feat: confluence benchmark, pattern extractor, agent KB, UX spec
- extract-patterns.js: mines layered arch, ArgoCD appsets, cloud regions, CIDR allocations, naming conventions, sync waves, tech stack from code - agent-kb.js: token-efficient JSON rendering of same doc tree - eval-confluence-ref-questions.json: 32 reference-only benchmark questions - wiggum-v2.sh: Ralph Wiggum loop targeting confluence baseline (77.8%) - docs/human-ux-spec.md: BMad UX designer spec for human doc structure - Eval results: V2 at 28.7% vs confluence 77.8% baseline - Hub/spoke ownership now correctly extracted (95% on that question) - Naming conventions, regions, CIDRs surfaced in system-architecture.md
This commit is contained in:
@@ -0,0 +1,345 @@
|
||||
# jenkins
|
||||
|
||||
  
|
||||
|
||||
Jenkins - Build great things at any scale! As the leading open source automation server, Jenkins provides over 2000 plugins to support building, deploying and automating any project.
|
||||
|
||||
**Homepage:** <https://www.jenkins.io/>
|
||||
|
||||
## Maintainers
|
||||
|
||||
| Name | Email | Url |
|
||||
| ---- | ------ | --- |
|
||||
| maorfr | <maor.friedman@redhat.com> | |
|
||||
| torstenwalter | <mail@torstenwalter.de> | |
|
||||
| mogaal | <garridomota@gmail.com> | |
|
||||
| wmcdona89 | <wmcdona89@gmail.com> | |
|
||||
| timja | <timjacomb1@gmail.com> | |
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://github.com/jenkinsci/jenkins>
|
||||
* <https://github.com/jenkinsci/docker-inbound-agent>
|
||||
* <https://github.com/maorfr/kube-tasks>
|
||||
* <https://github.com/jenkinsci/configuration-as-code-plugin>
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| additionalAgents | object | `{}` | Configure additional |
|
||||
| additionalClouds | object | `{}` | |
|
||||
| agent.TTYEnabled | bool | `false` | Allocate pseudo tty to the side container |
|
||||
| agent.additionalContainers | list | `[]` | Add additional containers to the agents |
|
||||
| agent.alwaysPullImage | bool | `false` | Always pull agent container image before build |
|
||||
| agent.annotations | object | `{}` | Annotations to apply to the pod |
|
||||
| agent.args | string | `"${computer.jnlpmac} ${computer.name}"` | Arguments passed to command to execute |
|
||||
| agent.command | string | `nil` | Command to execute when side container starts |
|
||||
| agent.componentName | string | `"jenkins-agent"` | |
|
||||
| agent.connectTimeout | int | `100` | Timeout in seconds for an agent to be online |
|
||||
| agent.containerCap | int | `10` | Max number of agents to launch for a whole cluster. |
|
||||
| agent.customJenkinsLabels | list | `[]` | Append Jenkins labels to the agent |
|
||||
| agent.defaultsProviderTemplate | string | `""` | The name of the pod template to use for providing default values |
|
||||
| agent.directConnection | bool | `false` | |
|
||||
| agent.disableDefaultAgent | bool | `false` | Disable the default Jenkins Agent configuration |
|
||||
| agent.enabled | bool | `true` | Enable Kubernetes plugin jnlp-agent podTemplate |
|
||||
| agent.envVars | list | `[]` | Environment variables for the agent Pod |
|
||||
| agent.garbageCollection.enabled | bool | `false` | When enabled, Jenkins will periodically check for orphan pods that have not been touched for the given timeout period and delete them. |
|
||||
| agent.garbageCollection.namespaces | string | `""` | Namespaces to look at for garbage collection, in addition to the default namespace defined for the cloud. One namespace per line. |
|
||||
| agent.garbageCollection.timeout | int | `300` | Timeout value for orphaned pods |
|
||||
| agent.hostNetworking | bool | `false` | Enables the agent to use the host network |
|
||||
| agent.idleMinutes | int | `0` | Allows the Pod to remain active for reuse until the configured number of minutes has passed since the last step was executed on it |
|
||||
| agent.image.repository | string | `"gcr.io/customer-facing/jenkins/inbound-agent"` | Repository to pull the agent jnlp image from |
|
||||
| agent.image.tag | string | `"3309.v27b_9314fd1a_4-1"` | Tag of the image to pull |
|
||||
| agent.imagePullSecretName | string | `nil` | Name of the secret to be used to pull the image |
|
||||
| agent.inheritYamlMergeStrategy | bool | `false` | Controls whether the defined yaml merge strategy will be inherited if another defined pod template is configured to inherit from the current one |
|
||||
| agent.instanceCap | int | `2147483647` | Max number of agents to launch for this type of agent |
|
||||
| agent.jenkinsTunnel | string | `nil` | Overrides the Kubernetes Jenkins tunnel |
|
||||
| agent.jenkinsUrl | string | `nil` | Overrides the Kubernetes Jenkins URL |
|
||||
| agent.jnlpregistry | string | `nil` | Custom registry used to pull the agent jnlp image from |
|
||||
| agent.kubernetesConnectTimeout | int | `5` | The connection timeout in seconds for connections to Kubernetes API. The minimum value is 5 |
|
||||
| agent.kubernetesReadTimeout | int | `15` | The read timeout in seconds for connections to Kubernetes API. The minimum value is 15 |
|
||||
| agent.livenessProbe | object | `{}` | |
|
||||
| agent.maxRequestsPerHostStr | string | `"32"` | The maximum concurrent connections to Kubernetes API |
|
||||
| agent.namespace | string | `nil` | Namespace in which the Kubernetes agents should be launched |
|
||||
| agent.nodeSelector | object | `{}` | Node labels for pod assignment |
|
||||
| agent.nodeUsageMode | string | `"NORMAL"` | |
|
||||
| agent.podLabels | object | `{}` | Custom Pod labels (an object with `label-key: label-value` pairs) |
|
||||
| agent.podName | string | `"default"` | Agent Pod base name |
|
||||
| agent.podRetention | string | `"Never"` | |
|
||||
| agent.podTemplates | object | `{}` | Configures extra pod templates for the default kubernetes cloud |
|
||||
| agent.privileged | bool | `false` | Agent privileged container |
|
||||
| agent.resources | object | `{"limits":{"cpu":"512m","memory":"512Mi"},"requests":{"cpu":"512m","memory":"512Mi"}}` | Resources allocation (Requests and Limits) |
|
||||
| agent.restrictedPssSecurityContext | bool | `false` | Set a restricted securityContext on jnlp containers |
|
||||
| agent.retentionTimeout | int | `5` | Time in minutes after which the Kubernetes cloud plugin will clean up an idle worker that has not already terminated |
|
||||
| agent.runAsGroup | string | `nil` | Configure container group |
|
||||
| agent.runAsUser | string | `nil` | Configure container user |
|
||||
| agent.secretEnvVars | list | `[]` | Mount a secret as environment variable |
|
||||
| agent.serviceAccount | string | `serviceAccountAgent.name` if `agent.useDefaultServiceAccount` is `true` | Override the default service account |
|
||||
| agent.showRawYaml | bool | `true` | |
|
||||
| agent.sideContainerName | string | `"jnlp"` | Side container name |
|
||||
| agent.skipTlsVerify | bool | `false` | Disables the verification of the controller certificate on remote connection. This flag correspond to the "Disable https certificate check" flag in kubernetes plugin UI |
|
||||
| agent.usageRestricted | bool | `false` | Enable the possibility to restrict the usage of this agent to specific folder. This flag correspond to the "Restrict pipeline support to authorized folders" flag in kubernetes plugin UI |
|
||||
| agent.useDefaultServiceAccount | bool | `true` | Use `serviceAccountAgent.name` as the default value for defaults template `serviceAccount` |
|
||||
| agent.volumes | list | `[]` | Additional volumes |
|
||||
| agent.waitForPodSec | int | `600` | Seconds to wait for pod to be running |
|
||||
| agent.websocket | bool | `false` | Enables agent communication via websockets |
|
||||
| agent.workingDir | string | `"/home/jenkins/agent"` | Configure working directory for default agent |
|
||||
| agent.workspaceVolume | object | `{}` | Workspace volume (defaults to EmptyDir) |
|
||||
| agent.yamlMergeStrategy | string | `"override"` | Defines how the raw yaml field gets merged with yaml definitions from inherited pod templates. Possible values: "merge" or "override" |
|
||||
| agent.yamlTemplate | string | `""` | The raw yaml of a Pod API Object to merge into the agent spec |
|
||||
| awsSecurityGroupPolicies.enabled | bool | `false` | |
|
||||
| awsSecurityGroupPolicies.policies[0].name | string | `""` | |
|
||||
| awsSecurityGroupPolicies.policies[0].podSelector | object | `{}` | |
|
||||
| awsSecurityGroupPolicies.policies[0].securityGroupIds | list | `[]` | |
|
||||
| checkDeprecation | bool | `true` | Checks if any deprecated values are used |
|
||||
| clusterZone | string | `"cluster.local"` | Override the cluster name for FQDN resolving |
|
||||
| controller.JCasC.authorizationStrategy | string | `"loggedInUsersCanDoAnything:\n allowAnonymousRead: false"` | Jenkins Config as Code Authorization Strategy-section |
|
||||
| controller.JCasC.configMapAnnotations | object | `{}` | Annotations for the JCasC ConfigMap |
|
||||
| controller.JCasC.configScripts | object | `{}` | List of Jenkins Config as Code scripts |
|
||||
| controller.JCasC.configUrls | list | `[]` | Remote URLs for configuration files. |
|
||||
| controller.JCasC.defaultConfig | bool | `true` | Enables default Jenkins configuration via configuration as code plugin |
|
||||
| controller.JCasC.overwriteConfiguration | bool | `false` | Whether Jenkins Config as Code should overwrite any existing configuration |
|
||||
| controller.JCasC.security | object | `{"apiToken":{"creationOfLegacyTokenEnabled":false,"tokenGenerationOnCreationEnabled":false,"usageStatisticsEnabled":true}}` | Jenkins Config as Code security-section |
|
||||
| controller.JCasC.securityRealm | string | `"local:\n allowsSignup: false\n enableCaptcha: false\n users:\n - id: \"${chart-admin-username}\"\n name: \"Jenkins Admin\"\n password: \"${chart-admin-password}\""` | Jenkins Config as Code Security Realm-section |
|
||||
| controller.additionalExistingSecrets | list | `[]` | List of additional existing secrets to mount |
|
||||
| controller.additionalPlugins | list | `[]` | List of plugins to install in addition to those listed in controller.installPlugins |
|
||||
| controller.additionalSecrets | list | `[]` | List of additional secrets to create and mount |
|
||||
| controller.admin.createSecret | bool | `true` | Create secret for admin user |
|
||||
| controller.admin.existingSecret | string | `""` | The name of an existing secret containing the admin credentials |
|
||||
| controller.admin.password | string | <random password> | Admin password created as a secret if `controller.admin.createSecret` is true |
|
||||
| controller.admin.passwordKey | string | `"jenkins-admin-password"` | The key in the existing admin secret containing the password |
|
||||
| controller.admin.userKey | string | `"jenkins-admin-user"` | The key in the existing admin secret containing the username |
|
||||
| controller.admin.username | string | `"admin"` | Admin username created as a secret if `controller.admin.createSecret` is true |
|
||||
| controller.affinity | object | `{}` | Affinity settings |
|
||||
| controller.agentListenerEnabled | bool | `true` | Create Agent listener service |
|
||||
| controller.agentListenerExternalTrafficPolicy | string | `nil` | Traffic Policy of for the agentListener service |
|
||||
| controller.agentListenerHostPort | string | `nil` | Host port to listen for agents |
|
||||
| controller.agentListenerLoadBalancerIP | string | `nil` | Static IP for the agentListener LoadBalancer |
|
||||
| controller.agentListenerLoadBalancerSourceRanges | list | `["0.0.0.0/0"]` | Allowed inbound IP for the agentListener service |
|
||||
| controller.agentListenerNodePort | string | `nil` | Node port to listen for agents |
|
||||
| controller.agentListenerPort | int | `50000` | Listening port for agents |
|
||||
| controller.agentListenerServiceAnnotations | object | `{}` | Annotations for the agentListener service |
|
||||
| controller.agentListenerServiceType | string | `"ClusterIP"` | Defines how to expose the agentListener service |
|
||||
| controller.backendconfig.annotations | object | `{}` | backendconfig annotations |
|
||||
| controller.backendconfig.apiVersion | string | `"extensions/v1beta1"` | backendconfig API version |
|
||||
| controller.backendconfig.enabled | bool | `false` | Enables backendconfig |
|
||||
| controller.backendconfig.labels | object | `{}` | backendconfig labels |
|
||||
| controller.backendconfig.name | string | `nil` | backendconfig name |
|
||||
| controller.backendconfig.spec | object | `{}` | backendconfig spec |
|
||||
| controller.cloudName | string | `"kubernetes"` | Name of default cloud configuration. |
|
||||
| controller.clusterIp | string | `nil` | k8s service clusterIP. Only used if serviceType is ClusterIP |
|
||||
| controller.componentName | string | `"jenkins-controller"` | Used for label app.kubernetes.io/component |
|
||||
| controller.containerEnv | list | `[]` | Environment variables for Jenkins Container |
|
||||
| controller.containerEnvFrom | list | `[]` | Environment variable sources for Jenkins Container |
|
||||
| controller.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":1000,"runAsUser":1000}` | Allow controlling the securityContext for the jenkins container |
|
||||
| controller.csrf.defaultCrumbIssuer.enabled | bool | `true` | Enable the default CSRF Crumb issuer |
|
||||
| controller.csrf.defaultCrumbIssuer.proxyCompatability | bool | `true` | Enable proxy compatibility |
|
||||
| controller.customInitContainers | list | `[]` | Custom init-container specification in raw-yaml format |
|
||||
| controller.customJenkinsLabels | list | `[]` | Append Jenkins labels to the controller |
|
||||
| controller.disableRememberMe | bool | `false` | Disable use of remember me |
|
||||
| controller.disabledAgentProtocols | list | `["JNLP-connect","JNLP2-connect"]` | Disabled agent protocols |
|
||||
| controller.enableRawHtmlMarkupFormatter | bool | `false` | Enable HTML parsing using OWASP Markup Formatter Plugin (antisamy-markup-formatter) |
|
||||
| controller.enableServiceLinks | bool | `false` | |
|
||||
| controller.executorMode | string | `"NORMAL"` | Sets the executor mode of the Jenkins node. Possible values are "NORMAL" or "EXCLUSIVE" |
|
||||
| controller.existingSecret | string | `nil` | |
|
||||
| controller.extraPorts | list | `[]` | Optionally configure other ports to expose in the controller container |
|
||||
| controller.fsGroup | int | `1000` | Deprecated in favor of `controller.podSecurityContextOverride`. uid that will be used for persistent volume. |
|
||||
| controller.googlePodMonitor.enabled | bool | `false` | |
|
||||
| controller.googlePodMonitor.scrapeEndpoint | string | `"/prometheus"` | |
|
||||
| controller.googlePodMonitor.scrapeInterval | string | `"60s"` | |
|
||||
| controller.healthProbes | bool | `true` | Enable Kubernetes Probes configuration configured in `controller.probes` |
|
||||
| controller.hostAliases | list | `[]` | Allows for adding entries to Pod /etc/hosts |
|
||||
| controller.hostNetworking | bool | `false` | |
|
||||
| controller.httpsKeyStore.disableSecretMount | bool | `false` | |
|
||||
| controller.httpsKeyStore.enable | bool | `false` | Enables HTTPS keystore on jenkins controller |
|
||||
| controller.httpsKeyStore.fileName | string | `"keystore.jks"` | Jenkins keystore filename which will appear under controller.httpsKeyStore.path |
|
||||
| controller.httpsKeyStore.httpPort | int | `8081` | HTTP Port that Jenkins should listen to along with HTTPS, it also serves as the liveness and readiness probes port. |
|
||||
| controller.httpsKeyStore.jenkinsHttpsJksPasswordSecretKey | string | `"https-jks-password"` | Name of the key in the secret that contains the JKS password |
|
||||
| controller.httpsKeyStore.jenkinsHttpsJksPasswordSecretName | string | `""` | Name of the secret that contains the JKS password, if it is not in the same secret as the JKS file |
|
||||
| controller.httpsKeyStore.jenkinsHttpsJksSecretKey | string | `"jenkins-jks-file"` | Name of the key in the secret that already has ssl keystore |
|
||||
| controller.httpsKeyStore.jenkinsHttpsJksSecretName | string | `""` | Name of the secret that already has ssl keystore |
|
||||
| controller.httpsKeyStore.jenkinsKeyStoreBase64Encoded | string | `nil` | Base64 encoded Keystore content. Keystore must be converted to base64 then being pasted here |
|
||||
| controller.httpsKeyStore.password | string | `"password"` | Jenkins keystore password |
|
||||
| controller.httpsKeyStore.path | string | `"/var/jenkins_keystore"` | Path of HTTPS keystore file |
|
||||
| controller.image.pullPolicy | string | `"Always"` | Controller image pull policy |
|
||||
| controller.image.registry | string | `"docker.io"` | Controller image registry |
|
||||
| controller.image.repository | string | `"jenkins/jenkins"` | Controller image repository |
|
||||
| controller.image.tag | string | `nil` | Controller image tag override; i.e., tag: "2.440.1-jdk21" |
|
||||
| controller.image.tagLabel | string | `"jdk21"` | Controller image tag label |
|
||||
| controller.imagePullSecretName | string | `nil` | Controller image pull secret |
|
||||
| controller.ingress.annotations | object | `{}` | Ingress annotations |
|
||||
| controller.ingress.apiVersion | string | `"extensions/v1beta1"` | Ingress API version |
|
||||
| controller.ingress.enabled | bool | `false` | Enables ingress |
|
||||
| controller.ingress.hostName | string | `nil` | Ingress hostname |
|
||||
| controller.ingress.labels | object | `{}` | Ingress labels |
|
||||
| controller.ingress.path | string | `nil` | Ingress path |
|
||||
| controller.ingress.paths | list | `[]` | Override for the default Ingress paths |
|
||||
| controller.ingress.resourceRootUrl | string | `nil` | Hostname to serve assets from |
|
||||
| controller.ingress.tls | list | `[]` | Ingress TLS configuration |
|
||||
| controller.initConfigMap | string | `nil` | Name of the existing ConfigMap that contains init scripts |
|
||||
| controller.initContainerEnv | list | `[]` | Environment variables for Init Container |
|
||||
| controller.initContainerEnvFrom | list | `[]` | Environment variable sources for Init Container |
|
||||
| controller.initContainerResources | object | `{}` | Resources allocation (Requests and Limits) for Init Container |
|
||||
| controller.initScripts | object | `{}` | Map of groovy init scripts to be executed during Jenkins controller start |
|
||||
| controller.initializeOnce | bool | `false` | Initialize only on first installation. Ensures plugins do not get updated inadvertently. Requires `persistence.enabled` to be set to `true` |
|
||||
| controller.installLatestPlugins | bool | `true` | Download the minimum required version or latest version of all dependencies |
|
||||
| controller.installLatestSpecifiedPlugins | bool | `false` | Set to true to download the latest version of any plugin that is requested to have the latest version |
|
||||
| controller.installPlugins | list | `["kubernetes:4336.v55d9a_494db_38","workflow-aggregator:608.v67378e9d3db_1","git:5.7.0","configuration-as-code:1967.va_968e15fd05b_"]` | List of Jenkins plugins to install. If you don't want to install plugins, set it to `false` |
|
||||
| controller.javaOpts | string | `nil` | Append to `JAVA_OPTS` env var |
|
||||
| controller.jenkinsAdminEmail | string | `nil` | Email address for the administrator of the Jenkins instance |
|
||||
| controller.jenkinsHome | string | `"/var/jenkins_home"` | Custom Jenkins home path |
|
||||
| controller.jenkinsOpts | string | `nil` | Append to `JENKINS_OPTS` env var |
|
||||
| controller.jenkinsRef | string | `"/usr/share/jenkins/ref"` | Custom Jenkins reference path |
|
||||
| controller.jenkinsUriPrefix | string | `nil` | Root URI Jenkins will be served on |
|
||||
| controller.jenkinsUrl | string | `nil` | Set Jenkins URL if you are not using the ingress definitions provided by the chart |
|
||||
| controller.jenkinsUrlProtocol | string | `nil` | Set protocol for Jenkins URL; `https` if `controller.ingress.tls`, `http` otherwise |
|
||||
| controller.jenkinsWar | string | `"/usr/share/jenkins/jenkins.war"` | |
|
||||
| controller.jmxPort | string | `nil` | Open a port, for JMX stats |
|
||||
| controller.legacyRemotingSecurityEnabled | bool | `false` | Whether legacy remoting security should be enabled |
|
||||
| controller.lifecycle | object | `{}` | Lifecycle specification for controller-container |
|
||||
| controller.loadBalancerIP | string | `nil` | Optionally assign a known public LB IP |
|
||||
| controller.loadBalancerSourceRanges | list | `["0.0.0.0/0"]` | Allowed inbound IP addresses |
|
||||
| controller.markupFormatter | string | `"plainText"` | Yaml of the markup formatter to use |
|
||||
| controller.nodePort | string | `nil` | k8s node port. Only used if serviceType is NodePort |
|
||||
| controller.nodeSelector | object | `{}` | Node labels for pod assignment |
|
||||
| controller.numExecutors | int | `0` | Set Number of executors |
|
||||
| controller.overwritePlugins | bool | `false` | Overwrite installed plugins on start |
|
||||
| controller.overwritePluginsFromImage | bool | `true` | Overwrite plugins that are already installed in the controller image |
|
||||
| controller.podAnnotations | object | `{}` | Annotations for controller pod |
|
||||
| controller.podDisruptionBudget.annotations | object | `{}` | |
|
||||
| controller.podDisruptionBudget.apiVersion | string | `"policy/v1beta1"` | Policy API version |
|
||||
| controller.podDisruptionBudget.enabled | bool | `false` | Enable Kubernetes Pod Disruption Budget configuration |
|
||||
| controller.podDisruptionBudget.labels | object | `{}` | |
|
||||
| controller.podDisruptionBudget.maxUnavailable | string | `"0"` | Number of pods that can be unavailable. Either an absolute number or a percentage |
|
||||
| controller.podLabels | object | `{}` | Custom Pod labels (an object with `label-key: label-value` pairs) |
|
||||
| controller.podSecurityContextOverride | string | `nil` | Completely overwrites the contents of the pod security context, ignoring the values provided for `runAsUser`, `fsGroup`, and `securityContextCapabilities` |
|
||||
| controller.priorityClassName | string | `nil` | The name of a `priorityClass` to apply to the controller pod |
|
||||
| controller.probes.livenessProbe.failureThreshold | int | `5` | Set the failure threshold for the liveness probe |
|
||||
| controller.probes.livenessProbe.httpGet.path | string | `"{{ default \"\" .Values.controller.jenkinsUriPrefix }}/login"` | Set the Pod's HTTP path for the liveness probe |
|
||||
| controller.probes.livenessProbe.httpGet.port | string | `"http"` | Set the Pod's HTTP port to use for the liveness probe |
|
||||
| controller.probes.livenessProbe.initialDelaySeconds | string | `nil` | Set the initial delay for the liveness probe in seconds |
|
||||
| controller.probes.livenessProbe.periodSeconds | int | `10` | Set the time interval between two liveness probes executions in seconds |
|
||||
| controller.probes.livenessProbe.timeoutSeconds | int | `5` | Set the timeout for the liveness probe in seconds |
|
||||
| controller.probes.readinessProbe.failureThreshold | int | `3` | Set the failure threshold for the readiness probe |
|
||||
| controller.probes.readinessProbe.httpGet.path | string | `"{{ default \"\" .Values.controller.jenkinsUriPrefix }}/login"` | Set the Pod's HTTP path for the liveness probe |
|
||||
| controller.probes.readinessProbe.httpGet.port | string | `"http"` | Set the Pod's HTTP port to use for the readiness probe |
|
||||
| controller.probes.readinessProbe.initialDelaySeconds | string | `nil` | Set the initial delay for the readiness probe in seconds |
|
||||
| controller.probes.readinessProbe.periodSeconds | int | `10` | Set the time interval between two readiness probes executions in seconds |
|
||||
| controller.probes.readinessProbe.timeoutSeconds | int | `5` | Set the timeout for the readiness probe in seconds |
|
||||
| controller.probes.startupProbe.failureThreshold | int | `12` | Set the failure threshold for the startup probe |
|
||||
| controller.probes.startupProbe.httpGet.path | string | `"{{ default \"\" .Values.controller.jenkinsUriPrefix }}/login"` | Set the Pod's HTTP path for the startup probe |
|
||||
| controller.probes.startupProbe.httpGet.port | string | `"http"` | Set the Pod's HTTP port to use for the startup probe |
|
||||
| controller.probes.startupProbe.periodSeconds | int | `10` | Set the time interval between two startup probes executions in seconds |
|
||||
| controller.probes.startupProbe.timeoutSeconds | int | `5` | Set the timeout for the startup probe in seconds |
|
||||
| controller.projectNamingStrategy | string | `"standard"` | |
|
||||
| controller.prometheus.alertingRulesAdditionalLabels | object | `{}` | Additional labels to add to the PrometheusRule object |
|
||||
| controller.prometheus.alertingrules | list | `[]` | Array of prometheus alerting rules |
|
||||
| controller.prometheus.enabled | bool | `false` | Enables prometheus service monitor |
|
||||
| controller.prometheus.metricRelabelings | list | `[]` | |
|
||||
| controller.prometheus.prometheusRuleNamespace | string | `""` | Set a custom namespace where to deploy PrometheusRule resource |
|
||||
| controller.prometheus.relabelings | list | `[]` | |
|
||||
| controller.prometheus.scrapeEndpoint | string | `"/prometheus"` | The endpoint prometheus should get metrics from |
|
||||
| controller.prometheus.scrapeInterval | string | `"60s"` | How often prometheus should scrape metrics |
|
||||
| controller.prometheus.serviceMonitorAdditionalLabels | object | `{}` | Additional labels to add to the service monitor object |
|
||||
| controller.prometheus.serviceMonitorNamespace | string | `nil` | Set a custom namespace where to deploy ServiceMonitor resource |
|
||||
| controller.publishNotReadyAddresses | string | `nil` | |
|
||||
| controller.resources | object | `{"limits":{"cpu":"2000m","memory":"4096Mi"},"requests":{"cpu":"50m","memory":"256Mi"}}` | Resource allocation (Requests and Limits) |
|
||||
| controller.route.annotations | object | `{}` | Route annotations |
|
||||
| controller.route.enabled | bool | `false` | Enables openshift route |
|
||||
| controller.route.labels | object | `{}` | Route labels |
|
||||
| controller.route.path | string | `nil` | Route path |
|
||||
| controller.runAsUser | int | `1000` | Deprecated in favor of `controller.podSecurityContextOverride`. uid that jenkins runs with. |
|
||||
| controller.schedulerName | string | `""` | Name of the Kubernetes scheduler to use |
|
||||
| controller.scriptApproval | list | `[]` | List of groovy functions to approve |
|
||||
| controller.secondaryingress.annotations | object | `{}` | |
|
||||
| controller.secondaryingress.apiVersion | string | `"extensions/v1beta1"` | |
|
||||
| controller.secondaryingress.enabled | bool | `false` | |
|
||||
| controller.secondaryingress.hostName | string | `nil` | |
|
||||
| controller.secondaryingress.labels | object | `{}` | |
|
||||
| controller.secondaryingress.paths | list | `[]` | |
|
||||
| controller.secondaryingress.tls | string | `nil` | |
|
||||
| controller.secretClaims | list | `[]` | List of `SecretClaim` resources to create |
|
||||
| controller.securityContextCapabilities | object | `{}` | |
|
||||
| controller.serviceAnnotations | object | `{}` | Jenkins controller service annotations |
|
||||
| controller.serviceExternalTrafficPolicy | string | `nil` | |
|
||||
| controller.serviceLabels | object | `{}` | Labels for the Jenkins controller-service |
|
||||
| controller.servicePort | int | `8080` | k8s service port |
|
||||
| controller.serviceType | string | `"ClusterIP"` | k8s service type |
|
||||
| controller.shareProcessNamespace | bool | `false` | |
|
||||
| controller.sidecars.additionalSidecarContainers | list | `[]` | Configures additional sidecar container(s) for the Jenkins controller |
|
||||
| controller.sidecars.configAutoReload.additionalVolumeMounts | list | `[]` | Enables additional volume mounts for the config auto-reload container |
|
||||
| controller.sidecars.configAutoReload.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true}` | Enable container security context |
|
||||
| controller.sidecars.configAutoReload.enabled | bool | `true` | Enables Jenkins Config as Code auto-reload |
|
||||
| controller.sidecars.configAutoReload.env | object | `{}` | Environment variables for the Jenkins Config as Code auto-reload container |
|
||||
| controller.sidecars.configAutoReload.envFrom | list | `[]` | Environment variable sources for the Jenkins Config as Code auto-reload container |
|
||||
| controller.sidecars.configAutoReload.folder | string | `"/var/jenkins_home/casc_configs"` | |
|
||||
| controller.sidecars.configAutoReload.image.registry | string | `"gcr.io"` | Registry for the image that triggers the reload |
|
||||
| controller.sidecars.configAutoReload.image.repository | string | `"customer-facing/kiwigrid/k8s-sidecar"` | Repository of the image that triggers the reload |
|
||||
| controller.sidecars.configAutoReload.image.tag | string | `"1.30.3"` | Tag for the image that triggers the reload |
|
||||
| controller.sidecars.configAutoReload.imagePullPolicy | string | `"IfNotPresent"` | |
|
||||
| controller.sidecars.configAutoReload.logging | object | `{"configuration":{"backupCount":3,"formatter":"JSON","logLevel":"INFO","logToConsole":true,"logToFile":false,"maxBytes":1024,"override":false}}` | Config auto-reload logging settings |
|
||||
| controller.sidecars.configAutoReload.logging.configuration.override | bool | `false` | Enables custom log config utilizing using the settings below. |
|
||||
| controller.sidecars.configAutoReload.reqRetryConnect | int | `10` | How many connection-related errors to retry on |
|
||||
| controller.sidecars.configAutoReload.resources | object | `{}` | |
|
||||
| controller.sidecars.configAutoReload.scheme | string | `"http"` | The scheme to use when connecting to the Jenkins configuration as code endpoint |
|
||||
| controller.sidecars.configAutoReload.skipTlsVerify | bool | `false` | Skip TLS verification when connecting to the Jenkins configuration as code endpoint |
|
||||
| controller.sidecars.configAutoReload.sleepTime | string | `nil` | How many seconds to wait before updating config-maps/secrets (sets METHOD=SLEEP on the sidecar) |
|
||||
| controller.sidecars.configAutoReload.sshTcpPort | int | `1044` | |
|
||||
| controller.statefulSetAnnotations | object | `{}` | Annotations for controller StatefulSet |
|
||||
| controller.statefulSetLabels | object | `{}` | Jenkins controller custom labels for the StatefulSet |
|
||||
| controller.targetPort | int | `8080` | k8s target port |
|
||||
| controller.terminationGracePeriodSeconds | string | `nil` | Set TerminationGracePeriodSeconds |
|
||||
| controller.terminationMessagePath | string | `nil` | Set the termination message path |
|
||||
| controller.terminationMessagePolicy | string | `nil` | Set the termination message policy |
|
||||
| controller.testEnabled | bool | `true` | Can be used to disable rendering controller test resources when using helm template |
|
||||
| controller.tolerations | list | `[]` | Toleration labels for pod assignment |
|
||||
| controller.topologySpreadConstraints | object | `{}` | Topology spread constraints |
|
||||
| controller.updateStrategy | object | `{}` | Update strategy for StatefulSet |
|
||||
| controller.usePodSecurityContext | bool | `true` | Enable pod security context (must be `true` if podSecurityContextOverride, runAsUser or fsGroup are set) |
|
||||
| credentialsId | string | `nil` | The Jenkins credentials to access the Kubernetes API server. For the default cluster it is not needed. |
|
||||
| extraManifests | list | `[]` | Array of extra Kubernetes manifests to deploy Can be used to add additional resources like PersistentVolumes, ConfigMaps, Secrets, etc. Supports both YAML objects and raw strings with template functions. |
|
||||
| fullnameOverride | string | `jenkins-(release-name)` or `jenkins` if the release-name is `jenkins` | Override the full resource names |
|
||||
| helmtest.bats.image.registry | string | `"gcr.io"` | Registry of the image used to test the framework |
|
||||
| helmtest.bats.image.repository | string | `"customer-facing/bats/bats"` | Repository of the image used to test the framework |
|
||||
| helmtest.bats.image.tag | string | `"1.11.1"` | Tag of the image to test the framework |
|
||||
| kubernetesURL | string | `"https://kubernetes.default"` | The URL of the Kubernetes API server |
|
||||
| nameOverride | string | `Chart.Name` | Override the resource name prefix |
|
||||
| namespaceOverride | string | `Release.Namespace` | Override the deployment namespace |
|
||||
| networkPolicy.apiVersion | string | `"networking.k8s.io/v1"` | NetworkPolicy ApiVersion |
|
||||
| networkPolicy.enabled | bool | `false` | Enable the creation of NetworkPolicy resources |
|
||||
| networkPolicy.externalAgents.except | list | `[]` | A list of IP sub-ranges to be excluded from the allowlisted IP range |
|
||||
| networkPolicy.externalAgents.ipCIDR | string | `nil` | The IP range from which external agents are allowed to connect to controller, i.e., 172.17.0.0/16 |
|
||||
| networkPolicy.internalAgents.allowed | bool | `true` | Allow internal agents (from the same cluster) to connect to controller. Agent pods will be filtered based on PodLabels |
|
||||
| networkPolicy.internalAgents.namespaceLabels | object | `{}` | A map of labels (keys/values) that agents namespaces must have to be able to connect to controller |
|
||||
| networkPolicy.internalAgents.podLabels | object | `{}` | A map of labels (keys/values) that agent pods must have to be able to connect to controller |
|
||||
| persistence.accessMode | string | `"ReadWriteOnce"` | The PVC access mode |
|
||||
| persistence.annotations | object | `{}` | Annotations for the PVC |
|
||||
| persistence.dataSource | object | `{}` | Existing data source to clone PVC from |
|
||||
| persistence.enabled | bool | `true` | Enable the use of a Jenkins PVC |
|
||||
| persistence.existingClaim | string | `nil` | Provide the name of a PVC |
|
||||
| persistence.labels | object | `{}` | Labels for the PVC |
|
||||
| persistence.mounts | list | `[]` | Additional mounts |
|
||||
| persistence.size | string | `"8Gi"` | The size of the PVC |
|
||||
| persistence.storageClass | string | `nil` | Storage class for the PVC |
|
||||
| persistence.subPath | string | `nil` | SubPath for jenkins-home mount |
|
||||
| persistence.volumes | list | `[]` | Additional volumes |
|
||||
| rbac.create | bool | `true` | Whether RBAC resources are created |
|
||||
| rbac.readSecrets | bool | `false` | Whether the Jenkins service account should be able to read Kubernetes secrets |
|
||||
| rbac.useOpenShiftNonRootSCC | bool | `false` | Whether the Jenkins service account should be able to use the OpenShift "nonroot" Security Context Constraints |
|
||||
| renderHelmLabels | bool | `true` | Enables rendering of the helm.sh/chart label to the annotations |
|
||||
| serviceAccount.annotations | object | `{}` | Configures annotations for the ServiceAccount |
|
||||
| serviceAccount.automountServiceAccountToken | bool | `true` | Auto-mount ServiceAccount token |
|
||||
| serviceAccount.create | bool | `true` | Configures if a ServiceAccount with this name should be created |
|
||||
| serviceAccount.extraLabels | object | `{}` | Configures extra labels for the ServiceAccount |
|
||||
| serviceAccount.imagePullSecretName | string | `nil` | Controller ServiceAccount image pull secret |
|
||||
| serviceAccount.name | string | `nil` | |
|
||||
| serviceAccountAgent.annotations | object | `{}` | Configures annotations for the agent ServiceAccount |
|
||||
| serviceAccountAgent.automountServiceAccountToken | bool | `true` | Auto-mount ServiceAccount token |
|
||||
| serviceAccountAgent.create | bool | `false` | Configures if an agent ServiceAccount should be created |
|
||||
| serviceAccountAgent.extraLabels | object | `{}` | Configures extra labels for the agent ServiceAccount |
|
||||
| serviceAccountAgent.imagePullSecretName | string | `nil` | Agent ServiceAccount image pull secret |
|
||||
| serviceAccountAgent.name | string | `nil` | The name of the agent ServiceAccount to be used by access-controlled resources |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
|
||||
Reference in New Issue
Block a user