dependabot[bot] on maven
dependabot[bot] on maven
Bump crowd2 from 2.0.2 to 3.1.2… (compare)
timja on master
Initiate next LTS line 2.346.x … (compare)
do we (infra) need it to be usable out of kubernetes?
Yes we do: we still have 3 instance in VMs
it seems to me that a chart would be the easier way in our case
Maybe. But I would like to have a solution that work for everyone, not only us. We already are going to use gotemplating in the infra as short term, but helm chart is only a solution for kubernetes users.
my jenkins.yaml :
jobs:
Hi folks.
I'm puzzled by the following piece of casc configuration ...
securityRealm:
local:
allowsSignup: false
enableCaptcha: false
users:
- id: "user1"
name: "user1"
password: "somesecretstring"
- id: "experiment"
name: ${readFile:/mySecretsFolder/test}
password: ${readFile:/mySecretsFolder/test}
User 'user1' works as expected.
User 'experiment' has the expected user name (experiment) but the password is somehow wrong.
Any hints to what may be going on here ?
CasC examples/demos describe 'inline' addition of config scripts into helm (ie using a --values values.yaml).
Is that the recommended practice? It seems 'clunky'.
Other examples show using the CASC_JENKINS_CONFIG to:
### [values.yaml]
containerEnv:
- name: CASC_JENKINS_CONFIG
value: http://gitea-lb.operations.svc/rubbercable/jenkins/raw/branch/master/unclassified.yaml
### [ in describe ]
kubectl describe pod jenkins-0
<snip>
CASC_JENKINS_CONFIG: http://gitea-lb.operations.svc/rubbercable/jenkins/raw/branch/master/unclassified.yaml
CASC_JENKINS_CONFIG: /var/jenkins_home/casc_configs
<snip>
### [in container]
jenkins@jenkins-0:~/casc_configs$ env | grep CASC
CASC_JENKINS_CONFIG=/var/jenkins_home/casc_configs
I'm not sure what the accepted(best-practice) method of populating the folder - automatically. (do I just concentrate on the the initContainer route?)
Hello there, I'm trying to edit our J2 configuration file along the lines of this: https://github.com/jenkinsci/configuration-as-code-plugin/tree/master/demos/matrix-auth#configure-matrix-authorization-strategy
We have custom groups (ops, jenkins_editor, things like that) but in the Jenkins UI, they're indicated as ambiguous entries. How would we solve that? The docs don't touch on a group outside of anonymous / authenticated
Hey good day all!
I have been with an "issue" a couple of days and hope someone in here could help me.
CONTEXT:
I am triying to deploy a Jenkins using helm with JCASC to get vault secrets. I am using a local minikube
to create mi k8
cluster and a local vault
instance in my machine (not in k8
cluster).
Even that I am trying using initContainerEnv
and ContainerEnv
I am not able to reach the vault values. For CASC_VAULT_TOKEN
value I am using vault
root token.
This is helm
command i run locally:
helm upgrade --install -f values.yml mijenkins jenkins/jenkins
And here is my values.yml
file code:
controller:
installPlugins:
# need to add this configuration-as-code due to a known jenkins issue: https://github.com/jenkinsci/helm-charts/issues/595
- "configuration-as-code:1414.v878271fc496f"
- "hashicorp-vault-plugin:latest"
# passing initial environments values to docker basic container
initContainerEnv:
- name: CASC_VAULT_TOKEN
value: "my-vault-root-token"
- name: CASC_VAULT_URL
value: "http://localhost:8200"
- name: CASC_VAULT_PATHS
value: "cubbyhole/jenkins"
- name: CASC_VAULT_ENGINE_VERSION
value: "2"
ContainerEnv:
- name: CASC_VAULT_TOKEN
value: "my-vault-root-token"
- name: CASC_VAULT_URL
value: "http://localhost:8200"
- name: CASC_VAULT_PATHS
value: "cubbyhole/jenkins"
- name: CASC_VAULT_ENGINE_VERSION
value: "2"
JCasC:
configScripts:
here-is-the-user-security: |
jenkins:
securityRealm:
local:
allowsSignup: false
enableCaptcha: false
users:
- id: "${JENKINS_ADMIN_ID}"
password: "${JENKINS_ADMIN_PASSWORD}"
And in my local vault
I can see/reach values:
>vault kv get cubbyhole/jenkins
============= Data =============
Key Value
--- -----
JENKINS_ADMIN_ID alan
JENKINS_ADMIN_PASSWORD acosta
Any of you have an idea what I could be doing wrong?
Hi,
I'm looking for a help with this config.
https://github.com/jenkinsci/crowd2-plugin/blob/master/casc/jenkins.yml
I'm not sure why even though I backuped my master.key
and included this into docker file, those encrypted ecrowd2 passwords differ each time I lunch new jenkins instance based on this dockerfile.
https://github.com/jenkinsci/crowd2-plugin/blob/master/casc/Dockerfile
I would be grateful of any hints, how to fix this.
`# Install necessary dependencies
sudo yum remove java-1.7.0-openjdk -y
sudo yum install java-1.8.0 -y
sudo yum update –y
sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat/jenkins.repo
sudo rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
sudo yum install jenkins -y
sudo service jenkins start
sudo systemctl enable jenkins.service
sudo systemctl start jenkins.service
sudo mv /tmp/jenkins.yaml /var/lib/jenkins/jenkins.yaml
export CASC_JENKINS_CONFIG=/var/lib/jenkins/jenkins.yaml
echo "============downloading plugins================"
sudo curl https://updates.jenkins.io/download/plugins/configuration-as-code/1414.v878271fc496f/configuration-as-code.hpi \
--output /var/lib/jenkins/plugins/configuration-as-code.hpi
sudo curl https://updates.jenkins.io/download/plugins/git/4.10.2/git.hpi \
--output /var/lib/jenkins/plugins/git.hpi`
Not sure if I'm in the right place but this is what I'm hoping to achieve and wondering if the configuration-as-code
plugin generates code from UI configuration?
Does anyone know how to get the underlying YAML parameters from Jenkins plugins?
For example, we create our Jenkins pipelines from .yml files so that the our string parameters typically look like this:
parameters:
- string:
name: DATA_DIR
default: "/mnt/bigdata/build/GLU_ASTHMA_SINGLE_VARIANT_TEST_POST_PROCESS"
I've added a parameter for multiple choices using the Extensible Choice Parameter plugin which I've set up in our Jenkins UI and works as expected.
However, I have no idea what the parameter section would look like in a .yml file... is there anyway to capture this from the UI using this plugin?
gitscm
in the SecurityRealm config block. Can someone help is that possible? if yes, how to do it? wondering if there is a method to reference or use the azure key vault secrets with git scm checkout and ssh agents