diff --git a/Makefile b/Makefile index c5aa2f08d..04e68e7f3 100644 --- a/Makefile +++ b/Makefile @@ -358,16 +358,18 @@ bump-version: sembump ## Bump the version in the version file. Set BUMP to [ pat @echo "Bumping VERSION.txt from $(VERSION) to $(NEW_VERSION)" echo $(NEW_VERSION) > VERSION.txt @echo "Updating version from $(VERSION) to $(NEW_VERSION) in README.md" - sed -i s/$(VERSION)/$(NEW_VERSION)/g README.md - sed -i s/$(VERSION)/$(NEW_VERSION)/g deploy/operator.yaml - sed -i s/$(VERSION)/$(NEW_VERSION)/g deploy/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)-$(API_VERSION).yaml + sed -i.bak 's/$(VERSION)/$(NEW_VERSION)/g' README.md + sed -i.bak 's/$(VERSION)/$(NEW_VERSION)/g' deploy/operator.yaml + sed -i.bak 's/$(VERSION)/$(NEW_VERSION)/g' deploy/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)-$(API_VERSION).yaml + rm */**.bak + rm *.bak cp config/service_account.yaml deploy/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)-$(API_VERSION).yaml - cat config/rbac/leader_election_role.yaml >> config/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)-$(API_VERSION).yaml - cat config/rbac/leader_election_role_binding.yaml >> config/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)=$(API_VERSION).yaml - cat config/rbac/role.yaml >> config/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)=$(API_VERSION).yaml - cat config/rbac/role_binding.yaml >> config/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)-$(API_VERSION).yaml - cat config/manager/manager.yaml >> config/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)-$(API_VERSION).yaml - git add VERSION.txt README.md config/manager/manager.yaml config/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)-$(API_VERSION).yaml + cat config/rbac/leader_election_role.yaml >> deploy/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)-$(API_VERSION).yaml + cat config/rbac/leader_election_role_binding.yaml >> deploy/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)-$(API_VERSION).yaml + cat config/rbac/role.yaml >> deploy/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)-$(API_VERSION).yaml + cat config/rbac/role_binding.yaml >> deploy/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)-$(API_VERSION).yaml + cat config/manager/manager.yaml >> deploy/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)-$(API_VERSION).yaml + git add VERSION.txt README.md config/manager/manager.yaml deploy/$(ALL_IN_ONE_DEPLOY_FILE_PREFIX)-$(API_VERSION).yaml git commit -vaem "Bump version to $(NEW_VERSION)" @echo "Run make tag to create and push the tag for new version $(NEW_VERSION)" @@ -439,18 +441,6 @@ generate-docs: hugo ## Re-generate docs directory from the website directory cd website && npm install $(HUGO_PATH)/hugo -s website -d ../docs -.PHONY: all-in-one-build -FILENAME := config/all_in_one_$(API_VERSION).yaml -all-in-one-build: ## Re-generate all-in-one yaml - @echo "+ $@" - > $(FILENAME) - cat config/service_account.yaml >> $(FILENAME) - cat config/rbac/leader_election_role.yaml >> $(FILENAME) - cat config/rbac/leader_election_role_binding.yaml >> $(FILENAME) - cat config/rbac/role.yaml >> $(FILENAME) - cat config/rbac/role_binding.yaml >> $(FILENAME) - cat config/manager/manager.yaml >> $(FILENAME) - ##################### FROM OPERATOR SDK ######################## # Install CRDs into a cluster install-crds: manifests kustomize @@ -470,7 +460,7 @@ undeploy: $(KUSTOMIZE) build config/default | kubectl delete -f - # Generate manifests e.g. CRD, RBAC etc. -manifests: controller-gen all-in-one-build +manifests: controller-gen $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases # Generate code diff --git a/README.md b/README.md index 2f545c84d..5f9f3247d 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Jenkins Operator -[![Version](https://img.shields.io/badge/version-v0.5.0-brightgreen.svg)](https://github.com/jenkinsci/kubernetes-operator/releases/tag/v0.5.0) +[![Version](https://img.shields.io/badge/version-v0.6.0-brightgreen.svg)](https://github.com/jenkinsci/kubernetes-operator/releases/tag/v0.6.0) [![Build status](https://github.com/jenkinsci/kubernetes-operator/actions/workflows/auto-tests.yaml/badge.svg)](https://github.com/jenkinsci/kubernetes-operator/actions/workflows/auto-tests.yaml) [![Go Report Card](https://goreportcard.com/badge/github.com/jenkinsci/kubernetes-operator "Go Report Card")](https://goreportcard.com/report/github.com/jenkinsci/kubernetes-operator) [![Docker Pulls](https://img.shields.io/docker/pulls/virtuslab/jenkins-operator.svg)](https://hub.docker.com/r/virtuslab/jenkins-operator/tags) diff --git a/VERSION.txt b/VERSION.txt index b043aa648..60f634328 100644 --- a/VERSION.txt +++ b/VERSION.txt @@ -1 +1 @@ -v0.5.0 +v0.6.0 diff --git a/api/v1alpha2/jenkins_types.go b/api/v1alpha2/jenkins_types.go index 40d5891fe..aad788141 100644 --- a/api/v1alpha2/jenkins_types.go +++ b/api/v1alpha2/jenkins_types.go @@ -343,13 +343,13 @@ type JenkinsMaster struct { // +optional // Defaults to : // - name: kubernetes - // version: "1.29.4" + // version: "1.29.6" // - name: workflow-job - // version: "2.40" + // version: "2.41" // - name: workflow-aggregator // version: "2.6" // - name: git - // version: "4.6.0" + // version: "4.7.2" // - name: job-dsl // version: "1.77" // - name: configuration-as-code diff --git a/chart/jenkins-operator/crds/jenkins-crd.yaml b/chart/jenkins-operator/crds/jenkins-crd.yaml index 2ac7ec774..ff4e59536 100644 --- a/chart/jenkins-operator/crds/jenkins-crd.yaml +++ b/chart/jenkins-operator/crds/jenkins-crd.yaml @@ -5,7 +5,6 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.1 - creationTimestamp: null name: jenkins.jenkins.io spec: group: jenkins.io @@ -157,9 +156,9 @@ spec: type: object basePlugins: description: 'BasePlugins contains plugins required by operator - Defaults to : - name: kubernetes version: "1.29.4" - name: workflow-job - version: "2.40" - name: workflow-aggregator version: "2.6" - - name: git version: "4.6.0" - name: job-dsl version: "1.77" - + Defaults to : - name: kubernetes version: "1.29.6" - name: workflow-job + version: "2.41" - name: workflow-aggregator version: "2.6" - + name: git version: "4.7.2" - name: job-dsl version: "1.77" - name: configuration-as-code version: "1.51" - name: kubernetes-credentials-provider version: "0.18-1"' items: diff --git a/chart/jenkins-operator/values.yaml b/chart/jenkins-operator/values.yaml index 143d25389..dfd9f3bc9 100644 --- a/chart/jenkins-operator/values.yaml +++ b/chart/jenkins-operator/values.yaml @@ -63,34 +63,20 @@ jenkins: # # basePlugins: # - name: kubernetes - # version: 1.29.4 + # version: 1.29.6 # - name: workflow-job - # version: "2.40" + # version: "2.41" # - name: workflow-aggregator # version: "2.6" # - name: git - # version: 4.6.0 + # version: 4.7.2 # - name: job-dsl # version: "1.77" # - name: configuration-as-code # version: "1.51" # - name: kubernetes-credentials-provider # version: 0.18-1 - basePlugins: - - name: kubernetes - version: "1.29.4" - - name: workflow-job - version: "2.40" - - name: workflow-aggregator - version: "2.6" - - name: git - version: "4.6.0" - - name: job-dsl - version: "1.77" - - name: configuration-as-code - version: "1.51" - - name: kubernetes-credentials-provider - version: "0.18-1" + basePlugins: [] # plugins are plugins required by the user # You can define plugins here diff --git a/config/all_in_one_v1alpha2.yaml b/config/all_in_one_v1alpha2.yaml deleted file mode 100644 index 8ec36d885..000000000 --- a/config/all_in_one_v1alpha2.yaml +++ /dev/null @@ -1,284 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: jenkins-operator ---- -# permissions to do leader election. -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: leader-election-role -rules: -- apiGroups: - - "" - - coordination.k8s.io - resources: - - configmaps - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: leader-election-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: leader-election-role -subjects: -- kind: ServiceAccount - name: jenkins-operator - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - creationTimestamp: null - name: jenkins-operator -rules: -- apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - '*' -- apiGroups: - - apps - - jenkins-operator - resources: - - deployments/finalizers - verbs: - - update -- apiGroups: - - build.openshift.io - resources: - - buildconfigs - - builds - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - configmaps - - secrets - - services - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - get - - list - - patch - - watch -- apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - pods - - pods/exec - verbs: - - '*' -- apiGroups: - - "" - resources: - - pods/log - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - pods/portforward - verbs: - - create -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - image.openshift.io - resources: - - imagestreams - verbs: - - get - - list - - watch -- apiGroups: - - jenkins.io - resources: - - jenkins/finalizers - verbs: - - update -- apiGroups: - - jenkins.io - resources: - - jenkins/status - verbs: - - get - - patch - - update -- apiGroups: - - jenkins.io - resources: - - '*' - verbs: - - '*' -- apiGroups: - - rbac.authorization.k8s.io - resources: - - rolebindings - - roles - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - "route.openshift.io" - resources: - - routes - verbs: - - create - - get - - list - - update - - watch -- apiGroups: - - "image.openshift.io" - resources: - - imagestreams - verbs: - - get - - list - - watch -- apiGroups: - - "build.openshift.io" - resources: - - builds - - buildconfigs - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: jenkins-operator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: jenkins-operator -subjects: -- kind: ServiceAccount - name: jenkins-operator ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: jenkins-operator - labels: - control-plane: controller-manager -spec: - selector: - matchLabels: - control-plane: controller-manager - replicas: 1 - template: - metadata: - labels: - control-plane: controller-manager - spec: - serviceAccountName: jenkins-operator - securityContext: - runAsUser: 65532 - containers: - - command: - - /manager - args: - - --leader-elect - image: virtuslab/jenkins-operator:v0.5.0 - name: jenkins-operator - imagePullPolicy: IfNotPresent - securityContext: - allowPrivilegeEscalation: false - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 100m - memory: 30Mi - requests: - cpu: 100m - memory: 20Mi - env: - - name: WATCH_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - terminationGracePeriodSeconds: 10 diff --git a/config/crd/bases/jenkins.io_jenkins.yaml b/config/crd/bases/jenkins.io_jenkins.yaml index 2c047972d..9382f383b 100644 --- a/config/crd/bases/jenkins.io_jenkins.yaml +++ b/config/crd/bases/jenkins.io_jenkins.yaml @@ -5,7 +5,6 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.1 - creationTimestamp: null name: jenkins.jenkins.io spec: group: jenkins.io @@ -157,9 +156,9 @@ spec: type: object basePlugins: description: 'BasePlugins contains plugins required by operator - Defaults to : - name: kubernetes version: "1.29.4" - name: workflow-job - version: "2.40" - name: workflow-aggregator version: "2.6" - - name: git version: "4.6.0" - name: job-dsl version: "1.77" - + Defaults to : - name: kubernetes version: "1.29.6" - name: workflow-job + version: "2.41" - name: workflow-aggregator version: "2.6" - + name: git version: "4.7.2" - name: job-dsl version: "1.77" - name: configuration-as-code version: "1.51" - name: kubernetes-credentials-provider version: "0.18-1"' items: diff --git a/config/rbac/leader_election_role_binding.yaml b/config/rbac/leader_election_role_binding.yaml index b4857aa3b..2f0a21324 100644 --- a/config/rbac/leader_election_role_binding.yaml +++ b/config/rbac/leader_election_role_binding.yaml @@ -9,5 +9,4 @@ roleRef: name: leader-election-role subjects: - kind: ServiceAccount - name: default - namespace: default + name: jenkins-operator diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 096d1926a..dd2efda58 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -3,170 +3,164 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - creationTimestamp: null name: jenkins-operator rules: - - apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - '*' - - apiGroups: - - apps - - jenkins-operator - resources: - - deployments/finalizers - verbs: - - update - - apiGroups: - - build.openshift.io - resources: - - buildconfigs - - builds - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - configmaps - - secrets - - services - verbs: - - create - - get - - list - - update - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - get - - list - - patch - - watch - - apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - pods - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - pods - - pods/exec - verbs: - - '*' - - apiGroups: - - "" - resources: - - pods/log - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - pods/portforward - verbs: - - create - - apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - create - - get - - list - - update - - watch - - apiGroups: - - image.openshift.io - resources: - - imagestreams - verbs: - - get - - list - - watch - - apiGroups: - - jenkins.io - resources: - - jenkins/finalizers - verbs: - - update - - apiGroups: - - jenkins.io - resources: - - jenkins/status - verbs: - - get - - patch - - update - - apiGroups: - - jenkins.io - resources: - - '*' - verbs: - - '*' - - apiGroups: - - rbac.authorization.k8s.io - resources: - - rolebindings - - roles - verbs: - - create - - get - - list - - update - - watch - - apiGroups: - - "route.openshift.io" - resources: - - routes - verbs: - - create - - get - - list - - update - - watch - - apiGroups: - - "image.openshift.io" - resources: - - imagestreams - verbs: - - get - - list - - watch - - apiGroups: - - "build.openshift.io" - resources: - - builds - - buildconfigs - verbs: - - get - - list - - watch \ No newline at end of file +- apiGroups: + - apps + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: + - '*' +- apiGroups: + - apps + - jenkins-operator + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - build.openshift.io + resources: + - buildconfigs + - builds + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - configmaps + - secrets + - services + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + - pods/exec + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods/log + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - pods/portforward + verbs: + - create +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - image.openshift.io + resources: + - imagestreams + verbs: + - get + - list + - watch +- apiGroups: + - jenkins.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - jenkins.io + resources: + - jenkins + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - jenkins.io + resources: + - jenkins/finalizers + verbs: + - update +- apiGroups: + - jenkins.io + resources: + - jenkins/status + verbs: + - get + - patch + - update +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - create + - get + - list + - update + - watch diff --git a/config/service_account.yaml b/config/service_account.yaml index 7d1e1842b..21b293ce7 100644 --- a/config/service_account.yaml +++ b/config/service_account.yaml @@ -3,4 +3,3 @@ apiVersion: v1 kind: ServiceAccount metadata: name: jenkins-operator - namespace: default diff --git a/deploy/all-in-one-v1alpha2.yaml b/deploy/all-in-one-v1alpha2.yaml index 4f013d84b..3c1eebb34 100644 --- a/deploy/all-in-one-v1alpha2.yaml +++ b/deploy/all-in-one-v1alpha2.yaml @@ -4,165 +4,275 @@ kind: ServiceAccount metadata: name: jenkins-operator --- -kind: Role +# permissions to do leader election. apiVersion: rbac.authorization.k8s.io/v1 +kind: Role metadata: - name: jenkins-operator + name: leader-election-role rules: - - apiGroups: - - "" - resources: - - services - - configmaps - - secrets - - serviceaccounts - verbs: - - get - - create - - update - - list - - watch - - apiGroups: - - apps - resources: - - deployments - - daemonsets - - replicasets - - statefulsets - verbs: - - '*' - - apiGroups: - - rbac.authorization.k8s.io - resources: - - roles - - rolebindings - verbs: - - create - - update - - list - - watch - - apiGroups: - - "" - resources: - - pods/portforward - verbs: - - create - - apiGroups: - - "" - resources: - - pods/log - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - pods - - pods/exec - verbs: - - "*" - - apiGroups: - - "" - resources: - - events - verbs: - - watch - - list - - create - - patch - - apiGroups: - - apps - resourceNames: - - jenkins-operator - resources: - - deployments/finalizers - verbs: - - update - - apiGroups: - - jenkins.io - resources: - - '*' - verbs: - - '*' - - apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - watch - - apiGroups: - - "route.openshift.io" - resources: - - routes - verbs: - - get - - list - - watch - - create - - update - - apiGroups: - - "image.openshift.io" - resources: - - imagestreams - verbs: - - get - - list - - watch - - apiGroups: - - "build.openshift.io" - resources: - - builds - - buildconfigs - verbs: - - get - - list - - watch +- apiGroups: + - "" + - coordination.k8s.io + resources: + - configmaps + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch --- -kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding metadata: - name: jenkins-operator + name: leader-election-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: leader-election-role subjects: - kind: ServiceAccount name: jenkins-operator + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: jenkins-operator +rules: +- apiGroups: + - apps + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: + - '*' +- apiGroups: + - apps + - jenkins-operator + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - build.openshift.io + resources: + - buildconfigs + - builds + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - configmaps + - secrets + - services + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + - pods/exec + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods/log + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - pods/portforward + verbs: + - create +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - image.openshift.io + resources: + - imagestreams + verbs: + - get + - list + - watch +- apiGroups: + - jenkins.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - jenkins.io + resources: + - jenkins + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - jenkins.io + resources: + - jenkins/finalizers + verbs: + - update +- apiGroups: + - jenkins.io + resources: + - jenkins/status + verbs: + - get + - patch + - update +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - get + - list + - update + - watch +- apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - create + - get + - list + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: manager-rolebinding roleRef: + apiGroup: rbac.authorization.k8s.io kind: Role name: jenkins-operator - apiGroup: rbac.authorization.k8s.io +subjects: +- kind: ServiceAccount + name: jenkins-operator --- apiVersion: apps/v1 kind: Deployment metadata: name: jenkins-operator + labels: + control-plane: controller-manager spec: - replicas: 1 selector: matchLabels: - name: jenkins-operator + control-plane: controller-manager + replicas: 1 template: metadata: labels: - name: jenkins-operator + control-plane: controller-manager spec: serviceAccountName: jenkins-operator + securityContext: + runAsUser: 65532 containers: - - name: jenkins-operator - image: virtuslab/jenkins-operator:v0.5.0 - command: - - jenkins-operator - args: [] - imagePullPolicy: IfNotPresent - env: - - name: WATCH_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: OPERATOR_NAME - value: "jenkins-operator" + - command: + - /manager + args: + - --leader-elect + image: virtuslab/jenkins-operator:v0.6.0 + name: jenkins-operator + imagePullPolicy: IfNotPresent + securityContext: + allowPrivilegeEscalation: false + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + terminationGracePeriodSeconds: 10 diff --git a/deploy/crds/jenkins.io_jenkins_crd.yaml b/deploy/crds/jenkins.io_jenkins_crd.yaml index 85e1ae016..2c63f28a5 100644 --- a/deploy/crds/jenkins.io_jenkins_crd.yaml +++ b/deploy/crds/jenkins.io_jenkins_crd.yaml @@ -151,9 +151,9 @@ spec: type: object basePlugins: description: 'BasePlugins contains plugins required by operator - Defaults to : - name: kubernetes version: 1.29.4 - name: workflow-job + Defaults to : - name: kubernetes version: 1.29.6 - name: workflow-job version: "2.39" - name: workflow-aggregator version: "2.6" - name: - git version: 4.6.0 - name: job-dsl version: "1.74" - name: configuration-as-code + git version: 4.7.2 - name: job-dsl version: "1.74" - name: configuration-as-code version: "1.51" - name: kubernetes-credentials-provider version: 0.18-1' items: description: Plugin defines Jenkins plugin diff --git a/deploy/crds/jenkins_v1alpha2_jenkinsimage_cr.yaml b/deploy/crds/jenkins_v1alpha2_jenkinsimage_cr.yaml deleted file mode 100644 index c761b94e4..000000000 --- a/deploy/crds/jenkins_v1alpha2_jenkinsimage_cr.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: jenkins.io/v1alpha2 -kind: JenkinsImage -metadata: - name: simple-jenkinsimage -spec: - image: - name: jenkins/jenkins - tag: 2.277.4-lts-alpine - plugins: - - name: kubernetes - version: "1.29.4" - - name: workflow-job - version: "2.40" - - name: workflow-aggregator - version: "2.6" - - name: git - version: "4.6.0" - - name: job-dsl - version: "1.77" - - name: configuration-as-code - version: "1.51" - - name: kubernetes-credentials-provider - version: "0.18-1" - diff --git a/deploy/operator.yaml b/deploy/operator.yaml index 95ba9a287..4d36ef2cb 100644 --- a/deploy/operator.yaml +++ b/deploy/operator.yaml @@ -16,7 +16,7 @@ spec: serviceAccountName: jenkins-operator containers: - name: jenkins-operator - image: virtuslab/jenkins-operator:v0.5.0 + image: virtuslab/jenkins-operator:v0.6.0 command: - jenkins-operator args: [] diff --git a/pkg/plugins/base_plugins.go b/pkg/plugins/base_plugins.go index 5cff20fb7..91e043a69 100644 --- a/pkg/plugins/base_plugins.go +++ b/pkg/plugins/base_plugins.go @@ -2,12 +2,12 @@ package plugins const ( configurationAsCodePlugin = "configuration-as-code:1.51" - gitPlugin = "git:4.6.0" + gitPlugin = "git:4.7.2" jobDslPlugin = "job-dsl:1.77" kubernetesCredentialsProviderPlugin = "kubernetes-credentials-provider:0.18-1" - kubernetesPlugin = "kubernetes:1.29.4" + kubernetesPlugin = "kubernetes:1.29.6" workflowAggregatorPlugin = "workflow-aggregator:2.6" - workflowJobPlugin = "workflow-job:2.40" + workflowJobPlugin = "workflow-job:2.41" ) // basePluginsList contains plugins to install by operator. diff --git a/test/e2e/jenkins_configuration_test.go b/test/e2e/jenkins_configuration_test.go index 9222a1175..e5553ff94 100644 --- a/test/e2e/jenkins_configuration_test.go +++ b/test/e2e/jenkins_configuration_test.go @@ -129,6 +129,7 @@ var _ = Describe("Jenkins controller priority class", func() { }) AfterEach(func() { + ShowLogsIfTestHasFailed(CurrentGinkgoTestDescription().Failed, namespace.Name) DestroyNamespace(namespace) }) diff --git a/test/e2e/jenkins_pod_restart_test.go b/test/e2e/jenkins_pod_restart_test.go index 2e7a0fcda..4d94a5979 100644 --- a/test/e2e/jenkins_pod_restart_test.go +++ b/test/e2e/jenkins_pod_restart_test.go @@ -39,6 +39,7 @@ var _ = Describe("Jenkins controller", func() { }) AfterEach(func() { + ShowLogsIfTestHasFailed(CurrentGinkgoTestDescription().Failed, namespace.Name) DestroyNamespace(namespace) }) diff --git a/test/e2e/jenkins_restore_backup_test.go b/test/e2e/jenkins_restore_backup_test.go index 8c1f0b841..31b4c2ffd 100644 --- a/test/e2e/jenkins_restore_backup_test.go +++ b/test/e2e/jenkins_restore_backup_test.go @@ -28,6 +28,7 @@ var _ = Describe("Jenkins controller backup and restore", func() { }) AfterEach(func() { + ShowLogsIfTestHasFailed(CurrentGinkgoTestDescription().Failed, namespace.Name) DestroyNamespace(namespace) }) diff --git a/test/e2e/jenkins_test.go b/test/e2e/jenkins_test.go index bfeb59501..cce05316d 100644 --- a/test/e2e/jenkins_test.go +++ b/test/e2e/jenkins_test.go @@ -96,9 +96,9 @@ func createJenkinsCR(name, namespace string, seedJob *[]v1alpha2.SeedJob, groovy }, InitialDelaySeconds: int32(80), TimeoutSeconds: int32(4), - FailureThreshold: int32(10), + FailureThreshold: int32(30), SuccessThreshold: int32(1), - PeriodSeconds: int32(1), + PeriodSeconds: int32(5), }, VolumeMounts: []corev1.VolumeMount{ { diff --git a/test/helm/logging_test.go b/test/e2e/logging.go similarity index 91% rename from test/helm/logging_test.go rename to test/e2e/logging.go index 88474e8cd..21566c6e9 100644 --- a/test/helm/logging_test.go +++ b/test/e2e/logging.go @@ -1,4 +1,4 @@ -package helm +package e2e import ( "bytes" @@ -7,7 +7,6 @@ import ( "io" "sort" - "github.com/jenkinsci/kubernetes-operator/test/e2e" "github.com/onsi/ginkgo" corev1 "k8s.io/api/core/v1" @@ -32,7 +31,7 @@ func getOperatorPod(namespace string) (*corev1.Pod, error) { Namespace: namespace, } pods := &corev1.PodList{} - err := e2e.K8sClient.List(context.TODO(), pods, lo) + err := K8sClient.List(context.TODO(), pods, lo) if err != nil { return nil, err } @@ -47,7 +46,7 @@ func getOperatorLogs(namespace string) (string, error) { logOptions := corev1.PodLogOptions{TailLines: &podLogTailLimit} // creates the clientset - clientset, err := kubernetes.NewForConfig(e2e.Cfg) + clientset, err := kubernetes.NewForConfig(Cfg) if err != nil { return "", err } @@ -90,7 +89,7 @@ func getKubernetesEvents(namespace string) ([]v1beta1.Event, error) { } events := &v1beta1.EventList{} - err := e2e.K8sClient.List(context.TODO(), events, listOptions) + err := K8sClient.List(context.TODO(), events, listOptions) if err != nil { return nil, err } @@ -124,7 +123,7 @@ func printKubernetesPods(namespace string) { } } -func showLogsIfTestHasFailed(failed bool, namespace string) { +func ShowLogsIfTestHasFailed(failed bool, namespace string) { if failed { _, _ = fmt.Fprintf(ginkgo.GinkgoWriter, "Test failed. Bellow here you can check logs:") diff --git a/test/e2e/restorebackup_test.go b/test/e2e/restorebackup_test.go index fc0be5d24..fc6d335e7 100644 --- a/test/e2e/restorebackup_test.go +++ b/test/e2e/restorebackup_test.go @@ -15,6 +15,7 @@ import ( corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/intstr" ) const pvcName = "pvc-jenkins" @@ -114,6 +115,34 @@ func createJenkinsWithBackupAndRestoreConfigured(name, namespace string) *v1alph MountPath: "/usr/share/jenkins/ref/plugins", }, }, + ReadinessProbe: &corev1.Probe{ + Handler: corev1.Handler{ + HTTPGet: &corev1.HTTPGetAction{ + Path: "/login", + Port: intstr.FromString("http"), + Scheme: corev1.URISchemeHTTP, + }, + }, + InitialDelaySeconds: int32(100), + TimeoutSeconds: int32(4), + FailureThreshold: int32(30), + SuccessThreshold: int32(1), + PeriodSeconds: int32(5), + }, + LivenessProbe: &corev1.Probe{ + Handler: corev1.Handler{ + HTTPGet: &corev1.HTTPGetAction{ + Path: "/login", + Port: intstr.FromString("http"), + Scheme: corev1.URISchemeHTTP, + }, + }, + InitialDelaySeconds: int32(80), + TimeoutSeconds: int32(4), + FailureThreshold: int32(30), + SuccessThreshold: int32(1), + PeriodSeconds: int32(5), + }, }, { Name: containerName, diff --git a/test/helm/helm_test.go b/test/helm/helm_test.go index d2fb06668..bc05172a9 100644 --- a/test/helm/helm_test.go +++ b/test/helm/helm_test.go @@ -23,7 +23,7 @@ var _ = Describe("Jenkins controller", func() { namespace = e2e.CreateNamespace() }) AfterEach(func() { - showLogsIfTestHasFailed(CurrentGinkgoTestDescription().Failed, namespace.Name) + e2e.ShowLogsIfTestHasFailed(CurrentGinkgoTestDescription().Failed, namespace.Name) e2e.DestroyNamespace(namespace) }) Context("when deploying Helm Chart to cluster", func() { diff --git a/website/content/en/docs/Getting Started/Preview/configure-backup-and-restore.md b/website/content/en/docs/Getting Started/Preview/configure-backup-and-restore.md index a5a4135c8..d4df095ce 100644 --- a/website/content/en/docs/Getting Started/Preview/configure-backup-and-restore.md +++ b/website/content/en/docs/Getting Started/Preview/configure-backup-and-restore.md @@ -48,7 +48,7 @@ spec: fsGroup: 1000 containers: - name: jenkins-master - image: jenkins/jenkins:2.263.2-lts-alpine + image: jenkins/jenkins:2.277.4-lts-alpine - name: backup # container responsible for the backup and restore env: - name: BACKUP_DIR diff --git a/website/content/en/docs/Getting Started/Preview/deploy-jenkins.md b/website/content/en/docs/Getting Started/Preview/deploy-jenkins.md index 29e892f6d..5e057b22c 100644 --- a/website/content/en/docs/Getting Started/Preview/deploy-jenkins.md +++ b/website/content/en/docs/Getting Started/Preview/deploy-jenkins.md @@ -19,7 +19,7 @@ spec: master: containers: - name: jenkins-master - image: jenkins/jenkins:2.263.2-lts-alpine + image: jenkins/jenkins:2.277.4-lts-alpine imagePullPolicy: Always livenessProbe: failureThreshold: 12 diff --git a/website/content/en/docs/Getting Started/latest/deploy-jenkins.md b/website/content/en/docs/Getting Started/latest/deploy-jenkins.md index 99e21b39a..4330aae12 100644 --- a/website/content/en/docs/Getting Started/latest/deploy-jenkins.md +++ b/website/content/en/docs/Getting Started/latest/deploy-jenkins.md @@ -19,7 +19,7 @@ spec: master: containers: - name: jenkins-master - image: jenkins/jenkins:2.263.3-lts-alpine + image: jenkins/jenkins:2.277.4-lts-alpine imagePullPolicy: Always livenessProbe: failureThreshold: 12