From c4ed5c305cd245d0a660916b12c191cc5faada8b Mon Sep 17 00:00:00 2001 From: Claude AI Date: Sun, 8 Mar 2026 15:22:56 +0000 Subject: [PATCH 01/10] =?UTF-8?q?feat:=20jenkins=20Helm=20chart=20?= =?UTF-8?q?=E2=80=94=20Chart.yaml?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm/jenkins/Chart.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 helm/jenkins/Chart.yaml diff --git a/helm/jenkins/Chart.yaml b/helm/jenkins/Chart.yaml new file mode 100644 index 0000000..f916b6c --- /dev/null +++ b/helm/jenkins/Chart.yaml @@ -0,0 +1,13 @@ +apiVersion: v2 +name: jenkins +description: Jenkins CI/CD — Helm chart for thedevops.dev cluster +type: application +version: 0.1.0 +appVersion: "lts-jdk17" +keywords: + - jenkins + - ci + - cd +maintainers: + - name: admin + url: https://thedevops.dev -- 2.49.1 From a2aeb0842706c840b4cbabe3e905987069d22838 Mon Sep 17 00:00:00 2001 From: Claude AI Date: Sun, 8 Mar 2026 15:23:09 +0000 Subject: [PATCH 02/10] =?UTF-8?q?feat:=20jenkins=20Helm=20chart=20?= =?UTF-8?q?=E2=80=94=20values.yaml?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm/jenkins/values.yaml | 79 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 helm/jenkins/values.yaml diff --git a/helm/jenkins/values.yaml b/helm/jenkins/values.yaml new file mode 100644 index 0000000..18e45aa --- /dev/null +++ b/helm/jenkins/values.yaml @@ -0,0 +1,79 @@ +# Jenkins Helm Chart — default values +# All tuneable parameters are here. +# Override per-environment with: helm install -f values-prod.yaml + +# -- Namespace where Jenkins is deployed +namespace: jenkins + +# -- Number of Jenkins pods (should stay 1 — Jenkins is stateful) +replicaCount: 1 + +image: + # -- Jenkins image + repository: jenkins/jenkins + tag: lts-jdk17 + pullPolicy: IfNotPresent + +service: + type: ClusterIP + # -- Jenkins web UI port + httpPort: 8080 + # -- Jenkins agent JNLP port + agentPort: 50000 + +ingress: + enabled: true + # -- Hostname for Jenkins web UI + host: jenkins.thedevops.dev + # -- cert-manager ClusterIssuer name + certIssuer: letsencrypt-http + # -- TLS secret name + tlsSecretName: jenkins-tls + +persistence: + enabled: true + # -- Storage class (longhorn, local-path, etc.) + storageClass: longhorn + # -- PVC size for jenkins_home + size: 20Gi + accessMode: ReadWriteOnce + claimName: jenkins-home + +# -- Security context — fsGroup 1000 required for jenkins_home permissions +securityContext: + fsGroup: 1000 + +# -- RBAC — creates ServiceAccount, ClusterRole, ClusterRoleBinding +rbac: + enabled: true + serviceAccountName: jenkins + clusterRoleName: jenkins-deployer + +# -- Resource limits/requests +resources: + requests: + cpu: 200m + memory: 512Mi + limits: + cpu: 1000m + memory: 2Gi + +# -- Mount containerd socket for Docker CLI access +containerd: + enabled: true + socketPath: /run/k3s/containerd/containerd.sock + +# -- initContainers install Docker CLI and kubectl into shared volume +initContainers: + installDocker: + enabled: true + image: docker:24-cli + installKubectl: + enabled: true + image: alpine:3.19 + kubectlVersion: v1.28.0 + +# -- Extra environment variables for Jenkins container +extraEnv: + - name: JENKINS_OPTS + value: "--httpPort=8080" -- 2.49.1 From 1c102876ea35291687227c4e3a8b2d2db3bf44ac Mon Sep 17 00:00:00 2001 From: Claude AI Date: Sun, 8 Mar 2026 15:23:18 +0000 Subject: [PATCH 03/10] =?UTF-8?q?feat:=20jenkins=20Helm=20chart=20?= =?UTF-8?q?=E2=80=94=20=5Fhelpers.tpl?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm/jenkins/templates/_helpers.tpl | 43 +++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 helm/jenkins/templates/_helpers.tpl diff --git a/helm/jenkins/templates/_helpers.tpl b/helm/jenkins/templates/_helpers.tpl new file mode 100644 index 0000000..f99d668 --- /dev/null +++ b/helm/jenkins/templates/_helpers.tpl @@ -0,0 +1,43 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "jenkins.name" -}} +{{- .Chart.Name }} +{{- end }} + +{{/* +Full name: release + chart name (trimmed to 63 chars) +*/}} +{{- define "jenkins.fullname" -}} +{{- printf "%s-%s" .Release.Name .Chart.Name | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels applied to all resources +*/}} +{{- define "jenkins.labels" -}} +helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} +app.kubernetes.io/name: {{ include "jenkins.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels used in Deployment + Service matchLabels +*/}} +{{- define "jenkins.selectorLabels" -}} +app.kubernetes.io/name: {{ include "jenkins.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +ServiceAccount name +*/}} +{{- define "jenkins.serviceAccountName" -}} +{{- if .Values.rbac.enabled }} +{{- .Values.rbac.serviceAccountName }} +{{- else }} +default +{{- end }} +{{- end }} -- 2.49.1 From 170b15ed476efff6be79090a35ae34724014faf4 Mon Sep 17 00:00:00 2001 From: Claude AI Date: Sun, 8 Mar 2026 15:23:22 +0000 Subject: [PATCH 04/10] =?UTF-8?q?feat:=20jenkins=20Helm=20chart=20?= =?UTF-8?q?=E2=80=94=20namespace=20template?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm/jenkins/templates/namespace.yaml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 helm/jenkins/templates/namespace.yaml diff --git a/helm/jenkins/templates/namespace.yaml b/helm/jenkins/templates/namespace.yaml new file mode 100644 index 0000000..ecbc3cf --- /dev/null +++ b/helm/jenkins/templates/namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: {{ .Values.namespace }} + labels: + {{- include "jenkins.labels" . | nindent 4 }} -- 2.49.1 From 4d06531df5f76ffadb2b4357205c2d5e9c5cbc08 Mon Sep 17 00:00:00 2001 From: Claude AI Date: Sun, 8 Mar 2026 15:23:31 +0000 Subject: [PATCH 05/10] =?UTF-8?q?feat:=20jenkins=20Helm=20chart=20?= =?UTF-8?q?=E2=80=94=20rbac=20template?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm/jenkins/templates/rbac.yaml | 47 ++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 helm/jenkins/templates/rbac.yaml diff --git a/helm/jenkins/templates/rbac.yaml b/helm/jenkins/templates/rbac.yaml new file mode 100644 index 0000000..e2793fa --- /dev/null +++ b/helm/jenkins/templates/rbac.yaml @@ -0,0 +1,47 @@ +{{- if .Values.rbac.enabled }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.rbac.serviceAccountName }} + namespace: {{ .Values.namespace }} + labels: + {{- include "jenkins.labels" . | nindent 4 }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ .Values.rbac.clusterRoleName }} + labels: + {{- include "jenkins.labels" . | nindent 4 }} +rules: + - apiGroups: [""] + resources: ["pods", "services", "configmaps", "secrets"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: [""] + resources: ["pods/exec", "pods/log"] + verbs: ["create", "get"] + - apiGroups: ["apps"] + resources: ["deployments", "statefulsets", "daemonsets", "replicasets"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: ["argoproj.io"] + resources: ["applications"] + verbs: ["get", "list", "watch", "update", "patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ .Values.rbac.clusterRoleName }} + labels: + {{- include "jenkins.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ .Values.rbac.clusterRoleName }} +subjects: + - kind: ServiceAccount + name: {{ .Values.rbac.serviceAccountName }} + namespace: {{ .Values.namespace }} +{{- end }} -- 2.49.1 From 6efd08a5faf2374d7199e5ae35a9f977fe8423ad Mon Sep 17 00:00:00 2001 From: Claude AI Date: Sun, 8 Mar 2026 15:23:38 +0000 Subject: [PATCH 06/10] =?UTF-8?q?feat:=20jenkins=20Helm=20chart=20?= =?UTF-8?q?=E2=80=94=20pvc=20template?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm/jenkins/templates/pvc.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 helm/jenkins/templates/pvc.yaml diff --git a/helm/jenkins/templates/pvc.yaml b/helm/jenkins/templates/pvc.yaml new file mode 100644 index 0000000..0ccafc5 --- /dev/null +++ b/helm/jenkins/templates/pvc.yaml @@ -0,0 +1,16 @@ +{{- if .Values.persistence.enabled }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Values.persistence.claimName }} + namespace: {{ .Values.namespace }} + labels: + {{- include "jenkins.labels" . | nindent 4 }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + storageClassName: {{ .Values.persistence.storageClass }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- end }} -- 2.49.1 From d72569f68f0fbb680e27fe6f66c75e1cbe784d2e Mon Sep 17 00:00:00 2001 From: Claude AI Date: Sun, 8 Mar 2026 15:23:51 +0000 Subject: [PATCH 07/10] =?UTF-8?q?feat:=20jenkins=20Helm=20chart=20?= =?UTF-8?q?=E2=80=94=20deployment=20template?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm/jenkins/templates/deployment.yaml | 100 +++++++++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 helm/jenkins/templates/deployment.yaml diff --git a/helm/jenkins/templates/deployment.yaml b/helm/jenkins/templates/deployment.yaml new file mode 100644 index 0000000..22a7abd --- /dev/null +++ b/helm/jenkins/templates/deployment.yaml @@ -0,0 +1,100 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "jenkins.name" . }} + namespace: {{ .Values.namespace }} + labels: + {{- include "jenkins.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + {{- include "jenkins.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "jenkins.selectorLabels" . | nindent 8 }} + spec: + serviceAccountName: {{ include "jenkins.serviceAccountName" . }} + securityContext: + fsGroup: {{ .Values.securityContext.fsGroup }} + initContainers: + {{- if .Values.initContainers.installDocker.enabled }} + - name: install-docker + image: {{ .Values.initContainers.installDocker.image }} + command: + - sh + - -c + - | + echo "Installing Docker CLI..." + cp /usr/local/bin/docker /tmp/tools-bin/ + chmod +x /tmp/tools-bin/docker + echo "Docker CLI installed" + volumeMounts: + - name: tools-bin + mountPath: /tmp/tools-bin + {{- end }} + {{- if .Values.initContainers.installKubectl.enabled }} + - name: install-kubectl + image: {{ .Values.initContainers.installKubectl.image }} + command: + - sh + - -c + - | + echo "Installing kubectl {{ .Values.initContainers.installKubectl.kubectlVersion }}..." + wget -q -O /tmp/tools-bin/kubectl \ + "https://dl.k8s.io/release/{{ .Values.initContainers.installKubectl.kubectlVersion }}/bin/linux/amd64/kubectl" + chmod +x /tmp/tools-bin/kubectl + echo "kubectl installed" + volumeMounts: + - name: tools-bin + mountPath: /tmp/tools-bin + {{- end }} + containers: + - name: {{ include "jenkins.name" . }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.httpPort }} + - name: agent + containerPort: {{ .Values.service.agentPort }} + env: + {{- toYaml .Values.extraEnv | nindent 12 }} + {{- if .Values.containerd.enabled }} + - name: DOCKER_HOST + value: "unix:///var/run/containerd.sock" + {{- end }} + command: + - sh + - -c + - | + export PATH="/tmp/tools-bin:$PATH" + exec /usr/local/bin/jenkins.sh + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - name: jenkins-home + mountPath: /var/jenkins_home + {{- if .Values.containerd.enabled }} + - name: docker-sock + mountPath: /var/run/containerd.sock + {{- end }} + - name: tools-bin + mountPath: /tmp/tools-bin + volumes: + - name: jenkins-home + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.persistence.claimName }} + {{- else }} + emptyDir: {} + {{- end }} + {{- if .Values.containerd.enabled }} + - name: docker-sock + hostPath: + path: {{ .Values.containerd.socketPath }} + type: Socket + {{- end }} + - name: tools-bin + emptyDir: {} -- 2.49.1 From b7f0fc4f6b1ef556b517b939a28730f464d313dd Mon Sep 17 00:00:00 2001 From: Claude AI Date: Sun, 8 Mar 2026 15:23:59 +0000 Subject: [PATCH 08/10] =?UTF-8?q?feat:=20jenkins=20Helm=20chart=20?= =?UTF-8?q?=E2=80=94=20service=20template?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm/jenkins/templates/service.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 helm/jenkins/templates/service.yaml diff --git a/helm/jenkins/templates/service.yaml b/helm/jenkins/templates/service.yaml new file mode 100644 index 0000000..a4d81a0 --- /dev/null +++ b/helm/jenkins/templates/service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "jenkins.name" . }} + namespace: {{ .Values.namespace }} + labels: + {{- include "jenkins.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + selector: + {{- include "jenkins.selectorLabels" . | nindent 4 }} + ports: + - name: http + port: {{ .Values.service.httpPort }} + targetPort: {{ .Values.service.httpPort }} + - name: agent + port: {{ .Values.service.agentPort }} + targetPort: {{ .Values.service.agentPort }} -- 2.49.1 From bf29990add16360da13a4b7b62ec30523aaac2dd Mon Sep 17 00:00:00 2001 From: Claude AI Date: Sun, 8 Mar 2026 15:24:07 +0000 Subject: [PATCH 09/10] =?UTF-8?q?feat:=20jenkins=20Helm=20chart=20?= =?UTF-8?q?=E2=80=94=20ingress=20template?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm/jenkins/templates/ingress.yaml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 helm/jenkins/templates/ingress.yaml diff --git a/helm/jenkins/templates/ingress.yaml b/helm/jenkins/templates/ingress.yaml new file mode 100644 index 0000000..8bb1327 --- /dev/null +++ b/helm/jenkins/templates/ingress.yaml @@ -0,0 +1,28 @@ +{{- if .Values.ingress.enabled }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "jenkins.name" . }} + namespace: {{ .Values.namespace }} + labels: + {{- include "jenkins.labels" . | nindent 4 }} + annotations: + kubernetes.io/ingress.class: traefik + cert-manager.io/cluster-issuer: {{ .Values.ingress.certIssuer }} +spec: + tls: + - hosts: + - {{ .Values.ingress.host }} + secretName: {{ .Values.ingress.tlsSecretName }} + rules: + - host: {{ .Values.ingress.host }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: {{ include "jenkins.name" . }} + port: + number: {{ .Values.service.httpPort }} +{{- end }} -- 2.49.1 From b79af9966723b134bb0a8c970a4913a609bd2b0f Mon Sep 17 00:00:00 2001 From: Claude AI Date: Sun, 8 Mar 2026 15:24:18 +0000 Subject: [PATCH 10/10] =?UTF-8?q?feat:=20jenkins=20ArgoCD=20Application=20?= =?UTF-8?q?=E2=80=94=20points=20to=20helm/jenkins=20chart?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- helm/jenkins/argocd-application.yaml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 helm/jenkins/argocd-application.yaml diff --git a/helm/jenkins/argocd-application.yaml b/helm/jenkins/argocd-application.yaml new file mode 100644 index 0000000..c9b24dd --- /dev/null +++ b/helm/jenkins/argocd-application.yaml @@ -0,0 +1,28 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: jenkins + namespace: argocd +spec: + project: default + source: + repoURL: http://gitea-http.gitea.svc.cluster.local:3000/admin/k3s-gitops + path: helm/jenkins # Helm chart directory + targetRevision: HEAD + helm: + valueFiles: + - values.yaml # default values + # To override per-environment add values here: + # values: | + # replicaCount: 2 + # persistence: + # size: 50Gi + destination: + server: https://kubernetes.default.svc + namespace: jenkins + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true -- 2.49.1