From 7b33fdf246d8457f142d848b8cac4ffc50460ccf Mon Sep 17 00:00:00 2001 From: imontero Date: Tue, 11 May 2021 12:49:41 +0000 Subject: [PATCH] 2.277.4.4-ra --- Dockerfile | 6 +++--- LICENSE | 4 ++-- README.md | 14 +++++++------- hardening_manifest.yaml | 8 ++++---- helm/Chart.yaml | 4 ++-- helm/README-template.md | 2 +- helm/README.md | 2 +- helm/templates/_helpers.tpl | 29 +++++++++++++++++++++++++---- helm/templates/cjoc-ingress.yaml | 14 +++++++++++++- helm/values.yaml | 6 +++--- scripts/usr/local/bin/jenkins.sh | 2 +- 11 files changed, 62 insertions(+), 29 deletions(-) diff --git a/Dockerfile b/Dockerfile index 52350ac..ebf92c7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,7 +20,7 @@ ARG gid=1000 RUN dnf update -y --nodocs && \ dnf install -y --nodocs \ - git `# needed for some on-master operations` \ + git `# needed for some on-controller operations` \ openssh-clients `# used for SSH agents` \ iproute iputils net-tools `# general diagnostics` && \ dnf -y clean all @@ -42,8 +42,8 @@ HEALTHCHECK --interval=5m --timeout=3s \ CMD curl -fsL ${JENKINS_URL}/login || exit 1 # L-A-B-E-L securitytxt="https://www.cloudbees.com/.well-known/security.txt" -# L-A-B-E-L release=d7b584f951ddf7ecf2a3d0cbee88bd6490514658 -# L-A-B-E-L version=2.277.2.4-ra +# L-A-B-E-L release=0ca4417c776c03f0409198deca72eccf45eda162 +# L-A-B-E-L version=2.277.4.4-ra COPY files.tar /tmp RUN cd / && tar xvf /tmp/files.tar && rm /tmp/files.tar diff --git a/LICENSE b/LICENSE index d32dcec..48a4d8a 100644 --- a/LICENSE +++ b/LICENSE @@ -30,11 +30,11 @@ _Flow Server_ is the application server that orchestrates processes run across C + _Intellectual Property Rights_ means any patents, patent rights, design rights, copyrights, database rights, trade secrets, know-how, trademarks, trade names, service marks and other intellectual property embodied therein and all applications and rights to apply for registration or protection rights pertaining thereto, in existence at the date hereof or created in the future. + -_Master_ means the central, coordinating process which stores configuration, loads plugins, and renders the various user interfaces for Jenkins. +_Controller_ means the central, coordinating process which stores configuration, loads plugins, and renders the various user interfaces for Jenkins. + _Monthly Active User_ (or "MAU") is counted the first time in each calendar month that an End User’s device opens Customer’s or Customer’s Affiliates’ web and/or native application(s) in which the CloudBees Rollout SDK has been incorporated (“Customer Application”) is the Monthly Active User count of the applications using CloudBees Rollout. For example, if one End User is using Customer Application on four (4) separate devices, that constitutes four MAUs. + -_Node_ means a machine which is part of the Jenkins environment and capable of executing Pipelines or Projects. Both the Master and Agents are considered to be Nodes. +_Node_ means a machine which is part of the Jenkins environment and capable of executing Pipelines or Projects. Both the Controllers and Agents are considered to be Nodes. + _Order Form_ means an order form that references this Agreement and has been executed by both parties. + diff --git a/README.md b/README.md index 150b560..44dd816 100644 --- a/README.md +++ b/README.md @@ -6,18 +6,18 @@ Must run behind CNAP or VPN (no internet facing). CloudBees CI (formerly known as _CloudBees Core_) consists of three Docker images installed via Helm chart: * `core-oc`: the Operations Center -* `core-mm`: a managed Jenkins master +* `core-mm`: a managed Jenkins controller * `agent`: a Jenkins build agent For each image, all files other than UBI and native packages are included in a `files.tar` marked with a SHA-256 checksum. -A version of CloudBees CI is given in the format `2.277.2.4-ra` +A version of CloudBees CI is given in the format `2.277.4.4-ra` where the first three components are aligned with a Jenkins LTS. The Helm chart is coversioned with `core-oc`. The `core-mm` image typically shares the same version, -though a given master may be deliberately kept at a somewhat older release. -The `agent` image is preferably coversioned with the master. +though a given controller may be deliberately kept at a somewhat older release. +The `agent` image is preferably coversioned with the controller. After creating images, create a values file that specifies locally uploaded images plus whatever other customizations are desired: @@ -25,13 +25,13 @@ plus whatever other customizations are desired: ```yaml OperationsCenter: Image: - dockerImage: your-registry/core-oc:2.277.2.4-ra + dockerImage: your-registry/core-oc:2.277.4.4-ra Master: Image: - dockerImage: your-registry/core-mm:2.277.2.4-ra + dockerImage: your-registry/core-mm:2.277.4.4-ra Agents: Image: - dockerImage: your-registry/agent:2.277.2.4-ra + dockerImage: your-registry/agent:2.277.4.4-ra ``` and [install via Helm 3](https://docs.cloudbees.com/docs/cloudbees-core/latest/kubernetes-install-guide/installing-kubernetes-using-helm) using the local copy of the chart: diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index 3d6fb5d..c2f47a8 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -1,7 +1,7 @@ apiVersion: v1 name: "cloudbees/core/core-oc" tags: -- "2.277.2.4-ra" +- "2.277.4.4-ra" - latest labels: org.opencontainers.image.title: "core-oc" @@ -9,7 +9,7 @@ labels: org.opencontainers.image.licenses: proprietary org.opencontainers.image.url: https://docs.cloudbees.com/docs/cloudbees-ci/ org.opencontainers.image.vendor: CloudBees - org.opencontainers.image.version: "2.277.2.4-ra" + org.opencontainers.image.version: "2.277.4.4-ra" mil.dso.ironbank.image.keywords: cicd mil.dso.ironbank.image.type: commercial mil.dso.ironbank.product.name: CloudBees CI @@ -18,10 +18,10 @@ args: BASE_TAG: "1.8.0" resources: - filename: files.tar - url: https://downloads.cloudbees.com/dsop-files/core-oc-files-a96da487a77eefa32dd8149d9cc9e274542b1a4e5754e33fa5333fa87cefd9fe.tar + url: https://downloads.cloudbees.com/dsop-files/core-oc-files-2398dbecef5aababcad506612dd34501aa40bf988f00bd2ee96c0f4828234f50.tar validation: type: sha256 - value: "a96da487a77eefa32dd8149d9cc9e274542b1a4e5754e33fa5333fa87cefd9fe" + value: "2398dbecef5aababcad506612dd34501aa40bf988f00bd2ee96c0f4828234f50" maintainers: - email: productivity-team@cloudbees.com name: CloudBees diff --git a/helm/Chart.yaml b/helm/Chart.yaml index 3a767d5..0b7b261 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: cloudbees-core -version: 3.29.2 +version: 3.31.5 description: Enterprise Continuous Integration with Jenkins keywords: - cloudbees @@ -20,7 +20,7 @@ dependencies: repository: https://charts.cloudbees.com/public/cloudbees condition: sidecarinjector.Enabled icon: https://images.ctfassets.net/vtn4rfaw6n2j/7xprMMXARXDBuVxW4y8XfV/349fff91035050e3f2a8ff37bc0615b5/cloudbees-core-logo_header.svg -appVersion: 2.277.2.3 +appVersion: 2.277.4.3 annotations: artifacthub.io/links: | - name: Product overview diff --git a/helm/README-template.md b/helm/README-template.md index 1f637a4..1a3e195 100644 --- a/helm/README-template.md +++ b/helm/README-template.md @@ -1,6 +1,6 @@ # cloudbees-core -![Version: 3.29.2](https://img.shields.io/badge/Version-3.29.2-informational?style=flat-square) ![AppVersion: 2.277.2.3](https://img.shields.io/badge/AppVersion-2.277.2.3-informational?style=flat-square) +![Version: 3.31.5](https://img.shields.io/badge/Version-3.31.5-informational?style=flat-square) ![AppVersion: 2.277.4.3](https://img.shields.io/badge/AppVersion-2.277.4.3-informational?style=flat-square) [CloudBees CI](https://www.cloudbees.com/products/continuous-integration) is the continuous integration platform architected for the enterprise. It provides: diff --git a/helm/README.md b/helm/README.md index 1d07880..3b11a8b 100644 --- a/helm/README.md +++ b/helm/README.md @@ -1,6 +1,6 @@ # cloudbees-core -![Version: 3.29.2](https://img.shields.io/badge/Version-3.29.2-informational?style=flat-square) ![AppVersion: 2.277.2.3](https://img.shields.io/badge/AppVersion-2.277.2.3-informational?style=flat-square) +![Version: 3.31.5](https://img.shields.io/badge/Version-3.31.5-informational?style=flat-square) ![AppVersion: 2.277.4.3](https://img.shields.io/badge/AppVersion-2.277.4.3-informational?style=flat-square) [CloudBees CI](https://www.cloudbees.com/products/continuous-integration) is the continuous integration platform architected for the enterprise. It provides: diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index 90998bf..d9321b1 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -219,23 +219,44 @@ alb.ingress.kubernetes.io/healthcheck-path: /health/live {{- define "ingress.redirect-rules" -}} {{- if eq .Values.OperationsCenter.Platform "eks" }} - {{- if eq (include "oc.protocol" .) "https" }} + {{- if eq (include "ingress.apiVersion" .) "networking.k8s.io/v1" }} + {{- if eq (include "oc.protocol" .) "https" }} +- path: /* + backend: + service: + name: ssl-redirect + port: + name: use-annotation + pathType: ImplementationSpecific + {{- end -}} + {{- if not (eq (include "oc.contextpath" .) "") }} +- path: / + backend: + service: + name: root-redirect + port: + name: use-annotation + pathType: ImplementationSpecific + {{- end -}} + {{- else -}} + {{- if eq (include "oc.protocol" .) "https" }} - path: /* backend: serviceName: ssl-redirect servicePort: use-annotation - {{- end }} - {{- if not (eq (include "oc.contextpath" .) "") }} + {{- end -}} + {{- if not (eq (include "oc.contextpath" .) "") }} - path: / backend: serviceName: root-redirect servicePort: use-annotation + {{- end -}} {{- end }} {{- end }} {{- end }} {{- define "ingress.apiGroup" -}} -{{- if ge (atoi (.Capabilities.KubeVersion.Minor)) 15 -}} +{{- if ge .Capabilities.KubeVersion.Minor "15" -}} networking.k8s.io {{- else -}} extensions diff --git a/helm/templates/cjoc-ingress.yaml b/helm/templates/cjoc-ingress.yaml index 037c863..e49b9e3 100644 --- a/helm/templates/cjoc-ingress.yaml +++ b/helm/templates/cjoc-ingress.yaml @@ -28,11 +28,23 @@ spec: backend: {{ include "ingress.backend.cjoc" . | indent 10 -}} {{ if eq (include "ingress.apiVersion" .) "networking.k8s.io/v1" }} + {{ if (eq .Values.OperationsCenter.Platform "eks") }} + pathType: ImplementationSpecific + {{ else }} pathType: Prefix -{{ else }} + {{ end }} +{{- end -}} +{{ if or (ne (include "ingress.apiVersion" .) "networking.k8s.io/v1") (eq .Values.OperationsCenter.Platform "eks") }} - path: {{ include "oc.contextpath" . }}/* backend: {{ include "ingress.backend.cjoc" . | indent 10 -}} + {{ if eq (include "ingress.apiVersion" .) "networking.k8s.io/v1" }} + {{ if (eq .Values.OperationsCenter.Platform "eks") }} + pathType: ImplementationSpecific + {{ else }} + pathType: Prefix + {{ end }} + {{- end -}} {{- end -}} {{- if .Values.OperationsCenter.Ingress.tls.Enable }} tls: diff --git a/helm/values.yaml b/helm/values.yaml index 875b15c..4d042b1 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -57,7 +57,7 @@ OperationsCenter: # Operations Center docker image Image: # OperationsCenter.Image.dockerImage -- Container image to use for Operations Center - dockerImage: dcar/core-oc:2.277.2.4-ra + dockerImage: dcar/core-oc:2.277.4.4-ra # OperationsCenter.Image.dockerPullPolicy -- https://kubernetes.io/docs/concepts/containers/images/#updating-images dockerPullPolicy: null @@ -262,7 +262,7 @@ Master: # Docker image inserted in Operations Center automatically Image: # Master.Image.dockerImage -- Used to override the default docker image - dockerImage: dcar/core-mm:2.277.2.4-ra + dockerImage: dcar/core-mm:2.277.4.4-ra # Master.JavaOpts -- Additional Java options to pass to managed masters. For example, setting up a JMX port JavaOpts: null @@ -279,7 +279,7 @@ Agents: Create: false Image: # Agents.Image.dockerImage -- Used to override the default docker image used for agents - dockerImage: dcar/agent:2.277.2.4-ra + dockerImage: dcar/agent:2.277.4.4-ra # Image pull secrets # Enable this option when using a private registry. # https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line diff --git a/scripts/usr/local/bin/jenkins.sh b/scripts/usr/local/bin/jenkins.sh index 93eb258..ed0859d 100644 --- a/scripts/usr/local/bin/jenkins.sh +++ b/scripts/usr/local/bin/jenkins.sh @@ -52,7 +52,7 @@ find /usr/share/jenkins/ref/ -type f -exec bash -c "copy_reference_file '{}'" \; # if `docker run` first argument start with `--` the user is passing jenkins launcher arguments if [[ $# -lt 1 ]] || [[ "$1" == "--"* ]]; then - eval "exec java ${JAVA_OPTS:-} -jar -Dcb.distributable.name=\"Docker Common CJE\" -Dcb.distributable.commit_sha=d7b584f951ddf7ecf2a3d0cbee88bd6490514658 /usr/share/jenkins/jenkins.war $JENKINS_OPTS \"\$@\"" + eval "exec java ${JAVA_OPTS:-} -jar -Dcb.distributable.name=\"Docker Common CJE\" -Dcb.distributable.commit_sha=0ca4417c776c03f0409198deca72eccf45eda162 /usr/share/jenkins/jenkins.war $JENKINS_OPTS \"\$@\"" fi # As argument is not jenkins, assume user want to run his own process, for sample a `bash` shell to explore this image -- GitLab