From c5188d042b0c854bffdd846ab186241c7cfaa0ff Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Fri, 10 Nov 2023 15:13:19 -0600 Subject: [PATCH] jenkins: Add default imagePullSecrets for jobs Setting the `imagePullSecrets` property on the default service account for the *jenkins-jobs* namespace allows jobs to run from private container images automatically, without additional configuration in the pipeline definitions. --- jenkins/jenkins.yaml | 9 +++++++++ jenkins/kustomization.yaml | 1 + jenkins/secrets.yaml | 13 +++++++++++++ 3 files changed, 23 insertions(+) create mode 100644 jenkins/secrets.yaml diff --git a/jenkins/jenkins.yaml b/jenkins/jenkins.yaml index 69a7a70..40656b7 100644 --- a/jenkins/jenkins.yaml +++ b/jenkins/jenkins.yaml @@ -16,6 +16,15 @@ metadata: name: jenkins namespace: jenkins +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: default + namespace: jenkins-jobs +imagePullSecrets: +- name: imagepull-gitea + --- apiVersion: v1 kind: PersistentVolumeClaim diff --git a/jenkins/kustomization.yaml b/jenkins/kustomization.yaml index 2018765..907c004 100644 --- a/jenkins/kustomization.yaml +++ b/jenkins/kustomization.yaml @@ -8,6 +8,7 @@ labels: resources: - jenkins.yaml - argocd-sync-hook.yaml +- secrets.yaml configMapGenerator: - name: ssh-known-hosts diff --git a/jenkins/secrets.yaml b/jenkins/secrets.yaml new file mode 100644 index 0000000..c4f415c --- /dev/null +++ b/jenkins/secrets.yaml @@ -0,0 +1,13 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: imagepull-gitea + namespace: jenkins-jobs +spec: + encryptedData: + .dockerconfigjson: AgALCNNPzUewjWGqBGZOwjCWWBs4QelAnmivkafpqpiG1QGn82rI165htCvHVsXDn1IfB+zYQtW/cFHIb7ZadrK8Ne0Nf1AGxUHOOIa3wnK2+PhnZjh+1M0pBd87aKrUi4kuRQemJaMweqJ+ZTEqu7teJazSEZMrnvhK3i76xDu0gAL/A8+QJoDX8Pm3qm81cgpUAtlKqcEyWLmzUvr6PYcCV7YoaHrLMEhhh9tiJ2PZdRUz5RCiygUbRzhetZspzi0y/KJfoUzO4Z/lFJ1Yn/+uyqxYYwEEut6wBLP9wwTMzkbk3djatwgfxyS2wX+uk6HC4lqk0lql6N1aElYRm6mT/f5qNlaBhkHGtOs2zp8c9SFF30pEgU1PI1hhAoW32N3F/8zhC9MLWqjbUBxffGx6VKNEtsn25fZroyJMlcfWPv5Y9klvVQaTaRAYQB8X976gkfop1Wppv2kTVA+XyaglKINVvJCE6XgaCUP8Bz0epjp4F+RjayUa2OumdfdBc3vL6okrXqr0jF6LSWQSeiT8P5D4tMXb8cAONGbnDktIxnD0ZP+juh5TF+ToJs0WkA+3xYIxzBV+viR5k6aq1QM7+Os2dPI1dxyfwkifRLD+24dSkw/1pi9BM8oKYv+Aykhh34Y2tsWfLAvSGxOTfAlIbVaI7ytv8UaXQbk5a6NXBW0tHMQH+0kUEpaz7L4altJOhXeeRsP25I/e8V61C9PA+IKH7X+qNtqZTzQy5eSTxuKwH20skjstxf/B/mzCUjBSCWTWwTV2NDOXD9Wp4Z3YJEQYAw4YBJ7GHXtDXQ9q1dgNnRK5ZAY2W8EVJvjEEc2Z9Xx9u2pHOy1sK9tjM5PW/PfNong6fRg45ZUk7uQVLhLMh94Us2qu0m7+SXmVybxQcIxMRKekRJqStwloufthyiL4+y7v3ooy66Eq+RNKxDnH20Kb97gyGdY4QWlvMZmused9iVqx9CNBZJa/xIU2zIpZ4NVRPal6Ja9IGkGX4BWQQpZXZVo4bnt/IUg= + template: + metadata: + name: imagepull-gitea + namespace: jenkins-jobs + type: kubernetes.io/dockerconfigjson