Kubernetes - Jenkins integration

Question

I\'ve bootstrapped with kubeadm Kubernetes 1.9 RBAC cluster and I\'ve started inside a POD Jenkins based on jenkins/jenkins:lts. I would like to try out https://github.com/j

Answer 1

After some digging it appears that the easiest way to go(without giving extra permissions to the default service account for the name space) is to

kubectl -n  create sa jenkins
kubectl create clusterrolebinding jenkins --clusterrole cluster-admin --serviceaccount=:jenkins
kubectl get -n  sa/jenkins --template='{{range .secrets}}{{ .name }} {{end}}' | xargs -n 1 kubectl -n  get secret --template='{{ if .data.token }}{{ .data.token }}{{end}}' | head -n 1 | base64 -d -

Seems like you can store this token as type Secret text in Jenkins and the plugin is able to pick it up. Another advantage of this approach compared to overwriting the default service account, as mentioned earlier above is that you can have secret per cluster - meaning you can use one jenkins to connect to for example dev -> quality -> prod namespaces or clusters with separate accounts.

Please feel free to contribute, if you have a better way to go.

Regards, Pavel

For more details you can check: - https://gist.github.com/lachie83/17c1fff4eb58cf75c5fb11a4957a64d2 - https://github.com/openshift/origin/issues/6807