├── src
├── test
│ ├── resources
│ │ ├── kubenamespace
│ │ ├── mockito-extensions
│ │ │ └── org.mockito.plugins.MockMaker
│ │ ├── org
│ │ │ └── csanchez
│ │ │ │ └── jenkins
│ │ │ │ └── plugins
│ │ │ │ └── kubernetes
│ │ │ │ ├── pipeline
│ │ │ │ ├── decoratorFailure.groovy
│ │ │ │ ├── basicPipeline.groovy
│ │ │ │ ├── podDeadlineExceededGlobalTemplate.groovy
│ │ │ │ ├── webSocketAgent.groovy
│ │ │ │ ├── inheritFrom.groovy
│ │ │ │ ├── podTemplateWithMultipleLabels.groovy
│ │ │ │ ├── directConnectionAgent.groovy
│ │ │ │ ├── garbageCollection.groovy
│ │ │ │ ├── podDeadlineExceeded.groovy
│ │ │ │ ├── substituteEnv.groovy
│ │ │ │ ├── handleEviction.groovy
│ │ │ │ ├── getContainerLog.groovy
│ │ │ │ ├── invalidPodGetsCancelled.groovy
│ │ │ │ ├── invalidImageGetsCancelled.groovy
│ │ │ │ ├── nullLabelSupportsRestart.groovy
│ │ │ │ ├── restartDuringPodLaunch.groovy
│ │ │ │ ├── errorPod.groovy
│ │ │ │ ├── computerCantBeConfigured.groovy
│ │ │ │ ├── imageWithoutAgentNoJava.groovy
│ │ │ │ ├── getContainerLogWithRestart.groovy
│ │ │ │ ├── imageWithoutAgent.groovy
│ │ │ │ ├── bourneShellElsewhereInPath.groovy
│ │ │ │ ├── runWithCloudOverriddenNamespace.groovy
│ │ │ │ ├── closedWebSocketExit.groovy
│ │ │ │ ├── envVarDollarSignEscaping.groovy
│ │ │ │ ├── noDelayProvisionerCallsListener.groovy
│ │ │ │ ├── taskListenerAfterRestart.groovy
│ │ │ │ ├── badcontainername.groovy
│ │ │ │ ├── jenkinsSecretHidden.groovy
│ │ │ │ ├── octalPermissions.groovy
│ │ │ │ ├── overrideYaml.groovy
│ │ │ │ ├── runInPodWithDifferentShell.groovy
│ │ │ │ ├── interruptedPod.groovy
│ │ │ │ ├── runInPodWithRetention.groovy
│ │ │ │ ├── taskListenerAfterRestart_multipleLabels.groovy
│ │ │ │ ├── runWithStepOverriddenNamespace.groovy
│ │ │ │ ├── basicWindows.groovy
│ │ │ │ ├── terminatedPod.groovy
│ │ │ │ ├── cancelOnlyRelevantQueueItem.groovy
│ │ │ │ ├── sidecarWorkingDir.groovy
│ │ │ │ ├── dynamicPVCWorkspaceVolume.groovy
│ │ │ │ ├── runWithActiveDeadlineSeconds.groovy
│ │ │ │ ├── terminatedPodAfterRestart.groovy
│ │ │ │ ├── dynamicPVCVolume.groovy
│ │ │ │ ├── jnlpWorkingDir.groovy
│ │ │ │ ├── mergeYaml.groovy
│ │ │ │ ├── podStatusNoErrorLogs.groovy
│ │ │ │ ├── containerStatusErrorLogs.groovy
│ │ │ │ ├── containerTerminated.groovy
│ │ │ │ ├── declarativeRetries.groovy
│ │ │ │ ├── runInPodWithRestartWithLongSleep.groovy
│ │ │ │ ├── podStatusErrorLogs.groovy
│ │ │ │ ├── runDirContext.groovy
│ │ │ │ ├── docker.groovy
│ │ │ │ ├── showRawYamlFalseInherited.groovy
│ │ │ │ ├── sshagent.groovy
│ │ │ │ ├── runInPodWithLivenessProbe.groovy
│ │ │ │ ├── declarativeYamlFile.yml
│ │ │ │ ├── declarativeWithCreateContainerError.groovy
│ │ │ │ ├── runInPodNested.groovy
│ │ │ │ ├── badcontainernameyaml.groovy
│ │ │ │ ├── declarativeShowRawYamlFalse.groovy
│ │ │ │ ├── runInPodWithMultipleContainers.groovy
│ │ │ │ ├── runInPodWithRestart.groovy
│ │ │ │ ├── runInPodWithRestartWithMultipleContainerCalls.groovy
│ │ │ │ ├── interruptedPodWindows.groovy
│ │ │ │ ├── windowsRestart.groovy
│ │ │ │ ├── supportComputerEnvVars.groovy
│ │ │ │ ├── declarativeCustomWorkspace.groovy
│ │ │ │ ├── runInPod.groovy
│ │ │ │ ├── runInPodWithShowRawYamlFalse.groovy
│ │ │ │ ├── declarativeFromYamlFile.groovy
│ │ │ │ ├── declarativeWithNonexistentDockerImage.groovy
│ │ │ │ ├── windowsContainer.groovy
│ │ │ │ ├── runInPodNestedExplicitInherit.groovy
│ │ │ │ ├── declarative.groovy
│ │ │ │ ├── declarativeWithNestedExplicitInheritance.groovy
│ │ │ │ ├── containerEnvironmentIsHonored.groovy
│ │ │ │ ├── runInPodFromYaml.groovy
│ │ │ │ ├── declarativeFromYaml.groovy
│ │ │ │ ├── secretMaskingWindows.groovy
│ │ │ │ └── declarativeWithNamespaceFromYaml.groovy
│ │ │ │ ├── KubernetesCloudFIPSTest
│ │ │ │ └── certs
│ │ │ │ │ ├── not-a-cert
│ │ │ │ │ ├── ecdsa192
│ │ │ │ │ ├── ecdsa224
│ │ │ │ │ ├── rsa1024
│ │ │ │ │ └── dsa1024
│ │ │ │ ├── pod-jnlp-nullenv.yaml
│ │ │ │ ├── casc
│ │ │ │ ├── casc_workspaceVolume_emptyDir.yaml
│ │ │ │ ├── casc_volume_emptyDir.yaml
│ │ │ │ ├── casc_workspaceVolume_emptyDir_memory.yaml
│ │ │ │ ├── casc_workspaceVolume_hostPath.yaml
│ │ │ │ ├── casc_envVar_keyValue.yaml
│ │ │ │ ├── casc_workspaceVolume_pvc.yaml
│ │ │ │ ├── casc_volume_emptyDir_memory.yaml
│ │ │ │ ├── casc_volume_hostPath.yaml
│ │ │ │ ├── casc_volume_pvc.yaml
│ │ │ │ ├── casc_volume_configMap.yaml
│ │ │ │ ├── casc_workspaceVolume_nfs.yaml
│ │ │ │ ├── casc_envVar_secret.yaml
│ │ │ │ ├── casc_volume_nfs.yaml
│ │ │ │ ├── casc_workspaceVolume_genericEphemeral.yaml
│ │ │ │ ├── casc_volume_genericEphemeral.yaml
│ │ │ │ └── casc_workspaceVolume_dynamicPVC.yaml
│ │ │ │ ├── kubectlBuildWrapper_invalidCredentials.groovy
│ │ │ │ ├── kubectlBuildWrapper_missingCredentials.groovy
│ │ │ │ ├── pod-overrides.yaml
│ │ │ │ ├── PodTemplateUtilsTest
│ │ │ │ ├── octal.yaml
│ │ │ │ └── decimal.yaml
│ │ │ │ └── RestrictedPssSecurityInjectorTest
│ │ │ │ ├── simple-before.yaml
│ │ │ │ ├── existingSecurityContext-before.yaml
│ │ │ │ ├── simple-after.yaml
│ │ │ │ └── existingSecurityContext-after.yaml
│ │ └── kubeconfig
│ └── java
│ │ └── org
│ │ └── csanchez
│ │ └── jenkins
│ │ └── plugins
│ │ └── kubernetes
│ │ ├── pipeline
│ │ ├── steps
│ │ │ ├── package-info.java
│ │ │ ├── RunId.java
│ │ │ ├── AssertBuildStatusSuccess.java
│ │ │ ├── AssertBuildLogMessage.java
│ │ │ ├── CreateWorkflowJobThenScheduleRun.java
│ │ │ └── CreateWorkflowJobThenScheduleTask.java
│ │ └── KubernetesPipelineWebsocketRJRTest.java
│ │ ├── MetricNamesTest.java
│ │ └── RestrictedPssSecurityInjectorTest.java
├── main
│ ├── resources
│ │ ├── org
│ │ │ └── csanchez
│ │ │ │ └── jenkins
│ │ │ │ └── plugins
│ │ │ │ └── kubernetes
│ │ │ │ ├── PodAnnotation
│ │ │ │ ├── help-key.html
│ │ │ │ ├── help-value.html
│ │ │ │ ├── config.jelly
│ │ │ │ └── config_zh_CN.properties
│ │ │ │ ├── PortMapping
│ │ │ │ ├── help-name.html
│ │ │ │ ├── help-hostPort.html
│ │ │ │ ├── help-containerPort.html
│ │ │ │ └── config.jelly
│ │ │ │ ├── PodImagePullSecret
│ │ │ │ ├── help-name.html
│ │ │ │ ├── config.jelly
│ │ │ │ └── config_zh_CN.properties
│ │ │ │ ├── PodTemplate
│ │ │ │ ├── help-runAsGroup.html
│ │ │ │ ├── help-runAsUser.html
│ │ │ │ ├── help-label.html
│ │ │ │ ├── help-serviceAccount.html
│ │ │ │ ├── sidepanel.properties
│ │ │ │ ├── help-supplementalGroups.html
│ │ │ │ ├── help-hostNetwork.html
│ │ │ │ ├── help-envVars.html
│ │ │ │ ├── help-workspaceVolume.html
│ │ │ │ ├── help-workingDir.html
│ │ │ │ ├── help-yamlMergeStrategy.html
│ │ │ │ ├── help-namespace.html
│ │ │ │ ├── help-nodeSelector.html
│ │ │ │ ├── help-inheritYamlMergeStrategy.html
│ │ │ │ ├── help-volumes.html
│ │ │ │ ├── help-slaveConnectTimeout.html
│ │ │ │ ├── help-annotations.html
│ │ │ │ ├── help-containers.html
│ │ │ │ ├── help-activeDeadlineSeconds.html
│ │ │ │ ├── help-agentContainer.html
│ │ │ │ ├── help-idleMinutes.html
│ │ │ │ ├── help-instanceCap.html
│ │ │ │ ├── help-showRawYaml.html
│ │ │ │ ├── help-imagePullSecrets.html
│ │ │ │ ├── help-agentInjection.html
│ │ │ │ ├── help-podRetention.html
│ │ │ │ ├── help-name.html
│ │ │ │ └── help-inheritFrom.html
│ │ │ │ ├── volumes
│ │ │ │ ├── NfsVolume
│ │ │ │ │ ├── help-serverPath.html
│ │ │ │ │ ├── help-serverAddress.html
│ │ │ │ │ └── config.jelly
│ │ │ │ ├── PersistentVolumeClaim
│ │ │ │ │ ├── help-claimName.html
│ │ │ │ │ ├── help-readOnly.html
│ │ │ │ │ └── config.jelly
│ │ │ │ ├── EmptyDirVolume
│ │ │ │ │ ├── help-memory.html
│ │ │ │ │ └── config.jelly
│ │ │ │ ├── PodVolume
│ │ │ │ │ ├── help-subPath.html
│ │ │ │ │ ├── help-mountPath.html
│ │ │ │ │ ├── help-requestsSize.html
│ │ │ │ │ ├── help-storageClassName.html
│ │ │ │ │ └── help-accessModes.html
│ │ │ │ ├── SecretVolume
│ │ │ │ │ ├── help-optional.html
│ │ │ │ │ ├── help-secretName.html
│ │ │ │ │ ├── help-defaultMode.html
│ │ │ │ │ └── config.jelly
│ │ │ │ ├── workspace
│ │ │ │ │ ├── NfsWorkspaceVolume
│ │ │ │ │ │ ├── help-serverPath.html
│ │ │ │ │ │ ├── help-serverAddress.html
│ │ │ │ │ │ └── config.jelly
│ │ │ │ │ ├── EmptyDirWorkspaceVolume
│ │ │ │ │ │ ├── help-memory.html
│ │ │ │ │ │ ├── help-sizeLimit.html
│ │ │ │ │ │ ├── config.jelly
│ │ │ │ │ │ └── config_zh_CN.properties
│ │ │ │ │ ├── PersistentVolumeClaimWorkspaceVolume
│ │ │ │ │ │ ├── help-claimName.html
│ │ │ │ │ │ ├── help-readOnly.html
│ │ │ │ │ │ └── config.jelly
│ │ │ │ │ ├── HostPathWorkspaceVolume
│ │ │ │ │ │ ├── help-hostPath.html
│ │ │ │ │ │ ├── config.jelly
│ │ │ │ │ │ └── config_zh_CN.properties
│ │ │ │ │ ├── WorkspaceVolume
│ │ │ │ │ │ ├── help-requestsSize.html
│ │ │ │ │ │ ├── help-storageClassName.html
│ │ │ │ │ │ └── help-accessModes.html
│ │ │ │ │ ├── GenericEphemeralWorkspaceVolume
│ │ │ │ │ │ └── config.jelly
│ │ │ │ │ └── DynamicPVCWorkspaceVolume
│ │ │ │ │ │ └── config.jelly
│ │ │ │ ├── ConfigMapVolume
│ │ │ │ │ ├── help-optional.html
│ │ │ │ │ ├── help-configMapName.html
│ │ │ │ │ └── config.jelly
│ │ │ │ ├── HostPathVolume
│ │ │ │ │ ├── help-hostPath.html
│ │ │ │ │ ├── help-readOnly.html
│ │ │ │ │ └── config.jelly
│ │ │ │ ├── GenericEphemeralVolume
│ │ │ │ │ └── config.jelly
│ │ │ │ └── DynamicPVCVolume
│ │ │ │ │ └── config.jelly
│ │ │ │ ├── ContainerTemplate
│ │ │ │ ├── help-runAsGroup.html
│ │ │ │ ├── help-runAsUser.html
│ │ │ │ ├── help-ttyEnabled.html
│ │ │ │ ├── help-workingDir.html
│ │ │ │ ├── help-command.html
│ │ │ │ ├── help-alwaysPullImage.html
│ │ │ │ ├── help-name.html
│ │ │ │ ├── help-args.html
│ │ │ │ ├── help-image.html
│ │ │ │ ├── help-resourceRequestCpu.html
│ │ │ │ ├── help-resourceRequestMemory.html
│ │ │ │ ├── help-resourceLimitCpu.html
│ │ │ │ ├── help-resourceLimitMemory.html
│ │ │ │ ├── help-envVars.html
│ │ │ │ └── help-privileged.html
│ │ │ │ ├── Dockerfile
│ │ │ │ ├── model
│ │ │ │ ├── KeyValueEnvVar
│ │ │ │ │ ├── help-key.html
│ │ │ │ │ ├── help-value.html
│ │ │ │ │ ├── config.jelly
│ │ │ │ │ └── config_zh_CN.properties
│ │ │ │ └── SecretEnvVar
│ │ │ │ │ ├── help-key.html
│ │ │ │ │ ├── help-optional.html
│ │ │ │ │ ├── help-secretKey.html
│ │ │ │ │ ├── help-secretName.html
│ │ │ │ │ └── config.jelly
│ │ │ │ ├── KubernetesCloud
│ │ │ │ ├── sidepanel.properties
│ │ │ │ ├── help-jenkinsUrl.html
│ │ │ │ ├── help-waitForPodSec.html
│ │ │ │ ├── help-useJenkinsProxy.html
│ │ │ │ ├── help-readTimeout.html
│ │ │ │ ├── help-connectTimeout.html
│ │ │ │ ├── help-jnlpregistry.html
│ │ │ │ ├── help-password.html
│ │ │ │ ├── help-username.html
│ │ │ │ ├── help-serverCertificate.html
│ │ │ │ ├── help-serverUrl.html
│ │ │ │ ├── help-webSocket.html
│ │ │ │ ├── help-containerCapStr.html
│ │ │ │ ├── help-maxRequestsPerHostStr.html
│ │ │ │ ├── help-name.html
│ │ │ │ ├── help-garbageCollection.html
│ │ │ │ ├── help-defaultsProviderTemplate.html
│ │ │ │ ├── help-jenkinsTunnel.html
│ │ │ │ ├── help-skipTlsVerify.html
│ │ │ │ ├── help-usageRestricted.html
│ │ │ │ ├── help-addMasterProxyEnvVars.html
│ │ │ │ ├── help-retentionTimeout.html
│ │ │ │ ├── help-podLabels.html
│ │ │ │ ├── help-podRetention.html
│ │ │ │ ├── help-directConnection.html
│ │ │ │ └── help-restrictedPssSecurityContext.html
│ │ │ │ ├── ContainerLivenessProbe
│ │ │ │ ├── help-execArgs.html
│ │ │ │ ├── help-timeoutSeconds.html
│ │ │ │ ├── help-periodSeconds.html
│ │ │ │ ├── help-initialDelaySeconds.html
│ │ │ │ ├── help-successThreshold.html
│ │ │ │ ├── help-failureThreshold.html
│ │ │ │ └── config.jelly
│ │ │ │ ├── pipeline
│ │ │ │ ├── Messages.properties
│ │ │ │ ├── ContainerLogStep
│ │ │ │ │ ├── help-name.html
│ │ │ │ │ ├── help-returnLog.html
│ │ │ │ │ ├── help-tailingLines.html
│ │ │ │ │ ├── help-limitBytes.html
│ │ │ │ │ ├── help-sinceSeconds.html
│ │ │ │ │ └── config.jelly
│ │ │ │ ├── KubernetesDeclarativeAgent
│ │ │ │ │ ├── help-customWorkspace.html
│ │ │ │ │ └── help-defaultContainer.html
│ │ │ │ ├── ContainerStep
│ │ │ │ │ ├── help.html
│ │ │ │ │ ├── config.jelly
│ │ │ │ │ └── help-shell.html
│ │ │ │ ├── PodTemplateStep
│ │ │ │ │ ├── help-cloud.html
│ │ │ │ │ ├── help.html
│ │ │ │ │ └── help-label.html
│ │ │ │ ├── KubernetesAgentErrorCondition
│ │ │ │ │ ├── help-handleNonKubernetes.html
│ │ │ │ │ ├── help.html
│ │ │ │ │ └── config.jelly
│ │ │ │ ├── samples
│ │ │ │ │ └── windows.groovy
│ │ │ │ └── scripts
│ │ │ │ │ └── kill-processes-with-cookie.ps1
│ │ │ │ ├── KubectlBuildWrapper
│ │ │ │ ├── help.html
│ │ │ │ ├── help-serverUrl.html
│ │ │ │ ├── help-caCertificate.html
│ │ │ │ └── config.jelly
│ │ │ │ ├── GarbageCollection
│ │ │ │ └── help-namespaces.html
│ │ │ │ ├── ServiceAccountCredential
│ │ │ │ └── credentials.jelly
│ │ │ │ ├── PodLabel
│ │ │ │ ├── help-value.html
│ │ │ │ ├── config.jelly
│ │ │ │ ├── help-key.html
│ │ │ │ └── config_zh_CN.properties
│ │ │ │ ├── pod
│ │ │ │ └── yaml
│ │ │ │ │ ├── Merge
│ │ │ │ │ └── config.jelly
│ │ │ │ │ └── Overrides
│ │ │ │ │ └── config.jelly
│ │ │ │ ├── NonConfigurableKubernetesCloud
│ │ │ │ └── config.jelly
│ │ │ │ ├── KubernetesSlave
│ │ │ │ └── configure-entries.jelly
│ │ │ │ └── KubernetesFolderProperty
│ │ │ │ └── config.jelly
│ │ └── index.jelly
│ ├── webapp
│ │ └── images
│ │ │ ├── 24x24
│ │ │ └── kubernetes.png
│ │ │ ├── 32x32
│ │ │ └── kubernetes.png
│ │ │ └── 48x48
│ │ │ └── kubernetes.png
│ ├── docker
│ │ └── master-executors.groovy
│ ├── java
│ │ └── org
│ │ │ └── csanchez
│ │ │ └── jenkins
│ │ │ └── plugins
│ │ │ └── kubernetes
│ │ │ ├── pod
│ │ │ ├── retention
│ │ │ │ ├── PodRetentionDescriptor.java
│ │ │ │ └── PodOfflineCause.java
│ │ │ ├── decorator
│ │ │ │ ├── PodDecoratorException.java
│ │ │ │ ├── DefaultRestartPolicy.java
│ │ │ │ └── DefaultNodeSelector.java
│ │ │ └── yaml
│ │ │ │ └── YamlMergeStrategy.java
│ │ │ ├── volumes
│ │ │ ├── PVCVolumeUtils.java
│ │ │ ├── ProvisionedVolume.java
│ │ │ └── EphemeralVolume.java
│ │ │ ├── TokenProducer.java
│ │ │ ├── pipeline
│ │ │ ├── Constants.java
│ │ │ └── PodTemplateContext.java
│ │ │ ├── KubernetesCloudTraitDescriptor.java
│ │ │ ├── PodTemplateLabelFilter.java
│ │ │ ├── ServiceAccountCredential.java
│ │ │ ├── OpenShiftBearerTokenCredentialImpl.java
│ │ │ ├── PodTemplateSource.java
│ │ │ └── KubernetesCloudTrait.java
│ └── kubernetes
│ │ └── service-account.yml
└── spotbugs
│ └── excludesFilter.xml
├── .github
├── release-drafter.yml
├── CODEOWNERS
├── autolabeler.yaml
├── workflows
│ ├── auto-merge-safe-deps.yml
│ ├── close-bom-if-passing.yml
│ ├── cd.yaml
│ └── jenkins-security-scan.yml
├── dependabot.yml
└── renovate.json
├── .dockerignore
├── credentials.png
├── configuration.png
├── .mvn
├── maven.config
└── extensions.xml
├── images
├── mypod-2-golang.png
├── mypod-3-maven.png
├── mypod-1-general.png
├── cloud-configuration.png
├── garbage-collection.png
└── pod-template-configuration.png
├── .gitignore
├── .git-blame-ignore-revs
├── examples
├── maven-with-cache-pvc.yml
├── README.md
├── declarative_from_yaml_file
│ ├── KubernetesPod.yaml
│ └── Jenkinsfile
├── maven-with-cache.groovy
├── dood.groovy
├── multi-container.groovy
└── containerLog.groovy
├── kind-preload.sh
└── Dockerfile
/src/test/resources/kubenamespace:
--------------------------------------------------------------------------------
1 | test-namespace
--------------------------------------------------------------------------------
/.github/release-drafter.yml:
--------------------------------------------------------------------------------
1 | _extends: .github
2 |
--------------------------------------------------------------------------------
/.github/CODEOWNERS:
--------------------------------------------------------------------------------
1 | * @jenkinsci/kubernetes-plugin-developers
2 |
--------------------------------------------------------------------------------
/.dockerignore:
--------------------------------------------------------------------------------
1 | .git
2 | work
3 | target
4 | !target/kubernetes.hpi
5 |
--------------------------------------------------------------------------------
/src/test/resources/mockito-extensions/org.mockito.plugins.MockMaker:
--------------------------------------------------------------------------------
1 | mock-maker-inline
--------------------------------------------------------------------------------
/credentials.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jenkinsci/kubernetes-plugin/HEAD/credentials.png
--------------------------------------------------------------------------------
/configuration.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jenkinsci/kubernetes-plugin/HEAD/configuration.png
--------------------------------------------------------------------------------
/.github/autolabeler.yaml:
--------------------------------------------------------------------------------
1 | documentation: ["README*", "/examples"]
2 | chore: ["/.github", "/.mvn"]
3 |
--------------------------------------------------------------------------------
/.mvn/maven.config:
--------------------------------------------------------------------------------
1 | -Pconsume-incrementals
2 | -Pmight-produce-incrementals
3 | -Dchangelist.format=%d.v%s
4 |
--------------------------------------------------------------------------------
/images/mypod-2-golang.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jenkinsci/kubernetes-plugin/HEAD/images/mypod-2-golang.png
--------------------------------------------------------------------------------
/images/mypod-3-maven.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jenkinsci/kubernetes-plugin/HEAD/images/mypod-3-maven.png
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodAnnotation/help-key.html:
--------------------------------------------------------------------------------
1 | The annotation key.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PortMapping/help-name.html:
--------------------------------------------------------------------------------
1 | The name of the port
2 |
--------------------------------------------------------------------------------
/images/mypod-1-general.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jenkinsci/kubernetes-plugin/HEAD/images/mypod-1-general.png
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodAnnotation/help-value.html:
--------------------------------------------------------------------------------
1 | The annotation value.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodImagePullSecret/help-name.html:
--------------------------------------------------------------------------------
1 | The image pull secret name
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-runAsGroup.html:
--------------------------------------------------------------------------------
1 | Specify the gid to run as.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-runAsUser.html:
--------------------------------------------------------------------------------
1 | Specify the uid to run as.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/NfsVolume/help-serverPath.html:
--------------------------------------------------------------------------------
1 | NFS Server Path.
2 |
--------------------------------------------------------------------------------
/images/cloud-configuration.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jenkinsci/kubernetes-plugin/HEAD/images/cloud-configuration.png
--------------------------------------------------------------------------------
/images/garbage-collection.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jenkinsci/kubernetes-plugin/HEAD/images/garbage-collection.png
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerTemplate/help-runAsGroup.html:
--------------------------------------------------------------------------------
1 | Specify the gid to run as.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerTemplate/help-runAsUser.html:
--------------------------------------------------------------------------------
1 | Specify the uid to run as.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM jenkins/inbound-agent:3355.v388858a_47b_33-2
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PortMapping/help-hostPort.html:
--------------------------------------------------------------------------------
1 | Port to expose onto the host
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/model/KeyValueEnvVar/help-key.html:
--------------------------------------------------------------------------------
1 | The environment variable key.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/model/SecretEnvVar/help-key.html:
--------------------------------------------------------------------------------
1 | The environment variable key.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/PersistentVolumeClaim/help-claimName.html:
--------------------------------------------------------------------------------
1 | The claim name.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-label.html:
--------------------------------------------------------------------------------
1 | Labels to put on the created agents
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PortMapping/help-containerPort.html:
--------------------------------------------------------------------------------
1 | Port to expose into the pod
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/model/KeyValueEnvVar/help-value.html:
--------------------------------------------------------------------------------
1 | The environment variable value.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/EmptyDirVolume/help-memory.html:
--------------------------------------------------------------------------------
1 | Flag for in-memory volume.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/NfsVolume/help-serverAddress.html:
--------------------------------------------------------------------------------
1 | NFS Server Address.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/model/SecretEnvVar/help-optional.html:
--------------------------------------------------------------------------------
1 | Whether this secret is optional.
2 |
--------------------------------------------------------------------------------
/images/pod-template-configuration.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jenkinsci/kubernetes-plugin/HEAD/images/pod-template-configuration.png
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/model/SecretEnvVar/help-secretKey.html:
--------------------------------------------------------------------------------
1 | Key of secret to lookup from Kubernetes.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/PersistentVolumeClaim/help-readOnly.html:
--------------------------------------------------------------------------------
1 | Flag for read-only volume.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/PodVolume/help-subPath.html:
--------------------------------------------------------------------------------
1 | SubPath to mount this volume inside the pod.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/SecretVolume/help-optional.html:
--------------------------------------------------------------------------------
1 | Whether the secret needs to exist.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/NfsWorkspaceVolume/help-serverPath.html:
--------------------------------------------------------------------------------
1 | NFS Server Path.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/sidepanel.properties:
--------------------------------------------------------------------------------
1 | delete.cloud=Delete the cloud ''{0}'' ?
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-serviceAccount.html:
--------------------------------------------------------------------------------
1 | The service account to use to run the pod.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/model/SecretEnvVar/help-secretName.html:
--------------------------------------------------------------------------------
1 | Name of secret to lookup from Kubernetes.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/PodVolume/help-mountPath.html:
--------------------------------------------------------------------------------
1 | Path to mount this volume inside the pod.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/EmptyDirWorkspaceVolume/help-memory.html:
--------------------------------------------------------------------------------
1 | Flag for in-memory volume.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/NfsWorkspaceVolume/help-serverAddress.html:
--------------------------------------------------------------------------------
1 | NFS Server Address.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerLivenessProbe/help-execArgs.html:
--------------------------------------------------------------------------------
1 | Command executed by the liveness probe.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/sidepanel.properties:
--------------------------------------------------------------------------------
1 | delete.template=Delete the pod template ''{0}''?
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/ConfigMapVolume/help-optional.html:
--------------------------------------------------------------------------------
1 | Whether this configmap needs to exist.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/PersistentVolumeClaimWorkspaceVolume/help-claimName.html:
--------------------------------------------------------------------------------
1 | The claim name.
--------------------------------------------------------------------------------
/src/main/webapp/images/24x24/kubernetes.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jenkinsci/kubernetes-plugin/HEAD/src/main/webapp/images/24x24/kubernetes.png
--------------------------------------------------------------------------------
/src/main/webapp/images/32x32/kubernetes.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jenkinsci/kubernetes-plugin/HEAD/src/main/webapp/images/32x32/kubernetes.png
--------------------------------------------------------------------------------
/src/main/webapp/images/48x48/kubernetes.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/jenkinsci/kubernetes-plugin/HEAD/src/main/webapp/images/48x48/kubernetes.png
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerTemplate/help-ttyEnabled.html:
--------------------------------------------------------------------------------
1 | Whether this container should allocate a TTY for itself.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-supplementalGroups.html:
--------------------------------------------------------------------------------
1 | A comma-separated list of GIDs to add in the containers.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/Messages.properties:
--------------------------------------------------------------------------------
1 | KubernetesDeclarativeAgent.displayName=Run inside a Kubernetes pod
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/SecretVolume/help-secretName.html:
--------------------------------------------------------------------------------
1 | The name of the Kubernetes Secret to mount into the pod.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-jenkinsUrl.html:
--------------------------------------------------------------------------------
1 |
2 | The URL of the Jenkins Controller server.
3 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/PersistentVolumeClaimWorkspaceVolume/help-readOnly.html:
--------------------------------------------------------------------------------
1 | Flag for read-only volume.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-hostNetwork.html:
--------------------------------------------------------------------------------
1 | Allows the pod to share the host network namespace. Not recommended.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/ConfigMapVolume/help-configMapName.html:
--------------------------------------------------------------------------------
1 | The name of the Kubernetes Config Map to mount into the pod.
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/decoratorFailure.groovy:
--------------------------------------------------------------------------------
1 | podTemplate {
2 | node(POD_LABEL) {
3 | sh 'true'
4 | }
5 | }
6 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-envVars.html:
--------------------------------------------------------------------------------
1 | Environment variables can be hardcoded, or injected from a Kubernetes secret.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-workspaceVolume.html:
--------------------------------------------------------------------------------
1 | Specifies the type of volume to be used to mount the agent workspace.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/HostPathVolume/help-hostPath.html:
--------------------------------------------------------------------------------
1 | File or directory on the host node's filesystem to mount into the pod.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-waitForPodSec.html:
--------------------------------------------------------------------------------
1 |
2 | How long to wait (seconds) for pod to be in running state.
3 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/SecretVolume/help-defaultMode.html:
--------------------------------------------------------------------------------
1 | The file permissions for the secret volume. Does not support Octal notation.
2 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/basicPipeline.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: '') {
2 | node(POD_LABEL) {
3 | sh 'true'
4 | }
5 | }
6 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/podDeadlineExceededGlobalTemplate.groovy:
--------------------------------------------------------------------------------
1 | node('podDeadlineExceededGlobalTemplate') {
2 | sh 'sleep 120'
3 | }
4 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/webSocketAgent.groovy:
--------------------------------------------------------------------------------
1 | podTemplate {
2 | node(POD_LABEL) {
3 | sh 'echo OK running'
4 | }
5 | }
6 |
--------------------------------------------------------------------------------
/src/main/docker/master-executors.groovy:
--------------------------------------------------------------------------------
1 | import hudson.model.*;
2 | import jenkins.model.*;
3 |
4 | println "--> disabling controller executors"
5 | Jenkins.instance.setNumExecutors(0)
6 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-useJenkinsProxy.html:
--------------------------------------------------------------------------------
1 |
2 | use Jenkins proxy settings to connect to kubernetes URL
3 |
4 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloudFIPSTest/certs/not-a-cert:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | I'm not a certificate
3 | -----END CERTIFICATE-----
4 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/inheritFrom.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(inheritFrom: 'standard') {
2 | node(POD_LABEL) {
3 | sh 'true'
4 | }
5 | }
6 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/podTemplateWithMultipleLabels.groovy:
--------------------------------------------------------------------------------
1 | node('label1') {
2 | semaphore 'pod'
3 | sh 'echo "It works"'
4 | }
5 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/HostPathVolume/help-readOnly.html:
--------------------------------------------------------------------------------
1 | Flag for read-only mount, set hostPath mount to readOnly is considered best-practice.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/HostPathWorkspaceVolume/help-hostPath.html:
--------------------------------------------------------------------------------
1 | File or directory on the host node's filesystem to mount into the pod.
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/directConnectionAgent.groovy:
--------------------------------------------------------------------------------
1 | podTemplate {
2 | node(POD_LABEL) {
3 | sh 'echo OK running'
4 | }
5 | }
6 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-workingDir.html:
--------------------------------------------------------------------------------
1 | Path to the root of the workspace from the view point of this node, such as /home/jenkins/agent.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-yamlMergeStrategy.html:
--------------------------------------------------------------------------------
1 | Defines how the raw yaml field gets merged with yaml definitions from inherited pod templates.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerLogStep/help-name.html:
--------------------------------------------------------------------------------
1 |
2 | Name of the container, as specified in containerTemplate.
3 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerLivenessProbe/help-timeoutSeconds.html:
--------------------------------------------------------------------------------
1 | Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/KubernetesDeclarativeAgent/help-customWorkspace.html:
--------------------------------------------------------------------------------
1 | Allows the SCM repository to be checked out in a custom workspace directory.
2 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pod-jnlp-nullenv.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Pod
3 | spec:
4 | containers:
5 | - name: jnlp
6 | image: jnlp-agent
7 | env:
8 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubectlBuildWrapper/help.html:
--------------------------------------------------------------------------------
1 |
2 | Configure Kubernetes client (kubectl) so it can be used in the build to run Kubernetes commands
3 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-namespace.html:
--------------------------------------------------------------------------------
1 | Namespace in which to schedule the pod.
2 |
3 | Leave empty to use the namespace defined at cloud level.
4 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerTemplate/help-workingDir.html:
--------------------------------------------------------------------------------
1 | Path to the root of the workspace from the view point of this container, such as /home/jenkins/agent.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-readTimeout.html:
--------------------------------------------------------------------------------
1 |
2 | The read timeout in seconds for connections to Kubernetes API. Minimum value is 15.
3 |
4 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerLogStep/help-returnLog.html:
--------------------------------------------------------------------------------
1 |
2 | Return the container log. If not checked, the log will be printed to the build log.
3 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerStep/help.html:
--------------------------------------------------------------------------------
1 |
2 | Selects a container of the agent pod so that all shell steps are executed in that container.
3 |
4 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/garbageCollection.groovy:
--------------------------------------------------------------------------------
1 | podTemplate {
2 | node(POD_LABEL) {
3 | echo 'Running on remote agent'
4 | sh 'sleep 600'
5 | }
6 | }
7 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | /target/
2 | /.classpath
3 | /.project
4 | /.factorypath
5 | /.settings/
6 | /work/
7 | /.idea/
8 | *.iml
9 | nbactions.xml
10 | nb-configuration.xml
11 | *.bak
12 | /.vscode/
13 | **/.DS_Store
14 |
--------------------------------------------------------------------------------
/src/main/resources/index.jelly:
--------------------------------------------------------------------------------
1 |
2 |
3 | This plugin integrates Jenkins with
4 |
Kubernetes
5 |
2 | How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.
3 |
4 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-connectTimeout.html:
--------------------------------------------------------------------------------
1 |
2 | The connection timeout in seconds for connections to Kubernetes API. Minimum value is 5.
3 |
4 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-jnlpregistry.html:
--------------------------------------------------------------------------------
1 |
2 | Provide the Docker registry you want to use to pull the agent image if none is specified
3 |
4 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-password.html:
--------------------------------------------------------------------------------
1 |
2 | The password of the authorized user on the Kubernetes API server. Can be blank for unsecured access.
3 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-username.html:
--------------------------------------------------------------------------------
1 |
2 | The user name of an authorized user on the Kubernetes API server. Can be blank for unsecured access.
3 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/PodTemplateStep/help-cloud.html:
--------------------------------------------------------------------------------
1 | The Kubernetes cloud to use to schedule the pod.
2 | If unset, the first available Kubernetes cloud will be used.
3 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-serverCertificate.html:
--------------------------------------------------------------------------------
1 |
2 | X509 PEM encoded certificate. Can be additionally base64 encoded (as provided by Amazon EKS).
3 |
4 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-nodeSelector.html:
--------------------------------------------------------------------------------
1 | Specify which nodes the pod should operate on by providing a comma separated list of node labels:
2 | `label1=value1,label2=value2`.
--------------------------------------------------------------------------------
/src/test/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/steps/package-info.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.pipeline.steps;
2 | /**
3 | * Reusable steps for tests relying on RealJenkinsRule.
4 | */
5 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/podDeadlineExceeded.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml:'''
2 | spec:
3 | activeDeadlineSeconds: 30
4 | ''') {
5 | node(POD_LABEL) {
6 | sh 'sleep 120'
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/.git-blame-ignore-revs:
--------------------------------------------------------------------------------
1 | # https://github.com/jenkinsci/kubernetes-plugin/pull/1478
2 | 9c1d58d9badd988622b4772632037126176e1ef0
3 | # https://github.com/jenkinsci/kubernetes-plugin/pull/1756
4 | ba318e03a58277ab79f3636343544e882f368a88
5 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/GarbageCollection/help-namespaces.html:
--------------------------------------------------------------------------------
1 | Namespaces to look at for garbage collection, in addition to the default namespace defined for the cloud.
2 | One namespace per line.
3 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/substituteEnv.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(annotations: [podAnnotation(key: 'hack', value: 'xxx${HOME}xxx')]) {
2 | node(POD_LABEL) {
3 | sh ':'
4 | }
5 | }
6 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerTemplate/help-command.html:
--------------------------------------------------------------------------------
1 | Override the image entrypoint with a different one.
2 | For Windows containers powershell is a good default.
3 |
4 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubectlBuildWrapper/help-serverUrl.html:
--------------------------------------------------------------------------------
1 |
2 | URL of the Kubernetes API endpoint. If not set the connection options will be autoconfigured from service account or kube config file.
3 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-serverUrl.html:
--------------------------------------------------------------------------------
1 |
2 | The URL of the Kubernetes API server. If not set the connection options will be autoconfigured from service account or kube config file.
3 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-webSocket.html:
--------------------------------------------------------------------------------
1 |
2 | Use WebSocket to connect agents rather than the TCP port.
3 | See
JEP-222 for background.
4 |
2 | Volumes get mounted in all containers with the specified mount path.
3 | If you want more fine-grained control, use the raw YAML field.
4 |
5 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/casc/casc_workspaceVolume_emptyDir.yaml:
--------------------------------------------------------------------------------
1 | jenkins:
2 | clouds:
3 | - kubernetes:
4 | name: "kubernetes"
5 | templates:
6 | - workspaceVolume:
7 | emptyDir: {}
8 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/getContainerLog.groovy:
--------------------------------------------------------------------------------
1 | //noinspection GrPackage
2 | podTemplate {
3 | node(POD_LABEL) {
4 | stage('container log') {
5 | containerLog 'jnlp'
6 | }
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-containerCapStr.html:
--------------------------------------------------------------------------------
1 |
2 | The maximum number of concurrently running agent pods that are permitted in this Kubernetes Cloud.
3 | If set to empty it means no limit.
4 |
5 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-slaveConnectTimeout.html:
--------------------------------------------------------------------------------
1 |
2 | Specify time in seconds up to which Jenkins should wait for the agent to establish a connection.
3 | Value must be a positive integer.
4 |
5 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/invalidPodGetsCancelled.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: '''
2 | spec:
3 | containers:
4 | - name: invalid-container
5 | ''') {
6 | node(POD_LABEL) {
7 | sh 'This will never run'
8 | }
9 | }
10 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-annotations.html:
--------------------------------------------------------------------------------
1 |
2 | Annotations to set on pod metadata
3 | Read Annotations - Kubernetes for more information.
4 |
5 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/invalidImageGetsCancelled.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: '''
2 | spec:
3 | containers:
4 | - name: jnlp
5 | image: some/invalid
6 | ''') {
7 | node(POD_LABEL) {
8 | sh 'false'
9 | }
10 | }
11 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/nullLabelSupportsRestart.groovy:
--------------------------------------------------------------------------------
1 | node {
2 | stage('Run') {
3 | container('busybox') {
4 | sh 'for i in `seq 1 10`; do echo $i; sleep 5; done'
5 | }
6 | echo 'finished the test!'
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerLogStep/help-tailingLines.html:
--------------------------------------------------------------------------------
1 |
2 | If set, the number of lines from the end of the log to show. If not specified, log is shown from the creation of the container or limited by "sinceSeconds".
3 |
--------------------------------------------------------------------------------
/examples/maven-with-cache-pvc.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: PersistentVolumeClaim
4 | metadata:
5 | name: maven-repo
6 | namespace: kubernetes-plugin
7 | spec:
8 | accessModes:
9 | - ReadWriteOnce
10 | resources:
11 | requests:
12 | storage: 10Gi
13 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/casc/casc_volume_emptyDir.yaml:
--------------------------------------------------------------------------------
1 | jenkins:
2 | clouds:
3 | - kubernetes:
4 | name: "kubernetes"
5 | templates:
6 | - volumes:
7 | - emptyDirVolume:
8 | mountPath: /mnt/path
9 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/restartDuringPodLaunch.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: '''
2 | apiVersion: v1
3 | kind: Pod
4 | spec:
5 | nodeSelector:
6 | disktype: special
7 | ''') {
8 | node(POD_LABEL) {
9 | sh 'true'
10 | }
11 | }
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-containers.html:
--------------------------------------------------------------------------------
1 | By default, the pod contains a single container with name jnlp running the Jenkins agent.
2 | It is possible to override this container by adding a new entry and use jnlp as name.
3 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/PodVolume/help-requestsSize.html:
--------------------------------------------------------------------------------
1 | Claims, like pods, can request specific quantities of a resource. In this case, the request is for storage. The same resource model applies to both volumes and claims. Defaults to 10Gi.
2 |
3 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/casc/casc_workspaceVolume_emptyDir_memory.yaml:
--------------------------------------------------------------------------------
1 | jenkins:
2 | clouds:
3 | - kubernetes:
4 | name: "kubernetes"
5 | templates:
6 | - workspaceVolume:
7 | emptyDir:
8 | memory: true
9 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/EmptyDirWorkspaceVolume/help-sizeLimit.html:
--------------------------------------------------------------------------------
1 | Sets a size limit. If the workspace size exceeds the specified size, the pod will be evicted. See details.
2 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/casc/casc_workspaceVolume_hostPath.yaml:
--------------------------------------------------------------------------------
1 | jenkins:
2 | clouds:
3 | - kubernetes:
4 | name: "kubernetes"
5 | templates:
6 | - workspaceVolume:
7 | hostPath:
8 | hostPath: "/host/path"
9 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-activeDeadlineSeconds.html:
--------------------------------------------------------------------------------
1 | Specify time in seconds time after which Kubernetes will kill the pod if it has not completed.
2 | Value should be a positive integer, default being empty which means no activeDeadlineSeconds will be specified.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ServiceAccountCredential/credentials.jelly:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/WorkspaceVolume/help-requestsSize.html:
--------------------------------------------------------------------------------
1 | Claims, like pods, can request specific quantities of a resource. In this case, the request is for storage. The same resource model applies to both volumes and claims. Defaults to 10Gi.
2 |
3 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/errorPod.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml:'''
2 | spec:
3 | containers:
4 | - name: jnlp
5 | command:
6 | - 'sh'
7 | - '-ec'
8 | - 'echo Foo; exit 1'
9 | ''') {
10 | node(POD_LABEL) {
11 | sh 'true'
12 | }
13 | }
14 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubectlBuildWrapper/help-caCertificate.html:
--------------------------------------------------------------------------------
1 |
2 | The base64 encoded certificate of the certificate authority (CA). It is used to verify the server certificate.
3 |
Leaving this field empty will skip the certificate verification.
4 |
2 | The maximum number of concurrent requests to the Kubernetes API. If you set this too low, you might run into
JENKINS-40825.
3 |
The name of the container running the Jenkins agent in the pod.
2 |
3 | This container will receive environment variables required to connect to the Jenkins controller.
4 |
5 | Defaults to jnlp.
6 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-name.html:
--------------------------------------------------------------------------------
1 |
2 | Uniquely identifies this Cloud instance among other instances in Jenkins Clouds.
3 | This is expected to be short ID-like string that does not contain any character unsafe as variable name or
4 | URL path token.
5 |
6 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerTemplate/help-alwaysPullImage.html:
--------------------------------------------------------------------------------
1 | If ticked, the latest version of the image will be pulled every time it is used.
2 |
3 | See Images - Kubernetes for the default Kubernetes behaviour.
4 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerLogStep/help-limitBytes.html:
--------------------------------------------------------------------------------
1 |
2 | If set, the number of bytes to read from the server before terminating the log output. This may not display a complete final line of logging, and may return slightly more or slightly less than the specified limit.
3 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/casc/casc_volume_emptyDir_memory.yaml:
--------------------------------------------------------------------------------
1 | jenkins:
2 | clouds:
3 | - kubernetes:
4 | name: "kubernetes"
5 | templates:
6 | - volumes:
7 | - emptyDirVolume:
8 | mountPath: /mnt/path
9 | memory: true
10 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/casc/casc_volume_hostPath.yaml:
--------------------------------------------------------------------------------
1 | jenkins:
2 | clouds:
3 | - kubernetes:
4 | name: "kubernetes"
5 | templates:
6 | - volumes:
7 | - hostPathVolume:
8 | hostPath: /host/path
9 | mountPath: /mnt/path
10 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodLabel/help-value.html:
--------------------------------------------------------------------------------
1 | Valid label values must be 63 characters or less and must be empty or begin and end with an alphanumeric character
2 | ([a-z0-9A-Z]) with dashes (-), underscores (_), dots (.),
3 | and alphanumerics between.
4 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/PodTemplateStep/help.html:
--------------------------------------------------------------------------------
1 |
2 | Defines a Kubernetes pod template that can be used to create nodes.
3 |
4 |
5 | Example:
6 |
7 |
8 | podTemplate(...) {
9 | node(POD_LABEL) {
10 | // some steps
11 | }
12 | }
13 |
14 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/casc/casc_volume_pvc.yaml:
--------------------------------------------------------------------------------
1 | jenkins:
2 | clouds:
3 | - kubernetes:
4 | name: "kubernetes"
5 | templates:
6 | - volumes:
7 | - persistentVolumeClaim:
8 | claimName: my-claim
9 | mountPath: /mnt/path
10 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/imageWithoutAgentNoJava.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(agentContainer:'foo',
2 | agentInjection: true,
3 | yaml:'''
4 | spec:
5 | containers:
6 | - name: foo
7 | image: busybox
8 | ''') {
9 | node(POD_LABEL) {
10 | sh 'true'
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-garbageCollection.html:
--------------------------------------------------------------------------------
1 |
2 | Enables garbage collection of orphan pods for this Kubernetes cloud.
3 |
4 | When enabled, Jenkins will periodically check for orphan pods that have not been touched for the given timeout period and delete them.
5 |
6 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/casc/casc_volume_configMap.yaml:
--------------------------------------------------------------------------------
1 | jenkins:
2 | clouds:
3 | - kubernetes:
4 | name: "kubernetes"
5 | templates:
6 | - volumes:
7 | - configMapVolume:
8 | configMapName: my-configmap
9 | mountPath: /mnt/path
10 |
--------------------------------------------------------------------------------
/.github/workflows/auto-merge-safe-deps.yml:
--------------------------------------------------------------------------------
1 | name: Automatically approve and merge safe dependency updates
2 | on:
3 | - pull_request_target
4 | permissions:
5 | contents: write
6 | pull-requests: write
7 | jobs:
8 | auto-merge-safe-deps:
9 | uses: jenkins-infra/github-reusable-workflows/.github/workflows/auto-merge-safe-deps.yml@v1
10 |
--------------------------------------------------------------------------------
/.github/workflows/close-bom-if-passing.yml:
--------------------------------------------------------------------------------
1 | name: Close BOM update PR if passing
2 | on:
3 | check_run:
4 | types:
5 | - completed
6 | permissions:
7 | contents: read
8 | pull-requests: write
9 | jobs:
10 | close-bom-if-passing:
11 | uses: jenkins-infra/github-reusable-workflows/.github/workflows/close-bom-if-passing.yml@v1
12 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerTemplate/help-name.html:
--------------------------------------------------------------------------------
1 | The name for the container to be run.
2 |
3 | One container is automatically created with the name jnlp, and runs the Jenkins agent.
4 |
5 | In order to replace the default agent image, the container with the agent must be named jnlp.
6 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-defaultsProviderTemplate.html:
--------------------------------------------------------------------------------
1 |
2 | The name of the pod template to use for providing default values.
3 | When a value is specified and there is a pod template with a matching name, the template will be
4 | used as a parent to all other pod templates.
5 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/KubernetesDeclarativeAgent/help-defaultContainer.html:
--------------------------------------------------------------------------------
1 | Name of the default container steps will be run in.
2 |
3 | When using this option, all steps will be executed within an implicit container(name) {...} block instead
4 | of the jnlp container.
5 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/getContainerLogWithRestart.groovy:
--------------------------------------------------------------------------------
1 | //noinspection GrPackage
2 | podTemplate()
3 | {
4 | node(POD_LABEL) {
5 | stage('container log') {
6 | sh 'for i in `seq 1 5`; do echo $i; sleep 5; done'
7 | containerLog 'jnlp'
8 | }
9 | }
10 | }
11 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/imageWithoutAgent.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(agentContainer:'foo',
2 | agentInjection: true,
3 | yaml:'''
4 | spec:
5 | containers:
6 | - name: foo
7 | image: eclipse-temurin:22.0.2_9-jre
8 | ''') {
9 | node(POD_LABEL) {
10 | sh 'true'
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerLogStep/help-sinceSeconds.html:
--------------------------------------------------------------------------------
1 |
2 | A relative time in seconds before the current time from which to show logs. If this value precedes the time a pod was started, only logs since the pod start will be returned. If this value is in the future, no logs will be returned.
3 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/casc/casc_workspaceVolume_nfs.yaml:
--------------------------------------------------------------------------------
1 | jenkins:
2 | clouds:
3 | - kubernetes:
4 | name: "kubernetes"
5 | templates:
6 | - workspaceVolume:
7 | nfsWorkspaceVolume:
8 | serverAddress: "serverAddress"
9 | serverPath: "/path"
10 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/casc/casc_envVar_secret.yaml:
--------------------------------------------------------------------------------
1 | jenkins:
2 | clouds:
3 | - kubernetes:
4 | name: "kubernetes"
5 | templates:
6 | - envVars:
7 | - secretEnvVar:
8 | key: key
9 | secretName: secretName
10 | secretKey: secretKey
11 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/bourneShellElsewhereInPath.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(containers: [containerTemplate(name: 'kaniko', image: 'gcr.io/kaniko-project/executor:debug', command: 'sleep', args: '99d')]) {
2 | node(POD_LABEL) {
3 | container(name: 'kaniko') {
4 | sh 'echo $PATH'
5 | }
6 | }
7 | }
8 |
--------------------------------------------------------------------------------
/src/main/java/org/csanchez/jenkins/plugins/kubernetes/pod/retention/PodRetentionDescriptor.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.pod.retention;
2 |
3 | import hudson.model.Descriptor;
4 |
5 | /**
6 | * A {@link Descriptor} for any {@link PodRetention} implementation.
7 | */
8 | public abstract class PodRetentionDescriptor extends Descriptor {}
9 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/casc/casc_volume_nfs.yaml:
--------------------------------------------------------------------------------
1 | jenkins:
2 | clouds:
3 | - kubernetes:
4 | name: "kubernetes"
5 | templates:
6 | - volumes:
7 | - nfsVolume:
8 | serverAddress: serverAddress
9 | serverPath: /path
10 | mountPath: /mnt/path
11 |
--------------------------------------------------------------------------------
/src/main/java/org/csanchez/jenkins/plugins/kubernetes/volumes/PVCVolumeUtils.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.volumes;
2 |
3 | import hudson.util.ListBoxModel;
4 |
5 | public class PVCVolumeUtils {
6 | public static final ListBoxModel ACCESS_MODES_BOX =
7 | new ListBoxModel().add("ReadWriteOnce").add("ReadOnlyMany").add("ReadWriteMany");
8 | }
9 |
--------------------------------------------------------------------------------
/examples/README.md:
--------------------------------------------------------------------------------
1 | # Kubernetes plugin Pipeline examples
2 |
3 | In this directory you can find several Pipeline examples.
4 |
5 | For more examples that are automatically tested, check:
6 |
7 | * [live samples](../src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/samples)
8 | * [test scripts](../src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline)
9 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/KubernetesAgentErrorCondition/help-handleNonKubernetes.html:
--------------------------------------------------------------------------------
1 |
2 | Behave like the generic agent() (Agent errors) when applied to a non-Kubernetes agent.
3 | Useful in cases where it is hard to predict in a job definition whether a Kubernetes or other sort of agent will be used.
4 |
5 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/runWithCloudOverriddenNamespace.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(volumes: [emptyDirVolume(mountPath: '/my-mount')]) {
2 |
3 | node(POD_LABEL) {
4 | semaphore 'pod'
5 | container(name: 'jnlp') {
6 | sh 'cat /var/run/secrets/kubernetes.io/serviceaccount/namespace'
7 | }
8 | }
9 | }
10 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-jenkinsTunnel.html:
--------------------------------------------------------------------------------
1 |
2 | Connect to the specified host and port, instead of connecting directly to Jenkins.
3 | Useful when connection to Jenkins needs to be tunneled. Can be also HOST: or :PORT,
4 | in which case the missing portion will be auto-configured like the default behavior
5 |
6 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerTemplate/help-args.html:
--------------------------------------------------------------------------------
1 | Arguments to pass to the command.
2 | ${computer.jnlpmac} and ${computer.name} are replaced with the agent secret and name respectively.
3 | For Windows containers the args Start-Sleep 999999 are reasonable choices to go with powershell.
4 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerTemplate/help-image.html:
--------------------------------------------------------------------------------
1 | Container image (repository, name, and tag) for a Jenkins inbound agent.
2 | Connection details will be passed as environment variables as per
3 | documentation.
4 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-idleMinutes.html:
--------------------------------------------------------------------------------
1 |
2 | By default, agents are terminated as soon as they have completed the task they have been assigned.
3 |
4 |
5 |
6 | Setting a value for this field will keep agents around for N minutes (N being the defined value).
7 | In that case, the agent may be reused by another build.
8 |
9 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/closedWebSocketExit.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(containers: [
2 | containerTemplate(name: 'busybox', image: 'busybox', ttyEnabled: true, command: '/bin/cat'),
3 | ]) {
4 | node(POD_LABEL) {
5 | container('busybox') {
6 | sh 'sleep 5; echo have started user process; sleep 999'
7 | }
8 | }
9 | }
10 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/envVarDollarSignEscaping.groovy:
--------------------------------------------------------------------------------
1 | podTemplate() {
2 | node(POD_LABEL) {
3 | env.THEVAR = "\$string\$with\$dollars"
4 | echo "from Groovy: ${env.THEVAR}"
5 | sh 'echo "outside container: $THEVAR"'
6 | container('jnlp') {
7 | sh 'echo "inside container: $THEVAR"'
8 | }
9 | }
10 | }
11 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/noDelayProvisionerCallsListener.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(containers: [
2 | containerTemplate(name: 'busybox', image: 'busybox', ttyEnabled: true, command: '/bin/cat'),
3 | ]) {
4 | node (POD_LABEL) {
5 | stage('Run') {
6 | container('busybox') {
7 | sh 'echo foo'
8 | }
9 | }
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-instanceCap.html:
--------------------------------------------------------------------------------
1 |
2 | The maximum number of concurrently running agent pods created from this template that are permitted in the Kubernetes Cloud.
3 | The number of running agents will never exceed the global concurrency limit sets at the Cloud Configuration level.
4 | If set to empty or a negative number it means no limit.
5 |
6 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/HostPathWorkspaceVolume/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 |
6 |
7 |
8 |
9 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerLivenessProbe/help-failureThreshold.html:
--------------------------------------------------------------------------------
1 |
2 | When a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up.
3 | Giving up in case of liveness probe means restarting the container.
4 | In case of readiness probe the Pod will be marked Unready. Defaults to 3. Minimum value is 1.
5 |
6 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-showRawYaml.html:
--------------------------------------------------------------------------------
1 |
2 | When checked, the actual pod definition in YAML will be dumped in the build console (secrets redacted).
3 | This helps audit builds to understand what was the exact environment when the build ran.
4 | If you don't care about this information and want less verbosity in build logs, disable this feature.
5 |
6 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/casc/casc_workspaceVolume_genericEphemeral.yaml:
--------------------------------------------------------------------------------
1 | jenkins:
2 | clouds:
3 | - kubernetes:
4 | name: "kubernetes"
5 | templates:
6 | - workspaceVolume:
7 | genericEphemeralVolume:
8 | storageClassName: test-storageclass
9 | accessModes: ReadWriteMany
10 | requestsSize: 10Gi
11 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodImagePullSecret/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
5 |
6 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pod/yaml/Merge/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
4 | The yaml definitions from inherited pod templates are merged with the current template yaml fragment.
5 |
6 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pod/yaml/Overrides/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
4 | The yaml definitions from inherited pod templates are completely overridden by the current yaml field.
5 |
6 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/taskListenerAfterRestart.groovy:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.pipeline
2 |
3 | podTemplate(containers: [
4 | containerTemplate(name: 'busybox', image: 'busybox', ttyEnabled: true, command: '/bin/cat'),
5 | ]) {
6 | node (POD_LABEL) {
7 | container('busybox') {
8 | sh 'sleep 9999999'
9 | }
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-skipTlsVerify.html:
--------------------------------------------------------------------------------
1 | With this option enabled, communication with kubernetes API server will rely on https but will fully ignore ssl
2 | certificate verification. This is usefull for quick setup but does make your installation unsecured, so please consider
3 | twice.
4 |
5 | Alternatively, capture API server certificate and register it as Kubernetes server certificate key.
--------------------------------------------------------------------------------
/.mvn/extensions.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | io.jenkins.tools.incrementals
4 | git-changelist-maven-extension
5 | 1.13
6 |
7 |
8 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/casc/casc_volume_genericEphemeral.yaml:
--------------------------------------------------------------------------------
1 | jenkins:
2 | clouds:
3 | - kubernetes:
4 | name: "kubernetes"
5 | templates:
6 | - volumes:
7 | - genericEphemeralVolume:
8 | mountPath: /mnt/path
9 | accessModes: ReadWriteMany
10 | storageClassName: test-storageclass
11 | requestsSize: 10Gi
12 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/badcontainername.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(containers: [
2 | containerTemplate(name: 'badcontainerName_!', image: 'busybox', ttyEnabled: true, command: '/bin/cat'),
3 | ]) {
4 |
5 | node(POD_LABEL) {
6 | stage('Run') {
7 | container('busybox') {
8 | sh """
9 | will never run
10 | """
11 | }
12 | }
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/jenkinsSecretHidden.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(containers: [
2 | containerTemplate(name: 'busybox', image: 'busybox', ttyEnabled: true, command: '/bin/cat'),
3 | ]) {
4 | node (POD_LABEL) {
5 | semaphore 'pod'
6 | stage('Run') {
7 | sh 'env | sort'
8 | container('busybox') {
9 | sh 'env | sort'
10 | }
11 | }
12 | }
13 | }
14 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-usageRestricted.html:
--------------------------------------------------------------------------------
1 |
2 | When using this option, you need to grant explicitly access to this cloud using the podTemplate pipeline keyword.
3 | The permission can be granted by selecting this cloud in the Kubernetes Section of the folder configuration.
4 | All Pipeline Jobs in the folder and its children will then be granted permission to use this cloud.
5 |
6 |
--------------------------------------------------------------------------------
/src/test/resources/kubeconfig:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Config
3 | clusters:
4 | - name: test-cluster
5 | cluster:
6 | server: http://example.com
7 | insecure-skip-tls-verify: true
8 | contexts:
9 | - name: test-context
10 | context:
11 | cluster: test-cluster
12 | user: test-user
13 | namespace: test-namespace
14 | current-context: test-context
15 | users:
16 | - name: test-user
17 | user:
18 | token: dummy-token
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/octalPermissions.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: '''
2 | spec:
3 | volumes:
4 | - name: jenkins-agent
5 | projected:
6 | sources:
7 | - secret:
8 | name: container-secret
9 | items:
10 | - key: password
11 | path: my-group/my-password
12 | mode: 0777
13 | ''') {
14 | node(POD_LABEL){
15 | sh 'true'
16 | }
17 | }
18 |
--------------------------------------------------------------------------------
/src/main/java/org/csanchez/jenkins/plugins/kubernetes/TokenProducer.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes;
2 |
3 | import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
4 |
5 | /**
6 | * @author Nicolas De Loof
7 | */
8 | @Deprecated
9 | @SuppressFBWarnings("NM_SAME_SIMPLE_NAME_AS_INTERFACE")
10 | public interface TokenProducer extends org.jenkinsci.plugins.kubernetes.credentials.TokenProducer {}
11 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerTemplate/help-resourceRequestCpu.html:
--------------------------------------------------------------------------------
1 | Kubernetes Resources Request of CPU
2 | This value can be set to control the CPU resources requested when creating the Jenkins agent Docker container in
3 | Kubernetes. When left blank, the defaults of your Kubernetes cluster will be used. For more info, see the
4 | Kubernetes docs.
5 | e.g. `500m`.
6 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/overrideYaml.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: """
2 | spec:
3 | containers:
4 | - name: jnlp
5 | env:
6 | - name: VAR1
7 | value: 1
8 | """) {
9 | podTemplate(yaml: """
10 | containers:
11 | - name: jnlp
12 | env:
13 | - name: VAR2
14 | value: 1
15 | """) {
16 | node(POD_LABEL){
17 | sh '["$VAR1" != "$VAR2"]'
18 | }
19 | }
20 | }
--------------------------------------------------------------------------------
/src/main/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/Constants.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.pipeline;
2 |
3 | /**
4 | * Created by iocanel on 7/29/16.
5 | */
6 | public class Constants {
7 |
8 | public static final String EXIT = "exit";
9 | public static final String NEWLINE = "\n"; // seems to work even on Windows
10 | public static final char CTRL_C = '\u0003';
11 | public static final String SPACE = " ";
12 | }
13 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/ContainerTemplate/help-resourceRequestMemory.html:
--------------------------------------------------------------------------------
1 | Kubernetes Resources Request of Memory
2 | This value can be set to control the memory resources requested when creating the Jenkins agent Docker container in
3 | Kubernetes. When left blank, the defaults of your Kubernetes cluster will be used. For more info, see the
4 | Kubernetes docs.
5 | e.g. `250Mi`.
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/PodVolume/help-storageClassName.html:
--------------------------------------------------------------------------------
1 | A StorageClass provides a way for administrators to describe the “classes” of storage they offer. Different classes might map to quality-of-service levels, or to backup policies, or to arbitrary policies determined by the cluster administrators. Kubernetes itself is unopinionated about what classes represent. This concept is sometimes called “profiles” in other storage systems.
2 |
--------------------------------------------------------------------------------
/.github/workflows/cd.yaml:
--------------------------------------------------------------------------------
1 | # Note: additional setup is required, see https://www.jenkins.io/redirect/continuous-delivery-of-plugins
2 |
3 | name: cd
4 | on:
5 | workflow_dispatch:
6 | check_run:
7 | types:
8 | - completed
9 |
10 | jobs:
11 | maven-cd:
12 | uses: jenkins-infra/github-reusable-workflows/.github/workflows/maven-cd.yml@v1
13 | secrets:
14 | MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }}
15 | MAVEN_TOKEN: ${{ secrets.MAVEN_TOKEN }}
16 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/runInPodWithDifferentShell.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(containers: [
2 | containerTemplate(name: 'busybox', image: 'busybox', ttyEnabled: true, command: '/bin/cat'),
3 | ]) {
4 |
5 | node(POD_LABEL) {
6 | stage('Run') {
7 | container(name:'busybox', shell: '/bin/bash') {
8 | sh """
9 | echo "Run BusyBox shell"
10 | """
11 | }
12 | }
13 | }
14 | }
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/interruptedPod.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(containers: [containerTemplate(name: 'shell', image: 'ubuntu', command: 'sleep', args: '99d')]) {
2 | node(POD_LABEL) {
3 | container('shell') {
4 | // Note that trap apparently does not work in Ubuntu [da]sh or Busybox [a]sh.
5 | sh(/set +x; bash -c 'trap "echo shut down gracefully" EXIT; echo starting to sleep; sleep 9999999'/)
6 | }
7 | }
8 | }
9 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/runInPodWithRetention.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(podRetention: always(), containers: [
2 | containerTemplate(name: 'busybox', image: 'busybox', ttyEnabled: true, command: '/bin/cat'),
3 | ]) {
4 |
5 | node(POD_LABEL) {
6 | stage('Run') {
7 | container('busybox') {
8 | sh """
9 | echo "Running pod with retention"
10 | """
11 | }
12 | }
13 | }
14 | }
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/taskListenerAfterRestart_multipleLabels.groovy:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.pipeline
2 |
3 | podTemplate(label: 'label1 label2',
4 | containers: [
5 | containerTemplate(name: 'busybox', image: 'busybox', ttyEnabled: true, command: '/bin/cat'),
6 | ]) {
7 | node ('label1') {
8 | container('busybox') {
9 | sh 'sleep 9999999'
10 | }
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/WorkspaceVolume/help-storageClassName.html:
--------------------------------------------------------------------------------
1 | A StorageClass provides a way for administrators to describe the “classes” of storage they offer. Different classes might map to quality-of-service levels, or to backup policies, or to arbitrary policies determined by the cluster administrators. Kubernetes itself is unopinionated about what classes represent. This concept is sometimes called “profiles” in other storage systems.
2 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerStep/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/runWithStepOverriddenNamespace.groovy:
--------------------------------------------------------------------------------
1 | // Step namespace should have priority over anything else.
2 | podTemplate(
3 | namespace: '$OVERRIDDEN_NAMESPACE',
4 | volumes: [emptyDirVolume(mountPath: '/my-mount')]) {
5 |
6 | node(POD_LABEL) {
7 | semaphore 'pod'
8 | container(name: 'jnlp') {
9 | sh 'cat /var/run/secrets/kubernetes.io/serviceaccount/namespace'
10 | }
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/basicWindows.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: '''
2 | apiVersion: v1
3 | kind: Pod
4 | spec:
5 | containers:
6 | - name: jnlp
7 | image: jenkins/inbound-agent:windowsservercore-1809
8 | nodeSelector:
9 | kubernetes.io/os: windows
10 | node.kubernetes.io/windows-build: 10.0.17763
11 | '''
12 | ) {
13 | node(POD_LABEL) {
14 | bat 'dir'
15 | powershell 'Get-ChildItem Env: | Sort Name'
16 | }
17 | }
18 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodLabel/config.jelly:
--------------------------------------------------------------------------------
1 |
4 |
5 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/EmptyDirVolume/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodAnnotation/config.jelly:
--------------------------------------------------------------------------------
1 |
4 |
5 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/terminatedPod.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: '''
2 | spec:
3 | containers:
4 | - name: busybox
5 | image: busybox
6 | command:
7 | - sleep
8 | - 99d
9 | terminationGracePeriodSeconds: 3
10 | ''') {
11 | retry(count: 2, conditions: [kubernetesAgent()]) {
12 | node(POD_LABEL) {
13 | container('busybox') {
14 | sh 'echo hello world'
15 | sh 'sleep 15'
16 | }
17 | }
18 | }
19 | }
20 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/model/KeyValueEnvVar/config.jelly:
--------------------------------------------------------------------------------
1 |
4 |
5 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/cancelOnlyRelevantQueueItem.groovy:
--------------------------------------------------------------------------------
1 | parallel k8s: {
2 | catchError(buildResult: 'SUCCESS') {
3 | podTemplate(yaml: '''
4 | spec:
5 | containers:
6 | - name: jnlp
7 | image: some/invalid
8 | ''') {
9 | node(POD_LABEL) {
10 | sh 'false should never run'
11 | }
12 | }
13 | }
14 | echo 'cancelled pod item by now'
15 | }, unrelated: {
16 | node('special-agent') {
17 | echo 'ran on special agent'
18 | }
19 | }
20 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/KubernetesAgentErrorCondition/help.html:
--------------------------------------------------------------------------------
1 |
2 | Similar to agent() (Agent errors) but tailored to agents provisioned from a Kubernetes cloud.
3 | Unlike the generic agent error condition,
4 | this will ignore certain pod termination reasons which are likely to be under the control of the Pipeline author (e.g., OOMKilled)
5 | while still allowing retry to recover after common cases of pod deletion.
6 |
7 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/EmptyDirWorkspaceVolume/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-addMasterProxyEnvVars.html:
--------------------------------------------------------------------------------
1 | With this option enabled, if any of the HTTP proxy related environment variables
2 | recognized by the Jenkins remoting component are set on the Jenkins Controller, they
3 | will be added to the environment variables of any Pod Template.
4 |
5 | Any explicit setting of those variables in the environment variables section of
6 | the Pod Template or Container Template will take precedence over any variables
7 | set in Jenkins Controller.
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/sidecarWorkingDir.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(containers: [
2 | containerTemplate(name: 'busybox', image: 'busybox', ttyEnabled: true, command: '/bin/cat', workingDir: '/src')
3 | ]) {
4 | node (POD_LABEL) {
5 | stage('Run') {
6 | sh '[ "$(pwd)" = "/home/jenkins/agent/workspace/$JOB_NAME" ]'
7 | container('busybox') {
8 | sh '[ "$(pwd)" = "/src/workspace/$JOB_NAME" ]'
9 | }
10 | }
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/src/main/java/org/csanchez/jenkins/plugins/kubernetes/pod/decorator/PodDecoratorException.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.pod.decorator;
2 |
3 | /**
4 | * A fatal exception raised by a {@link PodDecorator} implementation.
5 | */
6 | public class PodDecoratorException extends RuntimeException {
7 | public PodDecoratorException(String message) {
8 | super(message);
9 | }
10 |
11 | public PodDecoratorException(String message, Throwable cause) {
12 | super(message, cause);
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/NonConfigurableKubernetesCloud/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
3 | Cloud name: ${instance.displayName}
4 |
5 |
6 |
7 |
8 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/PersistentVolumeClaimWorkspaceVolume/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/dynamicPVCWorkspaceVolume.groovy:
--------------------------------------------------------------------------------
1 | semaphore 'before'
2 | podTemplate(workspaceVolume: dynamicPVC(requestsSize: "10Gi"), yaml:'''
3 | spec:
4 | securityContext:
5 | fsGroup: 1000
6 | ''') {
7 |
8 | node(POD_LABEL) {
9 | semaphore 'pod'
10 | container(name: 'jnlp') {
11 | sh 'cat /var/run/secrets/kubernetes.io/serviceaccount/namespace'
12 | git 'https://github.com/jenkinsci/kubernetes-plugin.git'
13 | }
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/runWithActiveDeadlineSeconds.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(label: '$NAME', activeDeadlineSeconds: 10, containers: [
2 | containerTemplate(name: 'busybox', image: 'busybox', ttyEnabled: true, command: '/bin/cat'),
3 | ]) {
4 | semaphore 'podTemplate'
5 | node ('$NAME') {
6 | stage('Run') {
7 | container('busybox') {
8 | sh """
9 | echo "Hello from container!"
10 | """
11 | }
12 | }
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/PodTemplateStep/help-label.html:
--------------------------------------------------------------------------------
1 |
2 | Jenkins node label to bind.
3 | If left blank, one will be generated for you,
4 | and inside the step it will be bound to the variable
POD_LABEL
5 | so you can use this as the argument to the
node step.
6 |
7 | Example:
8 |
9 | podTemplate(...) {
10 | node(POD_LABEL) {
11 | // some steps
12 | }
13 | }
14 |
15 |
/). The name
2 | segment is required and must be 63 characters or less, beginning and ending with an alphanumeric character
3 | ([a-z0-9A-Z]) with dashes (-), underscores (_), dots (.), and
4 | alphanumerics between. The prefix is optional. If specified, the prefix must be a DNS subdomain: a series of DNS
5 | labels separated by dots (.), not longer than 253 characters in total, followed by a slash (/).
6 |
7 |
--------------------------------------------------------------------------------
/src/test/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/steps/RunId.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.pipeline.steps;
2 |
3 | import java.io.Serializable;
4 |
5 | /**
6 | * Lightweight, serializable reference to a run which can be passed around steps.
7 | */
8 | public class RunId implements Serializable {
9 | String name;
10 | int number;
11 |
12 | RunId(String name, int number) {
13 | this.name = name;
14 | this.number = number;
15 | }
16 |
17 | public String getName() {
18 | return name;
19 | }
20 |
21 | public int getNumber() {
22 | return number;
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/showRawYamlFalseInherited.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(showRawYaml: false) { podTemplate(yaml: '''
2 | apiVersion: v1
3 | kind: Pod
4 | spec:
5 | containers:
6 | - name: busybox
7 | image: busybox
8 | command:
9 | - cat
10 | tty: true
11 | env:
12 | - name: CONTAINER_ENV_VAR
13 | value: container-env-var-value
14 | '''
15 | )
16 | {
17 | node(POD_LABEL) {
18 | stage('Run') {
19 | container('busybox') {
20 | sh '''
21 | echo "anything"
22 | '''
23 | }
24 | }
25 | }
26 | } }
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/sshagent.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(containers: [
2 | containerTemplate(name: 'ssh-client', image: 'kroniak/ssh-client:3.6', ttyEnabled: true, command: 'cat')
3 | ]) {
4 | node(POD_LABEL) {
5 | stage('container log') {
6 | container('ssh-client') {
7 | sshagent (credentials: ['ContainerExecDecoratorPipelineTest-sshagent']) {
8 | sh 'env'
9 | sh 'ssh-add -L'
10 | sh 'ssh -vT -o "StrictHostKeyChecking=no" git@github.com'
11 | }
12 | }
13 | }
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/runInPodWithLivenessProbe.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(volumes: [emptyDirVolume(mountPath: '/my-mount')], containers: [
2 | containerTemplate(name: 'busybox', image: 'busybox', ttyEnabled: true, command: 'cat', livenessProbe: containerLivenessProbe( execArgs: 'uname -a', initialDelaySeconds: 5, timeoutSeconds: 1, failureThreshold: 3, periodSeconds: 10, successThreshold: 1))
3 | ]) {
4 |
5 | node(POD_LABEL) {
6 | stage('Wait for Liveness Probe') {
7 | container('busybox') {
8 | sh 'sleep 6 && echo "Still alive"'
9 | }
10 | }
11 | }
12 | }
13 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/declarativeYamlFile.yml:
--------------------------------------------------------------------------------
1 | metadata:
2 | labels:
3 | some-label: some-label-value
4 | class: KubernetesDeclarativeAgentTest
5 | spec:
6 | containers:
7 | - name: jnlp
8 | env:
9 | - name: CONTAINER_ENV_VAR
10 | value: jnlp
11 | - name: maven
12 | image: maven:3.3.9-jdk-8-alpine
13 | command:
14 | - cat
15 | tty: true
16 | env:
17 | - name: CONTAINER_ENV_VAR
18 | value: maven
19 | - name: busybox
20 | image: busybox
21 | command:
22 | - cat
23 | tty: true
24 | env:
25 | - name: CONTAINER_ENV_VAR
26 | value: busybox
27 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubectlBuildWrapper/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/declarativeWithCreateContainerError.groovy:
--------------------------------------------------------------------------------
1 | pipeline {
2 | agent {
3 | kubernetes {
4 | yaml '''
5 | apiVersion: v1
6 | kind: Pod
7 | metadata:
8 | labels:
9 | some-label: some-label-value
10 | spec:
11 | containers:
12 | - name: busybox
13 | image: busybox
14 | tty: true
15 | command: ['sh', '-c', "thiscommandshouldcreateanerror;"]
16 | '''
17 | }
18 | }
19 | stages {
20 | stage('Run') {
21 | steps {
22 | container('busybox') {
23 | sh """
24 | will never run
25 | """
26 | }
27 | }
28 | }
29 | }
30 | }
31 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/runInPodNested.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(label: '$NAME-parent', containers: [
2 | containerTemplate(name: 'golang', image: 'golang:1.6.3-alpine', ttyEnabled: true, command: '/bin/cat'),
3 | ]) {
4 |
5 | podTemplate(containers: [
6 | containerTemplate(name: 'maven', image: 'maven:3.3.9-jdk-8-alpine', ttyEnabled: true, command: '/bin/cat'),
7 | ]) {
8 |
9 | node(POD_LABEL) {
10 | stage('Nested') {
11 | container('maven') {
12 | sh "mvn -version"
13 | }
14 | }
15 | stage('Parent') {
16 | container('golang') {
17 | sh "go version"
18 | }
19 | }
20 | }
21 | }
22 | }
23 |
--------------------------------------------------------------------------------
/examples/declarative_from_yaml_file/Jenkinsfile:
--------------------------------------------------------------------------------
1 | pipeline {
2 | agent {
3 | kubernetes {
4 | yamlFile 'examples/declarative_from_yaml_file/KubernetesPod.yaml'
5 | }
6 | }
7 | stages {
8 | stage('Run maven') {
9 | steps {
10 | sh 'set'
11 | sh "echo OUTSIDE_CONTAINER_ENV_VAR = ${CONTAINER_ENV_VAR}"
12 | container('maven') {
13 | sh 'echo MAVEN_CONTAINER_ENV_VAR = ${CONTAINER_ENV_VAR}'
14 | sh 'mvn -version'
15 | }
16 | container('busybox') {
17 | sh 'echo BUSYBOX_CONTAINER_ENV_VAR = ${CONTAINER_ENV_VAR}'
18 | sh '/bin/busybox'
19 | }
20 | }
21 | }
22 | }
23 | }
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/badcontainernameyaml.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: """
2 | apiVersion: v1
3 | kind: Pod
4 | metadata:
5 | labels:
6 | some-label: some-label-value
7 | spec:
8 | containers:
9 | - name: badcontainername_!
10 | image: busybox
11 | command:
12 | - cat
13 | tty: true
14 | - name: badcontainername2_!
15 | image: busybox
16 | command:
17 | - cat
18 | tty: true
19 | """
20 | ) {
21 |
22 | node(POD_LABEL) {
23 | stage('Run') {
24 | container('busybox') {
25 | sh """
26 | will never run
27 | """
28 | }
29 | }
30 | }
31 | }
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/declarativeShowRawYamlFalse.groovy:
--------------------------------------------------------------------------------
1 | pipeline {
2 | agent {
3 | kubernetes {
4 | showRawYaml false
5 | yaml '''
6 | metadata:
7 | labels:
8 | some-label: some-label-value
9 | class: KubernetesDeclarativeAgentTest
10 | spec:
11 | containers:
12 | - name: jnlp
13 | env:
14 | - name: CONTAINER_ENV_VAR
15 | value: jnlp
16 | '''
17 | }
18 | }
19 | stages {
20 | stage('Run') {
21 | steps {
22 | sh 'set'
23 | container('jnlp') {
24 | sh 'echo CONTAINER_ENV_VAR = ${CONTAINER_ENV_VAR}'
25 | }
26 | }
27 | }
28 | }
29 | }
30 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/runInPodWithMultipleContainers.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(volumes: [emptyDirVolume(mountPath: '/my-mount')], containers: [
2 | containerTemplate(name: 'maven', image: 'maven:3.3.9-jdk-8-alpine', ttyEnabled: true, command: 'cat'),
3 | containerTemplate(name: 'golang', image: 'golang:1.6.3-alpine', ttyEnabled: true, command: 'cat')
4 | ]) {
5 |
6 | node(POD_LABEL) {
7 | sh "echo My Kubernetes Pipeline"
8 | sh "ls /"
9 |
10 | stage('Run maven') {
11 | container('maven') {
12 | sh 'mvn -version'
13 | }
14 | }
15 |
16 |
17 | }
18 | }
19 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-retentionTimeout.html:
--------------------------------------------------------------------------------
1 |
2 | Time in minutes after which the Kubernetes cloud plugin will clean up an idle
3 | worker that has not already terminated. This cleanup is only necessary in
4 | exceptional conditions; typically workers will terminate upon completion of the
5 | invoking task.
6 |
7 |
8 |
9 | Minimum value is 5 minutes as lower values can cause problems upon Jenkins restart.
10 |
11 |
12 |
13 | For tasks that use very large images, this timeout can be increased to avoid
14 | early termination of the task while the Kubernetes pod is still deploying.
15 |
16 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/runInPodWithRestart.groovy:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.pipeline
2 |
3 | podTemplate(containers: [
4 | containerTemplate(name: 'busybox', image: 'busybox', ttyEnabled: true, command: '/bin/cat'),
5 | ]) {
6 |
7 | node(POD_LABEL) {
8 | stage('Run') {
9 | container('busybox') {
10 | sh 'mkdir hz'
11 | sh 'echo "initpwd is -$(pwd)-"'
12 | dir('hz') {
13 | sh 'echo "dirpwd is -$(pwd)-"'
14 | }
15 | sh 'echo "postpwd is -$(pwd)-"'
16 | }
17 | }
18 |
19 | }
20 | }
21 |
--------------------------------------------------------------------------------
/src/main/java/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloudTraitDescriptor.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes;
2 |
3 | import hudson.model.Descriptor;
4 | import java.util.Optional;
5 |
6 | /**
7 | * Descriptor base type for {@link KubernetesCloudTrait} implementations.
8 | */
9 | public abstract class KubernetesCloudTraitDescriptor extends Descriptor {
10 |
11 | /**
12 | * Get default trait configuration for a new {@link KubernetesCloud} instance.
13 | *
14 | * @return optional default trait configuration
15 | */
16 | public Optional getDefaultTrait() {
17 | return Optional.empty();
18 | }
19 | }
20 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/ConfigMapVolume/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/NfsVolume/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/SecretVolume/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-podLabels.html:
--------------------------------------------------------------------------------
1 |
2 |
Labels
3 | for all Pods started by the plugin. Pods that match these labels count toward the
Concurrency Limit.
4 |
5 | If not configured, all Pods will be created with jenkins=slave by default.
6 |
7 |
Examples:
8 |
9 | jenkins=slaveapp.kubernetes.io/managed-by=jenkinsapp.kubernetes.io/part-of=cicd
13 |
14 |
2 |
3 | This setting controls how agent pods are retained after the Jenkins build completes.
4 | The following retention policies are provided:
5 |
6 |
7 | - Never - always delete the agent pod.
8 | - On Failure - keep the agent pod if it fails during the build.
9 | - Evicted - keep the agent pod only if it was evicted during the build (For example a Node-pressure).
10 | - Always - always keep the agent pod.
11 |
12 |
13 | Note: Kubernetes administrators are responsible for managing any kept agent pod.
14 | These will not be deleted by the Jenkins Kubernetes plugin.
15 |
16 |
This option lets you provide a container image that does not extend the Jenkins agent image.
2 |
3 | The provided container image must have a (headless) JRE installed (using a version compatible with the current Jenkins version).
4 |
5 | The agent will use the Java installation designated by the JENKINS_JAVA_BIN environment variable, or the one in PATH if undefined.
6 |
7 | Enabling this option will override the command and arguments defined in the agent container.
8 |
9 | Example
10 |
11 |
12 | podTemplate(agentContainer:'foo',
13 | agentInjection: true,
14 | yaml:'''
15 | spec:
16 | containers:
17 | - name: foo
18 | image: eclipse-temurin:22.0.2_9-jre
19 | ''') {
20 | node(POD_LABEL) {
21 | sh 'true'
22 | }
23 | }
24 |
25 |
--------------------------------------------------------------------------------
/src/test/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/KubernetesPipelineWebsocketRJRTest.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.pipeline;
2 |
3 | import java.net.UnknownHostException;
4 | import org.csanchez.jenkins.plugins.kubernetes.pipeline.steps.AssertBuildStatusSuccess;
5 | import org.csanchez.jenkins.plugins.kubernetes.pipeline.steps.RunId;
6 | import org.csanchez.jenkins.plugins.kubernetes.pipeline.steps.SetupCloud;
7 | import org.junit.Test;
8 |
9 | public class KubernetesPipelineWebsocketRJRTest extends AbstractKubernetesPipelineRJRTest {
10 |
11 | public KubernetesPipelineWebsocketRJRTest() throws UnknownHostException {
12 | super(new SetupCloud(true));
13 | }
14 |
15 | @Test
16 | public void basicPipeline() throws Throwable {
17 | RunId runId = createWorkflowJobThenScheduleRun();
18 | rjr.runRemotely(new AssertBuildStatusSuccess(runId));
19 | }
20 | }
21 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/declarativeWithNonexistentDockerImage.groovy:
--------------------------------------------------------------------------------
1 | pipeline {
2 | agent {
3 | kubernetes {
4 | yaml '''
5 | metadata:
6 | labels:
7 | some-label: some-label-value
8 | class: KubernetesDeclarativeAgentTest
9 | spec:
10 | containers:
11 | - name: jnlp
12 | env:
13 | - name: CONTAINER_ENV_VAR
14 | value: jnlp
15 | - name: container1
16 | image: nonexistent-docker-image
17 | command:
18 | - cat
19 | tty: true
20 | - name: maven
21 | image: maven:3.3.9-jdk-8-alpine
22 | command:
23 | - cat
24 | tty: true
25 | env:
26 | - name: CONTAINER_ENV_VAR
27 | value: maven
28 | '''
29 | }
30 | }
31 | stages {
32 | stage('Run') {
33 | steps {
34 | container('container1') {
35 | sh """
36 | will never run
37 | """
38 | }
39 | }
40 | }
41 | }
42 | }
43 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/GenericEphemeralWorkspaceVolume/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 | Creates a generic ephemeral volume using the specified parameters.
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
--------------------------------------------------------------------------------
/.github/renovate.json:
--------------------------------------------------------------------------------
1 | {
2 | "$schema": "https://docs.renovatebot.com/renovate-schema.json",
3 | "extends": [
4 | "config:recommended"
5 | ],
6 | "labels": [
7 | "dependencies"
8 | ],
9 | "packageRules": [
10 | {
11 | "description": "remoting agent uses non-standard versioning",
12 | "matchDatasources": [
13 | "docker"
14 | ],
15 | "matchPackageNames": [
16 | "jenkins/inbound-agent"
17 | ],
18 | "versioning": "regex:^(?\\d+)\\.(?[^\\.-]*)(\\.(?\\d+))?(-(?\\d+))?$"
19 | }
20 | ],
21 | "enabledManagers": [
22 | "dockerfile",
23 | "docker-compose",
24 | "kubernetes"
25 | ],
26 | "dockerfile": {
27 | "managerFilePatterns": [
28 | "/.*\\.dockerfile$/",
29 | "/.*-dockerfile$/",
30 | "/Dockerfile/"
31 | ]
32 | },
33 | "kubernetes": {
34 | "managerFilePatterns": [
35 | "/.*\\.ya?ml$/"
36 | ]
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/src/test/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/steps/AssertBuildLogMessage.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.pipeline.steps;
2 |
3 | import org.jenkinsci.plugins.workflow.job.WorkflowJob;
4 | import org.jenkinsci.plugins.workflow.job.WorkflowRun;
5 | import org.jvnet.hudson.test.JenkinsRule;
6 | import org.jvnet.hudson.test.RealJenkinsRule;
7 |
8 | public class AssertBuildLogMessage implements RealJenkinsRule.Step {
9 |
10 | private final String message;
11 | private final RunId runId;
12 |
13 | public AssertBuildLogMessage(String message, RunId runId) {
14 | this.message = message;
15 | this.runId = runId;
16 | }
17 |
18 | @Override
19 | public void run(JenkinsRule r) throws Throwable {
20 | WorkflowJob p = r.jenkins.getItemByFullName(runId.name, WorkflowJob.class);
21 | WorkflowRun b = p.getBuildByNumber(runId.number);
22 | r.waitForMessage(message, b);
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/windowsContainer.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: '''
2 | apiVersion: v1
3 | kind: Pod
4 | spec:
5 | containers:
6 | - name: jnlp
7 | image: jenkins/inbound-agent:windowsservercore-1809
8 | - name: shell
9 | image: mcr.microsoft.com/powershell:preview-windowsservercore-1809
10 | command:
11 | - powershell
12 | args:
13 | - Start-Sleep
14 | - 999999
15 | nodeSelector:
16 | kubernetes.io/os: windows
17 | node.kubernetes.io/windows-build: 10.0.17763
18 | '''
19 | ) {
20 | node(POD_LABEL) {
21 | bat 'mkdir subdir'
22 | withEnv(["STUFF=some value"]) {
23 | dir('subdir') {
24 | container('shell') {
25 | bat 'dir'
26 | powershell 'Get-ChildItem Env: | Sort Name'
27 | bat 'echo got stuff: %STUFF%'
28 | }
29 | }
30 | }
31 | }
32 | }
33 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-directConnection.html:
--------------------------------------------------------------------------------
1 |
2 |
3 | With this option it is possible to connect directly to the TCP agent listener port.
4 | This skips the connection to an HTTP(S) port to retrieve some metadata.
5 |
6 |
7 |
8 | This is useful in scenarios where the controller does not expose an HTTP(S) port, for example
9 | Jenkinsfile Runner,
10 | but more commonly if you simply wish to optimize the connection slightly.
11 |
12 |
13 |
14 | Note: In Direct Connection mode agents will not be able to reconnect to a restarted controller if a Random 'TCP port for inbound agents' is configured!
15 | Note: Direct Connection does not work with the currently available jenkins/inbound-agent:windowsservercore-1809 image.
16 |
17 |
18 |
2 |
3 | This setting controls how agent pods are retained after the Jenkins build completes for this pod template.
4 | Values other than "Default" will override the plugin's Pod Retention setting.
5 | The following retention policies are provided:
6 |
7 |
8 | - Always - always keep the agent pod.
9 | - Default - use the Pod Retention setting for the plugin.
10 | - Never - always delete the agent pod.
11 | - Evicted - keep the agent pod only if it was evicted during the build (For example a Node-pressure).
12 | - On Failure - keep the agent pod if it fails during the build.
13 |
14 |
15 | Note: Kubernetes administrators are responsible for managing any kept agent pod.
16 | These will not be deleted by the Jenkins Kubernetes plugin.
17 |
18 |
2 | Specifies a shell which will run inside the container
3 | and process requests from Jenkins to run executables,
4 | set environment variables, and similar infrastructure.
5 |
6 |
7 | This does not affect the shell used to run user code,
8 | such as sh steps.
9 | To run your scripts with a specific shell on Linux, use an interpreter line:
10 |
11 | sh '''#!/bin/bash
12 | for x in {0..9}; do echo x; done
13 | '''
14 |
15 | or just use a subprocess and an externally versioned script:
16 |
17 | sh 'bash ci.sh'
18 |
19 | On Windows, choose between the bat or powershell steps.
20 |
21 |
22 | For a pod running on Linux, defaults to sh, which should be in $PATH;
23 | for a pod running on Windows, defaults to cmd, which should be in %Path%.
24 | Should not generally be overridden.
25 |
26 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/RestrictedPssSecurityInjectorTest/simple-before.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: "v1"
3 | kind: "Pod"
4 | metadata:
5 | name: "simple"
6 | namespace: "jenkins"
7 | spec:
8 | containers:
9 | - env:
10 | - name: "JENKINS_SECRET"
11 | value: "my-little-secret"
12 | - name: "JENKINS_AGENT_NAME"
13 | value: "my-lovely-agent"
14 | - name: "REMOTING_OPTS"
15 | value: "-noReconnectAfter 1d"
16 | - name: "JENKINS_NAME"
17 | value: "my-lovely-agent"
18 | - name: "JENKINS_AGENT_WORKDIR"
19 | value: "/home/jenkins/agent"
20 | - name: "JENKINS_URL"
21 | value: "http://localhost/"
22 | image: "jenkins/inbound-agent"
23 | name: "jnlp"
24 | resources:
25 | limits:
26 | cpu: "1"
27 | memory: "768Mi"
28 | requests:
29 | cpu: "1"
30 | memory: "768Mi"
31 | volumeMounts:
32 | - mountPath: "/home/jenkins/agent"
33 | name: "workspace-volume"
34 | readOnly: false
35 | volumes:
36 | - emptyDir:
37 | medium: ""
38 | name: "workspace-volume"
39 |
--------------------------------------------------------------------------------
/src/main/java/org/csanchez/jenkins/plugins/kubernetes/PodTemplateSource.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes;
2 |
3 | import static java.util.stream.Collectors.toList;
4 |
5 | import edu.umd.cs.findbugs.annotations.NonNull;
6 | import hudson.ExtensionList;
7 | import hudson.ExtensionPoint;
8 | import java.util.Collection;
9 | import java.util.List;
10 |
11 | /**
12 | * A source of pod templates.
13 | */
14 | public abstract class PodTemplateSource implements ExtensionPoint {
15 | public static List getAll(@NonNull KubernetesCloud cloud) {
16 | return ExtensionList.lookup(PodTemplateSource.class).stream()
17 | .map(s -> s.getList(cloud))
18 | .flatMap(Collection::stream)
19 | .collect(toList());
20 | }
21 |
22 | /**
23 | * The list of {@link PodTemplate} contributed by this implementation.
24 | * @return The list of {@link PodTemplate} contributed by this implementation.
25 | * @param cloud
26 | */
27 | @NonNull
28 | protected abstract List getList(@NonNull KubernetesCloud cloud);
29 | }
30 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/declarativeWithNestedExplicitInheritance.groovy:
--------------------------------------------------------------------------------
1 | pipeline {
2 | agent {
3 | kubernetes {
4 | yaml '''
5 | spec:
6 | containers:
7 | - name: golang
8 | image: golang:1.6.3-alpine
9 | command:
10 | - cat
11 | tty: true
12 | '''
13 | }
14 | }
15 | stages {
16 | stage('Run maven') {
17 | agent {
18 | kubernetes {
19 | yaml '''
20 | spec:
21 | containers:
22 | - name: maven
23 | image: maven:3.3.9-jdk-8-alpine
24 | command:
25 | - cat
26 | tty: true
27 | '''
28 | }
29 | }
30 | steps {
31 | container('maven') {
32 | sh 'echo MAVEN_CONTAINER_ENV_VAR = ${CONTAINER_ENV_VAR}'
33 | sh 'mvn -version'
34 | }
35 | container('golang') {
36 | script {
37 | try {
38 | sh "go version"
39 | error("Should not inherit")
40 | } catch (e) {
41 | // ignored
42 | }
43 | }
44 | }
45 | }
46 | }
47 | }
48 | }
49 |
--------------------------------------------------------------------------------
/src/main/java/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloudTrait.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes;
2 |
3 | import hudson.ExtensionList;
4 | import hudson.ExtensionPoint;
5 | import hudson.model.AbstractDescribableImpl;
6 | import java.util.List;
7 | import java.util.Optional;
8 |
9 | /**
10 | * Extension point for {@link KubernetesCloud} configuration traits.
11 | */
12 | public abstract class KubernetesCloudTrait extends AbstractDescribableImpl
13 | implements ExtensionPoint {
14 |
15 | /**
16 | * @return all the {@link KubernetesCloudTrait} descriptor instances.
17 | */
18 | public static ExtensionList all() {
19 | return ExtensionList.lookup(KubernetesCloudTraitDescriptor.class);
20 | }
21 |
22 | public static List getDefaultTraits() {
23 | return all().stream()
24 | .map(KubernetesCloudTraitDescriptor::getDefaultTrait)
25 | .filter(Optional::isPresent)
26 | .map(Optional::get)
27 | .toList();
28 | }
29 | }
30 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/ContainerLogStep/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | Gets the log of a container running in the current pod, and prints it to the build log or returns it.
8 | Only works inside a node that requests a Kubernetes agent.
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-name.html:
--------------------------------------------------------------------------------
1 |
16 |
17 | Name that identifies the pod template. Also used to prefix the name of the node and pod created.
18 |
19 |
20 | When omitted, the agent and pod name is randomly generated using jenkins-agent- as a prefix.
21 | When omitted in a podTemplate(...) step, the label is used as a prefix for the name of the dynamic pod template.
22 |
--------------------------------------------------------------------------------
/src/test/java/org/csanchez/jenkins/plugins/kubernetes/MetricNamesTest.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes;
2 |
3 | import org.junit.Assert;
4 | import org.junit.Test;
5 |
6 | public class MetricNamesTest {
7 |
8 | @Test
9 | public void metricNameForPodStatusAddsNullWhenStatusIsNull() {
10 | String expected = "kubernetes.cloud.pods.launch.status.null";
11 | String actual = MetricNames.metricNameForPodStatus(null);
12 |
13 | Assert.assertEquals(expected, actual);
14 | }
15 |
16 | @Test
17 | public void metricNameForPodStatusAddsStatusValueIfNotNull() {
18 | String expected = "kubernetes.cloud.pods.launch.status.running";
19 | String actual = MetricNames.metricNameForPodStatus("RUNNING");
20 |
21 | Assert.assertEquals(expected, actual);
22 | }
23 |
24 | @Test
25 | public void metricNameForPodStatusChangeStatusToLowercase() {
26 | String expected = "kubernetes.cloud.pods.launch.status.failed";
27 | String actual = MetricNames.metricNameForPodStatus("FaIlEd");
28 |
29 | Assert.assertEquals(expected, actual);
30 | }
31 | }
32 |
--------------------------------------------------------------------------------
/src/test/java/org/csanchez/jenkins/plugins/kubernetes/RestrictedPssSecurityInjectorTest.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes;
2 |
3 | import java.io.IOException;
4 | import org.csanchez.jenkins.plugins.kubernetes.pod.decorator.PodDecorator;
5 | import org.junit.Before;
6 | import org.junit.Test;
7 |
8 | public class RestrictedPssSecurityInjectorTest extends AbstractGoldenFileTest {
9 | @Before
10 | public void configureCloud() {
11 | cloud.setRestrictedPssSecurityContext(true);
12 | }
13 |
14 | @Override
15 | protected PodDecorator newDecorator() {
16 | return new RestrictedPssSecurityContextInjector();
17 | }
18 |
19 | @Test
20 | public void simple() throws IOException {
21 | test("simple");
22 | }
23 |
24 | @Test
25 | public void multiContainer() throws IOException {
26 | test("multiContainer");
27 | }
28 |
29 | @Test
30 | public void existingSecurityContext() throws IOException {
31 | test("existingSecurityContext");
32 | }
33 |
34 | @Test
35 | public void agentInjection() throws IOException {
36 | test("agentInjection");
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/src/main/kubernetes/service-account.yml:
--------------------------------------------------------------------------------
1 | # In GKE need to get RBAC permissions first with
2 | # kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin [--user=|--group=]
3 |
4 | ---
5 | apiVersion: v1
6 | kind: ServiceAccount
7 | metadata:
8 | name: jenkins
9 |
10 | ---
11 | kind: Role
12 | apiVersion: rbac.authorization.k8s.io/v1
13 | metadata:
14 | name: jenkins
15 | rules:
16 | - apiGroups: [""]
17 | resources: ["pods"]
18 | verbs: ["create","delete","get","list","patch","update","watch"]
19 | - apiGroups: [""]
20 | resources: ["pods/exec"]
21 | verbs: ["create","delete","get","list","patch","update","watch"]
22 | - apiGroups: [""]
23 | resources: ["pods/log"]
24 | verbs: ["get","list","watch"]
25 | - apiGroups: [""]
26 | resources: ["events"]
27 | verbs: ["watch"]
28 | - apiGroups: [""]
29 | resources: ["secrets"]
30 | verbs: ["get"]
31 |
32 | ---
33 | apiVersion: rbac.authorization.k8s.io/v1
34 | kind: RoleBinding
35 | metadata:
36 | name: jenkins
37 | roleRef:
38 | apiGroup: rbac.authorization.k8s.io
39 | kind: Role
40 | name: jenkins
41 | subjects:
42 | - kind: ServiceAccount
43 | name: jenkins
44 |
--------------------------------------------------------------------------------
/src/main/java/org/csanchez/jenkins/plugins/kubernetes/volumes/EphemeralVolume.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.volumes;
2 |
3 | import io.fabric8.kubernetes.api.model.Volume;
4 | import io.fabric8.kubernetes.api.model.VolumeBuilder;
5 |
6 | /**
7 | * Interface containing common code between {@link GenericEphemeralVolume} and {@link org.csanchez.jenkins.plugins.kubernetes.volumes.workspace.GenericEphemeralWorkspaceVolume}.
8 | */
9 | public interface EphemeralVolume extends ProvisionedVolume {
10 | default Volume buildEphemeralVolume(String volumeName) {
11 | return new VolumeBuilder()
12 | .withName(volumeName)
13 | .withNewEphemeral()
14 | .withNewVolumeClaimTemplate()
15 | .withNewSpec()
16 | .withAccessModes(getAccessModesOrDefault())
17 | .withStorageClassName(getStorageClassNameOrDefault())
18 | .withNewResources()
19 | .withRequests(getResourceMap())
20 | .endResources()
21 | .endSpec()
22 | .endVolumeClaimTemplate()
23 | .endEphemeral()
24 | .build();
25 | }
26 | }
27 |
--------------------------------------------------------------------------------
/src/test/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/steps/CreateWorkflowJobThenScheduleRun.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.pipeline.steps;
2 |
3 | import org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition;
4 | import org.jenkinsci.plugins.workflow.job.WorkflowJob;
5 | import org.jenkinsci.plugins.workflow.job.WorkflowRun;
6 | import org.jvnet.hudson.test.JenkinsRule;
7 | import org.jvnet.hudson.test.RealJenkinsRule;
8 |
9 | /**
10 | * Creates a workflow job using the specified script, then schedules it and returns a reference to the run.
11 | */
12 | public class CreateWorkflowJobThenScheduleRun implements RealJenkinsRule.Step2 {
13 | private String script;
14 |
15 | public CreateWorkflowJobThenScheduleRun(String script) {
16 | this.script = script;
17 | }
18 |
19 | @Override
20 | public RunId run(JenkinsRule r) throws Throwable {
21 | WorkflowJob project = r.createProject(WorkflowJob.class);
22 | project.setDefinition(new CpsFlowDefinition(script, true));
23 | project.save();
24 | WorkflowRun b = project.scheduleBuild2(0).get();
25 | return new RunId(project.getFullName(), b.number);
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/containerEnvironmentIsHonored.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: '''
2 | spec:
3 | containers:
4 | - name: jnlp
5 | image: jenkins/inbound-agent:3192.v713e3b_039fb_e-1
6 | # PATH=/opt/java/openjdk/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
7 | - name: alpine
8 | image: alpine:3.19.0
9 | # PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
10 | command:
11 | - sleep
12 | args:
13 | - infinity
14 | ''') {
15 | node(POD_LABEL) {
16 | echo "from Groovy outside container: ${env.PATH}"
17 | sh 'echo "from shell outside container: $PATH"'
18 | withEnv(['PATH+foo=/bar']) {
19 | echo "from Groovy outside container with override: ${env.PATH}"
20 | sh 'echo "from shell outside container with override: $PATH"'
21 | }
22 | container('alpine') {
23 | echo "from Groovy inside container: ${env.PATH}"
24 | sh 'echo "from shell inside container: $PATH"'
25 | withEnv(['PATH+foo=/bar']) {
26 | echo "from Groovy inside container with override: ${env.PATH}"
27 | sh 'echo "from shell inside container with override: $PATH"'
28 | }
29 | }
30 | }
31 | }
32 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodTemplate/help-inheritFrom.html:
--------------------------------------------------------------------------------
1 |
2 | Name of the podTemplate to inherit from.
3 |
4 |
5 | A podTemplate may or may not inherit from an existing template.
6 | This means that the podTemplate will inherit node selector, service account, image pull secrets, containerTemplates and volumes from the template it inherits from.
7 |
8 |
9 | Service account and Node selector, when overridden, completely replace any value found on the “parent”.
10 |
11 |
12 | Container templates that are added to the podTemplate, that has a matching containerTemplate (a containerTemplate with the same name) in the parent template, will inherit the configuration of the parent containerTemplate.
13 | If no matching containerTemplate is found, the template is added as is.
14 |
15 | Volume inheritance works exactly as Container templates.
16 |
17 | Image Pull Secrets are combined (all secrets defined both on 'parent' and 'current' template are used).
18 |
19 |
20 | By default, pod template inherits outer pod template definitions.
21 | Inheritance can be stopped by using the empty string.
22 |
23 |
--------------------------------------------------------------------------------
/examples/containerLog.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: '''
2 | apiVersion: v1
3 | kind: Pod
4 | metadata:
5 | labels:
6 | some-label: some-label-value
7 | spec:
8 | containers:
9 | - name: maven
10 | image: maven:3.8.1-jdk-8
11 | command:
12 | - sleep
13 | args:
14 | - 99d
15 | tty: true
16 | - name: mongo
17 | image: mongo
18 | ''') {
19 | node(POD_LABEL) {
20 | stage('Integration Test') {
21 | try {
22 | container('maven') {
23 | sh 'nc -z localhost:27017 && echo "connected to mongo db"'
24 | // sh 'mvn -B clean failsafe:integration-test' // real integration test
25 |
26 | def mongoLog = containerLog(name: 'mongo', returnLog: true, tailingLines: 5, sinceSeconds: 20, limitBytes: 50000)
27 | assert mongoLog.contains('connection accepted from 127.0.0.1:')
28 | sh 'echo failing build; false'
29 | }
30 | } catch (Exception e) {
31 | containerLog 'mongo'
32 | throw e
33 | }
34 | }
35 | }
36 | }
37 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/DynamicPVCWorkspaceVolume/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 | This feature is deprecated. Please use generic ephemeral volume instead, which provides the same functionality without requiring explicit RBAC permissions to create persistent volume claims.
6 |
7 | Allocates a PVC dynamically using the specified parameters, then deletes it when the pod is deleted.
8 | Note that this requires the Jenkins controller to have additional RBAC permissions than are typically needed for agent provisioning.
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/runInPodFromYaml.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: """
2 | apiVersion: v1
3 | kind: Pod
4 | metadata:
5 | labels:
6 | some-label: some-label-value
7 | spec:
8 | containers:
9 | - name: busybox
10 | image: busybox
11 | command:
12 | - cat
13 | tty: true
14 | env:
15 | - name: CONTAINER_ENV_VAR
16 | value: container-env-var-value
17 | - name: CONTAINER_ENV_VAR_FROM_SECRET
18 | valueFrom:
19 | secretKeyRef:
20 | key: password
21 | name: container-secret
22 | """
23 | ) {
24 |
25 | node(POD_LABEL) {
26 | stage('Run') {
27 | container('busybox') {
28 | sh '''set +x
29 | ## durable-task plugin generates a script.sh file.
30 | ##
31 | echo "script file: $(find ../../.. -iname script.sh))"
32 | echo "script file contents: $(find ../../.. -iname script.sh -exec cat {} \\;)"
33 | echo INSIDE_CONTAINER_ENV_VAR_FROM_SECRET = $CONTAINER_ENV_VAR_FROM_SECRET or `echo $CONTAINER_ENV_VAR_FROM_SECRET | tr [a-z] [A-Z]`
34 | test -n "$(cat "$(find ../../.. -iname script.sh)")"
35 | '''
36 | }
37 | }
38 | }
39 | }
40 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-restrictedPssSecurityContext.html:
--------------------------------------------------------------------------------
1 |
2 |
3 | When using Pod Security Admission in the Agents namespace
4 | with the restricted Pod Security Standard, the
5 | jnlp container cannot be scheduled without overriding its container definition with a securityContext.
6 |
7 |
8 | This option allows to automatically inject in the jnlp container a securityContext that is suitable for the use
9 | of the restricted Pod Security Standard.
10 |
11 |
12 | This is the securityContext that will be used for the jnlp container with that option:
13 |
14 |
securityContext:
15 | allowPrivilegeEscalation: false
16 | capabilities:
17 | drop:
18 | - ALL
19 | runAsNonRoot: true
20 | seccompProfile:
21 | type: RuntimeDefault
22 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloudFIPSTest/certs/dsa1024:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIDDzCCArygAwIBAgIUYBblXc5PhKw86bwvpcfBv/PxOmEwCwYJYIZIAWUDBAMC
3 | MEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJ
4 | bnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjQwNzE4MTU0MDAxWhcNMjQwODE3
5 | MTU0MDAxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8G
6 | A1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBvzCCATQGByqGSM44BAEw
7 | ggEnAoGBAN1Se68u8JFTdXrZ2ED2RDG89TRR51j1E7SPwlYItWQGAnJUkTRKyhYO
8 | 6oItvkuie/9HqjFVcz0hW1D0EfKKuJjv2VjkN07bQyZ9Kr92tfnkC2IOvbfDs8Ev
9 | g3GBOjKs7Bi9inOcQZCKt1ZeNd4j4jDrLPnisEc8urcBlbxnNCiHAh0A7PRieQst
10 | d6p4yVCVQp/fsjmUp+bL7phoR5jxNQKBgQC4K58rznGE8QmhSsUonv5Uf+gnnpDI
11 | 6eDiOUH/DpIDIMftK6AQ4wp6YY4pZP+dxfbBt9uimmfdyuvrO3i1oOD3UqmVSCwd
12 | Qome8YPGfxtTYYB/o05li7KPzHTqVcGXZQont9IK+uQaCwnzv/dsERol2F2aPMnD
13 | 6JE2hd/DCUWiqQOBhAACgYBeEMMpp5ROkIDZ5h4HeDDZztn1zWRrnsV89Cs6WcjR
14 | vbeumfVIoo06yws5tZdMfssrBjk+irKFKIU9edhiKcOjB8ssMJi+7tOEWEC9ooHo
15 | F6cOqiYmhLBhLrIyv5dZUe8RtyJRZaP+4bn3PbxZ7Cij8DWHntnwhEjrqlUp6vCq
16 | K6MhMB8wHQYDVR0OBBYEFPJmnQzXspNFvJNwPqxj//pvgzBlMAsGCWCGSAFlAwQD
17 | AgNAADA9AhwNYi4S6Cq9uh9KKBYz9jYdiJYjI2lmDnSFYGtQAh0AvZkHSf6BfSKE
18 | STBsggtQOqDvcao45reTjyaDcw==
19 | -----END CERTIFICATE-----
20 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/secretMaskingWindows.groovy:
--------------------------------------------------------------------------------
1 | podTemplate(yaml: '''
2 | apiVersion: v1
3 | kind: Pod
4 | spec:
5 | containers:
6 | - name: jnlp
7 | image: jenkins/inbound-agent:windowsservercore-1809
8 | env:
9 | - name: POD_ENV_VAR_FROM_SECRET
10 | valueFrom:
11 | secretKeyRef:
12 | key: password
13 | name: pod-secret
14 | - name: shell
15 | image: mcr.microsoft.com/powershell:preview-windowsservercore-1809
16 | command:
17 | - powershell
18 | args:
19 | - Start-Sleep
20 | - 999999
21 | env:
22 | - name: CONTAINER_ENV_VAR_FROM_SECRET
23 | valueFrom:
24 | secretKeyRef:
25 | key: password
26 | name: container-secret
27 | nodeSelector:
28 | kubernetes.io/os: windows
29 | node.kubernetes.io/windows-build: 10.0.17763
30 | ''') {
31 | node(POD_LABEL) {
32 | powershell 'echo "INSIDE_POD_ENV_VAR_FROM_SECRET = $Env:POD_ENV_VAR_FROM_SECRET or $($Env:POD_ENV_VAR_FROM_SECRET.ToUpper())"'
33 | container('shell') {
34 | powershell 'echo "INSIDE_CONTAINER_ENV_VAR_FROM_SECRET = $Env:CONTAINER_ENV_VAR_FROM_SECRET or $($Env:CONTAINER_ENV_VAR_FROM_SECRET.ToUpper())"'
35 | }
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/src/main/java/org/csanchez/jenkins/plugins/kubernetes/pod/decorator/DefaultNodeSelector.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.pod.decorator;
2 |
3 | import edu.umd.cs.findbugs.annotations.NonNull;
4 | import hudson.Extension;
5 | import io.fabric8.kubernetes.api.model.Pod;
6 | import java.util.Collections;
7 | import org.csanchez.jenkins.plugins.kubernetes.KubernetesCloud;
8 |
9 | /**
10 | * Sets the default node selector to linux if it hasn't been set explicitly in the pod before.
11 | */
12 | @Extension
13 | public class DefaultNodeSelector implements PodDecorator {
14 | @NonNull
15 | @Override
16 | public Pod decorate(@NonNull KubernetesCloud kubernetesCloud, @NonNull Pod pod) {
17 | // default OS: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
18 | if (pod.getSpec().getRuntimeClassName() == null
19 | && (pod.getSpec().getNodeSelector() == null
20 | || pod.getSpec().getNodeSelector().isEmpty())
21 | && (pod.getSpec().getAffinity() == null
22 | || pod.getSpec().getAffinity().getNodeAffinity() == null)) {
23 | pod.getSpec().setNodeSelector(Collections.singletonMap("kubernetes.io/os", "linux"));
24 | }
25 | return pod;
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodImagePullSecret/config_zh_CN.properties:
--------------------------------------------------------------------------------
1 | # The MIT License
2 | #
3 | # Copyright (c) 2018, Alauda
4 | #
5 | # Permission is hereby granted, free of charge, to any person obtaining a copy
6 | # of this software and associated documentation files (the "Software"), to deal
7 | # in the Software without restriction, including without limitation the rights
8 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | # copies of the Software, and to permit persons to whom the Software is
10 | # furnished to do so, subject to the following conditions:
11 | #
12 | # The above copyright notice and this permission notice shall be included in
13 | # all copies or substantial portions of the Software.
14 | #
15 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21 | # THE SOFTWARE.
22 |
23 | Name=\u540D\u79F0
24 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodLabel/config_zh_CN.properties:
--------------------------------------------------------------------------------
1 | # The MIT License
2 | #
3 | # Copyright (c) 2018, Alauda
4 | #
5 | # Permission is hereby granted, free of charge, to any person obtaining a copy
6 | # of this software and associated documentation files (the "Software"), to deal
7 | # in the Software without restriction, including without limitation the rights
8 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | # copies of the Software, and to permit persons to whom the Software is
10 | # furnished to do so, subject to the following conditions:
11 | #
12 | # The above copyright notice and this permission notice shall be included in
13 | # all copies or substantial portions of the Software.
14 | #
15 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21 | # THE SOFTWARE.
22 |
23 | Key=\u952E
24 | Value=\u503C
25 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/PodAnnotation/config_zh_CN.properties:
--------------------------------------------------------------------------------
1 | # The MIT License
2 | #
3 | # Copyright (c) 2018, Alauda
4 | #
5 | # Permission is hereby granted, free of charge, to any person obtaining a copy
6 | # of this software and associated documentation files (the "Software"), to deal
7 | # in the Software without restriction, including without limitation the rights
8 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | # copies of the Software, and to permit persons to whom the Software is
10 | # furnished to do so, subject to the following conditions:
11 | #
12 | # The above copyright notice and this permission notice shall be included in
13 | # all copies or substantial portions of the Software.
14 | #
15 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21 | # THE SOFTWARE.
22 |
23 | Key=\u952E
24 | Value=\u503C
25 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/model/KeyValueEnvVar/config_zh_CN.properties:
--------------------------------------------------------------------------------
1 | # The MIT License
2 | #
3 | # Copyright (c) 2018, Alauda
4 | #
5 | # Permission is hereby granted, free of charge, to any person obtaining a copy
6 | # of this software and associated documentation files (the "Software"), to deal
7 | # in the Software without restriction, including without limitation the rights
8 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | # copies of the Software, and to permit persons to whom the Software is
10 | # furnished to do so, subject to the following conditions:
11 | #
12 | # The above copyright notice and this permission notice shall be included in
13 | # all copies or substantial portions of the Software.
14 | #
15 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21 | # THE SOFTWARE.
22 |
23 | Key=\u952E
24 | Value=\u503C
25 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/EmptyDirWorkspaceVolume/config_zh_CN.properties:
--------------------------------------------------------------------------------
1 | # The MIT License
2 | #
3 | # Copyright (c) 2018, Alauda
4 | #
5 | # Permission is hereby granted, free of charge, to any person obtaining a copy
6 | # of this software and associated documentation files (the "Software"), to deal
7 | # in the Software without restriction, including without limitation the rights
8 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | # copies of the Software, and to permit persons to whom the Software is
10 | # furnished to do so, subject to the following conditions:
11 | #
12 | # The above copyright notice and this permission notice shall be included in
13 | # all copies or substantial portions of the Software.
14 | #
15 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21 | # THE SOFTWARE.
22 |
23 | In\ Memory=\u5185\u5B58\u4E2D
24 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/RestrictedPssSecurityInjectorTest/simple-after.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: "v1"
3 | kind: "Pod"
4 | metadata:
5 | name: "simple"
6 | namespace: "jenkins"
7 | spec:
8 | containers:
9 | - env:
10 | - name: "JENKINS_SECRET"
11 | value: "my-little-secret"
12 | - name: "JENKINS_AGENT_NAME"
13 | value: "my-lovely-agent"
14 | - name: "REMOTING_OPTS"
15 | value: "-noReconnectAfter 1d"
16 | - name: "JENKINS_NAME"
17 | value: "my-lovely-agent"
18 | - name: "JENKINS_AGENT_WORKDIR"
19 | value: "/home/jenkins/agent"
20 | - name: "JENKINS_URL"
21 | value: "http://localhost/"
22 | image: "jenkins/inbound-agent"
23 | name: "jnlp"
24 | resources:
25 | limits:
26 | cpu: "1"
27 | memory: "768Mi"
28 | requests:
29 | cpu: "1"
30 | memory: "768Mi"
31 | securityContext:
32 | allowPrivilegeEscalation: false
33 | capabilities:
34 | drop:
35 | - "ALL"
36 | runAsNonRoot: true
37 | seccompProfile:
38 | type: "RuntimeDefault"
39 | volumeMounts:
40 | - mountPath: "/home/jenkins/agent"
41 | name: "workspace-volume"
42 | readOnly: false
43 | volumes:
44 | - emptyDir:
45 | medium: ""
46 | name: "workspace-volume"
47 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/workspace/HostPathWorkspaceVolume/config_zh_CN.properties:
--------------------------------------------------------------------------------
1 | # The MIT License
2 | #
3 | # Copyright (c) 2018, Alauda
4 | #
5 | # Permission is hereby granted, free of charge, to any person obtaining a copy
6 | # of this software and associated documentation files (the "Software"), to deal
7 | # in the Software without restriction, including without limitation the rights
8 | # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | # copies of the Software, and to permit persons to whom the Software is
10 | # furnished to do so, subject to the following conditions:
11 | #
12 | # The above copyright notice and this permission notice shall be included in
13 | # all copies or substantial portions of the Software.
14 | #
15 | # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21 | # THE SOFTWARE.
22 |
23 | Host\ path=\u4E3B\u673A\u8DEF\u5F84
24 |
--------------------------------------------------------------------------------
/src/test/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/steps/CreateWorkflowJobThenScheduleTask.java:
--------------------------------------------------------------------------------
1 | package org.csanchez.jenkins.plugins.kubernetes.pipeline.steps;
2 |
3 | import org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition;
4 | import org.jenkinsci.plugins.workflow.job.WorkflowJob;
5 | import org.jenkinsci.plugins.workflow.job.WorkflowRun;
6 | import org.jvnet.hudson.test.JenkinsRule;
7 | import org.jvnet.hudson.test.RealJenkinsRule;
8 |
9 | /**
10 | * Creates a workflow job using the specified script, then schedules it and returns a reference to the run.
11 | */
12 | public class CreateWorkflowJobThenScheduleTask implements RealJenkinsRule.Step2 {
13 | private String script;
14 |
15 | public CreateWorkflowJobThenScheduleTask(String script) {
16 | this.script = script;
17 | }
18 |
19 | @Override
20 | public RunId run(JenkinsRule r) throws Throwable {
21 | WorkflowJob project = r.createProject(WorkflowJob.class);
22 | project.setDefinition(new CpsFlowDefinition(script, true));
23 | project.save();
24 | System.out.println("Scheduling build...");
25 | WorkflowRun b = project.scheduleBuild2(0).getStartCondition().get();
26 | System.out.println("Build scheduled...");
27 | return new RunId(project.getFullName(), b.number);
28 | }
29 | }
30 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/pipeline/declarativeWithNamespaceFromYaml.groovy:
--------------------------------------------------------------------------------
1 | pipeline {
2 | agent {
3 | kubernetes {
4 | yaml '''
5 | metadata:
6 | namespace: kubernetes-plugin-test-overridden-namespace
7 | labels:
8 | some-label: some-label-value
9 | class: KubernetesDeclarativeAgentTest
10 | spec:
11 | containers:
12 | - name: jnlp
13 | env:
14 | - name: CONTAINER_ENV_VAR
15 | value: jnlp
16 | - name: maven
17 | image: maven:3.3.9-jdk-8-alpine
18 | command:
19 | - cat
20 | tty: true
21 | env:
22 | - name: CONTAINER_ENV_VAR
23 | value: maven
24 | - name: busybox
25 | image: busybox
26 | command:
27 | - cat
28 | tty: true
29 | env:
30 | - name: CONTAINER_ENV_VAR
31 | value: busybox
32 | '''
33 | }
34 | }
35 | stages {
36 | stage('Run maven') {
37 | steps {
38 | sh 'set'
39 | sh "echo OUTSIDE_CONTAINER_ENV_VAR = ${CONTAINER_ENV_VAR}"
40 | container('maven') {
41 | sh 'echo MAVEN_CONTAINER_ENV_VAR = ${CONTAINER_ENV_VAR}'
42 | sh 'mvn -version'
43 | }
44 | container('busybox') {
45 | sh 'echo BUSYBOX_CONTAINER_ENV_VAR = ${CONTAINER_ENV_VAR}'
46 | sh '/bin/busybox'
47 | }
48 | }
49 | }
50 | }
51 | }
52 |
--------------------------------------------------------------------------------
/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/volumes/DynamicPVCVolume/config.jelly:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 | This feature is deprecated. Please use generic ephemeral volume instead, which provides the same functionality without requiring explicit RBAC permissions to create persistent volume claims.
6 |
7 | Allocates a PVC dynamically using the specified parameters, then deletes it when the pod is deleted.
8 | Note that this requires the Jenkins controller to have additional RBAC permissions than are typically needed for agent provisioning.
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
--------------------------------------------------------------------------------
/src/test/resources/org/csanchez/jenkins/plugins/kubernetes/RestrictedPssSecurityInjectorTest/existingSecurityContext-after.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: "v1"
3 | kind: "Pod"
4 | metadata:
5 | name: "simple"
6 | namespace: "jenkins"
7 | spec:
8 | containers:
9 | - env:
10 | - name: "JENKINS_SECRET"
11 | value: "my-little-secret"
12 | - name: "JENKINS_AGENT_NAME"
13 | value: "my-lovely-agent"
14 | - name: "REMOTING_OPTS"
15 | value: "-noReconnectAfter 1d"
16 | - name: "JENKINS_NAME"
17 | value: "my-lovely-agent"
18 | - name: "JENKINS_AGENT_WORKDIR"
19 | value: "/home/jenkins/agent"
20 | - name: "JENKINS_URL"
21 | value: "http://localhost/"
22 | image: "jenkins/inbound-agent"
23 | name: "jnlp"
24 | resources:
25 | limits:
26 | cpu: "1"
27 | memory: "768Mi"
28 | requests:
29 | cpu: "1"
30 | memory: "768Mi"
31 | securityContext:
32 | allowPrivilegeEscalation: true
33 | capabilities:
34 | drop:
35 | - "ALL"
36 | runAsNonRoot: true
37 | seccompProfile:
38 | type: "Localhost"
39 | volumeMounts:
40 | - mountPath: "/home/jenkins/agent"
41 | name: "workspace-volume"
42 | readOnly: false
43 | volumes:
44 | - emptyDir:
45 | medium: ""
46 | name: "workspace-volume"
47 |
--------------------------------------------------------------------------------