bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

jenkins: restore multibranch + webhook token

Browse Source
This commit is contained in:
Brad Stein 2026-01-20 10:15:33 -03:00
parent ea6e600007
commit 8e9db51f9d
3 changed files with 52 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
services/jenkins/configmap-jcasc.yaml
View File

@ -158,24 +158,40 @@ data:
} }
} }
} }
pipelineJob('titan-iac-quality-gate') { multibranchPipelineJob('titan-iac-quality-gate') {
triggers { branchSources {
scm('H/12 * * * *') branchSource {
} source {
definition {
cpsScm {
scm {
git { git {
remote { id('titan-iac-quality-gate')
url('https://scm.bstein.dev/bstein/titan-iac.git') remote('https://scm.bstein.dev/bstein/titan-iac.git')
credentials('gitea-pat') credentialsId('gitea-pat')
}
branches('*/main')
} }
} }
}
}
factory {
workflowBranchProjectFactory {
scriptPath('ci/Jenkinsfile.titan-iac') scriptPath('ci/Jenkinsfile.titan-iac')
} }
} }
orphanedItemStrategy {
discardOldItems {
numToKeep(30)
}
}
triggers {
periodicFolderTrigger {
interval('12h')
}
}
configure { node ->
def token = System.getenv('TITAN_IAC_WEBHOOK_TOKEN') ?: ''
def triggers = node / 'triggers'
triggers << 'com.igalg.jenkins.plugins.mswt.trigger.ComputedFolderWebHookTrigger' {
token(token)
}
}
} }
base.yaml: | base.yaml: |
jenkins: jenkins:

22
services/jenkins/configmap-plugins.yaml
View File

@ -6,11 +6,17 @@ metadata:
namespace: jenkins namespace: jenkins
data: data:
plugins.txt: | plugins.txt: |
kubernetes kubernetes:4416.v2ea_b_5372da_a_e
workflow-aggregator workflow-aggregator:608.v67378e9d3db_1
git git:5.8.1
pipeline-utility-steps pipeline-utility-steps:2.20.0
configuration-as-code configuration-as-code:2031.veb_a_fdda_b_3ffd
oic-auth oic-auth:4.626.ve5a_d9f26c051
job-dsl job-dsl:1.93
simple-theme-plugin simple-theme-plugin:230.v8b_fd91b_b_800c
workflow-multibranch:821.vc3b_4ea_780798
branch-api:2.1268.v044a_87612da_8
scm-api:724.v7d839074eb_5c
gitea:268.v75e47974c01d
gitea-checks:603.621.vc708da_fb_371d
multibranch-scan-webhook-trigger:1.0.11

17
services/jenkins/deployment.yaml
View File

@ -22,23 +22,26 @@ spec:
vault.hashicorp.com/role: "jenkins" vault.hashicorp.com/role: "jenkins"
vault.hashicorp.com/agent-inject-secret-jenkins-env: "kv/data/atlas/jenkins/jenkins-oidc" vault.hashicorp.com/agent-inject-secret-jenkins-env: "kv/data/atlas/jenkins/jenkins-oidc"
vault.hashicorp.com/agent-inject-template-jenkins-env: | vault.hashicorp.com/agent-inject-template-jenkins-env: |
{{- with secret "kv/data/atlas/jenkins/jenkins-oidc" -}} {{ with secret "kv/data/atlas/jenkins/jenkins-oidc" }}
OIDC_CLIENT_ID={{ .Data.data.clientId }} OIDC_CLIENT_ID={{ .Data.data.clientId }}
OIDC_CLIENT_SECRET={{ .Data.data.clientSecret }} OIDC_CLIENT_SECRET={{ .Data.data.clientSecret }}
OIDC_AUTH_URL={{ .Data.data.authorizationUrl }} OIDC_AUTH_URL={{ .Data.data.authorizationUrl }}
OIDC_TOKEN_URL={{ .Data.data.tokenUrl }} OIDC_TOKEN_URL={{ .Data.data.tokenUrl }}
OIDC_USERINFO_URL={{ .Data.data.userInfoUrl }} OIDC_USERINFO_URL={{ .Data.data.userInfoUrl }}
OIDC_LOGOUT_URL={{ .Data.data.logoutUrl }} OIDC_LOGOUT_URL={{ .Data.data.logoutUrl }}
{{- end }} {{ end }}
{{- with secret "kv/data/atlas/jenkins/harbor-robot-creds" -}} {{ with secret "kv/data/atlas/jenkins/harbor-robot-creds" }}
HARBOR_ROBOT_USERNAME={{ .Data.data.username }} HARBOR_ROBOT_USERNAME={{ .Data.data.username }}
HARBOR_ROBOT_PASSWORD={{ .Data.data.password }} HARBOR_ROBOT_PASSWORD={{ .Data.data.password }}
{{- end }} {{ end }}
{{- with secret "kv/data/atlas/jenkins/gitea-pat" -}} {{ with secret "kv/data/atlas/jenkins/gitea-pat" }}
GITEA_PAT_USERNAME={{ .Data.data.username }} GITEA_PAT_USERNAME={{ .Data.data.username }}
GITEA_PAT_TOKEN={{ .Data.data.token }} GITEA_PAT_TOKEN={{ .Data.data.token }}
{{- end -}} {{ end }}
bstein.dev/restarted-at: "2026-01-20T05:05:00Z" {{ with secret "kv/data/atlas/jenkins/webhook-tokens" }}
TITAN_IAC_WEBHOOK_TOKEN={{ .Data.data.titan_iac_quality_gate }}
{{ end }}
bstein.dev/restarted-at: "2026-01-20T13:10:00Z"
spec: spec:
serviceAccountName: jenkins serviceAccountName: jenkins
nodeSelector: nodeSelector: