1080e6a792
Добавлены плагины по категориям: - Секреты: hashicorp-vault-plugin, kubernetes-credentials - Права: role-strategy, ldap - VCS: bitbucket - Build tools: maven-plugin, gradle, nodejs, ansible - Quality: sonar, warnings-ng, jacoco, cobertura, htmlpublisher - Artifacts: nexus-artifact-uploader, artifactory, publish-over-ssh - Уведомления: email-ext, slack, telegram-notifications, mattermost - Pipeline: pipeline-utility-steps, job-dsl, copyartifact, build-name-setter, throttle-concurrents, parameterized-trigger, docker-plugin JCasC: при addon_vault: true автоматически настраивает hashicorpVault URL Добавлена секция jenkins_vault_url в defaults
101 lines
2.9 KiB
Django/Jinja
101 lines
2.9 KiB
Django/Jinja
controller:
|
|
# Учётные данные администратора
|
|
adminUser: "{{ jenkins_admin_user }}"
|
|
adminPassword: "{{ jenkins_admin_password }}"
|
|
|
|
# Plugins устанавливаются при первом старте
|
|
installPlugins:
|
|
{% for plugin in jenkins_plugins %}
|
|
- {{ plugin }}
|
|
{% endfor %}
|
|
{% if jenkins_metrics_enabled %}
|
|
- prometheus
|
|
{% endif %}
|
|
|
|
# Ресурсы
|
|
resources:
|
|
requests:
|
|
cpu: "{{ jenkins_resources.requests.cpu }}"
|
|
memory: "{{ jenkins_resources.requests.memory }}"
|
|
limits:
|
|
cpu: "{{ jenkins_resources.limits.cpu }}"
|
|
memory: "{{ jenkins_resources.limits.memory }}"
|
|
|
|
# Тип сервиса (ClusterIP — доступ через Ingress)
|
|
serviceType: ClusterIP
|
|
|
|
# Ingress
|
|
ingress:
|
|
enabled: {{ jenkins_ingress_enabled | lower }}
|
|
{% if jenkins_ingress_enabled %}
|
|
ingressClassName: "{{ jenkins_ingress_class }}"
|
|
hostName: "{{ jenkins_ingress_host }}"
|
|
{% if jenkins_ingress_tls %}
|
|
tls:
|
|
- secretName: jenkins-tls
|
|
hosts:
|
|
- "{{ jenkins_ingress_host }}"
|
|
annotations:
|
|
nginx.ingress.kubernetes.io/proxy-body-size: "50m"
|
|
nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
|
|
cert-manager.io/cluster-issuer: "{{ jenkins_ingress_cert_issuer }}"
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
# Prometheus metrics
|
|
prometheus:
|
|
enabled: {{ jenkins_metrics_enabled | lower }}
|
|
|
|
# JCasC — базовая конфигурация
|
|
JCasC:
|
|
defaultConfig: true
|
|
configScripts:
|
|
jenkins-config: |
|
|
jenkins:
|
|
systemMessage: "Managed by Ansible k3s-ansible"
|
|
numExecutors: 0
|
|
unclassified:
|
|
location:
|
|
url: "http{{ 's' if jenkins_ingress_tls else '' }}://{{ jenkins_ingress_host }}/"
|
|
{% if addon_vault | default(false) | bool %}
|
|
vault-config: |
|
|
unclassified:
|
|
hashicorpVault:
|
|
configuration:
|
|
vaultUrl: "http://vault.vault.svc.cluster.local:8200"
|
|
vaultCredentialId: "vault-approle"
|
|
engineVersion: 2
|
|
skipSslVerification: true
|
|
timeout: 60
|
|
{% endif %}
|
|
|
|
# Хранилище Jenkins Home
|
|
persistence:
|
|
enabled: true
|
|
size: "{{ jenkins_storage_size }}"
|
|
{% if jenkins_storage_class %}
|
|
storageClass: "{{ jenkins_storage_class }}"
|
|
{% endif %}
|
|
|
|
# Kubernetes Pod Agents
|
|
agent:
|
|
enabled: {{ jenkins_agent_enabled | lower }}
|
|
image:
|
|
repository: "jenkins/inbound-agent"
|
|
tag: "latest"
|
|
resources:
|
|
requests:
|
|
cpu: "{{ jenkins_agent_resources.requests.cpu }}"
|
|
memory: "{{ jenkins_agent_resources.requests.memory }}"
|
|
limits:
|
|
cpu: "{{ jenkins_agent_resources.limits.cpu }}"
|
|
memory: "{{ jenkins_agent_resources.limits.memory }}"
|
|
|
|
# Отдельный PVC для Jenkins home (master)
|
|
persistence:
|
|
enabled: true
|
|
size: "{{ jenkins_storage_size }}"
|
|
{% if jenkins_storage_class %}
|
|
storageClass: "{{ jenkins_storage_class }}"
|
|
{% endif %}
|