Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-62503

Global defination raw yaml for Pod is ignored

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Major
    • Resolution: Unresolved
    • Component/s: kubernetes-plugin
    • Labels:
      None
    • Environment:
      Jenkins: 2.229
      kubernetes-plugin: 1.25.1 or 1.25.7
    • Similar Issues:

      Description

      I used 'raw yaml for pod' in global cloud config. I was hoping it would be treated as default pod template, but it doesn't. seems it is ignored completely.

      And from the real slave pod created, I don't know where those values come from. I have no other default pod/containers defined other that the raw yaml.  From the real slave pod definition, the jnlp container configuration is not from "raw yaml for pod'

      The default pod template 'raw yaml for pod' in cloud configuration:

      kind: Pod
      spec:
        containers:
        - name: jnlp
          args:
          - "$(JENKINS_SECRET)"
          - "$(JENKINS_NAME)"
          image: myrepo/jenkins/jnlp-slave:4.0.1-1
          imagePullPolicy: Always
          workingDir: /home/jenkins/agent/
        hostNetwork: true
        nodeSelector:
          is_control: "true"
        tolerations:
        - effect: NoExecute
          key: is_edge
          operator: Equal
          value: "true"
      

      pipeline agent defination:

        agent {
          kubernetes {
            label "test-${env.JOB_NAME}-${env.BUILD_NUMBER}"
            inheritFrom 'default'
            yaml """
      spec:
        serviceAccountName: test-test
        automountServiceAccountToken: true
        containers:
        - name: test
          image: myrepo/test
          workingDir: /home/jenkins/agent
          command:
          - cat
          tty: true
            """
          }
        }
      

      Actual slave pod spec from k8s:

      spec:
        automountServiceAccountToken: true
        containers:
        - command:
          - cat
          image: myrepo/test
          imagePullPolicy: Always
          name: test
          resources: {}
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          tty: true
          volumeMounts:
          - mountPath: /home/jenkins/agent
            name: workspace-volume
          - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
            name: test-test-token-js29c
            readOnly: true
          workingDir: /home/jenkins/agent
        - env:
          - name: JENKINS_SECRET
            value: fef57efe455c8af8f54b690fbc85d03a9e0a2dbaafce972d06d94eaad36a7704
          - name: JENKINS_TUNNEL
            value: test-jenkins-agent:50000
          - name: JENKINS_AGENT_NAME
            value: test-1-7-jtw95-4lzdv
          - name: JENKINS_NAME
            value: test-1-7-jtw95-4lzdv
          - name: JENKINS_AGENT_WORKDIR
            value: /home/jenkins/agent
          - name: JENKINS_URL
            value: https://test-jenkins:8080/jenkins/
          image: jenkins/jnlp-slave:4.0.1-1
          imagePullPolicy: IfNotPresent
          name: jnlp
          resources:
            requests:
              cpu: 100m
              memory: 256Mi
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: File
          volumeMounts:
          - mountPath: /home/jenkins/agent
            name: workspace-volume
          - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
            name: test-test-token-js29c
            readOnly: true
        dnsPolicy: ClusterFirst
        enableServiceLinks: true
        nodeName: test-cluster-control-01
        nodeSelector:
          beta.kubernetes.io/os: linux
        priority: 0
        restartPolicy: Never
        schedulerName: default-scheduler
        securityContext: {}
        serviceAccount: test-test
        serviceAccountName: test-test
        terminationGracePeriodSeconds: 30
        volumes:
        - emptyDir: {}
          name: workspace-volume
        - name: test-test-token-js29c
          secret:
            defaultMode: 420
            secretName: test-test-token-js29c
      
      

        Attachments

          Activity

          There are no comments yet on this issue.

            People

            • Assignee:
              Unassigned
              Reporter:
              walthhy Tony Wen
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: