Open vandykej17 opened 3 years ago
torstenwalter
commented
3 years ago I think it doable to implement something like that.
You have to keep in mind that JCasC changes need a Jenkins restart if you are not using the sidecar container. With the sidecar you can already update configuration as code on the fly.
The feature is called configAutoReload and is documented https://github.com/jenkinsci/helm-charts/tree/main/charts/jenkins#config-as-code-with-or-without-auto-reload
vandykej17
commented
3 years ago Okay, I'll look into doing the sidecar. That way no restart is needed.
I think our biggest misunderstanding with the current implementation is that the comments and docs only mention the plugins reinitializing. So we thought it only affected the plugins. Maybe just a docs update to clarify would suffice?
torstenwalter
commented
3 years ago What would you propose to change?
vandykej17
commented
3 years ago Sorry, I never got back to you. I now remember why we wanted initializeOnce enabled. Its because we have a manual plugin to upload each time we restart. Is there a way to have that plugin installed through the JCasC? If I go the sidecar route, will I still experience the plugin re-initializing each restart and removing my manual plugin?
On the docs clarification, when I read this line I assumed this setting only affected plugins. Not all the JCasC, including credentials.
https://github.com/jenkinsci/helm-charts/blob/main/charts/jenkins/VALUES_SUMMARY.md
joey-jonko-paypal
commented
2 years ago Been working on this for over an hour with that controller.initializeOnce enabled. I have a verified config for the credentials using an existing Kubernetes secret and the sidecar never applies the credentials. Once I disabled the initializeOnce value the AWS credential immediately popped up.
The sidecar reload functionality is not working with controller.additionalExistingSecrets or controller. additionalSecrets
stale[bot]
commented
2 years ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Any further update will cause the issue/pull request to no longer be considered stale. Thank you for your contributions.
Describe the bug Let me start by saying I think this is working as designed, but it could be tweaked to provide some additional benefit. We started using
initializeOnce, which initially we understood to only skip the plugin initialization. But now we're realizing it controls all of our jcasc, including credentials.For reference here is the line of code: https://github.com/jenkinsci/helm-charts/blob/main/charts/jenkins/templates/config.yaml#L16
Which version of the chart: latest
What happened: Once we set the flag to true, none of our config updated.
What you expected to happen: I am wanting a setting where the plugins do not update or re-install, but my
JCasCblock in the chart still updates. This would include user authorization and credentials.How to reproduce it (as minimally and precisely as possible): values.yaml (only put values which differ from the defaults)
Anything else we need to know: