Dustin
12d3c32855
The [Kubernetes Credentials Provider][0] plugin for Jenkins allows Jenkins to expose Kubernetes Secret resources as Jenkins Credentials. Jobs can use them like normal Jenkins credentials, e.g. using `withCredentials`, `sshagent`, etc. The only drawback is that every credential exposed this way is available to every job, at least until [PR #40][1] is merged. Fortunately, jobs managed by this Jenkins instance are all trusted; no anonymous pull requests are possible, so the risk is mitigated. [0]: https://jenkinsci.github.io/kubernetes-credentials-provider-plugin/ [1]: https://github.com/jenkinsci/kubernetes-credentials-provider-plugin/pull/40 |
||
|---|---|---|
| .. | ||
| README.md | ||
| argocd-sync-hook.yaml | ||
| jenkins.yaml | ||
| kustomization.yaml | ||
| secrets.yaml | ||
| ssh_known_hosts | ||
README.md
Jenkins in Kubernetes
Kubernetes Setup
Configure Jenkins resources:
ln imagepull-gitea jenkins/.dockerconfigjson
kubectl apply -k jenkins
Jenkins Setup
Install Kubernetes plugin.
Set TCP port for inbound agents setting (Manage Jenkins → Configure Global
Security) to Fixed and enter 40414.
Configure Kubernetes (Manage Jenkins → Manage Nodes and Clouds → Configure Clouds:
- Add a new cloud → Kubernetes
- Enter a name
- Kubernetes Cloud details...
- Kubernetes URL: (leave blank; will use Kubernetes service discovery)
- Kubernetes Namespace:
jenkins-jobs - Credentials:
- none -(will use Service Account token) - Jenkins tunnel:
jenkins.jenkins.svc.cluster.local:(trailing colon!)