jenkins-shared-lib/vars/getPodTemplate.groovy

def call(String podTemplateName) {

Object alpineTemplate = """
  apiVersion: v1
  kind: Pod
  spec:                
    containers:
    - name: linux
      image:  ${env.JENKINS_DOCKER_REGISTRY}/docker-hub-proxy/library/alpine:3.18.5
      command:
      - sleep
      args:
      - 99d
      resources:
        limits:
          cpu: 100m
          memory: 64Mi
        requests:
          cpu: 100m
          memory: 64Mi
"""

Object tavroAuroraV4Template = """
  apiVersion: v1
  kind: Pod
  metadata:
    annotations:
      container.apparmor.security.beta.kubernetes.io/aurora: unconfined
  spec:                
    containers:
    - name: aurora
      image: ${env.JENKINS_DOCKER_REGISTRY}/tavro/tavro-build-aurora:4.0.2.249
      securityContext:
        runAsUser: 1000
        runAsGroup: 1000
        capabilities:
          add:
          - SYS_ADMIN
      tty: true
      resources:
        limits:
          cpu: 15
          memory: 128Gi
        requests:
          cpu: 15
          memory: 32Gi
      volumeMounts:
      - mountPath: ${global.AURORA_CUSTOM_WORKSPACE} # Because home path removed within chroot
        name: "workspace-volume"
      ttyEnabled: true
    imagePullSecrets:
    - name: ${env.JENKINS_K8S_HARBOR_SECRET}
"""

Object tavroAuroraV5Template = """
  apiVersion: v1
  kind: Pod
  metadata:
    annotations:
      container.apparmor.security.beta.kubernetes.io/aurora: unconfined
  spec:
    containers:
    - name: aurora
      image: ${env.JENKINS_DOCKER_REGISTRY}/tavro/tavro-build-aurora:5.0.0.60
      securityContext:
        runAsUser: 1000
        runAsGroup: 1000
        capabilities:
          add:
          - SYS_ADMIN
      tty: true
      resources:
        limits:
          cpu: 15
          memory: 32Gi
        requests:
          cpu: 15
          memory: 32Gi
      volumeMounts:
      - mountPath: ${global.AURORA_CUSTOM_WORKSPACE} # Because home path removed within chroot
        name: "workspace-volume"
      ttyEnabled: true
    imagePullSecrets:
    - name: ${env.JENKINS_K8S_HARBOR_SECRET}
"""

Object containerAuroraTemplate = """
  apiVersion: v1
  kind: Pod
  metadata:
    annotations:
      container.apparmor.security.beta.kubernetes.io/aurora: unconfined
  spec:                
    containers:
    - name: aurora
      image: ${env.JENKINS_DOCKER_REGISTRY}/container/container-build-aurora:5.1.0.100-1
      securityContext:
        runAsUser: 1000
        runAsGroup: 1000
        capabilities:
          add:
          - SYS_ADMIN
      tty: true
      resources:
        limits:
          cpu: 15
          memory: 128Gi
        requests:
          cpu: 15
          memory: 32Gi
      volumeMounts:
      - mountPath: ${global.AURORA_CUSTOM_WORKSPACE} # Because home path removed within chroot
        name: "workspace-volume"
      ttyEnabled: true
    imagePullSecrets:
    - name: ${env.JENKINS_K8S_HARBOR_SECRET}
"""

Object containerLinuxTemplate = """
    apiVersion: v1
    kind: Pod
    metadata:
      annotations:
        container.apparmor.security.beta.kubernetes.io/linux: unconfined
        seccomp.security.alpha.kubernetes.io/linux: unconfined
    spec:
      containers:
      - name: linux
        securityContext:
          runAsUser: 1000
          runAsGroup: 1000
          capabilities:
            add:
            - SYS_ADMIN
        image: ${env.JENKINS_DOCKER_REGISTRY}/container/container-build-linux:1.2
        command:
        - sleep
        args:
        - 99d
        resources:
          limits:
            cpu: 30
            memory: 256Gi
          requests:
            cpu: 30
            memory: 64Gi
      imagePullSecrets:
      - name: ${env.JENKINS_K8S_HARBOR_SECRET}
"""

Object sonarCubeScannerTemplate = """
  apiVersion: v1
  kind: Pod
  spec:                
    containers:
    - name: sonar-scanner
      image: ${env.JENKINS_DOCKER_REGISTRY}/docker-hub-proxy/sonarsource/sonar-scanner-cli:5.0.1
      command: ["bash"]
      securityContext:
        runAsUser: 1000
        runAsGroup: 1000
      tty: true
      resources:
        limits:
          cpu: 7
          memory: 16Gi
        requests:
          cpu: 7
          memory: 16Gi
      ttyEnabled: true
      volumeMounts:
      - mountPath: ${global.AURORA_CUSTOM_WORKSPACE} # Because home path removed within chroot
        name: "workspace-volume"
"""

Object tavroLinuxTemplate = """
  apiVersion: v1
  kind: Pod
  spec:
    containers:
    - name: linux
      image: ${env.JENKINS_DOCKER_REGISTRY}/tavro/tavro-build-linux:1.1
      securityContext:
        runAsUser: 1000
        runAsGroup: 1000
      command:
      - sleep
      args:
      - 99d
      resources:
        limits:
          cpu: 15
          memory: 32Gi
        requests:
          cpu: 15
          memory: 32Gi
    imagePullSecrets:
    - name: ${env.JENKINS_K8S_HARBOR_SECRET}
"""

    switch (podTemplateName) {
        case 'alpine':
            return alpineTemplate
        case 'tavroAuroraV4':
            return tavroAuroraV4Template
        case 'tavroAuroraV5':
            return tavroAuroraV5Template
        case 'containerAurora':
            return containerAuroraTemplate
        case 'containerLinux':
            return containerLinuxTemplate
        case "sonarCubeScanner":
            return sonarCubeScannerTemplate
        case 'tavroLinux':
            return tavroLinuxTemplate
    }
}