-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathcasc-configmap.yaml
144 lines (134 loc) · 5.65 KB
/
casc-configmap.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
apiVersion: v1
kind: ConfigMap
metadata:
name: jenkins-casc
namespace: ci
data:
casc.yaml: |
unclassified:
location:
url: "https://${JENKINS_URL}"
jenkins:
numExecutors: 1
remotingSecurity:
enabled: true
# permissions for anonymous - revisit is moved to public internet rather than behind firewall
authorizationStrategy:
globalMatrix:
permissions:
- "Job/Build:anonymous"
- "Job/Discover:anonymous"
- "Job/Read:anonymous"
- "Job/Cancel:anonymous"
- "Overall/Read:anonymous"
clouds:
- kubernetes:
name: kubernetes
containerCapStr: 100
containerCap: 1
jenkinsUrl: "http://jenkins:8080/"
templates:
- name: ocp-agent
label: ocp-agent
namespace: ci
serviceAccount: jenkins
containers:
- name: exec
workingDir: "/home/jenkins/agent"
image: image-registry.openshift-image-registry.svc:5000/ci/jenkins-agent:latest
alwaysPullImage: true
command: sleep
args: infinity
security:
queueItemAuthenticator:
authenticators:
- global:
strategy: triggeringUsersAuthorizationStrategy
# organization config
jobs:
- script: >
organizationFolder('${GH_ORG}') {
description("${GH_ORG} GitHub Organization")
displayName('${GH_ORG}')
organizations {
github {
apiUri("https://api.github.com")
repoOwner("${GH_ORG}")
credentialsId("github-app-key")
}
}
configure { node ->
def traits = node / navigators / 'org.jenkinsci.plugins.github__branch__source.GitHubSCMNavigator' / traits
// Discover branches
traits << 'org.jenkinsci.plugins.github__branch__source.BranchDiscoveryTrait' {
strategyId(1)
// Values
// 1 : Exclude branches that are also filed as PRs
// 2 : Only branches that are also filed as PRs
// 3 : All branches
}
// Discover pull requests from origin
traits << 'org.jenkinsci.plugins.github__branch__source.OriginPullRequestDiscoveryTrait' {
strategyId(1)
// Values
// 1 : Merging the pull request with the current target branch revision
// 2 : The current pull request revision
// 3 : Both the current pull request revision and the pull request merged with the current target branch revision
}
// Discover pull requests from forks
traits << 'org.jenkinsci.plugins.github__branch__source.ForkPullRequestDiscoveryTrait' {
strategyId(1)
// Values
// 1 : Merging the pull request with the current target branch revision
// 2 : The current pull request revision
// 3 : Both the current pull request revision and the pull request merged with the current target branch revision
trustID('1')
// Values
// 0 : Everyone
// 1 : Forks in the same account
// 2 : Nobody
}
// Custom Github Notification Context; https://github.com/jenkinsci/github-scm-trait-notification-context-plugin
traits << 'org.jenkinsci.plugins.githubScmTraitNotificationContext.NotificationContextTrait' {
contextLabel("continuous-integration/jenkins/ocp-${OCP_VERSION}")
typeSuffix(true)
}
}
// "Project Recognizers"
projectFactories {
workflowMultiBranchProjectFactory {
scriptPath 'Jenkinsfile'
}
}
// "Orphaned Item Strategy"
orphanedItemStrategy {
discardOldItems {
daysToKeep(-1)
numToKeep(-1)
}
}
// "Scan Organization Folder Triggers" : 1 day
// We need to configure this stuff by hand because JobDSL only allow 'periodic(int min)' for now
configure { node ->
node / triggers / 'com.cloudbees.hudson.plugins.folder.computed.PeriodicFolderTrigger' {
spec('H H * * *')
interval(86400000)
}
}
// set webhook triggers and suppress automatic issue triggering
// for now, we want trigger
def commentTriggerPhrase = '^test$|^retest$|^recheck$'
configure { node ->
node / strategy(class: 'jenkins.branch.DefaultBranchPropertyStrategy') {
properties(class: 'java.util.Arrays$${ESCAPEDOLLAR}ArrayList') {
def s = a(class: 'jenkins.branch.BranchProperty-array')
s / 'jenkins.branch.NoTriggerBranchProperty' {}
s / 'com.adobe.jenkins.github__pr__comment__build.TriggerPRCommentBranchProperty'(plugin: '[email protected]') {
commentBody(commentTriggerPhrase)
}
// s / 'com.adobe.jenkins.github__pr__comment__build.TriggerPRCommentBranchProperty'
// s / 'com.adobe.jenkins.github__pr__comment__build.TriggerPRReviewBranchProperty'(plugin: '[email protected]')
}
}
}
}