Open htgurukul opened 1 year ago
Actually I am using attached values.yml and tried to add casc section . But when jenkins comes up it has no cognito authentication enabled. I think this configuration is not working.
controller:
# Used for label app.kubernetes.io/component
jenkinsUrl: https://189-6.in.ngrok.io/jenkins
jenkinsAdminEmail: bauwa@buwal.com
componentName: "jenkins-controller"
image: "jenkins/jenkins"
tag: "2.375.2"
imagePullPolicy: "Always"
adminUser: "ht"
adminPassword: "ht123"
jenkinsUriPrefix: "/jenkins"
resources:
requests:
cpu: "50m"
memory: "256Mi"
limits:
cpu: "1000m"
memory: "2096Mi"
installPlugins:
- kubernetes:1.31.3
- workflow-aggregator:2.6
- git:5.0.0
- configuration-as-code:1569.vb_72405b_80249
additionalPlugins:
- aws-java-sdk:1.12.89-292.v2712528e879c
- blueocean:1.25.8
- aws-credentials:191.vcb_f183ce58b_9
- credentials:1189.vf61b_a_5e2f62e
- matrix-auth:3.0.1
- dashboard-view:2.19
- oic-auth:1.8
- periodicbackup:1.8
- amazon-ecr:1.73.v741d474abe74
- docker-workflow:1.29
- pipeline-utility-steps:2.13.0
- pipeline-github-lib:38.v445716ea_edda_
- pipeline-aws:1.43
- build-monitor-plugin:1.9+build.201606131328
- job-dsl:1.81
serviceType: NodePort
overwritePlugins: false
JCasC:
enabled: true
defaultConfig: false
configUrls: []
# - https://acme.org/jenkins.yaml
# Remote URL:s for configuration files.
configScripts:
add-cred: |
credentials:
system:
domainCredentials:
- credentials:
- usernamePassword:
id: "falling"
password: "{AQAAABAAAAAQf68nbgXec6Kc34hwIngowUV23e5884ShYcvVlaeF3uM=}"
scope: GLOBAL
username: "chal"
- string:
id: "secuBH"
scope: GLOBAL
secret: "{AQAAABAAAAAQqK+wc2hbI77cmsj61/mVWXRWlyvNEVjnU3bxJFJbrZo=}"
jen-config: |
jenkins:
systemMessage: "FROM CaaS"
authorizationStrategy:
globalMatrix:
permissions:
- "GROUP:Overall/Administer:jen_admin"
- "GROUP:Overall/Read:authenticated"
- "USER:Overall/Administer:ht"
securityRealm:
oic:
clientId: "skdhksjdfshhcktgu78kmr"
clientSecret: "skdfkjsnvksnjvndjvndnvdfntfbon1hujj6"
wellKnownOpenIDConfigurationUrl: ""
userInfoServerUrl: "https://myurl.com/oauth2/userInfo"
tokenFieldToCheckKey: ""
tokenFieldToCheckValue: ""
fullNameFieldName: ""
groupsFieldName: "cognito:groups"
disableSslVerification: false
logoutFromOpenidProvider: "https://myurl.com/logout?client_id=skdhksjdfshhcktgu78kmr&logout_uri=https://189-6.in.ngrok.io/jenkins/OicLogout&"
endSessionEndpoint: ""
postLogoutRedirectUrl: "https://189-6.in.ngrok.io/jenkins/OicLogout"
escapeHatchEnabled: true
escapeHatchUsername: "minikube"
escapeHatchSecret: "minikube123"
escapeHatchGroup: "jen_admin"
automanualconfigure: ""
emailFieldName: "email"
userNameField: "username"
tokenServerUrl: "https://myurl.com/oauth2/token"
authorizationServerUrl: "https://myurl.com/oauth2/authorize"
scopes: "openid profile email"
agent:
enabled: true
jenkinsHome: "/var/jenkins_home"
javaOpts: "-Djava.io.tmpdir=/var/jenkins_tmp -DJENKINS_HOME=/var/jenkins_home"
usePodSecurityContext: true
# Note that `runAsUser`, `fsGroup`, and `securityContextCapabilities` are
# being deprecated and replaced by `podSecurityContextOverride`.
# Set runAsUser to 1000 to let Jenkins run as non-root user 'jenkins' which exists in 'jenkins/jenkins' docker image.
# When setting runAsUser to a different value than 0 also set fsGroup to the same value:
runAsUser: 1000
fsGroup: 1000
# containerSecurityContext:
# runAsUser: 1000
# runAsGroup: 1000
# readOnlyRootFilesystem: true
# allowPrivilegeEscalation: false
nodeSelector:
jenkins: enable
## Install Default RBAC roles and bindings
rbac:
create: true
readSecrets: false
serviceAccount:
create: true
# The name of the service account is autogenerated by default
name:
annotations: {}
imagePullSecretName:
Jenkins and plugins versions report
Environment
```text Paste the output here ```What Operating System are you using (both controller, and any agents involved in the problem)?
kubernetes deployment of jenkins fails when authentication enabled with aws cognito. however without this plugin my auth works well with cognito
Reproduction steps
jenkins auth with aws cognito
Expected Results
should work jenkins auth with aws cognito
Actual Results
failing
Anything else?
No response