| classes: |
| - system.docker |
| parameters: |
| _param: |
| jenkins_master_url: http://jenkins_master:8080 |
| jenkins_slave_extra_opts: "" |
| jenkins_slave01_node_name: ${_param:cluster_node01_name} |
| docker: |
| client: |
| enabled: true |
| images: |
| - ${_param:docker_image_jenkins_jnlp_slave} |
| stack: |
| jenkins: |
| version: '3.7' |
| service: |
| slave01: |
| environment: |
| JENKINS_URL: ${_param:jenkins_master_url} |
| JENKINS_AGENT_NAME: slave01 |
| JENKINS_UPDATE_SLAVE: 'true' |
| JENKINS_LOGIN: ${_param:jenkins_client_user} |
| JENKINS_PASSWORD_FILE: /run/secrets/jenkins-admin |
| JAVA_OPTS: "-Dhttp.proxyHost=${_param:docker_http_proxy} -Dhttp.nonProxyHosts=|jenkins_master ${_param:jenkins_slave_extra_opts}" |
| https_proxy: ${_param:docker_https_proxy} |
| http_proxy: ${_param:docker_http_proxy} |
| no_proxy: "jenkins_master,${_param:docker_no_proxy}" |
| GIT_SSL_CAINFO: /etc/ssl/certs/ca-${_param:salt_minion_ca_authority}.pem |
| deploy: |
| restart_policy: |
| condition: any |
| placement: |
| constraints: |
| - "node.hostname == ${_param:jenkins_slave01_node_name}" |
| image: ${_param:docker_image_jenkins_jnlp_slave} |
| volumes: |
| - /etc/ssl/certs/:/etc/ssl/certs/:ro |
| - /etc/ssl/certs/ca-${_param:salt_minion_ca_authority}.pem:/etc/ssl/certs/ca-${_param:salt_minion_ca_authority}.pem:ro |
| - /dev/urandom:/dev/random:ro |
| - /var/run/docker.sock:/var/run/docker.sock |
| - /usr/bin/docker:/usr/bin/docker:ro |
| - /var/lib/jenkins:/var/lib/jenkins |
| secrets: |
| - jenkins-admin |
| secrets: |
| jenkins-admin: |
| external: true |
| value: ${_param:jenkins_client_password} |