Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
cdk8s-jenkins
Advanced tools
cdk8s-jenkins
is a library that lets you easily define a manifest for deploying a Jenkins instance to your Kubernetes cluster.
This library uses a Custom Resource Definition provided by jenkins, and thus requires both the CRD and the operator to be installed on the cluster. You can set this up by,
kubectl apply -f https://raw.githubusercontent.com/jenkinsci/kubernetes-operator/master/config/crd/bases/jenkins.io_jenkins.yaml
kubectl apply -f https://raw.githubusercontent.com/jenkinsci/kubernetes-operator/master/deploy/all-in-one-v1alpha2.yaml
For more information regarding applying jenkins crd and installing jenkins operator, please refer jenkins official documentaion.
The library provides a high level Jenkins
construct to provision a Jenkins instance.
You can just instantiate the Jenkins instance and that would add a Jenkins resource to the kubernetes manifest.
The library provide a set of defaults, so provisioning a basic Jenkins instance requires no configuration:
import { Jenkins } from 'cdk8s-jenkins';
// inside your chart:
const jenkins = new Jenkins(this, 'my-jenkins');
The library also enables configuring the following parmeters for the Jenkins instance:
const jenkins = new Jenkins(this, 'my-jenkins', {
metadata: {
namespace: 'jenkins-namespace',
labels: { customApp: 'my-jenkins' },
},
});
This allows you to toggle CSRF Protection for Jenkins.
const jenkins = new Jenkins(this, 'my-jenkins', {
disableCsrfProtection: true,
});
These are the plugins required by the jenkins operator.
const jenkins = new Jenkins(this, 'my-jenkins', {
basePlugins: [{
name: 'configuration-as-code',
version: '1.55',
}],
});
You can also utilize addBasePlugins
function to add base plugins to jenkins configuration after initialization.
const jenkins = new Jenkins(this, 'my-jenkins');
jenkins.addBasePlugins([{
name: 'workflow-api',
version: '2.76',
}]);
These are the plugins that you can add to your jenkins instance.
const jenkins = new Jenkins(this, 'my-jenkins', {
plugins: [{
name: 'simple-theme-plugin',
version: '0.7',
}],
});
You can also utilize addPlugins
function to add plugins to jenkins configuration after initialization.
const jenkins = new Jenkins(this, 'my-jenkins');
jenkins.addPlugins([{
name: 'simple-theme-plugin',
version: '0.7',
}]);
You can define list of jenkins seed job configurations here. For more info you can take look at jenkins documentation.
const jenkins = new Jenkins(this, 'my-jenkins', {
seedJobs: [{
id: 'jenkins-operator',
targets: 'cicd/jobs/*.jenkins',
description: 'Jenkins Operator repository',
repositoryBranch: 'master',
repositoryUrl: 'https://github.com/jenkinsci/kubernetes-operator.git',
}],
});
You can also utilize addSeedJobs
function to add seed jobs to jenkins configuration after initialization.
const jenkins = new Jenkins(this, 'my-jenkins');
jenkins.addSeedJobs([{
id: 'jenkins-operator',
targets: 'cicd/jobs/*.jenkins',
description: 'Jenkins Operator repository',
repositoryBranch: 'master',
repositoryUrl: 'https://github.com/jenkinsci/kubernetes-operator.git',
}]);
You can utilize escape hatches to make changes to the configurations that are not yet exposed by the library.
For instance, if you would like to update the version of a base plugin:
const jenkins = new Jenkins(this, 'my-jenkins');
const jenkinsApiObject = ApiObject.of(jenkins);
jenkinsApiObject.addJsonPatch(JsonPatch.replace('/spec/master/basePlugins/1', {
name: 'workflow-job',
version: '3.00',
}));
For more information regarding escape hatches, take a look at cdk8s documentation.
See CONTRIBUTING for more information.
This project is licensed under the Apache-2.0 License.
FAQs
Jenkins construct for CDK8s
We found that cdk8s-jenkins demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.