------------------------------------------- /charts/keycloak/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/plugin-site-issues/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /charts/incrementals-publisher/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /charts/rss2twitter/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/docker-registry/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/ipv6-lb-service/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/jenkins-jobs/tests/fixtures/folders_children.yaml: -------------------------------------------------------------------------------- 1 | jobsDefinition: 2 | parent-folder: 3 | name: Parent Folder 4 | description: This is the parent folder 5 | kind: folder 6 | children: 7 | child-folder-1: 8 | name: Child Folder 1 9 | description: This is the first sub-folder 10 | kind: folder 11 | child-folder-2: 12 | name: Child Folder 2 13 | description: This is the second sub-folder 14 | kind: folder 15 | -------------------------------------------------------------------------------- /charts/rsyncd/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | tests/ 25 | -------------------------------------------------------------------------------- /charts/wiki/tests/custom_values_test.yaml: -------------------------------------------------------------------------------- 1 | suite: Tests with custom values 2 | templates: 3 | - pdb.yaml 4 | values: 5 | - values/custom.yaml 6 | tests: 7 | - it: should ensure the pdb has correct spec 8 | asserts: 9 | - isKind: 10 | of: PodDisruptionBudget 11 | - equal: 12 | path: spec.minAvailable 13 | value: 2 14 | - equal: 15 | path: spec.selector.matchLabels['app.kubernetes.io/name'] 16 | value: "wiki" 17 | -------------------------------------------------------------------------------- /charts/artifact-caching-proxy/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/mirrorbits/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | tests/ 25 | -------------------------------------------------------------------------------- /charts/plugin-health-scoring/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/docker-registry/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | description: Docker Registry for Jenkins Infrastructure 3 | name: docker-registry 4 | type: application 5 | version: 1.0.0 6 | home: https://hub.docker.com/_/registry/ 7 | icon: https://helm.twun.io/docker-registry.png 8 | maintainers: 9 | - email: jenkins-infra-team@googlegroups.com 10 | name: Jenkins Infra Team 11 | url: https://www.jenkins.io/projects/infrastructure/ 12 | sources: 13 | - https://github.com/jenkins-infra/helm-charts 14 | -------------------------------------------------------------------------------- /charts/jenkins-kubernetes-agents/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/plugin-site/templates/service-backend.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "plugin-site.fullname" . }}-backend 5 | labels: 6 | {{- include "plugin-site.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - name: backend 11 | protocol: TCP 12 | targetPort: backend 13 | port: {{ .Values.backend.port }} 14 | selector: 15 | {{- include "plugin-site.selectorLabels" . | nindent 4}} 16 | -------------------------------------------------------------------------------- /charts/ldap/templates/certificate.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cert-manager.io/v1 2 | kind: Certificate 3 | metadata: 4 | name: ldap-tls 5 | spec: 6 | secretName: ldap-tls 7 | dnsNames: 8 | {{- range .Values.dnsNames }} 9 | - {{ . }} 10 | {{- end }} 11 | issuerRef: 12 | name: letsencrypt-prod 13 | # We can reference ClusterIssuers by changing the kind here. 14 | # The default value is Issuer (i.e. a locally namespaced Issuer) 15 | kind: ClusterIssuer 16 | group: cert-manager.io 17 | -------------------------------------------------------------------------------- /charts/nginx-website/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | 24 | values.local.yaml 25 | -------------------------------------------------------------------------------- /charts/plugin-site-issues/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "plugin-site-issues.fullname" . }} 5 | labels: 6 | {{- include "plugin-site-issues.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | {{- include "plugin-site-issues.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /charts/accountapp/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | 24 | values.local.yaml 25 | README.md -------------------------------------------------------------------------------- /charts/plugin-site/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | 24 | values.local.yaml 25 | README.md -------------------------------------------------------------------------------- /charts/rating/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "rating.fullname" . }} 5 | labels: 6 | {{ include "rating.labels" . | indent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | app.kubernetes.io/name: {{ include "rating.name" . }} 16 | app.kubernetes.io/instance: {{ .Release.Name }} 17 | -------------------------------------------------------------------------------- /charts/uplink/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "uplink.fullname" . }} 5 | labels: 6 | {{ include "uplink.labels" . | indent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: 3030 12 | protocol: TCP 13 | name: http 14 | selector: 15 | app.kubernetes.io/name: {{ include "uplink.name" . }} 16 | app.kubernetes.io/instance: {{ .Release.Name }} 17 | -------------------------------------------------------------------------------- /charts/acme/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for acme. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | # 5 | acme: 6 | id: "letsencrypt-prod" 7 | email: "" 8 | server: "https://acme-v02.api.letsencrypt.org/directory" 9 | 10 | # Secrets used for dns01 settings 11 | clientSecrets: 12 | - name: acme-test-secret 13 | value: "" 14 | 15 | # Accepts any values as defined here https://cert-manager.io/docs/configuration/acme/dns01/ 16 | dns01: {} 17 | -------------------------------------------------------------------------------- /charts/accountapp/tests/values/custom.yaml: -------------------------------------------------------------------------------- 1 | ldap: 2 | password: ldap-password 3 | jira: 4 | password: jira-password 5 | smtp: 6 | password: smtp-password 7 | image: 8 | pullPolicy: Always 9 | resources: 10 | limits: 11 | memory: 1024Mi 12 | requests: 13 | cpu: 500m 14 | replicaCount: 2 15 | poddisruptionbudget: 16 | minAvailable: 2 17 | maxUnavailable: 1 18 | podAnnotations: 19 | ad.datadoghq.com/accountapp.logs: | 20 | [ 21 | {"source":"java","service":"RELEASE-NAME"} 22 | ] 23 | -------------------------------------------------------------------------------- /charts/httpd/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "httpd.fullname" . }} 5 | labels: 6 | {{ include "httpd.labels" . | indent 4 }} 7 | spec: 8 | type: {{ .Values.service.files.type }} 9 | ports: 10 | - port: {{ .Values.service.files.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | app.kubernetes.io/name: {{ include "httpd.name" . }} 16 | app.kubernetes.io/instance: {{ .Release.Name }} 17 | -------------------------------------------------------------------------------- /charts/keycloak/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for keycloak. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | service: 6 | type: ClusterIP 7 | port: 80 8 | 9 | ingress: 10 | enabled: false 11 | className: "" 12 | annotations: {} 13 | # kubernetes.io/tls-acme: "true" 14 | hosts: 15 | - host: chart-example.local 16 | paths: [] 17 | tls: [] 18 | # - secretName: chart-example-tls 19 | # hosts: 20 | # - chart-example.local 21 | -------------------------------------------------------------------------------- /charts/plugin-health-scoring/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "plugin-health-scoring.fullname" . }} 5 | labels: 6 | {{- include "plugin-health-scoring.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | {{- include "plugin-health-scoring.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /charts/rss2twitter/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: {{ include "rss2twitter.fullname" . }} 5 | labels: 6 | {{- include "rss2twitter.labels" . | nindent 4 }} 7 | type: Opaque 8 | data: 9 | TWI_CONSUMER_KEY: {{ .Values.twitter.consumerKey | b64enc }} 10 | TWI_CONSUMER_SECRET: {{ .Values.twitter.consumerSecret | b64enc }} 11 | TWI_ACCESS_TOKEN: {{ .Values.twitter.accessToken | b64enc }} 12 | TWI_ACCESS_SECRET: {{ .Values.twitter.accessSecret | b64enc }} 13 | -------------------------------------------------------------------------------- /charts/accountapp/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "accountapp.fullname" . }} 5 | labels: {{ include "accountapp.labels" . | nindent 4 }} 6 | spec: 7 | type: {{ .Values.service.type }} 8 | ports: 9 | - name: http 10 | protocol: TCP 11 | targetPort: http 12 | port: {{ .Values.service.port }} 13 | selector: 14 | app.kubernetes.io/name: {{ include "accountapp.name" . }} 15 | app.kubernetes.io/instance: {{ .Release.Name }} 16 | -------------------------------------------------------------------------------- /charts/acme/templates/clusterIssuer.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cert-manager.io/v1 2 | kind: ClusterIssuer 3 | metadata: 4 | name: {{ .Values.acme.id }} 5 | spec: 6 | acme: 7 | email: {{ .Values.acme.email }} 8 | server: {{ .Values.acme.server }} 9 | privateKeySecretRef: 10 | # Secret resource used to store the account's private key. 11 | name: {{ .Values.acme.id }} 12 | {{- if .Values.acme.solvers }} 13 | solvers: 14 | {{- toYaml .Values.acme.solvers | nindent 4 }} 15 | {{- end }} 16 | -------------------------------------------------------------------------------- /charts/plugin-site/templates/service-frontend.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "plugin-site-frontend.fullname" . }} 5 | labels: 6 | {{- include "plugin-site-frontend.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - name: frontend 11 | protocol: TCP 12 | targetPort: frontend 13 | port: {{ .Values.frontend.port }} 14 | selector: 15 | {{- include "plugin-site-frontend.selectorLabels" . | nindent 4}} 16 | -------------------------------------------------------------------------------- /charts/jenkins-jobs/tests/fixtures/multibranch_customadvanced.yaml: -------------------------------------------------------------------------------- 1 | jobsDefinition: 2 | job-c: 3 | name: Job C 4 | githubCheckName: untrusted-ci 5 | enableGitHubChecks: true 6 | allowUntrustedChanges: true 7 | jenkinsfilePath: Jenkinsfile 8 | branchIncludes: "prod dev MR-*" 9 | branchExcludes: "excluded" 10 | disableTagDiscovery: true 11 | buildOnFirstIndexing: true 12 | orphanedItemStrategyDaysToKeep: 3 13 | orphanedItemStrategyNumToKeep: 10 14 | mergePrWithTargetRevision: true 15 | -------------------------------------------------------------------------------- /charts/jenkins/templates/cluster-admin.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.clusterAdminEnabled }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: cluster-admin 6 | --- 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: ClusterRoleBinding 9 | metadata: 10 | name: cluster-management 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: ClusterRole 14 | name: cluster-admin 15 | subjects: 16 | - kind: ServiceAccount 17 | name: cluster-admin 18 | namespace: {{ .Release.Namespace }} 19 | {{ end }} 20 | -------------------------------------------------------------------------------- /charts/nginx-website/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "nginx-website.fullname" . }} 5 | labels: {{ include "nginx-website.labels" . | nindent 4 }} 6 | spec: 7 | type: {{ .Values.service.type }} 8 | ports: 9 | - name: http 10 | protocol: TCP 11 | targetPort: http 12 | port: {{ .Values.service.port }} 13 | 14 | selector: 15 | app.kubernetes.io/name: {{ include "nginx-website.name" . }} 16 | app.kubernetes.io/instance: {{ .Release.Name }} 17 | -------------------------------------------------------------------------------- /charts/rating/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: {{ include "rating.fullname" . }} 5 | labels: 6 | {{ include "rating.labels" . | indent 4 }} 7 | stringData: 8 | dbconfig.php: | 9 | ` chart: `helm install my- jenkins-infra/` 14 | - To uninstall the chart: `helm delete my-` 15 | -------------------------------------------------------------------------------- /charts/mirrorbits/templates/persistentVolumeClaims.yaml: -------------------------------------------------------------------------------- 1 | {{ if and .Values.repository.persistentVolumeClaim.enabled (not (dig "global" "storage" "enabled" false .Values.AsMap)) -}} 2 | --- 3 | apiVersion: v1 4 | kind: PersistentVolumeClaim 5 | metadata: 6 | name: {{ include "mirrorbits.data-name" . }} 7 | spec: 8 | {{ toYaml .Values.repository.persistentVolumeClaim.spec | nindent 2 }} 9 | {{- end }} 10 | {{ if .Values.geoipdata.persistentData.enabled -}} 11 | --- 12 | apiVersion: v1 13 | kind: PersistentVolumeClaim 14 | metadata: 15 | name: {{ include "mirrorbits.geoipdata-name" . }} 16 | spec: 17 | accessModes: 18 | - ReadOnlyMany 19 | resources: 20 | requests: 21 | storage: {{ .Values.geoipdata.persistentData.capacity}} 22 | storageClassName: {{ .Values.geoipdata.persistentData.storageClassName}} 23 | volumeName: {{ include "mirrorbits.geoipdata-name" . }} 24 | {{- end }} 25 | -------------------------------------------------------------------------------- /charts/geoipupdates/tests/values/custom_geoipupdater.yaml: -------------------------------------------------------------------------------- 1 | geoipupdate: 2 | dryrun: true 3 | account_id: "myaccount" 4 | license_key: "mylicencekey" 5 | fileshare_client_id: "clientid" 6 | fileshare_client_secret: "clientsecret" 7 | fileshare_tenant_id: "tenantid" 8 | editions: "alleditions" 9 | storage_name: "mystoragename" 10 | storage_fileshare: "myfileshare" 11 | cron: '0 6 * * *' # default to every day at 6AM 12 | rolloutrestart: 13 | enable: true 14 | restarts: 15 | - namespace: updates-jenkins-io 16 | deployments: 17 | - updates-jenkins-io-content-secured-mirrorbits 18 | - updates-jenkins-io-content-unsecured-mirrorbits 19 | - namespace: get-jenkins-io 20 | deployments: 21 | - get-jenkins-io-mirrorbits 22 | podAnnotations: 23 | ad.datadoghq.com/geoipupdate.logs: | 24 | [ 25 | {"source":"geoipupdate","service":"RELEASE-NAME"} 26 | ] 27 | -------------------------------------------------------------------------------- /charts/jenkins-kubernetes-agents/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* https://helm.sh/docs/howto/charts_tips_and_tricks/ */}} 2 | {{- define "imagePullSecret" }} 3 | {{- with .Values.imageCredentials }} 4 | {{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }} 5 | {{- end }} 6 | {{- end }} 7 | 8 | {{- define "jenkins.serviceAccountName" -}} 9 | {{- if .Values.existingServiceAccount -}} 10 | {{- splitList ":" .Values.existingServiceAccount | last -}} 11 | {{- else -}} 12 | {{- "jenkins-agent" -}} 13 | {{- end -}} 14 | {{- end -}} 15 | 16 | {{- define "jenkins.serviceAccountNamespace" -}} 17 | {{- if .Values.existingServiceAccount -}} 18 | {{- splitList ":" .Values.existingServiceAccount | first -}} 19 | {{- else -}} 20 | {{- .Release.Namespace -}} 21 | {{- end -}} 22 | {{- end -}} 23 | -------------------------------------------------------------------------------- /charts/ldap/README.md: -------------------------------------------------------------------------------- 1 | # README 2 | 3 | This helm chart installs the jenkins infrastructure ldap service (ldap.jenkins.io) and is designed to be working with the [jenkins-infra/ldap](https://github.com/jenkins-infra/ldap) docker image. 4 | 5 | - [Docker](https://github.com/jenkins-infra/ldap) 6 | - [DockerHub](https://hub.docker.com/r/jenkinsciinfra/ldap) 7 | - [IEP](https://github.com/jenkins-infra/iep/tree/master/iep-008) 8 | 9 | 10 | ## Running this yourself 11 | 12 | `helmfile -f helmfile.d/ldap.yaml apply` 13 | 14 | ### Minikube gotchas 15 | 16 | Require `socat` and `cifs-utils` to mount azure file storage in Minikube 17 | 18 | Once deployed, you can restore the latest backup by running 19 | `kubectl exec -i -t -n ldap -c slapd ldap-0 /entrypoint/restore` 20 | 21 | If you don't have access to our azure file storage, you can still test this helm chart using a mock database similar to this [one](https://github.com/jenkins-infra/ldap/blob/master/mock.ldif) 22 | -------------------------------------------------------------------------------- /charts/nginx-website/templates/nginx-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ include "nginx-website.fullname" . }} 5 | labels: {{ include "nginx-website.labels" . | nindent 4 }} 6 | data: 7 | default.conf: | 8 | # default.conf 9 | {{ if .Values.nginx.httpDirectives }} 10 | {{ .Values.nginx.httpDirectives | indent 4 }} 11 | {{ end }} 12 | server { 13 | listen {{ .Values.service.port }}; 14 | server_name {{ .Values.nginx.serverName }}; 15 | {{- if .Values.nginx.overrideLocations }} 16 | {{ .Values.nginx.overrideLocations | indent 6 }} 17 | {{- else }} 18 | location / { 19 | root {{ .Values.nginx.slashLocation.root }}; 20 | index {{ .Values.nginx.slashLocation.index }}; 21 | autoindex {{ .Values.nginx.slashLocation.autoindex }}; 22 | {{- with .Values.nginx.slashLocation.tryFiles }} 23 | try_files {{ . }}; 24 | {{- end }} 25 | } 26 | {{- end }} 27 | } 28 | -------------------------------------------------------------------------------- /charts/rss2twitter/tests/custom_values_test.yaml: -------------------------------------------------------------------------------- 1 | suite: Test with custom values 2 | templates: 3 | - _helper.tpl 4 | - deployment.yaml 5 | - exclusion-patterns-configmap.yaml 6 | - secret.yaml 7 | tests: 8 | - it: should create a Secret with the correct value 9 | set: 10 | twitter: 11 | consumerKey: consumer-key 12 | consumerSecret: consumer-secret 13 | accessToken: access-token 14 | accessSecret: access-secret 15 | template: secret.yaml 16 | asserts: 17 | - hasDocuments: 18 | count: 1 19 | - isKind: 20 | of: Secret 21 | - equal: 22 | path: data.TWI_CONSUMER_KEY 23 | value: Y29uc3VtZXIta2V5 24 | - equal: 25 | path: data.TWI_CONSUMER_SECRET 26 | value: Y29uc3VtZXItc2VjcmV0 27 | - equal: 28 | path: data.TWI_ACCESS_TOKEN 29 | value: YWNjZXNzLXRva2Vu 30 | - equal: 31 | path: data.TWI_ACCESS_SECRET 32 | value: YWNjZXNzLXNlY3JldA== 33 | -------------------------------------------------------------------------------- /charts/plugin-site/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ include "plugin-site.fullname" . }} 6 | labels: 7 | {{ include "plugin-site.labels" . | indent 4 }} 8 | type: Opaque 9 | data: 10 | github_app_id: {{ required "github.appId is required" .Values.github.appId | toString | b64enc }} 11 | github_app_key: {{ required "github.appPrivateKey is required" .Values.github.appPrivateKey | toString | b64enc }} 12 | jira_username: {{ required "jira.username is required" .Values.jira.username | b64enc }} 13 | jira_password: {{ required "jira.password is required" .Values.jira.password | b64enc }} 14 | {{ if .Values.azureStorageAccountName }} 15 | azurestorageaccountname: {{ .Values.azureStorageAccountName | b64enc }} 16 | {{- end }} 17 | {{ if .Values.azureStorageAccountKey }} 18 | azurestorageaccountkey: {{ .Values.azureStorageAccountKey | b64enc }} 19 | {{- end }} 20 | {{- if .Values.sentry.dsn }} 21 | sentry_dsn: {{ .Values.sentry.dsn | b64enc }} 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /charts/rsyncd/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "rsyncd.fullname" . }} 5 | labels: 6 | {{ include "rsyncd.labels" . | indent 4 }} 7 | {{- with .Values.service.annotations }} 8 | annotations: 9 | {{- toYaml . | nindent 4 }} 10 | {{- end }} 11 | spec: 12 | type: {{ .Values.service.type }} 13 | {{- if eq .Values.service.type "LoadBalancer" }} 14 | {{- with .Values.service.LoadBalancerIP }} 15 | loadBalancerIP: {{ . }} 16 | {{- end }} 17 | {{- with .Values.service.whitelistedSources }} 18 | loadBalancerSourceRanges: 19 | {{- range . }} 20 | - {{ . | quote }} 21 | {{- end }} 22 | {{- end }} 23 | {{- end }} 24 | ports: 25 | - port: {{ include "rsyncd.service.port" . }} 26 | targetPort: {{ include "rsyncd.port" . }} 27 | protocol: TCP 28 | name: {{ .Values.configuration.rsyncdDaemon }} 29 | selector: 30 | app.kubernetes.io/name: {{ include "rsyncd.name" . }} 31 | app.kubernetes.io/instance: {{ .Release.Name }} 32 | -------------------------------------------------------------------------------- /charts/mirrorbits/templates/persistentVolumes.yaml: -------------------------------------------------------------------------------- 1 | {{ if and .Values.repository.persistentVolume.enabled (not (dig "global" "storage" "enabled" false .Values.AsMap)) -}} 2 | --- 3 | apiVersion: v1 4 | kind: PersistentVolume 5 | metadata: 6 | name: {{ include "mirrorbits.data-name" . }} 7 | labels: 8 | data: {{ include "mirrorbits.data-name" . }} 9 | spec: 10 | {{ toYaml .Values.repository.persistentVolume.spec | nindent 2 }} 11 | {{- end }} 12 | {{ if .Values.geoipdata.persistentData.enabled -}} 13 | --- 14 | apiVersion: v1 15 | kind: PersistentVolume 16 | metadata: 17 | name: {{ include "mirrorbits.geoipdata-name" . }} 18 | labels: 19 | data: {{ include "mirrorbits.geoipdata-name" . }} 20 | spec: 21 | accessModes: 22 | - ReadOnlyMany 23 | capacity: 24 | storage: {{ .Values.geoipdata.persistentData.capacity}} 25 | {{- with .Values.geoipdata.persistentData.csi}} 26 | csi: 27 | {{- toYaml . | nindent 4 -}} 28 | {{- end }} 29 | persistentVolumeReclaimPolicy: Retain 30 | storageClassName: {{ .Values.geoipdata.persistentData.storageClassName}} 31 | {{- end }} 32 | -------------------------------------------------------------------------------- /charts/rsyncd/tests/values/custom_rsyncd.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | pullPolicy: Always 3 | podSecurityContext: 4 | fsGroup: 2000 5 | containerSecurityContext: 6 | runAsNonRoot: true 7 | nodeSelector: 8 | os: windows-2022 9 | affinity: 10 | podAntiAffinity: 11 | foo: bar 12 | tolerations: 13 | - key: "kubernetes.io/arch" 14 | operator: "Equal" 15 | value: "arm64" 16 | effect: "NoSchedule" 17 | resources: 18 | limits: 19 | cpu: 500m 20 | requests: 21 | memory: 1024Mi 22 | port: 9999 23 | service: 24 | type: LoadBalancer 25 | LoadBalancerIP: 1.2.3.4 26 | whitelistedSources: 27 | - 52.167.253.43/32 28 | - 52.202.51.185/32 29 | annotations: 30 | service.beta.kubernetes.io/azure-load-balancer-internal: "true" 31 | configuration: 32 | components: 33 | - name: jenkins 34 | path: /rsyncd/data/jenkins 35 | comment: "Jenkins Read-Only Mirror" 36 | volume: 37 | persistentVolumeClaim: 38 | claimName: super-pvc 39 | - name: hudson 40 | path: /tmp/hudson 41 | comment: "Hudson Read-Only Mirror" 42 | volumeTpl: "another-vol" 43 | volumeSubDir: ./foo/ 44 | writeEnabled: true 45 | -------------------------------------------------------------------------------- /charts/maven-cacher/tests/values/custom.yaml: -------------------------------------------------------------------------------- 1 | nodeSelector: 2 | kubernetes.io/arch: arm64 3 | jenkins: ci.jenkins.io 4 | role: applications 5 | 6 | tolerations: 7 | - key: "ci.jenkins.io/applications" 8 | operator: "Equal" 9 | value: "true" 10 | effect: "NoSchedule" 11 | 12 | resources: 13 | limits: 14 | # No CPU limit to avoid throttling 15 | memory: 1024Mi 16 | requests: 17 | cpu: 2 18 | memory: 1024Mi 19 | 20 | podSecurityContext: 21 | runAsUser: 1001 # User 'jenkins' 22 | runAsGroup: 1001 # Group 'jenkins' 23 | runAsNonRoot: true 24 | 25 | containerSecurityContext: 26 | readOnlyRootFilesystem: true 27 | allowPrivilegeEscalation: false 28 | capabilities: 29 | drop: 30 | - ALL 31 | 32 | cachePvc: ci-jenkins-io-maven-cache 33 | 34 | javaHome: /opt/jdk-21 35 | mavenMirror: 36 | enable: true 37 | # TODO: track with updatecli 38 | url: http://k8s-artifact-artifact-f340ad86c3-70787fedaeca6b4d.elb.us-east-2.amazonaws.com:8080/ 39 | # TODO: track with updatecli 40 | mirrorOf: "external:*,!chimera-releases,!chimera-snapshots,!atlassian-public,!org.zowe.sdk,!jitpack.io,!space-maven" 41 | mirrorId: artifact-caching-proxy 42 | -------------------------------------------------------------------------------- /charts/artifact-caching-proxy/tests/proxy_cache_bypass_test.yaml: -------------------------------------------------------------------------------- 1 | suite: Tests using proxyBypass 2 | templates: 3 | - nginx-proxy-configmap.yaml 4 | tests: 5 | - it: Should include proxy_cache_bypass 6 | template: nginx-proxy-configmap.yaml 7 | set: 8 | proxy: 9 | proxyBypass: 10 | enabled: true 11 | asserts: 12 | - hasDocuments: 13 | count: 1 14 | - isKind: 15 | of: ConfigMap 16 | - matchRegex: 17 | path: data["vhost-proxy.conf"] 18 | pattern: proxy_cache_bypass 19 | - matchRegex: 20 | path: data["vhost-proxy.conf"] 21 | pattern: set \$bypass 0; 22 | 23 | - it: Should NOT include proxy_cache_bypass 24 | template: nginx-proxy-configmap.yaml 25 | set: 26 | proxy: 27 | proxyBypass: 28 | enabled: false 29 | asserts: 30 | - hasDocuments: 31 | count: 1 32 | - isKind: 33 | of: ConfigMap 34 | - notMatchRegex: 35 | path: data["vhost-proxy.conf"] 36 | pattern: proxy_cache_bypass 37 | - notMatchRegex: 38 | path: data["vhost-proxy.conf"] 39 | pattern: set \$bypass 0; 40 | -------------------------------------------------------------------------------- /charts/keycloak/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: keycloak 3 | description: Non Admin keycloak interface 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.1.3 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | appVersion: 1.16.0 24 | -------------------------------------------------------------------------------- /charts/mirrorbits/templates/services.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ include "mirrorbits.fullname" . }} 6 | labels: 7 | {{ include "mirrorbits.labels" . | indent 4 }} 8 | spec: 9 | type: {{ .Values.service.type }} 10 | ports: 11 | - port: {{ .Values.service.port }} 12 | targetPort: {{ .Values.config.port }} 13 | protocol: TCP 14 | name: http 15 | selector: 16 | app.kubernetes.io/name: {{ include "mirrorbits.name" . }} 17 | app.kubernetes.io/instance: {{ .Release.Name }} 18 | {{- if .Values.cli.enabled }} 19 | --- 20 | apiVersion: v1 21 | kind: Service 22 | metadata: 23 | name: {{ include "mirrorbits.fullname" . }}-cli 24 | labels: 25 | {{ include "mirrorbits.labels" . | indent 4 }} 26 | {{- with .Values.cli.service.annotations }} 27 | annotations: 28 | {{- toYaml . | nindent 4 }} 29 | {{- end }} 30 | spec: 31 | type: {{ .Values.cli.service.type }} 32 | ports: 33 | - port: {{ .Values.cli.port }} 34 | targetPort: {{ .Values.cli.port }} 35 | protocol: TCP 36 | name: cli 37 | selector: 38 | app.kubernetes.io/name: {{ include "mirrorbits.name" . }} 39 | app.kubernetes.io/instance: {{ .Release.Name }} 40 | {{- end }} 41 | -------------------------------------------------------------------------------- /charts/incrementals-publisher/tests/defaults_test.yaml: -------------------------------------------------------------------------------- 1 | suite: Default values 2 | templates: 3 | - deployment.yaml 4 | - secret.yaml # dependency of deployment.yaml 5 | tests: 6 | - it: should create a secret with default values 7 | template: secret.yaml 8 | asserts: 9 | - hasDocuments: 10 | count: 1 11 | - it: should define a deployment with the default settings 12 | template: deployment.yaml 13 | asserts: 14 | - hasDocuments: 15 | count: 1 16 | - isKind: 17 | of: Deployment 18 | - equal: 19 | path: metadata.labels["app.kubernetes.io/name"] 20 | value: incrementals-publisher 21 | - contains: 22 | path: spec.template.spec.containers[0].env 23 | content: 24 | name: PRESHARED_KEY 25 | valueFrom: 26 | secretKeyRef: 27 | key: preshared_key 28 | name: RELEASE-NAME-incrementals-publisher 29 | any: true 30 | - notContains: 31 | path: spec.template.spec.containers[0].env 32 | content: 33 | name: PERMISSIONS_URL 34 | any: true 35 | - notExists: 36 | path: spec.template.metadata.annotations 37 | -------------------------------------------------------------------------------- /charts/accountapp/tests/defaults_test.yaml: -------------------------------------------------------------------------------- 1 | suite: default tests 2 | templates: 3 | - deployment.yaml 4 | - ingress.yaml 5 | - secret.yaml # Direct dependency of deployment.yaml 6 | - pdb.yaml 7 | tests: 8 | - it: should create an ingress by default 9 | template: ingress.yaml 10 | asserts: 11 | - hasDocuments: 12 | count: 1 13 | - it: should define the default deployment with default imagePullPolicy 14 | template: deployment.yaml 15 | asserts: 16 | - hasDocuments: 17 | count: 1 18 | - isKind: 19 | of: Deployment 20 | - equal: 21 | path: spec.template.spec.containers[0].imagePullPolicy 22 | value: IfNotPresent 23 | - notExists: 24 | path: spec.template.spec.containers[0].resources 25 | - equal: 26 | path: metadata.labels["app.kubernetes.io/name"] 27 | value: accountapp 28 | - equal: 29 | path: metadata.labels["app.kubernetes.io/managed-by"] 30 | value: Helm 31 | - notExists: 32 | path: spec.template.metadata.annotations 33 | - it: should not generate any pdb with default values 34 | template: pdb.yaml 35 | asserts: 36 | - hasDocuments: 37 | count: 0 38 | -------------------------------------------------------------------------------- /charts/nginx-website/tests/values/custom-locations.yaml: -------------------------------------------------------------------------------- 1 | nginx: 2 | overrideLocations: | 3 | location /starwars { 4 | root /dark/force/; 5 | index yoloo.html; 6 | autoindex off; 7 | } 8 | location /statistics { 9 | root /usr/share/nginx/html; 10 | index index.html index.htm; 11 | autoindex on; 12 | try_files $uri /index.html; 13 | } 14 | location /plugin-trends { 15 | root /usr/share/nginx/html; 16 | index index.html index.htm; 17 | autoindex on; 18 | try_files $uri /index.html; 19 | } 20 | location /plugin-versions { 21 | root /usr/share/nginx/html; 22 | index index.html index.htm; 23 | autoindex on; 24 | try_files $uri /index.html; 25 | } 26 | location /dep-graph { 27 | root /usr/share/nginx/html; 28 | index index.html index.htm; 29 | autoindex on; 30 | try_files $uri /index.html; 31 | } 32 | location / { 33 | root /usr/share/nginx/html; 34 | index index.html index.htm; 35 | autoindex on; 36 | } 37 | podAnnotations: 38 | ad.datadoghq.com/phs.logs: | 39 | [ 40 | {"source":"java","service":"RELEASE-NAME"} 41 | ] 42 | -------------------------------------------------------------------------------- /charts/uplink/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "uplink.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | apiVersion: networking.k8s.io/v1 5 | kind: Ingress 6 | metadata: 7 | name: {{ $fullName }} 8 | labels: 9 | {{ include "uplink.labels" . | indent 4 }} 10 | {{- with .Values.ingress.annotations }} 11 | annotations: 12 | {{- toYaml . | nindent 4 }} 13 | {{- end }} 14 | spec: 15 | {{- if .Values.ingress.className }} 16 | ingressClassName: {{ .Values.ingress.className }} 17 | {{- end }} 18 | {{- if .Values.ingress.tls }} 19 | tls: 20 | {{- range .Values.ingress.tls }} 21 | - hosts: 22 | {{- range .hosts }} 23 | - {{ . | quote }} 24 | {{- end }} 25 | secretName: {{ .secretName }} 26 | {{- end }} 27 | {{- end }} 28 | rules: 29 | {{- range .Values.ingress.hosts }} 30 | - host: {{ .host | quote }} 31 | http: 32 | paths: 33 | {{- range .paths }} 34 | - path: {{ .path }} 35 | pathType: Prefix 36 | backend: 37 | service: 38 | name: {{ $fullName }} 39 | port: 40 | number: {{ $svcPort }} 41 | {{- end }} 42 | {{- end }} 43 | {{- end }} 44 | -------------------------------------------------------------------------------- /charts/rating/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "rating.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | apiVersion: networking.k8s.io/v1 5 | kind: Ingress 6 | metadata: 7 | name: {{ $fullName }} 8 | labels: 9 | {{ include "rating.labels" . | indent 4 }} 10 | {{- with .Values.ingress.annotations }} 11 | annotations: 12 | {{- toYaml . | nindent 4 }} 13 | {{- end }} 14 | spec: 15 | {{- if .Values.ingress.className }} 16 | ingressClassName: {{ .Values.ingress.className | lower}} 17 | {{- end }} 18 | {{- if .Values.ingress.tls }} 19 | tls: 20 | {{- range .Values.ingress.tls }} 21 | - hosts: 22 | {{- range .hosts }} 23 | - {{ . | quote }} 24 | {{- end }} 25 | secretName: {{ .secretName }} 26 | {{- end }} 27 | {{- end }} 28 | rules: 29 | {{- range .Values.ingress.hosts }} 30 | - host: {{ .host | quote }} 31 | http: 32 | paths: 33 | {{- range .paths }} 34 | - path: {{ .path }} 35 | pathType: Prefix 36 | backend: 37 | service: 38 | name: {{ $fullName }} 39 | port: 40 | number: {{ $svcPort }} 41 | {{- end }} 42 | {{- end }} 43 | {{- end }} 44 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/helm-unittest.yaml: -------------------------------------------------------------------------------- 1 | name: Bump `helm-unittest` helm plugin version 2 | 3 | scms: 4 | default: 5 | kind: github 6 | spec: 7 | user: "{{ .github.user }}" 8 | email: "{{ .github.email }}" 9 | owner: "{{ .github.owner }}" 10 | repository: "{{ .github.repository }}" 11 | token: "{{ requiredEnv .github.token }}" 12 | username: "{{ .github.username }}" 13 | branch: "{{ .github.branch }}" 14 | 15 | sources: 16 | latestRelease: 17 | kind: githubrelease 18 | name: "Get latest helm-unittest/helm-unittest release" 19 | spec: 20 | owner: "helm-unittest" 21 | repository: "helm-unittest" 22 | token: "{{ requiredEnv .github.token }}" 23 | username: "{{ .github.username }}" 24 | 25 | targets: 26 | updateChart: 27 | name: Update helm-unittest version in the GitHub Action workflow 28 | kind: yaml 29 | scmid: default 30 | spec: 31 | file: .github/workflows/test.yml 32 | key: $.env.UNITTEST_VERSION 33 | 34 | actions: 35 | default: 36 | kind: github/pullrequest 37 | scmid: default 38 | title: Bump `helm-unittest` helm plugin version to {{ source "latestRelease" }} 39 | spec: 40 | labels: 41 | - dependencies 42 | - helm-unittest 43 | -------------------------------------------------------------------------------- /charts/accountapp/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "accountapp.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | apiVersion: networking.k8s.io/v1 5 | kind: Ingress 6 | metadata: 7 | name: {{ $fullName }} 8 | labels: 9 | {{ include "accountapp.labels" . | indent 4 }} 10 | {{- with .Values.ingress.annotations }} 11 | annotations: 12 | {{- toYaml . | nindent 4 }} 13 | {{- end }} 14 | spec: 15 | {{- if .Values.ingress.className }} 16 | ingressClassName: {{ .Values.ingress.className }} 17 | {{- end }} 18 | {{- if .Values.ingress.tls }} 19 | tls: 20 | {{- range .Values.ingress.tls }} 21 | - hosts: 22 | {{- range .hosts }} 23 | - {{ . | quote }} 24 | {{- end }} 25 | secretName: {{ .secretName }} 26 | {{- end }} 27 | {{- end }} 28 | rules: 29 | {{- range .Values.ingress.hosts }} 30 | - host: {{ .host | quote }} 31 | http: 32 | paths: 33 | {{- range .paths }} 34 | - path: {{ .path }} 35 | pathType: Prefix 36 | backend: 37 | service: 38 | name: {{ $fullName }} 39 | port: 40 | number: {{ $svcPort }} 41 | {{- end }} 42 | {{- end }} 43 | {{- end }} 44 | -------------------------------------------------------------------------------- /charts/nginx-website/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "nginx-website.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | apiVersion: networking.k8s.io/v1 5 | kind: Ingress 6 | metadata: 7 | name: {{ $fullName }} 8 | labels: 9 | {{ include "nginx-website.labels" . | indent 4 }} 10 | {{- with .Values.ingress.annotations }} 11 | annotations: 12 | {{- toYaml . | nindent 4 }} 13 | {{- end }} 14 | spec: 15 | {{- if .Values.ingress.className }} 16 | ingressClassName: {{ .Values.ingress.className }} 17 | {{- end }} 18 | {{- if .Values.ingress.tls }} 19 | tls: 20 | {{- range .Values.ingress.tls }} 21 | - hosts: 22 | {{- range .hosts }} 23 | - {{ . | quote }} 24 | {{- end }} 25 | secretName: {{ .secretName }} 26 | {{- end }} 27 | {{- end }} 28 | rules: 29 | {{- range .Values.ingress.hosts }} 30 | - host: {{ .host | quote }} 31 | http: 32 | paths: 33 | {{- range .paths }} 34 | - path: {{ .path }} 35 | pathType: Prefix 36 | backend: 37 | service: 38 | name: {{ $fullName }} 39 | port: 40 | number: {{ $svcPort }} 41 | {{- end }} 42 | {{- end }} 43 | {{- end }} 44 | -------------------------------------------------------------------------------- /charts/plugin-site-issues/tests/defaults_values_test.yaml: -------------------------------------------------------------------------------- 1 | suite: Test with default values 2 | templates: 3 | - deployment.yaml 4 | - ingress.yaml 5 | - secret.yaml # Direct dependency of deployment-backend.yaml 6 | set: 7 | # TODO: these values should be required here 8 | # Ref. https://github.com/jenkins-infra/helm-charts/issues/660 9 | github: 10 | appId: foo 11 | appPrivateKey: bar 12 | jira: 13 | username: foo 14 | password: bar 15 | tests: 16 | - it: should not create an ingress by default 17 | template: ingress.yaml 18 | asserts: 19 | - hasDocuments: 20 | count: 0 21 | - it: should define the default frontend deployment with default imagePullPolicy 22 | template: deployment.yaml 23 | asserts: 24 | - hasDocuments: 25 | count: 1 26 | - isKind: 27 | of: Deployment 28 | - equal: 29 | path: spec.template.spec.containers[0].imagePullPolicy 30 | value: IfNotPresent 31 | - equal: 32 | path: metadata.labels["app.kubernetes.io/name"] 33 | value: plugin-site-issues 34 | - equal: 35 | path: metadata.labels["app.kubernetes.io/managed-by"] 36 | value: Helm 37 | - notExists: 38 | path: spec.template.metadata.annotations 39 | -------------------------------------------------------------------------------- /charts/ldap/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if contains "NodePort" .Values.service.type }} 3 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ldap.fullname" . }}) 4 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 5 | echo http://$NODE_IP:$NODE_PORT 6 | {{- else if contains "LoadBalancer" .Values.service.type }} 7 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 8 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ldap.fullname" . }}' 9 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ldap.fullname" . }} ) 10 | echo http://$SERVICE_IP:{{ .Values.service.port }} 11 | {{- else if contains "ClusterIP" .Values.service.type }} 12 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ldap.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 13 | echo "Visit http://127.0.0.1:639 to use your application" 14 | kubectl port-forward $POD_NAME 636:636 15 | {{- end }} 16 | -------------------------------------------------------------------------------- /charts/incrementals-publisher/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "incrementals-publisher.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | apiVersion: networking.k8s.io/v1 5 | kind: Ingress 6 | metadata: 7 | name: {{ $fullName }} 8 | labels: 9 | {{ include "incrementals-publisher.labels" . | indent 4 }} 10 | {{- with .Values.ingress.annotations }} 11 | annotations: 12 | {{- toYaml . | nindent 4 }} 13 | {{- end }} 14 | spec: 15 | {{- if .Values.ingress.className }} 16 | ingressClassName: {{ .Values.ingress.className }} 17 | {{- end }} 18 | {{- if .Values.ingress.tls }} 19 | tls: 20 | {{- range .Values.ingress.tls }} 21 | - hosts: 22 | {{- range .hosts }} 23 | - {{ . | quote }} 24 | {{- end }} 25 | secretName: {{ .secretName }} 26 | {{- end }} 27 | {{- end }} 28 | rules: 29 | {{- range .Values.ingress.hosts }} 30 | - host: {{ .host | quote }} 31 | http: 32 | paths: 33 | {{- range .paths }} 34 | - path: {{ .path }} 35 | pathType: Prefix 36 | backend: 37 | service: 38 | name: {{ $fullName }} 39 | port: 40 | number: {{ $svcPort }} 41 | {{- end }} 42 | {{- end }} 43 | {{- end }} 44 | -------------------------------------------------------------------------------- /charts/uplink/README.adoc: -------------------------------------------------------------------------------- 1 | = Uplink 2 | 3 | image:https://ci.jenkins.io/job/Infra/job/uplink/job/master/badge/icon?style=plastic[link="https://ci.jenkins.io/blue/organizations/jenkins/Infra%2Fuplink/branches"] 4 | 5 | This helm chart deploys a simple web application to receive short bursts of anonymous telemetry data from Jenkins instances. 6 | 7 | == Running this yourself 8 | 9 | [source,bash] 10 | ---- 11 | helm install -f values.yaml -f values.local.yaml --name uplink . 12 | ---- 13 | 14 | [source,bash] 15 | ---- 16 | helm upgrade -f values.yaml -f values.local.yaml uplink . 17 | ---- 18 | 19 | You need to define some configuration locally in a separate values file 20 | 21 | Here's an example `values.local.yaml` file: 22 | 23 | [source,bash] 24 | ---- 25 | client: 26 | id: 27 | secret: 28 | sentry: 29 | dsn: https://XXX@sentry.io/YYY 30 | postgresql: 31 | url: postgres://username:password@postgres.example.com:5432/database 32 | 33 | ingress: 34 | enabled: true 35 | annotations: 36 | nginx.ingress.kubernetes.io/rewrite-target: /$1 37 | hosts: 38 | - host: plugins-local.jenkins.io 39 | ---- 40 | 41 | == Link 42 | 43 | * https://github.com/jenkins-infra/uplink/blob/master/README.adoc[Repository] 44 | * https://hub.docker.com/r/jenkinsciinfra/uplink[Docker] 45 | -------------------------------------------------------------------------------- /charts/jenkins/values.yaml: -------------------------------------------------------------------------------- 1 | # Default helm value https://github.com/jenkinsci/helm-charts/blob/main/charts/jenkins/values.yaml 2 | clusterAdminEnabled: false 3 | jenkins: 4 | rbac: 5 | create: true 6 | readSecrets: true 7 | persistence: 8 | enabled: true 9 | size: 50Gi 10 | volumes: 11 | - name: jenkins-secrets 12 | secret: 13 | secretName: jenkins-secrets 14 | mounts: 15 | - name: jenkins-secrets 16 | mountPath: /var/jenkins_secrets 17 | readOnly: true 18 | controller: 19 | probes: 20 | startupProbe: 21 | initialDelaySeconds: 120 22 | livenessProbe: 23 | initialDelaySeconds: 120 24 | readinessProbe: 25 | initialDelaySeconds: 120 26 | testEnabled: false 27 | image: jenkinsciinfra/jenkins-weekly 28 | tag: 0.28.4-2.319 29 | ingress: 30 | apiVersion: networking.k8s.io/v1 31 | runAsUser: 1000 32 | fsGroup: 1000 33 | containerEnv: 34 | - name: SECRETS 35 | value: /var/jenkins_secrets 36 | overwritePlugins: true 37 | secretsFilesSecret: 'jenkins-secrets' 38 | serviceType: "ClusterIP" 39 | serviceAccount: 40 | create: true 41 | name: jenkins-controller 42 | serviceAccountAgent: 43 | create: true 44 | name: jenkins-agent 45 | networkPolicy: 46 | enabled: true 47 | -------------------------------------------------------------------------------- /charts/plugin-health-scoring/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "plugin-health-scoring.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | apiVersion: networking.k8s.io/v1 5 | kind: Ingress 6 | metadata: 7 | name: {{ $fullName }} 8 | labels: 9 | {{- include "plugin-health-scoring.labels" . | nindent 4 }} 10 | {{- with .Values.ingress.annotations }} 11 | annotations: 12 | {{- toYaml . | nindent 4 }} 13 | {{- end }} 14 | spec: 15 | {{- if .Values.ingress.className }} 16 | ingressClassName: {{ .Values.ingress.className | lower}} 17 | {{- end }} 18 | {{- if .Values.ingress.tls }} 19 | tls: 20 | {{- range .Values.ingress.tls }} 21 | - hosts: 22 | {{- range .hosts }} 23 | - {{ . | quote }} 24 | {{- end }} 25 | secretName: {{ .secretName }} 26 | {{- end }} 27 | {{- end }} 28 | rules: 29 | {{- range .Values.ingress.hosts }} 30 | - host: {{ .host | quote }} 31 | http: 32 | paths: 33 | {{- range .paths }} 34 | - path: {{ .path }} 35 | pathType: Prefix 36 | backend: 37 | service: 38 | name: {{ $fullName }} 39 | port: 40 | number: {{ $svcPort }} 41 | {{- end }} 42 | {{- end }} 43 | {{- end }} 44 | -------------------------------------------------------------------------------- /charts/plugin-health-scoring/tests/custom_values_test.yaml: -------------------------------------------------------------------------------- 1 | suite: custom values 2 | templates: 3 | - deployment.yaml 4 | - service.yaml 5 | - ingress.yaml 6 | - secret.yaml 7 | values: 8 | - values/custom.yaml 9 | tests: 10 | - it: should generate a deployment with custom setup 11 | template: deployment.yaml 12 | asserts: 13 | - hasDocuments: 14 | count: 1 15 | - isKind: 16 | of: Deployment 17 | - equal: 18 | path: spec.template.metadata.annotations["ad.datadoghq.com/phs.logs"] 19 | value: | 20 | [ 21 | {"source":"java","service":"RELEASE-NAME"} 22 | ] 23 | - it: should generate a secret with custom values 24 | template: secret.yaml 25 | asserts: 26 | - hasDocuments: 27 | count: 1 28 | - isKind: 29 | of: Secret 30 | - equal: 31 | path: metadata.name 32 | value: RELEASE-NAME-plugin-health-scoring 33 | - equal: 34 | path: data.databasePassword 35 | value: UGxlYXNlRG9Ob3RVc2VXZWFrUGFzc3dvcmRz # echo 'UGxlYXNlRG9Ob3RVc2VXZWFrUGFzc3dvcmRz' | base64 -d => 'PleaseDoNotUseWeakPasswords' 36 | - equal: 37 | path: data.githubAppPrivateKey 38 | value: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tIGJsYWJsYWJsYWJsYSAtLS0tLUJFR0lOIFBSSVZBVEUgS0VZLS0tLS0= 39 | -------------------------------------------------------------------------------- /charts/incrementals-publisher/README.md: -------------------------------------------------------------------------------- 1 | incrementals-publisher 2 | ====================== 3 | incrementals-publisher 4 | 5 | Current chart version is `0.1.0` 6 | 7 | ## Chart Values 8 | 9 | | Key | Type | Default | Description | 10 | |-----|------|---------|-------------| 11 | | affinity | object | `{}` | | 12 | | artifactory.key | string | `""` | key to upload to artifactory | 13 | | fullnameOverride | string | `""` | | 14 | | github.token | string | `""` | token to update github checks and look up commits | 15 | | image.pullPolicy | string | `"IfNotPresent"` | | 16 | | image.repository | string | `"halkeye/incrementals-publisher"` | | 17 | | image.tag | string | `"latest"` | | 18 | | imagePullSecrets | list | `[]` | | 19 | | ingress.annotations | object | `{}` | | 20 | | ingress.enabled | bool | `false` | | 21 | | ingress.hosts[0].host | string | `"chart-example.local"` | | 22 | | ingress.tls | list | `[]` | | 23 | | jenkins.auth | string | `""` | username:accesskey to talk to jenkins apis to pull build metadata | 24 | | nameOverride | string | `""` | | 25 | | nodeSelector | object | `{}` | | 26 | | podSecurityContext | object | `{}` | | 27 | | replicaCount | int | `1` | | 28 | | resources | object | `{}` | | 29 | | securityContext | object | `{}` | | 30 | | service.port | int | `8080` | | 31 | | service.type | string | `"ClusterIP"` | | 32 | | tolerations | list | `[]` | | 33 | -------------------------------------------------------------------------------- /charts/plugin-site/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "plugin-site.fullname" . -}} 3 | {{- $paths := .Values.ingress.paths -}} 4 | apiVersion: networking.k8s.io/v1 5 | kind: Ingress 6 | metadata: 7 | name: {{ $fullName }} 8 | labels: 9 | {{ include "plugin-site.labels" . | indent 4 }} 10 | {{- with .Values.ingress.annotations }} 11 | annotations: 12 | {{- toYaml . | nindent 4 }} 13 | {{- end }} 14 | spec: 15 | {{- if .Values.ingress.className }} 16 | ingressClassName: {{ .Values.ingress.className }} 17 | {{- end }} 18 | {{- if .Values.ingress.tls }} 19 | tls: 20 | {{- range $ingress := .Values.ingress.tls }} 21 | - hosts: 22 | {{- range $ingress.hosts }} 23 | - {{ . | quote }} 24 | {{- end }} 25 | secretName: {{ $ingress.secretName }} 26 | {{- end }} 27 | {{- end }} 28 | rules: 29 | {{- range $ingress := .Values.ingress.hosts }} 30 | - host: {{ $ingress.host | quote }} 31 | http: 32 | paths: 33 | {{- range $paths }} 34 | - path: {{ .path }} 35 | pathType: {{ .prefix | default "Prefix" }} 36 | backend: 37 | service: 38 | name: {{ printf "%s-%s" $fullName (.svcName | default "frontend") }} 39 | port: 40 | number: {{ int (.svcPort) }} 41 | {{- end }} 42 | {{- end }} 43 | {{- end }} 44 | -------------------------------------------------------------------------------- /charts/jenkins-kubernetes-agents/templates/rbac.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # From https://github.com/jenkinsci/kubernetes-plugin/blob/master/src/main/kubernetes/service-account.yml 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | kind: Role 5 | metadata: 6 | name: {{ template "jenkins.serviceAccountName" . }}-role 7 | namespace: {{ .Release.Namespace }} 8 | rules: 9 | - apiGroups: [""] 10 | resources: ["pods"] 11 | verbs: ["create","delete","get","list","patch","update","watch"] 12 | - apiGroups: [""] 13 | resources: ["pods/exec"] 14 | verbs: ["create","delete","get","list","patch","update","watch"] 15 | - apiGroups: [""] 16 | resources: ["pods/log"] 17 | verbs: ["get","list","watch"] 18 | - apiGroups: [""] 19 | resources: ["events"] 20 | verbs: ["watch"] 21 | - apiGroups: [""] 22 | resources: ["secrets"] 23 | verbs: ["get"] 24 | --- 25 | apiVersion: rbac.authorization.k8s.io/v1 26 | kind: RoleBinding 27 | metadata: 28 | name: {{ template "jenkins.serviceAccountName" . }}-rolebinding 29 | namespace: {{ .Release.Namespace }} 30 | roleRef: 31 | apiGroup: rbac.authorization.k8s.io 32 | kind: Role 33 | name: {{ template "jenkins.serviceAccountName" . }}-role 34 | subjects: 35 | - kind: ServiceAccount 36 | name: {{ template "jenkins.serviceAccountName" . }} 37 | namespace: {{ template "jenkins.serviceAccountNamespace" . }} 38 | {{ range .Values.groups }} 39 | - kind: Group 40 | name: {{ . }} 41 | {{- end }} 42 | -------------------------------------------------------------------------------- /charts/ipv6-lb-service/templates/ipv6-lb-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | annotations: 5 | service.beta.kubernetes.io/azure-load-balancer-internal: "false" 6 | {{- if .Values.ipv6PipName }} 7 | service.beta.kubernetes.io/azure-pip-name: {{ .Values.ipv6PipName | quote }} 8 | {{- end }} 9 | {{- if .Values.resourceGroup }} 10 | service.beta.kubernetes.io/azure-load-balancer-resource-group: {{ .Values.resourceGroup }} 11 | {{- end }} 12 | labels: 13 | app.kubernetes.io/component: {{ .Values.app.component }} 14 | app.kubernetes.io/instance: {{ .Values.app.instance }} 15 | app.kubernetes.io/name: {{ .Values.app.name }} 16 | # app.kubernetes.io/part-of: {{ .Release.name }} 17 | name: {{ .Values.app.instance }}-{{ .Values.app.name }}-{{ .Values.app.component }}-ipv6 18 | spec: 19 | type: LoadBalancer 20 | externalTrafficPolicy: Local 21 | ipFamilyPolicy: SingleStack 22 | ipFamilies: 23 | - IPv6 24 | ports: 25 | - name: http 26 | port: 80 27 | protocol: TCP 28 | targetPort: http 29 | appProtocol: http 30 | - name: https 31 | port: 443 32 | protocol: TCP 33 | targetPort: https 34 | appProtocol: https 35 | selector: 36 | app.kubernetes.io/name: {{ .Values.app.name }} 37 | app.kubernetes.io/instance: {{ .Values.app.instance }} 38 | app.kubernetes.io/component: {{ .Values.app.component }} 39 | -------------------------------------------------------------------------------- /charts/ldap/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "ldap.fullname" . }} 5 | labels: 6 | {{ include "ldap.labels" . | indent 4 }} 7 | {{- if and .Values.service.azurePip (or .Values.service.azurePip.name .Values.service.azurePip.resourceGroup)}} 8 | annotations: 9 | {{- if and .Values.service.azurePip .Values.service.azurePip.name }} 10 | service.beta.kubernetes.io/azure-pip-name: {{ .Values.service.azurePip.name }} 11 | {{- end }} 12 | {{- if and .Values.service.azurePip .Values.service.azurePip.resourceGroup }} 13 | service.beta.kubernetes.io/azure-load-balancer-resource-group: {{ .Values.service.azurePip.resourceGroup }} 14 | {{- end }} 15 | {{- end }} 16 | spec: 17 | type: {{ .Values.service.type }} 18 | {{- if eq .Values.service.type "LoadBalancer" }} 19 | {{- with .Values.service.IP }} 20 | loadBalancerIP: {{ . }} 21 | {{- end }} 22 | {{- with .Values.service.lbAllowSources }} 23 | loadBalancerSourceRanges: 24 | {{- range $sourceId, $sourceCIDR := . }} 25 | {{- range $key, $value := (split "," $sourceCIDR) }} 26 | - {{ $value | trim | quote }} 27 | {{- end }} 28 | {{- end }} 29 | {{- end }} 30 | {{- end }} 31 | ports: 32 | - port: 636 33 | targetPort: 636 34 | name: ldaps 35 | selector: 36 | app.kubernetes.io/name: {{ include "ldap.name" . }} 37 | app.kubernetes.io/instance: {{ .Release.Name }} 38 | -------------------------------------------------------------------------------- /charts/maven-cacher/values.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | repository: jenkinsciinfra/jenkins-agent-ubuntu-22.04 3 | tag: latest 4 | pullPolicy: IfNotPresent 5 | imagePullSecrets: [] 6 | # securityContext: 7 | # Secret values, set to empty below for reference: 8 | podSecurityContext: {} 9 | # fsGroup: 2000 10 | containerSecurityContext: {} 11 | # capabilities: 12 | # drop: 13 | # - ALL 14 | # readOnlyRootFilesystem: true 15 | # runAsNonRoot: true 16 | # runAsUser: 1000 17 | resources: {} 18 | # We usually recommend not to specify default resources and to leave this as a conscious 19 | # choice for the user. This also increases chances charts run on environments with little 20 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 21 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 22 | # limits: 23 | # cpu: 100m 24 | # memory: 256Mi # minimum 256Mi to avoid OMM kill for `az login` 25 | # requests: 26 | # cpu: 100m 27 | # memory: 256Mi 28 | nodeSelector: {} 29 | tolerations: [] 30 | affinity: {} 31 | cron: '0 14 * * 0' # Once a week, at 14:00, on Sunday 32 | ## Provide a custom PVC to read and write caching archive from/to 33 | # cachePvc: customPersistentVolumeClaimName 34 | cacheMount: /cache 35 | mavenLocalRepo: /home/jenkins/.m2/repository 36 | javaHome: /opt/jdk-21 37 | scriptsDir: /scripts 38 | mavenMirror: 39 | enable: false 40 | # url: http://internal-mirror 41 | # mirrorOf: "external:*,!whatever" 42 | -------------------------------------------------------------------------------- /charts/httpd/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.ingress.enabled (not (dig "global" "ingress" "enabled" false .Values.AsMap)) -}} 2 | {{- $fullName := include "httpd.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | apiVersion: networking.k8s.io/v1 5 | kind: Ingress 6 | metadata: 7 | name: {{ $fullName }} 8 | labels: 9 | {{ include "httpd.labels" . | indent 4 }} 10 | {{- with .Values.ingress.annotations }} 11 | annotations: 12 | nginx.ingress.kubernetes.io/use-regex: "true" 13 | {{- toYaml . | nindent 4 }} 14 | {{- end }} 15 | spec: 16 | {{- if .Values.ingress.className }} 17 | ingressClassName: {{ .Values.ingress.className }} 18 | {{- end }} 19 | {{- if .Values.ingress.tls }} 20 | tls: 21 | {{- range .Values.ingress.tls }} 22 | - hosts: 23 | {{- range .hosts }} 24 | - {{ . | quote }} 25 | {{- end }} 26 | secretName: {{ .secretName }} 27 | {{- end }} 28 | {{- end }} 29 | rules: 30 | {{- range .Values.ingress.hosts }} 31 | - host: {{ .host | quote }} 32 | http: 33 | paths: 34 | {{- range .paths }} 35 | - path: {{ .path }} 36 | pathType: {{ .pathType | default "Prefix" }} 37 | backend: 38 | service: 39 | name: {{ if .serviceNameSuffix }}{{ $fullName }}-{{ .serviceNameSuffix }}{{ else }}{{ $fullName }}{{ end }} 40 | port: 41 | number: {{ $svcPort }} 42 | {{- end }} 43 | {{- end }} 44 | {{- end }} 45 | -------------------------------------------------------------------------------- /charts/plugin-site-issues/README.md: -------------------------------------------------------------------------------- 1 | # plugin-site-issues 2 | 3 | ![Version: 0.0.1](https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square) 4 | 5 | plugin-site-issues 6 | 7 | ## Values 8 | 9 | | Key | Type | Default | Description | 10 | |-----|------|---------|-------------| 11 | | affinity | object | `{}` | | 12 | | artifactory.key | string | `""` | key to upload to artifactory | 13 | | fullnameOverride | string | `""` | | 14 | | github.token | string | `""` | token to update github checks and look up commits | 15 | | image.repository | string | `"jenkinsciinfra/plugin-site-issues"` | | 16 | | image.tag | string | `"latest"` | | 17 | | imagePullSecrets | list | `[]` | | 18 | | ingress.annotations | object | `{}` | | 19 | | ingress.className | string | `""` | | 20 | | ingress.enabled | bool | `false` | | 21 | | ingress.hosts[0].host | string | `"chart-example.local"` | | 22 | | ingress.tls | list | `[]` | | 23 | | jenkins.auth | string | `""` | username:accesskey to talk to jenkins apis to pull build metadata | 24 | | nameOverride | string | `""` | | 25 | | nodeSelector | object | `{}` | | 26 | | podSecurityContext | object | `{}` | | 27 | | preshared_key | string | `""` | The token needed to be provided for autherization | 28 | | replicaCount | int | `1` | | 29 | | resources | object | `{}` | | 30 | | securityContext | object | `{}` | | 31 | | service.port | int | `8080` | | 32 | | service.type | string | `"ClusterIP"` | | 33 | | tolerations | list | `[]` | | 34 | -------------------------------------------------------------------------------- /charts/mirrorbits/README.md: -------------------------------------------------------------------------------- 1 | # Mirrorbits 2 | 3 | 4 | 37 | -------------------------------------------------------------------------------- /charts/maven-cacher/templates/configmap-scripts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ include "maven-cacher.fullname" . }}-scripts 5 | labels: {{ include "maven-cacher.labels" . | nindent 4 }} 6 | data: 7 | maven-cacher.sh: | 8 | #!/bin/bash 9 | 10 | set -eux -o pipefail 11 | 12 | mvn_cache_dir="${MVN_CACHE_DIR:-"/tmp"}" 13 | test -d "${mvn_cache_dir}" 14 | mvn_local_repo="${MVN_LOCAL_REPO:-"${HOME}/.m2/repository"}" 15 | mvn_cache_archive="${mvn_cache_dir}/maven-bom-local-repo.tar.gz" 16 | 17 | # Set up local working directory with BOM code 18 | test -d ./bom || git clone https://github.com/jenkinsci/bom 19 | pushd ./bom 20 | 21 | # TODO: Retrieve this list from Maven 22 | build_lines=("weekly" "2.504.x" "2.516.x" "2.528.x") 23 | 24 | # Load dependencies in the local Maven repo 25 | for build_line in "${build_lines[@]}"; do 26 | MVN_OPTS=() 27 | if [[ $build_line != "weekly" ]]; then 28 | MVN_OPTS+=("-P $build_line") 29 | fi 30 | time mvn -pl sample-plugin\ 31 | dependency:go-offline \ 32 | -DincludeScore=runtime,compile,test \ 33 | -Dmaven.repo.local="{{ .Values.mavenLocalRepo }}" \ 34 | "${MVN_OPTS[@]}" 35 | done 36 | 37 | # Generate a new cache archive from the local Maven repository 38 | pushd "${mvn_local_repo}" 39 | df -h . 40 | du -sh . 41 | time tar czf "${mvn_cache_archive}" ./ 42 | du -sh "${mvn_cache_dir}"/* 43 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/rss2twitter.yaml: -------------------------------------------------------------------------------- 1 | name: Bump rss2twitter docker image version 2 | 3 | scms: 4 | default: 5 | kind: github 6 | spec: 7 | user: "{{ .github.user }}" 8 | email: "{{ .github.email }}" 9 | owner: "{{ .github.owner }}" 10 | repository: "{{ .github.repository }}" 11 | token: "{{ requiredEnv .github.token }}" 12 | username: "{{ .github.username }}" 13 | branch: "{{ .github.branch }}" 14 | 15 | sources: 16 | latestRelease: 17 | kind: githubrelease 18 | name: "Get latest umputun/rss2twitter release" 19 | spec: 20 | owner: "umputun" 21 | repository: "rss2twitter" 22 | token: "{{ requiredEnv .github.token }}" 23 | username: "{{ .github.username }}" 24 | 25 | conditions: 26 | checkDockerImagePublished: 27 | name: "Test umputun/rss2twitter: docker image tag" 28 | kind: dockerimage 29 | spec: 30 | image: "umputun/rss2twitter" 31 | ## Tag from source 32 | architecture: amd64 33 | 34 | targets: 35 | updateChart: 36 | name: Update rss2twitter helm chart 37 | kind: helmchart 38 | spec: 39 | name: charts/rss2twitter 40 | key: $.image.tag 41 | versionincrement: patch 42 | scmid: default 43 | 44 | actions: 45 | default: 46 | kind: github/pullrequest 47 | scmid: default 48 | title: Bump `rss2twitter` docker image version to {{ source "latestRelease" }} 49 | spec: 50 | labels: 51 | - dependencies 52 | - rss2twitter 53 | -------------------------------------------------------------------------------- /charts/keycloak/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "keycloak.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | apiVersion: networking.k8s.io/v1 5 | kind: Ingress 6 | metadata: 7 | name: {{ $fullName }} 8 | labels: 9 | {{- include "keycloak.labels" . | nindent 4 }} 10 | {{- with .Values.ingress.annotations }} 11 | annotations: 12 | nginx.ingress.kubernetes.io/app-root: /auth/realms/jenkins/account 13 | {{- toYaml . | nindent 4 }} 14 | {{- end }} 15 | spec: 16 | {{- if .Values.ingress.className }} 17 | ingressClassName: {{ .Values.ingress.className }} 18 | {{- end }} 19 | {{- if .Values.ingress.tls }} 20 | tls: 21 | {{- range .Values.ingress.tls }} 22 | - hosts: 23 | {{- range .hosts }} 24 | - {{ . | quote }} 25 | {{- end }} 26 | secretName: {{ .secretName }} 27 | {{- end }} 28 | {{- end }} 29 | rules: 30 | {{- range .Values.ingress.hosts }} 31 | - host: {{ .host | quote }} 32 | http: 33 | paths: 34 | - path: / 35 | pathType: Prefix 36 | backend: 37 | service: 38 | name: keycloak-http 39 | port: 40 | number: {{ $svcPort }} 41 | - path: /auth/admin/ 42 | pathType: Prefix 43 | backend: 44 | service: 45 | name: {{ $fullName }}-404 46 | port: 47 | number: {{ $svcPort }} 48 | {{- end }} 49 | {{- end }} 50 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/httpd.yaml: -------------------------------------------------------------------------------- 1 | name: Bump `httpd` docker images and helm chart versions 2 | 3 | scms: 4 | default: 5 | kind: github 6 | spec: 7 | user: "{{ .github.user }}" 8 | email: "{{ .github.email }}" 9 | owner: "{{ .github.owner }}" 10 | repository: "{{ .github.repository }}" 11 | token: "{{ requiredEnv .github.token }}" 12 | username: "{{ .github.username }}" 13 | branch: "{{ .github.branch }}" 14 | 15 | sources: 16 | latestRelease: 17 | kind: githubrelease 18 | name: "Get latest apache/httpd release" 19 | spec: 20 | owner: "apache" 21 | repository: "httpd" 22 | token: "{{ requiredEnv .github.token }}" 23 | username: "{{ .github.username }}" 24 | 25 | conditions: 26 | checkDockerImagePublished: 27 | name: "Test httpd: docker image tag" 28 | kind: dockerimage 29 | spec: 30 | image: "httpd" 31 | ## Tag from source 32 | architectures: 33 | - amd64 34 | - arm64 35 | 36 | targets: 37 | updateHttpd: 38 | name: "Update httpd docker image version in httpd chart" 39 | sourceid: latestRelease 40 | kind: helmchart 41 | spec: 42 | name: charts/httpd 43 | key: $.image.tag 44 | versionincrement: patch 45 | scmid: default 46 | 47 | actions: 48 | default: 49 | kind: github/pullrequest 50 | scmid: default 51 | title: Bump `httpd` docker image version to {{ source "latestRelease" }} 52 | spec: 53 | labels: 54 | - dependencies 55 | - httpd 56 | -------------------------------------------------------------------------------- /charts/httpd/tests/values/global.yaml: -------------------------------------------------------------------------------- 1 | # Mock chart parent inherited global values passed to subcharts 2 | global: 3 | storage: 4 | enabled: true 5 | claimNameTpl: '{{ default "parent-chart-shared-data" }}' 6 | ingress: 7 | enabled: true 8 | # Try to specify a ingress which must be ignored (parent prevails) 9 | ingress: 10 | enabled: true 11 | hosts: 12 | - host: chart-example.local 13 | paths: 14 | - path: / 15 | pathType: IfNotPresent 16 | # Try to specify a PV which must be ignored (parent prevails) 17 | repository: 18 | name: httpd-binary 19 | persistentVolumeClaim: 20 | enabled: true 21 | spec: 22 | accessModes: 23 | - ReadWriteMany 24 | storageClassName: azurefile-csi-premium 25 | resources: 26 | requests: 27 | storage: 1000Gi 28 | volumeName: mirrorbits-binary 29 | persistentVolume: 30 | enabled: true 31 | spec: 32 | capacity: 33 | storage: 1000Gi 34 | storageClassName: azurefile-csi-premium 35 | accessModes: 36 | - ReadWriteMany 37 | persistentVolumeReclaimPolicy: Retain 38 | csi: 39 | driver: file.csi.azure.com 40 | readOnly: false 41 | volumeHandle: httpd-binary # make sure this volumeid is unique for every identical share in the cluster 42 | volumeAttributes: 43 | resourceGroup: httpd-rg 44 | shareName: httpd 45 | nodeStageSecretRef: 46 | name: httpd-data 47 | namespace: httpd 48 | mountOptions: 49 | - dir_mode=0755 50 | -------------------------------------------------------------------------------- /charts/rss2twitter/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for rss2twitter. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | replicaCount: 1 5 | image: 6 | repository: umputun/rss2twitter 7 | pullPolicy: IfNotPresent 8 | # Overrides the image tag whose default is the chart appVersion. 9 | tag: v0.7.0 10 | imagePullSecrets: [] 11 | nameOverride: "" 12 | fullnameOverride: "" 13 | podAnnotations: {} 14 | podSecurityContext: {} 15 | # fsGroup: 2000 16 | securityContext: 17 | capabilities: 18 | drop: 19 | - ALL 20 | readOnlyRootFilesystem: true 21 | runAsUser: 1001 # app 22 | resources: {} 23 | # We usually recommend not to specify default resources and to leave this as a conscious 24 | # choice for the user. This also increases chances charts run on environments with little 25 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 26 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 27 | # limits: 28 | # cpu: 100m 29 | # memory: 128Mi 30 | # requests: 31 | # cpu: 100m 32 | # memory: 128Mi 33 | nodeSelector: {} 34 | tolerations: [] 35 | affinity: {} 36 | env: 37 | rssFeed: http://lorem-rss.herokuapp.com/feed?unit=second&interval=30 38 | rssRefreshRate: 1m 39 | template: "{{.Title}} - {{.Link}} #mytag" 40 | # disables publishing to twitter and sends updates to logger only 41 | dryMode: true 42 | debugMode: false 43 | 44 | twitter: 45 | consumerKey: "" 46 | consumerSecret: "" 47 | accessToken: "" 48 | accessSecret: "" 49 | -------------------------------------------------------------------------------- /charts/plugin-site/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}/ 5 | {{- end }} 6 | {{- else if contains "NodePort" .Values.service.type }} 7 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "plugin-site.fullname" . }}) 8 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 9 | echo http://$NODE_IP:$NODE_PORT 10 | {{- else if contains "LoadBalancer" .Values.service.type }} 11 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 12 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "plugin-site.fullname" . }}' 13 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "plugin-site.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') 14 | echo http://$SERVICE_IP:{{ .Values.service.port }} 15 | {{- else if contains "ClusterIP" .Values.service.type }} 16 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "plugin-site.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 17 | echo "Visit http://127.0.0.1:8080 to use your application" 18 | kubectl port-forward $POD_NAME 8080:80 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /charts/nginx-website/README.md: -------------------------------------------------------------------------------- 1 | # nginx-website 2 | 3 | This chart can be used to deploy a website served by nginx. 4 | 5 | ## Running this yourself 6 | 7 | This guide assumes you're running minikube, adjust accordingly if you're using something else to run it. 8 | 9 | First you need to retrieve the content of your website to be able to mount it as volume: 10 | 11 | ```bash 12 | minikube mount site:/host 13 | ``` 14 | 15 | ```yaml 16 | helm install -f values.yaml -f values.local.yaml --name nginx-website . 17 | ``` 18 | 19 | ```yaml 20 | helm upgrade -f values.yaml -f values.local.yaml nginx-website . 21 | ``` 22 | 23 | You need to define some configuration locally in a separate values file 24 | 25 | Here's an example `values.local.yaml` file: 26 | ```yaml 27 | ingress: 28 | enabled: true 29 | hosts: 30 | - host: nginx-website-local.jenkins.io 31 | paths: 32 | - path: / 33 | pathType: Prefix 34 | service: 35 | name: nginx-website-local 36 | port: http 37 | 38 | htmlVolume: 39 | hostPath: 40 | path: /host 41 | ``` 42 | 43 | You'll need to add `nginx-website-local.jenkins.io` to your hosts file, you can get the IP with `kubectl get ingress` 44 | 45 | ## Running on Azure 46 | 47 | Here's some example configuration for running this on Azure: 48 | 49 | ```yaml 50 | azureStorageAccountName: myaccount 51 | azureStorageAccountKey: key 52 | htmlVolume: 53 | azureFile: 54 | secretName: reports 55 | shareName: reports 56 | readOnly: true 57 | # ... you will also need ingress configuration, add as required 58 | ``` 59 | -------------------------------------------------------------------------------- /charts/ldap/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "ldap.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "ldap.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "ldap.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Common labels 36 | */}} 37 | {{- define "ldap.labels" -}} 38 | app.kubernetes.io/name: {{ include "ldap.name" . }} 39 | helm.sh/chart: {{ include "ldap.chart" . }} 40 | app.kubernetes.io/instance: {{ .Release.Name }} 41 | {{- if .Chart.AppVersion }} 42 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 43 | {{- end }} 44 | app.kubernetes.io/managed-by: {{ .Release.Service }} 45 | {{- end -}} 46 | -------------------------------------------------------------------------------- /charts/acme/README.md: -------------------------------------------------------------------------------- 1 | # Jenkins Infrastructure ACME settings 2 | 3 | This chart is configured to use the dns challenge. 4 | 5 | It allows multiple dns01 configurations to be passed, with `acme.dns01` accepting any valid settings as defined in . 6 | 7 | Example configuration: 8 | 9 | ```yaml 10 | acme: 11 | id: "letsencrypt-prod" # Used by ingress resources to identify the issuer 12 | email: "test@example.com" 13 | server: "https://acme-v02.api.letsencrypt.org/directory" # Used to query letsencrypt servers 14 | clientSecrets: 15 | - name: acme_secret_jenkins_io 16 | value: 'password' 17 | - name: acme_secret_jenkinsci_org 18 | value: 'password2' 19 | dns01: 20 | - azuredns: 21 | clientID: XXX 22 | clientSecretSecretRef: 23 | name: acme_secret_jenkinsio 24 | key: CLIENT_SECRET 25 | subscriptionID: YYY 26 | tenantID: ZZZ 27 | resourceGroupName: jenkinsio 28 | hostedZoneName: jenkins.io 29 | selector: 30 | dnsZones: 31 | - jenkins.io 32 | - azuredns: 33 | clientID: XXX 34 | clientSecretSecretRef: 35 | name: acme_secret_jenkinsci_org 36 | key: CLIENT_SECRET 37 | subscriptionID: YYY 38 | tenantID: ZZZ 39 | resourceGroupName: jenkinsci_org 40 | hostedZoneName: jenkinsci.org 41 | selector: 42 | dnsZones: 43 | - jenkins-ci.org 44 | ``` 45 | 46 | ## Links 47 | * 48 | * 49 | -------------------------------------------------------------------------------- /charts/accountapp/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "accountapp.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "accountapp.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "accountapp.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "accountapp.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | echo "Visit http://127.0.0.1:8080 to use your application" 20 | kubectl port-forward $POD_NAME 8080:80 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /charts/rating/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "rating.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "rating.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "rating.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Common labels 36 | */}} 37 | {{- define "rating.labels" -}} 38 | app.kubernetes.io/name: {{ include "rating.name" . }} 39 | helm.sh/chart: {{ include "rating.chart" . }} 40 | app.kubernetes.io/instance: {{ .Release.Name }} 41 | {{- if .Chart.AppVersion }} 42 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 43 | {{- end }} 44 | app.kubernetes.io/managed-by: {{ .Release.Service }} 45 | {{- end -}} 46 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/geoipupdates.yaml: -------------------------------------------------------------------------------- 1 | name: Bump `jenkinsciinfra/geoipupdate` docker image and helm chart versions 2 | 3 | scms: 4 | default: 5 | kind: github 6 | spec: 7 | user: "{{ .github.user }}" 8 | email: "{{ .github.email }}" 9 | owner: "{{ .github.owner }}" 10 | repository: "{{ .github.repository }}" 11 | token: "{{ requiredEnv .github.token }}" 12 | username: "{{ .github.username }}" 13 | branch: "{{ .github.branch }}" 14 | 15 | sources: 16 | lastVersion: 17 | name: Get latest version of jenkinsciinfra/geoipupdate 18 | kind: githubrelease 19 | spec: 20 | owner: jenkins-infra 21 | repository: docker-geoipupdate 22 | token: "{{ requiredEnv .github.token }}" 23 | username: "{{ .github.username }}" 24 | 25 | conditions: 26 | checkGeoIPDockerImagePublished: 27 | name: Ensure that the image "jenkinsciinfra/geoipupdate:" is published 28 | kind: dockerimage 29 | spec: 30 | image: jenkinsciinfra/geoipupdate 31 | architectures: 32 | - "arm64" 33 | # Tag comes from sourceid 34 | 35 | targets: 36 | updateGeoIP: 37 | name: "Update chart image tag version" 38 | kind: helmchart 39 | spec: 40 | name: charts/geoipupdates 41 | file: values.yaml 42 | key: $.image.tag 43 | scmid: default 44 | 45 | actions: 46 | default: 47 | kind: github/pullrequest 48 | scmid: default 49 | title: Bump `jenkinsciinfra/geoipupdate` docker image to {{ source `lastVersion` }} 50 | spec: 51 | labels: 52 | - dependencies 53 | - geoipupdates 54 | -------------------------------------------------------------------------------- /charts/maven-cacher/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "maven-cacher.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "maven-cacher.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Selector labels 29 | */}} 30 | {{- define "maven-cacher.selectorLabels" -}} 31 | app.kubernetes.io/name: maven-cacher 32 | app.kubernetes.io/instance: {{ .Release.Name }} 33 | {{- end }} 34 | 35 | {{/* 36 | Create chart name and version as used by the chart label. 37 | */}} 38 | {{- define "maven-cacher.chart" -}} 39 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 40 | {{- end -}} 41 | 42 | {{/* 43 | Common labels 44 | */}} 45 | {{- define "maven-cacher.labels" -}} 46 | {{ include "maven-cacher.selectorLabels" . }} 47 | helm.sh/chart: {{ include "maven-cacher.chart" . }} 48 | {{- end -}} 49 | -------------------------------------------------------------------------------- /charts/uplink/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "uplink.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "uplink.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "uplink.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "uplink.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | echo "Visit http://127.0.0.1:8080 to use your application" 20 | kubectl port-forward $POD_NAME 8080:80 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /charts/uplink/tests/defaults_test.yaml: -------------------------------------------------------------------------------- 1 | suite: test default behavior of secret.yaml with default values 2 | templates: 3 | - secret.yaml 4 | - pdb.yaml 5 | - deployment.yaml 6 | tests: 7 | - it: should render with default values without error 8 | template: secret.yaml 9 | asserts: 10 | - isKind: 11 | of: Secret 12 | - equal: 13 | path: metadata.name 14 | value: RELEASE-NAME-uplink 15 | - notExists: 16 | path: data.postgresql.url 17 | - notExists: 18 | path: data.client.id 19 | - notExists: 20 | path: data.client.secret 21 | - notExists: 22 | path: data.sentry.dsn 23 | - it: should not generate any pdb with default values 24 | template: pdb.yaml 25 | asserts: 26 | - hasDocuments: 27 | count: 0 28 | - it: Should generate a deployment with the default values 29 | template: deployment.yaml 30 | asserts: 31 | - hasDocuments: 32 | count: 1 33 | - isKind: 34 | of: Deployment 35 | - notExists: 36 | path: spec.affinity 37 | - equal: 38 | path: metadata.labels["app.kubernetes.io/name"] 39 | value: uplink 40 | - equal: 41 | path: metadata.labels["app.kubernetes.io/managed-by"] 42 | value: Helm 43 | - equal: 44 | path: spec.template.spec.containers[0].name 45 | value: uplink 46 | - equal: 47 | path: spec.template.spec.containers[0].resources.limits.cpu 48 | value: 200m 49 | - notExists: 50 | path: spec.template.metadata.annotations 51 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/rating.yaml: -------------------------------------------------------------------------------- 1 | name: Bump `rating` docker image and helm chart versions 2 | 3 | scms: 4 | default: 5 | kind: github 6 | spec: 7 | user: "{{ .github.user }}" 8 | email: "{{ .github.email }}" 9 | owner: "{{ .github.owner }}" 10 | repository: "{{ .github.repository }}" 11 | token: "{{ requiredEnv .github.token }}" 12 | username: "{{ .github.username }}" 13 | branch: "{{ .github.branch }}" 14 | 15 | sources: 16 | latestRelease: 17 | kind: githubrelease 18 | name: Get latest jenkins-infra/rating release 19 | spec: 20 | owner: jenkins-infra 21 | repository: rating 22 | token: "{{ requiredEnv .github.token }}" 23 | username: "{{ .github.username }}" 24 | 25 | conditions: 26 | checkDockerImagePublished: 27 | name: Check the dockerhubmirror.azurecr.io/jenkinsciinfra/rating:{{ source `latestRelease` }} docker image is published 28 | kind: dockerimage 29 | sourceid: latestRelease 30 | spec: 31 | image: dockerhubmirror.azurecr.io/jenkinsciinfra/rating 32 | ## Tag from source 33 | architectures: 34 | - arm64 35 | 36 | targets: 37 | updateChart: 38 | name: Update rating helm chart 39 | kind: helmchart 40 | spec: 41 | name: charts/rating 42 | key: $.image.tag 43 | versionincrement: patch 44 | scmid: default 45 | 46 | actions: 47 | default: 48 | kind: github/pullrequest 49 | scmid: default 50 | title: Bump `rating` docker image version to {{ source "latestRelease" }} 51 | spec: 52 | labels: 53 | - dependencies 54 | - rating 55 | -------------------------------------------------------------------------------- /charts/httpd/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "httpd.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "httpd.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "httpd.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "httpd.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | echo "Visit http://127.0.0.1:8080/?mirrorstats to use your application" 20 | kubectl port-forward $POD_NAME 8080:80 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /charts/nginx-website/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "nginx-website.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "nginx-website.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "nginx-website.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "nginx-website.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | echo "Visit http://127.0.0.1:8080 to use your application" 20 | kubectl port-forward $POD_NAME 8080:80 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /charts/rating/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $h := .Values.ingress.hosts }} 4 | {{- range $p := $h.paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $h.host }}{{ $p.path }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "rating.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "rating.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "rating.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "rating.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | echo "Visit http://127.0.0.1:8080 to use your application" 20 | kubectl port-forward $POD_NAME 8080:80 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /charts/wiki/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for wiki. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | replicaCount: 1 5 | image: 6 | repository: dockerhubmirror.azurecr.io/jenkinsciinfra/wiki 7 | pullPolicy: IfNotPresent 8 | tag: 0.2.31 9 | imagePullSecrets: [] 10 | nameOverride: "" 11 | fullnameOverride: "" 12 | podAnnotations: {} 13 | podSecurityContext: {} 14 | # fsGroup: 2000 15 | securityContext: {} 16 | # capabilities: 17 | # drop: 18 | # - ALL 19 | # readOnlyRootFilesystem: true 20 | # runAsNonRoot: true 21 | # runAsUser: 1000 22 | service: 23 | type: ClusterIP 24 | port: 80 25 | ingress: 26 | enabled: false 27 | className: "" 28 | annotations: {} 29 | # kubernetes.io/ingress.class: nginx 30 | # kubernetes.io/tls-acme: "true" 31 | hosts: 32 | - host: chart-example.local 33 | paths: 34 | - path: / 35 | pathType: ImplementationSpecific 36 | tls: [] 37 | # - secretName: chart-example-tls 38 | # hosts: 39 | # - chart-example.local 40 | resources: {} 41 | # We usually recommend not to specify default resources and to leave this as a conscious 42 | # choice for the user. This also increases chances charts run on environments with little 43 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 44 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 45 | # limits: 46 | # cpu: 100m 47 | # memory: 128Mi 48 | # requests: 49 | # cpu: 100m 50 | # memory: 128Mi 51 | nodeSelector: {} 52 | tolerations: [] 53 | affinity: {} 54 | poddisruptionbudget: 55 | minAvailable: 1 56 | -------------------------------------------------------------------------------- /charts/keycloak/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "keycloak.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "keycloak.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "keycloak.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "keycloak.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | echo "Visit http://127.0.0.1:8080 to use your application" 20 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/rsyncd.yaml: -------------------------------------------------------------------------------- 1 | name: Bump `rsyncd` docker images and helm chart versions 2 | 3 | scms: 4 | default: 5 | kind: github 6 | spec: 7 | user: "{{ .github.user }}" 8 | email: "{{ .github.email }}" 9 | owner: "{{ .github.owner }}" 10 | repository: "{{ .github.repository }}" 11 | token: "{{ requiredEnv .github.token }}" 12 | username: "{{ .github.username }}" 13 | branch: "{{ .github.branch }}" 14 | 15 | sources: 16 | latestRelease: 17 | kind: githubrelease 18 | name: Get latest jenkins-infra/docker-rsyncd release 19 | spec: 20 | owner: jenkins-infra 21 | repository: docker-rsyncd 22 | token: "{{ requiredEnv .github.token }}" 23 | username: "{{ .github.username }}" 24 | 25 | conditions: 26 | checkDockerImagePublished: 27 | name: Check the dockerhubmirror.azurecr.io/jenkinsciinfra/rsyncd:{{ source `latestRelease` }} docker image is published 28 | kind: dockerimage 29 | sourceid: latestRelease 30 | spec: 31 | image: dockerhubmirror.azurecr.io/jenkinsciinfra/rsyncd 32 | ## Tag from source 33 | architectures: 34 | - arm64 35 | 36 | targets: 37 | updateRsyncd: 38 | name: Update rsyncd docker image version 39 | sourceid: latestRelease 40 | kind: helmchart 41 | spec: 42 | name: charts/rsyncd 43 | key: $.image.tag 44 | versionincrement: patch 45 | scmid: default 46 | 47 | actions: 48 | default: 49 | kind: github/pullrequest 50 | scmid: default 51 | title: Bump `rsyncd` docker images and helm chart versions 52 | spec: 53 | labels: 54 | - dependencies 55 | - rsyncd 56 | -------------------------------------------------------------------------------- /charts/wiki/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "wiki.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "wiki.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "wiki.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "wiki.labels" -}} 37 | helm.sh/chart: {{ include "wiki.chart" . }} 38 | {{ include "wiki.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "wiki.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "wiki.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | {{- end }} 52 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/plugin-site-api.yaml: -------------------------------------------------------------------------------- 1 | name: Bump `plugin-site-api` docker image and `plugin-site` helm chart versions 2 | 3 | scms: 4 | default: 5 | kind: github 6 | spec: 7 | user: "{{ .github.user }}" 8 | email: "{{ .github.email }}" 9 | owner: "{{ .github.owner }}" 10 | repository: "{{ .github.repository }}" 11 | token: "{{ requiredEnv .github.token }}" 12 | username: "{{ .github.username }}" 13 | branch: "{{ .github.branch }}" 14 | 15 | sources: 16 | latestRelease: 17 | kind: githubrelease 18 | name: Get jenkins-infra/plugin-site-api latest version 19 | spec: 20 | owner: jenkins-infra 21 | repository: plugin-site-api 22 | token: "{{ requiredEnv .github.token }}" 23 | username: "{{ .github.username }}" 24 | 25 | conditions: 26 | checkDockerImagePublished: 27 | name: Test if dockerhubmirror.azurecr.io/jenkinsciinfra/incrementals-publisher docker image is published 28 | kind: dockerimage 29 | sourceid: latestRelease 30 | spec: 31 | image: dockerhubmirror.azurecr.io/jenkinsciinfra/plugin-site-api 32 | ## Tag from source 33 | architectures: 34 | - arm64 35 | 36 | targets: 37 | updateChart: 38 | name: Update rating helm chart 39 | kind: helmchart 40 | spec: 41 | name: charts/plugin-site 42 | key: $.backend.image.tag 43 | versionincrement: patch 44 | scmid: default 45 | 46 | actions: 47 | default: 48 | kind: github/pullrequest 49 | scmid: default 50 | title: Bump `plugin-site-api` docker image version to {{ source "latestRelease" }} 51 | spec: 52 | labels: 53 | - dependencies 54 | - plugin-site-api 55 | -------------------------------------------------------------------------------- /charts/incrementals-publisher/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "incrementals-publisher.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "incrementals-publisher.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "incrementals-publisher.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "incrementals-publisher.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | echo "Visit http://127.0.0.1:8080 to use your application" 20 | kubectl port-forward $POD_NAME 8080:80 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /charts/httpd/tests/parent_values_test.yaml: -------------------------------------------------------------------------------- 1 | suite: Tests with custom values from parent (umbrella ingress and umbrella PVC) 2 | templates: 3 | - deployment.yaml 4 | - ingress.yaml 5 | - secret.yaml # Direct dependency of deployment.yaml 6 | - persistentVolume.yaml 7 | - persistentVolumeClaim.yaml 8 | values: 9 | - values/global.yaml 10 | tests: 11 | - it: should define a customized "httpd" deployment 12 | template: deployment.yaml 13 | asserts: 14 | - hasDocuments: 15 | count: 1 16 | - isKind: 17 | of: Deployment 18 | # HTML volume (references a claim from parent chart) 19 | - equal: 20 | path: spec.template.spec.volumes[1].name 21 | value: html 22 | - equal: 23 | path: spec.template.spec.volumes[1].persistentVolumeClaim.claimName 24 | value: parent-chart-shared-data 25 | - equal: 26 | path: spec.template.spec.containers[0].volumeMounts[1].name 27 | value: html 28 | - equal: 29 | path: spec.template.spec.containers[0].volumeMounts[1].readOnly 30 | value: true 31 | - equal: 32 | path: spec.template.spec.containers[0].volumeMounts[1].mountPath 33 | value: /usr/local/apache2/htdocs 34 | - it: should not create any ingress 35 | template: ingress.yaml 36 | asserts: 37 | - hasDocuments: 38 | count: 0 39 | - it: should not define any persistent volume 40 | template: persistentVolume.yaml 41 | asserts: 42 | - hasDocuments: 43 | count: 0 44 | - it: should not define any PV claim 45 | template: persistentVolumeClaim.yaml 46 | asserts: 47 | - hasDocuments: 48 | count: 0 49 | -------------------------------------------------------------------------------- /charts/incrementals-publisher/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "incrementals-publisher.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "incrementals-publisher.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "incrementals-publisher.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Common labels 36 | */}} 37 | {{- define "incrementals-publisher.labels" -}} 38 | app.kubernetes.io/name: {{ include "incrementals-publisher.name" . }} 39 | helm.sh/chart: {{ include "incrementals-publisher.chart" . }} 40 | app.kubernetes.io/instance: {{ .Release.Name }} 41 | {{- if .Chart.AppVersion }} 42 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 43 | {{- end }} 44 | app.kubernetes.io/managed-by: {{ .Release.Service }} 45 | {{- end -}} 46 | -------------------------------------------------------------------------------- /charts/plugin-health-scoring/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "plugin-health-scoring.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "plugin-health-scoring.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "plugin-health-scoring.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "plugin-health-scoring.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | echo "Visit http://127.0.0.1:8080 to use your application" 20 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 21 | {{- end }} 22 | -------------------------------------------------------------------------------- /charts/plugin-site/README.md: -------------------------------------------------------------------------------- 1 | # Plugin site 2 | 3 | This chart deploys [plugin-site-api](https://github.com/jenkins-infra/plugin-site-api) and [plugin-site](https://github.com/jenkins-infra/plugin-site) 4 | 5 | ## Running this yourself 6 | 7 | ```yaml 8 | helm install -f values.yaml -f values.local.yaml --name plugin-site . 9 | ``` 10 | 11 | ```yaml 12 | helm upgrade -f values.yaml -f values.local.yaml plugin-site . 13 | ``` 14 | 15 | You need to define some configuration locally in a separate values file 16 | 17 | Make sure your pem key is converted from the format given by the website to pks#8 18 | 19 | openssl pkcs8 -topk8 -inform PEM -outform PEM -in devpluginsjenkinsio.2020-07-28.private-key.pem -out githubapp.pem -nocrypt 20 | 21 | Here's an example `values.local.yaml` file: 22 | ```yaml 23 | github: 24 | appId: 25 | appPrivateKey: 26 | 27 | ingress: 28 | enabled: true 29 | annotations: 30 | nginx.ingress.kubernetes.io/rewrite-target: /$1 31 | hosts: 32 | - host: plugins-local.jenkins.io 33 | 34 | # Should point to somewhere where the plugin-site's built public directory is 35 | htmlVolume: 36 | hostPath: 37 | path: /src/path/to/your/build/public 38 | 39 | ``` 40 | 41 | The `ingress host` need to be reachable from both your desktop and from the k8s cluster 42 | 43 | ### Minikube gotchas 44 | 45 | 46 | When using ingress minikube recommends adding host file entries to your machine so that you can resolve the DNS, this doesn't work in the cluster though, 47 | 48 | Workaround, add the following to your values.local.yaml: 49 | ```yaml 50 | hostAliases: 51 | - ip: "" 52 | hostnames: 53 | - "plugins-local.jenkins.io" 54 | ``` 55 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/incrementals-publisher.yaml: -------------------------------------------------------------------------------- 1 | name: Bump `incremental-publisher` docker image and helm chart versions 2 | 3 | scms: 4 | default: 5 | kind: github 6 | spec: 7 | user: "{{ .github.user }}" 8 | email: "{{ .github.email }}" 9 | owner: "{{ .github.owner }}" 10 | repository: "{{ .github.repository }}" 11 | token: "{{ requiredEnv .github.token }}" 12 | username: "{{ .github.username }}" 13 | branch: "{{ .github.branch }}" 14 | 15 | sources: 16 | latestRelease: 17 | kind: githubrelease 18 | name: Get jenkins-infra/incrementals-publish latest version 19 | spec: 20 | owner: jenkins-infra 21 | repository: incrementals-publisher 22 | token: "{{ requiredEnv .github.token }}" 23 | username: "{{ .github.username }}" 24 | 25 | conditions: 26 | checkDockerImagePublished: 27 | name: Test if dockerhubmirror.azurecr.io/jenkinsciinfra/incrementals-publisher docker image is published 28 | kind: dockerimage 29 | sourceid: latestRelease 30 | spec: 31 | image: dockerhubmirror.azurecr.io/jenkinsciinfra/incrementals-publisher 32 | ## Tag from source 33 | architectures: 34 | - arm64 35 | 36 | targets: 37 | updateChart: 38 | name: Update incrementals-publisher helm chart 39 | kind: helmchart 40 | spec: 41 | name: charts/incrementals-publisher 42 | key: $.image.tag 43 | versionincrement: patch 44 | scmid: default 45 | 46 | actions: 47 | default: 48 | kind: github/pullrequest 49 | scmid: default 50 | title: Bump `incrementals-publisher` docker image version to {{ source "latestRelease" }} 51 | spec: 52 | labels: 53 | - dependencies 54 | - incrementals-publisher 55 | -------------------------------------------------------------------------------- /charts/rss2twitter/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "rss2twitter.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "rss2twitter.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "rss2twitter.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "rss2twitter.labels" -}} 37 | helm.sh/chart: {{ include "rss2twitter.chart" . }} 38 | {{ include "rss2twitter.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "rss2twitter.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "rss2twitter.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | {{- end }} 52 | -------------------------------------------------------------------------------- /charts/uplink/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for uplink. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | replicaCount: 1 5 | image: 6 | repository: dockerhubmirror.azurecr.io/jenkinsciinfra/uplink 7 | tag: 1.0.3 8 | pullPolicy: IfNotPresent 9 | imagePullSecrets: [] 10 | nameOverride: "" 11 | fullnameOverride: "" 12 | podSecurityContext: {} 13 | # fsGroup: 2000 14 | securityContext: {} 15 | # capabilities: 16 | # drop: 17 | # - ALL 18 | # readOnlyRootFilesystem: true 19 | # runAsNonRoot: true 20 | # runAsUser: 1000 21 | service: 22 | type: ClusterIP 23 | port: 80 24 | ingress: 25 | enabled: false 26 | className: "" 27 | annotations: 28 | kubernetes.io/tls-acme: "true" 29 | nginx.ingress.kubernetes.io/rewrite-target: / 30 | nginx.ingress.kubernetes.io/ssl-redirect: "true" 31 | hosts: 32 | - host: chart-example.local 33 | paths: [] 34 | tls: [] 35 | # - secretName: chart-example-tls 36 | # hosts: 37 | # - chart-example.local 38 | resources: 39 | # We usually recommend not to specify default resources and to leave this as a conscious 40 | # choice for the user. This also increases chances charts run on environments with little 41 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 42 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 43 | limits: 44 | cpu: 200m 45 | memory: 256Mi 46 | requests: 47 | cpu: 200m 48 | memory: 256Mi 49 | nodeSelector: {} 50 | tolerations: [] 51 | affinity: {} 52 | postgresql: 53 | url: "" 54 | client: 55 | id: "" 56 | secret: "" 57 | sentry: 58 | dsn: "" 59 | poddisruptionbudget: 60 | minAvailable: 1 61 | podAnnotations: {} 62 | -------------------------------------------------------------------------------- /charts/keycloak/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "keycloak.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 7 | {{- end }} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "keycloak.fullname" -}} 15 | {{- if .Values.fullnameOverride }} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 17 | {{- else }} 18 | {{- $name := default .Chart.Name .Values.nameOverride }} 19 | {{- if contains $name .Release.Name }} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 21 | {{- else }} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 23 | {{- end }} 24 | {{- end }} 25 | {{- end }} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "keycloak.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 32 | {{- end }} 33 | 34 | {{/* 35 | Common labels 36 | */}} 37 | {{- define "keycloak.labels" -}} 38 | helm.sh/chart: {{ include "keycloak.chart" . }} 39 | {{ include "keycloak.selectorLabels" . }} 40 | {{- if .Chart.AppVersion }} 41 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 42 | {{- end }} 43 | app.kubernetes.io/managed-by: {{ .Release.Service }} 44 | {{- end }} 45 | 46 | {{/* 47 | Selector labels 48 | */}} 49 | {{- define "keycloak.selectorLabels" -}} 50 | app.kubernetes.io/name: {{ include "keycloak.name" . }} 51 | app.kubernetes.io/instance: {{ .Release.Name }} 52 | {{- end }} 53 | -------------------------------------------------------------------------------- /charts/uplink/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "uplink.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "uplink.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "uplink.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Selector labels 36 | */}} 37 | {{- define "uplink.selectorLabels" -}} 38 | app.kubernetes.io/name: {{ include "uplink.name" . }} 39 | app.kubernetes.io/instance: {{ .Release.Name }} 40 | {{- end }} 41 | 42 | 43 | {{/* 44 | Common labels 45 | */}} 46 | {{- define "uplink.labels" -}} 47 | {{ include "uplink.selectorLabels" . }} 48 | helm.sh/chart: {{ include "uplink.chart" . }} 49 | {{- if .Chart.AppVersion }} 50 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 51 | {{- end }} 52 | app.kubernetes.io/managed-by: {{ .Release.Service }} 53 | {{- end -}} 54 | -------------------------------------------------------------------------------- /charts/geoipupdates/values.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | repository: jenkinsciinfra/geoipupdate 3 | tag: 0.3.47 4 | pullPolicy: IfNotPresent 5 | imagePullSecrets: [] 6 | # securityContext: 7 | # Secret values, set to empty below for reference: 8 | geoipupdate: 9 | dryrun: true 10 | account_id: "" 11 | license_key: "" 12 | fileshare_client_id: "" 13 | fileshare_client_secret: "" 14 | fileshare_tenant_id: "" 15 | editions: "GeoLite2-ASN GeoLite2-City GeoLite2-Country" 16 | storage_name: "" 17 | storage_fileshare: "" 18 | cron: '0 4 * * *' # default to every day at 4AM 19 | # rolloutrestart: 20 | # enable: false 21 | # restarts: 22 | # - namespace: updates-jenkins-io 23 | # deployments: 24 | # - updates-jenkins-io-content-secured-mirrorbits 25 | # - updates-jenkins-io-content-unsecured-mirrorbits 26 | # - namespace: get-jenkins-io 27 | # deployments: 28 | # - get-jenkins-io-mirrorbits 29 | podSecurityContext: {} 30 | # fsGroup: 2000 31 | containerSecurityContext: {} 32 | # capabilities: 33 | # drop: 34 | # - ALL 35 | # readOnlyRootFilesystem: true 36 | # runAsNonRoot: true 37 | # runAsUser: 1000 38 | resources: {} 39 | # We usually recommend not to specify default resources and to leave this as a conscious 40 | # choice for the user. This also increases chances charts run on environments with little 41 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 42 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 43 | # limits: 44 | # cpu: 100m 45 | # memory: 256Mi # minimum 256Mi to avoid OMM kill for `az login` 46 | # requests: 47 | # cpu: 100m 48 | # memory: 256Mi 49 | nodeSelector: {} 50 | tolerations: [] 51 | affinity: {} 52 | podAnnotations: {} 53 | -------------------------------------------------------------------------------- /charts/accountapp/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "accountapp.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "accountapp.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "accountapp.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Selector labels 36 | */}} 37 | {{- define "accountapp.selectorLabels" -}} 38 | app.kubernetes.io/name: {{ include "accountapp.name" . }} 39 | app.kubernetes.io/instance: {{ .Release.Name }} 40 | {{- end }} 41 | 42 | {{/* 43 | Common labels 44 | */}} 45 | {{- define "accountapp.labels" -}} 46 | {{ include "accountapp.selectorLabels" . }} 47 | helm.sh/chart: {{ include "accountapp.chart" . }} 48 | {{- if .Chart.AppVersion }} 49 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 50 | {{- end }} 51 | app.kubernetes.io/managed-by: {{ .Release.Service }} 52 | {{- end -}} 53 | -------------------------------------------------------------------------------- /charts/plugin-site-issues/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "plugin-site-issues.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "plugin-site-issues.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "plugin-site-issues.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "plugin-site-issues.labels" -}} 37 | helm.sh/chart: {{ include "plugin-site-issues.chart" . }} 38 | {{ include "plugin-site-issues.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "plugin-site-issues.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "plugin-site-issues.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | {{- end }} 52 | -------------------------------------------------------------------------------- /charts/wiki/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "wiki.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "wiki.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "wiki.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "wiki.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/accountapp.yaml: -------------------------------------------------------------------------------- 1 | name: Bump account-app docker image version 2 | 3 | scms: 4 | default: 5 | kind: github 6 | spec: 7 | user: "{{ .github.user }}" 8 | email: "{{ .github.email }}" 9 | owner: "{{ .github.owner }}" 10 | repository: "{{ .github.repository }}" 11 | token: "{{ requiredEnv .github.token }}" 12 | username: "{{ .github.username }}" 13 | branch: "{{ .github.branch }}" 14 | 15 | sources: 16 | latestRelease: 17 | kind: githubrelease 18 | name: Get latest jenkins-infra/account-app release 19 | spec: 20 | owner: jenkins-infra 21 | repository: account-app 22 | token: "{{ requiredEnv .github.token }}" 23 | username: "{{ .github.username }}" 24 | 25 | conditions: 26 | checkDockerImagePublished: 27 | name: Test jenkinsciinfra/account-app: docker image tag 28 | kind: dockerimage 29 | spec: 30 | image: dockerhubmirror.azurecr.io/jenkinsciinfra/account-app 31 | ## Tag from source 32 | architectures: 33 | - arm64 34 | 35 | targets: 36 | updateChartValue: 37 | name: Update default image tag version 38 | kind: helmchart 39 | spec: 40 | name: charts/accountapp 41 | key: $.image.tag 42 | versionincrement: patch 43 | scmid: default 44 | updateChartMeta: 45 | name: Update chart appVersion 46 | kind: helmchart 47 | spec: 48 | name: charts/accountapp 49 | file: Chart.yaml 50 | key: $.appVersion 51 | versionincrement: patch 52 | scmid: default 53 | 54 | actions: 55 | default: 56 | kind: github/pullrequest 57 | scmid: default 58 | title: Bump `accountapp` docker image version to {{ source "latestRelease" }} 59 | spec: 60 | labels: 61 | - dependencies 62 | - accountapp 63 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/uplink.yaml: -------------------------------------------------------------------------------- 1 | name: Bump `uplink` docker image digest and helm chart version 2 | 3 | scms: 4 | default: 5 | kind: github 6 | spec: 7 | user: "{{ .github.user }}" 8 | email: "{{ .github.email }}" 9 | owner: "{{ .github.owner }}" 10 | repository: "{{ .github.repository }}" 11 | token: "{{ requiredEnv .github.token }}" 12 | username: "{{ .github.username }}" 13 | branch: "{{ .github.branch }}" 14 | 15 | sources: 16 | latestRelease: 17 | kind: githubrelease 18 | name: Get latest jenkinsciinfra/uplink release 19 | spec: 20 | owner: jenkins-infra 21 | repository: uplink 22 | token: "{{ requiredEnv .github.token }}" 23 | username: "{{ .github.username }}" 24 | 25 | conditions: 26 | checkDockerImagePublished: 27 | name: Check the dockerhubmirror.azurecr.io/jenkinsciinfra/uplink: docker image is published 28 | kind: dockerimage 29 | spec: 30 | image: dockerhubmirror.azurecr.io/jenkinsciinfra/uplink 31 | ## Tag from source 32 | architectures: 33 | - arm64 34 | 35 | targets: 36 | updateChart: 37 | name: Update uplink helm chart 38 | kind: helmchart 39 | spec: 40 | name: charts/uplink 41 | key: $.image.tag 42 | versionincrement: patch 43 | scmid: default 44 | updateChartMeta: 45 | name: Update chart appVersion 46 | kind: helmchart 47 | spec: 48 | name: charts/uplink 49 | file: Chart.yaml 50 | key: $.appVersion 51 | versionincrement: patch 52 | scmid: default 53 | 54 | actions: 55 | default: 56 | kind: github/pullrequest 57 | scmid: default 58 | title: Bump `uplink` docker image version to {{ source "latestRelease" }} 59 | spec: 60 | labels: 61 | - dependencies 62 | - uplink 63 | -------------------------------------------------------------------------------- /charts/maven-cacher/templates/configmap-maven-settings.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.mavenMirror.enable }} 2 | --- 3 | apiVersion: v1 4 | kind: ConfigMap 5 | metadata: 6 | name: {{ include "maven-cacher.fullname" . }}-maven-settings 7 | labels: {{ include "maven-cacher.labels" . | nindent 4 }} 8 | data: 9 | settings.xml: | 10 | 11 | 12 | 13 | {{ .Values.mavenMirror.mirrorId }} 14 | {{ .Values.mavenMirror.url }} 15 | {{ .Values.mavenMirror.mirrorOf }} 16 | 17 | 18 | 19 | 20 | jenkins-infra-plugin-repositories 21 | 22 | 23 | repo.jenkins-ci.org 24 | https://repo.jenkins-ci.org/public/ 25 | 26 | 27 | 28 | false 29 | 30 | incrementals 31 | https://repo.jenkins-ci.org/incrementals/ 32 | 33 | 34 | central 35 | https://repo.maven.apache.org/maven2 36 | 37 | 38 | 39 | 40 | 41 | jenkins-infra-plugin-repositories 42 | 43 | 44 | {{- end }} 45 | -------------------------------------------------------------------------------- /charts/artifact-caching-proxy/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "artifact-caching-proxy.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "artifact-caching-proxy.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "artifact-caching-proxy.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "artifact-caching-proxy.labels" -}} 37 | helm.sh/chart: {{ include "artifact-caching-proxy.chart" . }} 38 | {{ include "artifact-caching-proxy.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "artifact-caching-proxy.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "artifact-caching-proxy.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | {{- end }} 52 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/wiki.yaml: -------------------------------------------------------------------------------- 1 | name: Bump `wiki` docker image and helm chart versions 2 | 3 | scms: 4 | default: 5 | kind: github 6 | spec: 7 | user: "{{ .github.user }}" 8 | email: "{{ .github.email }}" 9 | owner: "{{ .github.owner }}" 10 | repository: "{{ .github.repository }}" 11 | token: "{{ requiredEnv .github.token }}" 12 | username: "{{ .github.username }}" 13 | branch: "{{ .github.branch }}" 14 | 15 | sources: 16 | latestRelease: 17 | kind: githubrelease 18 | name: Get latest jenkins-infra/docker-confluence-data release 19 | spec: 20 | owner: jenkins-infra 21 | repository: docker-confluence-data 22 | token: "{{ requiredEnv .github.token }}" 23 | username: "{{ .github.username }}" 24 | 25 | conditions: 26 | checkDockerImagePublished: 27 | name: Test dockerhubmirror.azurecr.io/jenkinsciinfra/wiki: docker image tag 28 | kind: dockerimage 29 | sourceid: latestRelease 30 | spec: 31 | image: dockerhubmirror.azurecr.io/jenkinsciinfra/wiki 32 | ## Tag from source 33 | architectures: 34 | - arm64 35 | 36 | targets: 37 | updateChartValue: 38 | name: Update wiki helm chart 39 | kind: helmchart 40 | spec: 41 | name: charts/wiki 42 | key: $.image.tag 43 | versionincrement: patch 44 | scmid: default 45 | updateChartMeta: 46 | name: Update chart appVersion 47 | kind: helmchart 48 | spec: 49 | name: charts/wiki 50 | file: Chart.yaml 51 | key: $.appVersion 52 | versionincrement: patch 53 | scmid: default 54 | 55 | actions: 56 | default: 57 | kind: github/pullrequest 58 | scmid: default 59 | title: Bump `wiki` docker image version to {{ source "latestRelease" }} 60 | spec: 61 | labels: 62 | - dependencies 63 | - wiki 64 | -------------------------------------------------------------------------------- /charts/plugin-health-scoring/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "plugin-health-scoring.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 7 | {{- end }} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "plugin-health-scoring.fullname" -}} 15 | {{- if .Values.fullnameOverride }} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 17 | {{- else }} 18 | {{- $name := default .Chart.Name .Values.nameOverride }} 19 | {{- if contains $name .Release.Name }} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 21 | {{- else }} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 23 | {{- end }} 24 | {{- end }} 25 | {{- end }} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "plugin-health-scoring.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 32 | {{- end }} 33 | 34 | {{/* 35 | Common labels 36 | */}} 37 | {{- define "plugin-health-scoring.labels" -}} 38 | helm.sh/chart: {{ include "plugin-health-scoring.chart" . }} 39 | {{ include "plugin-health-scoring.selectorLabels" . }} 40 | {{- if .Chart.AppVersion }} 41 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 42 | {{- end }} 43 | app.kubernetes.io/managed-by: {{ .Release.Service }} 44 | {{- end }} 45 | 46 | {{/* 47 | Selector labels 48 | */}} 49 | {{- define "plugin-health-scoring.selectorLabels" -}} 50 | app.kubernetes.io/name: {{ include "plugin-health-scoring.name" . }} 51 | app.kubernetes.io/instance: {{ .Release.Name }} 52 | {{- end }} 53 | -------------------------------------------------------------------------------- /charts/plugin-site-issues/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "plugin-site-issues.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "plugin-site-issues.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "plugin-site-issues.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "plugin-site-issues.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /charts/rating/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for rating. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | replicaCount: 1 5 | image: 6 | repository: dockerhubmirror.azurecr.io/jenkinsciinfra/rating 7 | tag: 0.1.10 8 | pullPolicy: IfNotPresent 9 | imagePullSecrets: [] 10 | nameOverride: "" 11 | fullnameOverride: "" 12 | podSecurityContext: {} 13 | # fsGroup: 2000 14 | securityContext: {} 15 | # capabilities: 16 | # drop: 17 | # - ALL 18 | # readOnlyRootFilesystem: true 19 | # runAsNonRoot: true 20 | # runAsUser: 1000 21 | service: 22 | type: ClusterIP 23 | port: 80 24 | # Please define ingress settings into environment variable 25 | ingress: 26 | enabled: false 27 | className: "" 28 | # annotations: 29 | # "cert-manager.io/cluster-issuer": "letsencrypt-prod" 30 | # "nginx.ingress.kubernetes.io/proxy-body-size": "500m" 31 | # 32 | # hosts: 33 | # - host: rating.jenkins.io 34 | # paths: 35 | # - path: / 36 | # 37 | # tls: 38 | # - secretName: rating-tls 39 | # hosts: 40 | # - rating.jenkins.io 41 | resources: {} 42 | # We usually recommend not to specify default resources and to leave this as a conscious 43 | # choice for the user. This also increases chances charts run on environments with little 44 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 45 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 46 | # limits: 47 | # cpu: 100m 48 | # memory: 128Mi 49 | # requests: 50 | # cpu: 100m 51 | # memory: 128Mi 52 | nodeSelector: {} 53 | tolerations: [] 54 | affinity: {} 55 | #flag to disable readinessProbe in deployment.yaml L38 56 | readinessProbe: 57 | enabled: true 58 | database: 59 | username: rating 60 | password: s3cr3t 61 | name: rating 62 | server: postgresql 63 | port: 5432 64 | podAnnotations: {} 65 | -------------------------------------------------------------------------------- /charts/nginx-website/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "nginx-website.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "nginx-website.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "nginx-website.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Selector labels 36 | */}} 37 | {{- define "nginx-website.selectorLabels" -}} 38 | app.kubernetes.io/name: {{ include "nginx-website.name" . }} 39 | app.kubernetes.io/instance: {{ .Release.Name }} 40 | {{- end }} 41 | 42 | {{/* 43 | Common labels 44 | */}} 45 | {{- define "nginx-website.labels" -}} 46 | {{ include "nginx-website.selectorLabels" . }} 47 | helm.sh/chart: {{ include "nginx-website.chart" . }} 48 | {{- if .Chart.AppVersion }} 49 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 50 | {{- end }} 51 | app.kubernetes.io/managed-by: {{ .Release.Service }} 52 | jenkins.io/maintainer: {{ (index .Chart.Maintainers 0).Name }} 53 | {{- end -}} 54 | -------------------------------------------------------------------------------- /charts/artifact-caching-proxy/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "artifact-caching-proxy.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "artifact-caching-proxy.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "artifact-caching-proxy.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "artifact-caching-proxy.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /charts/accountapp/tests/custom_values_test.yaml: -------------------------------------------------------------------------------- 1 | suite: Test with custom values 2 | templates: 3 | - deployment.yaml 4 | - ingress.yaml 5 | - secret.yaml # Direct dependency of deployment.yaml 6 | - pdb.yaml 7 | values: 8 | - values/custom.yaml 9 | tests: 10 | - it: should create a Secret with the correct value 11 | template: secret.yaml 12 | asserts: 13 | - hasDocuments: 14 | count: 1 15 | - isKind: 16 | of: Secret 17 | - equal: 18 | path: data.ldapPassword 19 | value: bGRhcC1wYXNzd29yZA== 20 | - equal: 21 | path: data.jiraPassword 22 | value: amlyYS1wYXNzd29yZA== 23 | - equal: 24 | path: data.smtpPassword 25 | value: c210cC1wYXNzd29yZA== 26 | - it: should create a Deployment with the customized values 27 | template: deployment.yaml 28 | asserts: 29 | - hasDocuments: 30 | count: 1 31 | - isKind: 32 | of: Deployment 33 | - equal: 34 | path: spec.template.spec.containers[0].imagePullPolicy 35 | value: Always 36 | - equal: 37 | path: spec.template.spec.containers[0].resources.limits.memory 38 | value: 1024Mi 39 | - equal: 40 | path: spec.template.spec.containers[0].resources.requests.cpu 41 | value: 500m 42 | - equal: 43 | path: spec.template.metadata.annotations["ad.datadoghq.com/accountapp.logs"] 44 | value: | 45 | [ 46 | {"source":"java","service":"RELEASE-NAME"} 47 | ] 48 | - it: should ensure the pdb has correct spec 49 | template: pdb.yaml 50 | asserts: 51 | - isKind: 52 | of: PodDisruptionBudget 53 | - equal: 54 | path: spec.minAvailable 55 | value: 2 56 | - equal: 57 | path: spec.selector.matchLabels['app.kubernetes.io/name'] 58 | value: "accountapp" 59 | --------------------------------------------------------------------------------