[stable/jenkins] Add existingSecret to Jenkins backup AWS credentials (…

…#13392) * [stable/jenkins] Add existingSecret to Jenkins backup AWS credentials Signed-off-by: Hans-Jörg Wieland <[email protected]> * [stable/jenkins] Removed unnecessary Maintainer line Signed-off-by: Hans-Jörg Wieland <[email protected]> * [stable/jenkins] Chart.yaml version bump Signed-off-by: Hans-Jörg Wieland <[email protected]>
helm · Jun 27, 2019 · d9374f5 · d9374f5
1 parent 9c6fc13
commit d9374f5
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 12 deletions.
diff --git a/stable/jenkins/Chart.yaml b/stable/jenkins/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v1
 name: jenkins
 home: https://jenkins.io/
-version: 1.3.2
+version: 1.3.3
 appVersion: lts
 description: Open source continuous integration server. It supports multiple SCM tools
   including CVS, Subversion and Git. It can execute Apache Ant and Apache Maven-based

diff --git a/stable/jenkins/README.md b/stable/jenkins/README.md
@@ -357,17 +357,21 @@ Adds a backup CronJob for jenkins, along with required RBAC resources.
 
 ### Backup Values
 
-| Parameter                   | Description                                | Default                           |
-| --------------------------- | ------------------------------------------ | --------------------------------- |
-| `backup.enabled`            | Enable the use of a backup CronJob         | `false`                           |
-| `backup.schedule`           | Schedule to run jobs                       | `0 2 * * *`                       |
-| `backup.annotations`        | Backup pod annotations                     | iam.amazonaws.com/role: `jenkins` |
-| `backup.image.repo`         | Backup image repository                    | `nuvo/kube-tasks`                 |
-| `backup.image.tag`          | Backup image tag                           | `0.1.2`                           |
-| `backup.extraArgs`          | Additional arguments for kube-tasks        | `[]`                              |
-| `backup.env`                | Backup environment variables               | AWS_REGION: `us-east-1`           |
-| `backup.resources`          | Backup CPU/Memory resource requests/limits | Memory: `1Gi`, CPU: `1`           |
-| `backup.destination`        | Destination to store backup artifacts      | `s3://nuvo-jenkins-data/backup`   |
+| Parameter                              | Description                                            | Default                           |
+| -------------------------------------- | ------------------------------------------------------ | --------------------------------- |
+| `backup.enabled`                       | Enable the use of a backup CronJob                     | `false`                           |
+| `backup.schedule`                      | Schedule to run jobs                                   | `0 2 * * *`                       |
+| `backup.annotations`                   | Backup pod annotations                                 | iam.amazonaws.com/role: `jenkins` |
+| `backup.image.repo`                    | Backup image repository                                | `nuvo/kube-tasks`                 |
+| `backup.image.tag`                     | Backup image tag                                       | `0.1.2`                           |
+| `backup.extraArgs`                     | Additional arguments for kube-tasks                    | `[]`                              |
+| `backup.existingSecret`                | Environment variables to add to the cronjob container  | {}                                |
+| `backup.existingSecret.*`              | Specify the secret name containing the AWS credentials | `jenkinsaws`                      |
+| `backup.existingSecret.*.awsaccesskey` | `secretKeyRef.key` used for `AWS_ACCESS_KEY_ID`        | `jenkins_aws_access_key`          |
+| `backup.existingSecret.*.awssecretkey` | `secretKeyRef.key` used for `AWS_SECRET_ACCESS_KEY`    | `jenkins_aws_secret_key`          |
+| `backup.env`                           | Backup environment variables                           | AWS_REGION: `us-east-1`           |
+| `backup.resources`                     | Backup CPU/Memory resource requests/limits             | Memory: `1Gi`, CPU: `1`           |
+| `backup.destination`                   | Destination to store backup artifacts                  | `s3://nuvo-jenkins-data/backup`   |
 
 ### Restore from backup
 

diff --git a/stable/jenkins/templates/jenkins-backup-cronjob.yaml b/stable/jenkins/templates/jenkins-backup-cronjob.yaml
@@ -45,6 +45,20 @@ spec:
             env:
 {{ toYaml . | indent 12 }}
             {{- end }}
+            {{- if .Values.backup.existingSecret }}
+            {{- range $key,$value := .Values.backup.existingSecret }}
+            - name: AWS_ACCESS_KEY_ID
+              valueFrom:
+                secretKeyRef:
+                  name: {{ $key }}
+                  key: {{ $value.awsaccesskey | quote }}
+            - name: AWS_SECRET_ACCESS_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: {{ $key }}
+                  key: {{ $value.awssecretkey | quote}}
+            {{- end }}
+            {{- end }}
           {{- with .Values.backup.resources }}
             resources:
 {{ toYaml . | indent 14 }}

diff --git a/stable/jenkins/values.yaml b/stable/jenkins/values.yaml
@@ -471,6 +471,14 @@ backup:
   # Additional arguments for kube-tasks
   # Ref: https://github.com/nuvo/kube-tasks#simple-backup
   extraArgs: []
+  # Add existingSecret for AWS credentials
+  existingSecret: {}
+  ## Example for using an existing secret
+   # jenkinsaws:
+  ## Use this key for AWS access key ID
+     # awsaccesskey: jenkins_aws_access_key
+  ## Use this key for AWS secret access key
+     # awssecretkey: jenkins_aws_secret_key
   # Add additional environment variables
   env:
   # Example environment variable required for AWS credentials chain