fix incorrect Deployment when using sidecars (#11413)

- moved Master.Sidecars.other to correct location - added documentation for Master.JCasC.enabled - made 'jenkins' the primary container again - bumped chart version - replaced tabs with spaces in README Signed-off-by: Torsten Walter <mail@torstenwalter.de>
helm · Feb 14, 2019 · 362b4ce · 362b4ce
1 parent 1680784
commit 362b4ce
Show file tree

Hide file tree

Showing 3 changed files with 59 additions and 54 deletions.
diff --git a/stable/jenkins/Chart.yaml b/stable/jenkins/Chart.yaml
@@ -1,6 +1,6 @@
 name: jenkins
 home: https://jenkins.io/
-version: 0.32.3
+version: 0.32.4
 appVersion: lts
 description: Open source continuous integration server. It supports multiple SCM tools
   including CVS, Subversion and Git. It can execute Apache Ant and Apache Maven-based

diff --git a/stable/jenkins/README.md b/stable/jenkins/README.md
@@ -74,6 +74,7 @@ The following tables list the configurable parameters of the Jenkins chart and t
 | `Master.Ingress.Annotations`      | Ingress annotations                  | `{}`                                                                         |
 | `Master.Ingress.Path`             | Ingress path                         | Not set                                                                         |
 | `Master.Ingress.TLS`              | Ingress TLS configuration            | `[]`                                                                         |
+| `Master.JCasC.enabled`            | Wheter Jenkins Configuration as Code is enabled or not | `false`                                                    |
 | `Master.JCasC.ConfigScripts`      | List of Jenkins Config as Code scripts | False                                                                   |
 | `Master.Sidecars.configAutoReload` | Jenkins Config as Code auto-reload settings | False                                                                    |
 | `Master.Sidecars.others`          | Configures additional sidecar container(s) for Jenkins master | `{}`                                                           |
@@ -255,12 +256,12 @@ Config as Code changes (to Master.JCasC.ConfigScripts) can either force a new po
 When enabling LDAP or another non-Jenkins identity source, the built-in admin account will no longer exist.  Since the admin account is used by the sidecar to reload config, in order to use auto-reload, you must change the .Master.AdminUser to a valid username on your LDAP (or other) server.  If you use the matrix-auth plugin, this user must also be granted Overall\Administer rights in Jenkins.  Failure to do this will cause the sidecar container to fail to authenticate via SSH and enter a restart loop.  You can enable LDAP using the example above and add a Config as Code block for matrix security that includes:
 ```yaml
 ConfigScripts:
-	matrix-auth: |
-		Jenkins:
-          authorizationStrategy:
-            projectMatrix:
-              grantedPermissions:
-			    - "Overall/Administer:<AdminUser_LDAP_username>"
+  matrix-auth: |
+    jenkins:
+      authorizationStrategy:
+        projectMatrix:
+          grantedPermissions:
+          - "Overall/Administer:<AdminUser_LDAP_username>"
 ```
 You can instead grant this permission via the UI. When this is done, you can set `Master.Sidecars.configAutoReload.enabled: true` and upon the next Helm upgrade, auto-reload will be successfully enabled.
 

diff --git a/stable/jenkins/templates/jenkins-master-deployment.yaml b/stable/jenkins/templates/jenkins-master-deployment.yaml
@@ -131,50 +131,6 @@ spec:
               mountPath: /usr/share/jenkins/ref/secrets/
               name: secrets-dir
       containers:
-{{- if and (.Values.Master.JCasC.enabled) (.Values.Master.Sidecars.configAutoReload.enabled) }}
-        - name: {{ template "jenkins.name" . }}-sc-config
-          image: "{{ .Values.Master.Sidecars.configAutoReload.image }}"
-          imagePullPolicy: {{ .Values.Master.Sidecars.configAutoReload.imagePullPolicy }}
-          env:
-            - name: JENKINSRELOADCONFIG
-              value: "true"
-            - name: LABEL
-              value: "{{ .Values.Master.Sidecars.configAutoReload.label }}"
-            - name: FOLDER
-              value: "{{ .Values.Master.Sidecars.configAutoReload.folder }}"
-            - name: NAMESPACE
-              value: "{{ .Values.Master.Sidecars.configAutoReload.searchNamespace }}"
-            - name: SSH_PORT
-              value: "{{ .Values.Master.Sidecars.configAutoReload.sshTcpPort }}"
-            - name: JENKINS_PORT
-              value: "{{ .Values.Master.ServicePort }}"
-            {{- if .Values.Master.UseSecurity }}
-            - name: ADMIN_USER
-              valueFrom:
-                secretKeyRef:
-                  name: {{ template "jenkins.fullname" . }}
-                  key: jenkins-admin-user
-            {{- if or (.Values.Master.OwnSshKey) (.Values.Master.Sidecars.configAutoReload.enabled) }}
-            {{- if .Values.Master.JCasC.enabled }}
-            - name: ADMIN_PRIVATE_KEY
-              valueFrom:
-                secretKeyRef:
-                  name: {{ template "jenkins.fullname" . }}
-                  key: {{ "jenkins-admin-private-key" | quote }}
-            {{- end }}
-            {{- end }}
-            {{- end }}
-          resources:
-{{ toYaml .Values.Master.Sidecars.configAutoReload.resources | indent 12 }}
-          volumeMounts:
-            - name: sc-config-volume
-              mountPath: {{ .Values.Master.Sidecars.configAutoReload.folder | quote }}
-            - name: jenkins-home
-              mountPath: /var/jenkins_home
-              {{- if .Values.Persistence.SubPath }}
-                subPath: {{ .Values.Persistence.SubPath }}
-              {{- end }}
-{{- end}}
         - name: {{ template "jenkins.fullname" . }}
           image: "{{ .Values.Master.Image }}:{{ .Values.Master.ImageTag }}"
           imagePullPolicy: "{{ .Values.Master.ImagePullPolicy }}"
@@ -299,13 +255,61 @@ spec:
               mountPath: /usr/share/jenkins/ref/secrets/
               name: secrets-dir
               readOnly: false
-{{- if .Values.Master.Sidecars.other}}
-{{ tpl (toYaml .Values.Master.Sidecars.other | indent 8) .}}
-{{- end }}
             {{- if and (.Values.Master.JCasC.enabled) (.Values.Master.Sidecars.configAutoReload.enabled) }}
             - name: sc-config-volume
               mountPath: {{ .Values.Master.Sidecars.configAutoReload.folder | default "/var/jenkins_home/casc_configs" | quote }}
             {{- end }}
+
+{{- if and (.Values.Master.JCasC.enabled) (.Values.Master.Sidecars.configAutoReload.enabled) }}
+        - name: {{ template "jenkins.name" . }}-sc-config
+          image: "{{ .Values.Master.Sidecars.configAutoReload.image }}"
+          imagePullPolicy: {{ .Values.Master.Sidecars.configAutoReload.imagePullPolicy }}
+          env:
+            - name: JENKINSRELOADCONFIG
+              value: "true"
+            - name: LABEL
+              value: "{{ .Values.Master.Sidecars.configAutoReload.label }}"
+            - name: FOLDER
+              value: "{{ .Values.Master.Sidecars.configAutoReload.folder }}"
+            - name: NAMESPACE
+              value: "{{ .Values.Master.Sidecars.configAutoReload.searchNamespace }}"
+            - name: SSH_PORT
+              value: "{{ .Values.Master.Sidecars.configAutoReload.sshTcpPort }}"
+            - name: JENKINS_PORT
+              value: "{{ .Values.Master.ServicePort }}"
+            {{- if .Values.Master.UseSecurity }}
+            - name: ADMIN_USER
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "jenkins.fullname" . }}
+                  key: jenkins-admin-user
+            {{- if or (.Values.Master.OwnSshKey) (.Values.Master.Sidecars.configAutoReload.enabled) }}
+            {{- if .Values.Master.JCasC.enabled }}
+            - name: ADMIN_PRIVATE_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: {{ template "jenkins.fullname" . }}
+                  key: {{ "jenkins-admin-private-key" | quote }}
+            {{- end }}
+            {{- end }}
+            {{- end }}
+          resources:
+{{ toYaml .Values.Master.Sidecars.configAutoReload.resources | indent 12 }}
+          volumeMounts:
+            - name: sc-config-volume
+              mountPath: {{ .Values.Master.Sidecars.configAutoReload.folder | quote }}
+            - name: jenkins-home
+              mountPath: /var/jenkins_home
+              {{- if .Values.Persistence.SubPath }}
+                subPath: {{ .Values.Persistence.SubPath }}
+              {{- end }}
+{{- end}}
+
+
+{{- if .Values.Master.Sidecars.other}}
+{{ tpl (toYaml .Values.Master.Sidecars.other | indent 8) .}}
+{{- end }}
+
       volumes:
 {{- if .Values.Persistence.volumes }}
 {{ toYaml .Values.Persistence.volumes | indent 6 }}