Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ConfigMap not loaded for JCASC #465

Closed
Zgreugneugneu opened this issue Oct 8, 2020 · 4 comments
Closed

ConfigMap not loaded for JCASC #465

Zgreugneugneu opened this issue Oct 8, 2020 · 4 comments
Labels
bug Something isn't working OpenShift

Comments

@Zgreugneugneu
Copy link

Expected Behavior

JCASC customization leverages k8s ConfigMap as described in the documentation

Actual Behavior

Referenced ConfigMap in spec.configurationAsCode is not taken into account. No related error in jenkins-master container logs.

Steps to Reproduce the Problem

  1. Jenkins Operator 0.4.0 installed on an OKD 4.5 cluster using YAML installation method as described in the documentation.

  2. ConfigMap created in "cicd" namespace:

apiVersion: v1
kind: ConfigMap
metadata:
  name: jcasc-configmap
data:
  1-system-message.yaml: |
     jenkins:
       systemMessage: "This Jenkins is 100% configured and managed 'as code'"
  1. Jenkins CR created in "cicd" namespace (with specificities applied for OpenShift as mentioned in this section of the doc):
apiVersion: jenkins.io/v1alpha2
kind: Jenkins
metadata:
  annotations:
    jenkins.io/openshift-mode: 'true'
  name: jenkins
spec:
  backup:
    action: {}
    containerName: ''
    interval: 0
    makeBackupBeforePodDeletion: false
  master:
    basePlugins:
      - name: kubernetes
        version: 1.25.2
      - name: workflow-job
        version: '2.38'
      - name: workflow-aggregator
        version: '2.6'
      - name: git
        version: 4.2.2
      - name: job-dsl
        version: '1.77'
      - name: configuration-as-code
        version: '1.38'
      - name: kubernetes-credentials-provider
        version: '0.13'
    containers:
      - resources:
          limits:
            cpu: 1500m
            memory: 3Gi
          requests:
            cpu: 100m
            memory: 500Mi
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /login
            port: http
            scheme: HTTP
          initialDelaySeconds: 30
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        name: jenkins-master
        command:
          - /usr/bin/go-init
          - '-main'
          - /usr/libexec/s2i/run
        livenessProbe:
          failureThreshold: 12
          httpGet:
            path: /login
            port: http
            scheme: HTTP
          initialDelaySeconds: 80
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 5
        env:
          - name: OPENSHIFT_ENABLE_OAUTH
            value: 'true'
          - name: OPENSHIFT_ENABLE_REDIRECT_PROMPT
            value: 'true'
          - name: DISABLE_ADMINISTRATIVE_MONITORS
            value: 'false'
          - name: KUBERNETES_MASTER
            value: 'https://kubernetes.default:443'
          - name: KUBERNETES_TRUST_CERTIFICATES
            value: 'true'
          - name: JENKINS_SERVICE_NAME
            value: jenkins-operator-http-jenkins
          - name: JNLP_SERVICE_NAME
            value: jenkins-operator-slave-jenkins
          - name: JENKINS_UC_INSECURE
            value: 'false'
          - name: JENKINS_HOME
            value: /var/lib/jenkins
          - name: JAVA_OPTS
            value: >-
              -XX:+UnlockExperimentalVMOptions -XX:+UnlockExperimentalVMOptions
              -XX:+UseCGroupMemoryLimitForHeap -XX:MaxRAMFraction=1
              -Djenkins.install.runSetupWizard=false -Djava.awt.headless=true
        securityContext:
          capabilities:
            drop:
              - KILL
              - MKNOD
              - SETGID
              - SETUID
          runAsUser: 1000570000
        imagePullPolicy: Always
        image: 'quay.io/openshift/origin-jenkins:latest'
    disableCSRFProtection: false
    securityContext:
      fsGroup: 1000570000
      seLinuxOptions:
        level: 's0:c24,c9'
  jenkinsAPISettings:
    authorizationStrategy: createUser
  restore:
    action: {}
    containerName: ''
  configurationAsCode:
    configurations:
      - name: jcasc-configmap
    secret:
      name: ''
  service:
    port: 8080
    type: ClusterIP
  serviceAccount:
    annotations:
      serviceaccounts.openshift.io/oauth-redirectreference.jenkins: >-
        {"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"jenkins-route"}}
  groovyScripts:
    configurations: null
    secret:
      name: ''
  roles:
    - apiGroup: rbac.authorization.k8s.io
      kind: Role
      name: jenkins-master-openshift
  slaveService:
    port: 50000
    type: ClusterIP

Additional Info

  • Kubernetes version:

    Output of oc version:

Client Version: 4.5.0-0.okd-2020-09-04-180756
Server Version: 4.5.0-0.okd-2020-09-18-202631
Kubernetes Version: v1.18.3
  • Jenkins Operator version:
v0.4.0

kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: jenkins-master-openshift
rules:
  - verbs:
      - get
      - watch
      - list
    apiGroups:
      - ''
    resources:
      - configmaps
      - secrets
  - verbs:
      - watch
      - list
    apiGroups:
      - ''
    resources:
      - events
  - verbs:
      - get
      - watch
      - list
    apiGroups:
      - build.openshift.io
    resources:
      - buildconfigs
      - builds
  - verbs:
      - get
      - watch
      - list
    apiGroups:
      - image.openshift.io
    resources:
      - imagestreams
  - verbs:
      - get
      - watch
      - list
    apiGroups:
      - route.openshift.io
    resources:
      - routes
@Dudesons Dudesons mentioned this issue Oct 8, 2020
Closed
@arilivigni
Copy link

I am hitting this issue as well is there a fix for this?

@bakito
Copy link

bakito commented Mar 29, 2021

I'm having the same issue with operator version 0.5.0 on openshift 4.6.

If the name of the configmap it gets a validation error. But if the configmap name is correct and it exists. It is not added as a volume.

For me the same issue occurs with groovy configmaps.

Secrets work fine. If added the pid gets correctly updated.

@bakito
Copy link

bakito commented Mar 29, 2021

It seems that currently only secret is implemented but not configmap:
https://github.com/jenkinsci/kubernetes-operator/blob/master/pkg/configuration/base/resources/pod.go#L136-L157
https://github.com/jenkinsci/kubernetes-operator/blob/master/pkg/configuration/base/resources/pod.go#L195-L210

@Sig00rd Sig00rd added the bug Something isn't working label Jul 19, 2021
@Sig00rd
Copy link

Sig00rd commented Jul 30, 2021

Closing this as current released version of Operator doesn't support OpenShift. If this issue persists on another environment or on the next version that does support OpenShift, feel free to file a new bug report. Thank you for your input!

@Sig00rd Sig00rd closed this as completed Jul 30, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working OpenShift
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@bakito @arilivigni @Zgreugneugneu @Sig00rd