[DO-1239] add pod templates (#44)

Co-authored-by: Rustam Tagaev <rustam.tagaev@avroid.tech> Reviewed-on: https://git.avroid.tech/DevOps/jenkins-shared-lib/pulls/44 Reviewed-by: Denis Patrakeev <denis.patrakeev@avroid.team> Co-authored-by: Rustam Tagaev <rustam.tagaev@avroid.team> Co-committed-by: Rustam Tagaev <rustam.tagaev@avroid.team>
2024-11-15 13:28:03 +03:00
parent 4b6b2d25f4
commit 47a42636db
2 changed files with 135 additions and 1 deletions
--- a/src/tech/avroid/kube/PodTemplates.groovy
+++ b/src/tech/avroid/kube/PodTemplates.groovy
@@ -0,0 +1,134 @@
+package tech.avroid.kube
+
+
+class PodTemplates implements Serializable {
+    String registry
+    Object script
+    List dockerCreds
+
+    public PodTemplates(script, String registry, List dockerCreds) {
+        this.script = script
+        this.registry = registry
+        this.dockerCreds = dockerCreds
+    }
+
+    protected rawYaml() {
+        return """spec:
+        tolerations:
+        - key: node-role.kubernetes.io/build-node
+        effect: NoSchedule
+    """
+    }
+    public void jnlp(body) {
+        this.script.podTemplate(
+            containers: [
+                this.script.containerTemplate(
+                    alwaysPullImage: true,
+                    name: 'jnlp',
+                    image: "${this.registry}/docker-hub-proxy/jenkins/inbound-agent:jdk17",
+                    envVars: [
+                        this.script.containerEnvVar(key: 'HOME', value: '/home/jenkins'),
+                    ],
+                    resourceRequestCpu: '50m',
+                    resourceRequestMemory: '256Mi',
+                    resourceLimitCpu: '2',
+                    resourceLimitMemory: '4Gi',
+                    workingDir: '/jenkins',
+                ),
+            ],
+            instanceCap: 2,
+            showRawYaml: false,
+            volumes: [
+                this.script.emptyDirVolume(memory: false, mountPath: '/tmp'),
+                this.script.emptyDirVolume(memory: false, mountPath: '/home/jenkins/.cache'),
+                this.script.emptyDirVolume(memory: false, mountPath: '/home/jenkins/.npm'),
+                this.script.emptyDirVolume(memory: false, mountPath: '/home/jenkins/.config'),
+                this.script.emptyDirVolume(memory: false, mountPath: '/home/jenkins/.composer'),
+                this.script.emptyDirVolume(memory: false, mountPath: '/home/jenkins/.local'),
+            ],
+            workspaceVolume: this.script.emptyDirWorkspaceVolume(false),
+            yaml: this.rawYaml(),
+        )
+
+        {
+            body.call()
+        }
+    }
+
+    public void poetry(body) {
+        this.script.podTemplate(
+            imagePullSecrets: this.dockerCreds,
+            containers: [
+                this.script.containerTemplate(
+                    alwaysPullImage: true,
+                    name: 'poetry',
+                    image: "${this.registry}/devops/poetry:1.8.4",
+                    envVars: [
+                        this.script.containerEnvVar(key: 'HOME', value: '/home/jenkins'),
+                    ],
+                    shell: '/bin/sh',
+                    ttyEnabled: true,
+                    command: 'cat',
+                    resourceRequestCpu: '100m',
+                    resourceRequestMemory: '64Mi',
+                    resourceLimitCpu: '100m',
+                    resourceLimitMemory: '64Gi',
+                    workingDir: '/jenkins',
+                ),
+            ],
+            instanceCap: 1,
+            showRawYaml: false,
+            volumes: [
+                this.script.emptyDirVolume(memory: false, mountPath: '/tmp'),
+            ],
+            workspaceVolume: this.script.emptyDirWorkspaceVolume(false),
+            yaml: this.rawYaml(),
+        )
+
+        {
+            body.call()
+        }
+    }
+
+    public void docker(body) {
+        this.script.podTemplate(
+            // serviceAccount: 'jenkins-privileged',
+            imagePullSecrets: this.dockerCreds,
+            containers: [
+                this.script.containerTemplate(
+                    alwaysPullImage: true,
+                    name: 'docker',
+                    image: "${registry}/docker-hub-proxy/docker:27.3.1-dind",
+                    envVars: [
+                        this.script.containerEnvVar(key: 'HOME', value: '/home/jenkins'),
+                    ],
+                    ttyEnabled: true,
+                    command: '/usr/local/bin/dockerd-entrypoint.sh',
+                    // args: """--insecure-registry=${registry} \
+                    //          --bip=192.168.222.1/24 \
+                    //          --storage-driver=overlay""",
+                    privileged: true,
+                    resourceRequestCpu: '500m',
+                    resourceLimitCpu: '4',
+                    resourceRequestMemory: '512Mi',
+                    resourceLimitMemory: '3Gi',
+                    workingDir: '/jenkins',
+                ),
+            ],
+            instanceCap: 1,
+            showRawYaml: false,
+            volumes: [
+                // this.script.secretVolume(secretName: 'docker-config', mountPath: '/home/jenkins/.docker'),
+                this.script.emptyDirVolume(memory: false, mountPath: '/var/lib/docker'),
+                this.script.emptyDirVolume(memory: false, mountPath: '/home/jenkins/.local'),
+                this.script.emptyDirVolume(memory: false, mountPath: '/home/jenkins/.cache'),
+            ],
+            workspaceVolume: this.script.emptyDirWorkspaceVolume(false),
+        )
+
+        {
+            body.call()
+        }
+    }
+
+}
--- a/vars/getPodTemplate.groovy
+++ b/vars/getPodTemplate.groovy
@@ -329,7 +329,7 @@ Object pythonBuildTemplate = """
            memory: 512Mi
          imagePullPolicy: Always
      imagePullSecrets:
-      - name: harbor-registry-secret
+      - name: ${env.JENKINS_K8S_HARBOR_SECRET}
 """

    switch (podTemplateName) {