[stable/jenkins] Allow to enable OWASP Markup Formatter Plugin (helm#…

…10851)

Signed-off-by: Hleb Valoshka <[email protected]>

charts/jenkins/Chart.yaml

@@ -1,6 +1,6 @@
 name: jenkins
 home: https://jenkins.io/
-version: 0.28.10
+version: 0.28.11
 appVersion: lts
 description: Open source continuous integration server. It supports multiple SCM tools
   including CVS, Subversion and Git. It can execute Apache Ant and Apache Maven-based

charts/jenkins/README.md

@@ -80,6 +80,7 @@ The following tables list the configurable parameters of the Jenkins chart and t
 | `Master.SecretsFilesSecret`       | Kubernetes secret that contains 'secrets' files | Not set                                                           |
 | `Master.Jobs`                     | Jenkins XML job configs              | Not set                                                                      |
 | `Master.InstallPlugins`           | List of Jenkins plugins to install   | `kubernetes:1.14.0 workflow-aggregator:2.6 credentials-binding:1.17 git:3.9.1 workflow-job:2.31` |
+| `Master.EnableRawHtmlMarkupFormatter` | Enable HTML parsing using (see below) | Not set                                                                 |
 | `Master.ScriptApproval`           | List of groovy functions to approve  | Not set                                                                      |
 | `Master.NodeSelector`             | Node labels for pod assignment       | `{}`                                                                         |
 | `Master.Affinity`                 | Affinity settings                    | `{}`                                                                         |
@@ -92,6 +93,8 @@ The following tables list the configurable parameters of the Jenkins chart and t
 | `rbac.roleKind`            | Role kind (`Role` or `ClusterRole`)| `ClusterRole`
 | `rbac.roleBindingKind`            | Role binding kind (`RoleBinding` or `ClusterRoleBinding`)| `ClusterRoleBinding`                                             |
 
+Some third-party systems, e.g. GitHub, use HTML-formatted data in their payload sent to a Jenkins webhooks, e.g. URL of a pull-request being built. To display such data as processed HTML instead of raw text set `Master.EnableRawHtmlMarkupFormatter` to true. This option requires installation of OWASP Markup Formatter Plugin (antisamy-markup-formatter). The plugin is **not** installed by default, please update `Master.InstallPlugins`.
+
 ### Jenkins Agent
 
 | Parameter                  | Description                                     | Default                |

charts/jenkins/templates/config.yaml

@@ -29,7 +29,13 @@ data:
       <projectNamingStrategy class="jenkins.model.ProjectNamingStrategy$DefaultProjectNamingStrategy"/>
       <workspaceDir>${JENKINS_HOME}/workspace/${ITEM_FULLNAME}</workspaceDir>
       <buildsDir>${ITEM_ROOTDIR}/builds</buildsDir>
+{{- if .Values.Master.EnableRawHtmlMarkupFormatter }}
+  <markupFormatter class="hudson.markup.RawHtmlMarkupFormatter" plugin="antisamy-markup-formatter">
+    <disableSyntaxHighlighting>true</disableSyntaxHighlighting>
+  </markupFormatter>
+{{- else }}
       <markupFormatter class="hudson.markup.EscapedMarkupFormatter"/>
+{{- end }}
       <jdks/>
       <viewsTabBar class="hudson.views.DefaultViewsTabBar"/>
       <myViewsTabBar class="hudson.views.DefaultMyViewsTabBar"/>

charts/jenkins/values.yaml

@@ -123,6 +123,9 @@ Master:
     - workflow-aggregator:2.6
     - credentials-binding:1.17
     - git:3.9.1
+  # Enable HTML parsing using OWASP Markup Formatter Plugin (antisamy-markup-formatter), useful with ghprb plugin.
+  # The plugin is not installed by default, please update Master.InstallPlugins.
+  # EnableRawHtmlMarkupFormatter: true
   # Used to approve a list of groovy functions in pipelines used the script-security plugin. Can be viewed under /scriptApproval
   # ScriptApproval:
   #   - "method groovy.json.JsonSlurperClassic parseText java.lang.String"