Asara/infra
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Add jenkins nomad job seriously god, kill me

Browse source
This commit is contained in:
Amarpreet Minhas 2020-10-13 22:56:43 -04:00
parent b08a231443
commit 9b44abb656
1 changed files with 29 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
nomad/jenkins.nomad
View file

@ -13,6 +13,10 @@ job "jenkins" {
value = "true" value = "true"
} }
vault {
policies = ["default", "ansible"]
change_mode = "restart"
}
group "jenkins" { group "jenkins" {
count = 1 count = 1
@ -26,19 +30,41 @@ job "jenkins" {
] ]
} }
template {
data = <<EOH
{{- with secret "pki_int/issue/masked-dot-name" "common_name=jenkins.service.masked.name" "alt_names=jenkins.service.columbia.masked.name" -}}
{{- .Data.certificate -}}
{{- end -}}
EOH
destination = "${NOMAD_SECRETS_DIR}/jenkins.crt"
change_mode = "restart"
}
template {
data = <<EOH
{{- with secret "pki_int/issue/masked-dot-name" "common_name=jenkins.service.masked.name" "alt_names=jenkins.service.columbia.masked.name" -}}
{{- .Data.private_key -}}
{{- end -}}
EOH
destination = "${NOMAD_SECRETS_DIR}/jenkins.key"
change_mode = "restart"
}
env { env {
ROOT_URL = "${NOMAD_ADDR_https}" ROOT_URL = "${NOMAD_ADDR_https}"
JAVA_ARGS = "-Xmx2048m"
JENKINS_OPTS = "--httpsPort=8443 --httpsKeyStore=/secrets/jenkins.jks --httpsKeyStorePassword=password"
} }
resources { resources {
cpu = 2000 cpu = 2000
memory = 2048 memory = 2560
} }
} }
network { network {
port "https" { port "https" {
to = 8080 to = 8443
} }
} }