Customize Jenkins with Configuration as Code

This document shows how to customize Jenkins with Configuration as Code (CasC).

Creating a Secret with data to use in CasC

If you need to use confidential data in CasC, you have to start by creating a Secret resource to wrap it in.

Kubernetes stores secrets in base64 format, so we have to encode it. Running:

$ echo -n "Hello World" | base64

will produce the following output:

SGVsbG8gd29ybGQ=

Now we can place it in a Secret config file as the value of SYSTEM_MESSAGE key.

apiVersion: v1
kind: Secret
type: Opaque
metadata:
  name: jenkins-conf-secrets
  namespace: <jenkins-namespace>
data:
  SYSTEM_MESSAGE: SGVsbG8gd29ybGQ=

Now we can apply the secret:

$ kubectl -n jenkins apply -f secret.yaml

Creating JekinsConfigurationAsCode CR

We need to create a JekinsConfigurationAsCode config file containing the configuration we want to apply.

In the data field value we can use yaml syntax to add fields with configuration code.

Since the secret is already present in the Cluster before we create JekinsConfigurationAsCode, we can safely reference its value.

apiVersion: carthago.cloud/v1beta1
kind: JenkinsConfigurationAsCode
metadata:
  name: carthago-op-jenkins-user-configuration
  namespace: <jenkins-namespace>
  labels:
    carthago.cloud/jenkins: <jenkins-cr-name>
spec:
  secretRef:
    namespace: <jenkins-namespace>
      name: jenkins-conf-secrets
  data: |
    jenkins:
      systemMessage: ${SYSTEM_MESSAGE}    

Now we can safely create this JenkinsConfigurationAsCode with following command:

$ kubectl -n jenkins apply -f jenkins-casc.yaml

Our Jenkins instance will see it and bind it to previously created Secret, thanks to the reference we provided.

This event will trigger CasC reconcile loop and our configuration will be applied.

You will see a tiny “Hello World” on the main page.