Add UserContent mechanism based on ConfigMaps

Signed-off-by: Timm Drevensek <508684+timmjd@users.noreply.github.com>
jenkinsci · Aug 3, 2022 · 6088563 · 6088563
1 parent f6a406e
commit 6088563
Show file tree

Hide file tree

Showing 6 changed files with 78 additions and 1 deletion.
diff --git a/charts/jenkins/CHANGELOG.md b/charts/jenkins/CHANGELOG.md
@@ -12,6 +12,10 @@ Use the following links to reference issues, PRs, and commits prior to v2.6.0.
 The change log until v1.5.7 was auto-generated based on git commits.
 Those entries include a reference to the git commit to be able to get more details.
 
+## 4.1.15
+
+Add option to add custom data via `controller.userContents` that will be hosted by the Server.
+
 ## 4.1.14
 
 If `installPlugins` is disabled, don't create unused plugins volume.

diff --git a/charts/jenkins/Chart.yaml b/charts/jenkins/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 name: jenkins
 home: https://jenkins.io/
-version: 4.1.14
+version: 4.1.15
 appVersion: 2.346.2
 description: Jenkins - Build great things at any scale! The leading open source automation server, Jenkins provides hundreds of plugins to support building, deploying and automating any project.
 sources:

diff --git a/charts/jenkins/README.md b/charts/jenkins/README.md
@@ -410,6 +410,26 @@ controller:
       renew: 60
 ```
 
+### User Content
+
+The [User Content](https://www.jenkins.io/doc/book/managing/user-content/) mechanism allows to use the Jenkins server to host custom files under the `/userContent` prefix.
+
+```yaml
+controller:
+  userContents:
+  - name: foobar.txt
+    data: |
+      My
+      File
+      Content
+
+  binaryUserContents:
+  - name: foobar.bin
+    data: SGVsbG8gV29ybGQ= # Hello World
+```
+
+Will provide the content via the `http(s)://jenkins.example.com/userContent/foobar.txt` and `http(s)://jenkins.example.com/userContent/foobar.bin` URL. Be aware that ConfigMaps & Secrets are __limited to 1 MB__ in Kubernetes - so the mechanism only provides a way to host limited content.
+
 ### RBAC
 
 RBAC is enabled by default. If you want to disable it you will need to set `rbac.create` to `false`.

diff --git a/charts/jenkins/templates/config-usercontent.yaml b/charts/jenkins/templates/config-usercontent.yaml
@@ -0,0 +1,25 @@
+{{- if or .Values.controller.userContents .Values.controller.binaryUserContents -}}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "jenkins.fullname" . }}-user-contents
+  namespace: {{ template "jenkins.namespace" . }}
+  labels:
+    "app.kubernetes.io/name": '{{ template "jenkins.name" .}}'
+    {{- if .Values.renderHelmLabels }}
+    "helm.sh/chart": "{{ template "jenkins.label" .}}"
+    {{- end }}
+    "app.kubernetes.io/managed-by": "{{ .Release.Service }}"
+    "app.kubernetes.io/instance": "{{ .Release.Name }}"
+    "app.kubernetes.io/component": "{{ .Values.controller.componentName }}"
+data:
+{{- range .Values.controller.userContents }}
+  {{ .name }}: |-
+{{ .data | indent 4 }}
+{{- end }}
+binaryData:
+{{- range .Values.controller.binaryUserContents }}
+  {{ .name }}: {{ .data }}
+{{- end }}
+{{- end }}
diff --git a/charts/jenkins/templates/jenkins-controller-statefulset.yaml b/charts/jenkins/templates/jenkins-controller-statefulset.yaml
@@ -288,6 +288,20 @@ spec:
               mountPath: /run/secrets/additional
               readOnly: true
             {{- end }}
+            {{- if or .Values.controller.userContents .Values.controller.binaryUserContents }}
+            {{- range $content := .Values.controller.userContents }}
+            - name: jenkins-user-contents
+              mountPath: {{ $.Values.controller.jenkinsHome }}/userContent/{{ $content.name }}
+              subPath: {{ $content.name }}
+              readOnly: true
+            {{- end }}
+            {{- range $content := .Values.controller.binaryUserContents }}
+            - name: jenkins-user-contents
+              mountPath: {{ $.Values.controller.jenkinsHome }}/userContent/{{ $content.name }}
+              subPath: {{ $content.name }}
+              readOnly: true
+            {{- end }}
+            {{- end }}
             - name: jenkins-cache
               mountPath: /var/jenkins_cache
             - mountPath: /tmp
@@ -425,6 +439,11 @@ spec:
           - key: jenkins-jks-file
             path: {{ .Values.controller.httpsKeyStore.fileName }}
       {{- end }}
+      {{- if or .Values.controller.userContents .Values.controller.binaryUserContents }}
+      - name: jenkins-user-contents
+        configMap:
+          name: {{ template "jenkins.fullname" . }}-user-contents
+      {{- end }}
 
 {{- if .Values.controller.imagePullSecretName }}
       imagePullSecrets:

diff --git a/charts/jenkins/values.yaml b/charts/jenkins/values.yaml
@@ -338,6 +338,15 @@ controller:
   #   imagePullPolicy: Always
   #   command: [ "uname", "-a" ]
 
+  # Provide files that will be served by the Jenkins via the User Content mechanism. Content can be either UTF-8 encoded or be base64 encoded
+  userContents: []
+  #  - name: filename
+  #    data: file content
+
+  binaryUserContents: []
+  #  - name: filename
+  #    data: base64 encoded file content
+
   sidecars:
     configAutoReload:
       # If enabled: true, Jenkins Configuration as Code will be reloaded on-the-fly without a reboot.  If false or not-specified,