From c4daf67e4be6e36dc52327b3e58dc10a6fc483ba Mon Sep 17 00:00:00 2001
From: Damien Duportal <damien.duportal@gmail.com>
Date: Mon, 8 Jan 2024 18:18:12 +0100
Subject: [PATCH] feat(publick8s) install a new instance of get.jenkins.io with
 mirrorbits-parent chart (#4847)

* feat(publick8s) install a new instance of get.jenkins.io with mirrorbits-parent chart

Signed-off-by: Damien Duportal <damien.duportal@gmail.com>

* feat(publick8s) set up get.jenkins.io to use domain 'azure.get.jenkins.io'

Signed-off-by: Damien Duportal <damien.duportal@gmail.com>

---------

Signed-off-by: Damien Duportal <damien.duportal@gmail.com>
---
 clusters/publick8s.yaml    |   9 +++
 config/get-jenkins-io.yaml | 121 +++++++++++++++++++++++++++++++++++++
 2 files changed, 130 insertions(+)
 create mode 100644 config/get-jenkins-io.yaml

diff --git a/clusters/publick8s.yaml b/clusters/publick8s.yaml
index 356b5bff2..5bee24481 100644
--- a/clusters/publick8s.yaml
+++ b/clusters/publick8s.yaml
@@ -204,6 +204,15 @@ releases:
       - "../config/mirrorbits.yaml"
     secrets:
       - "../secrets/config/mirrorbits/secrets.yaml"
+  - name: get-jenkins-io
+    namespace: get-jenkins-io
+    chart: jenkins-infra/mirrorbits-parent
+    version: 1.1.15
+    timeout: 600
+    values:
+      - "../config/get-jenkins-io.yaml"
+    secrets:
+      - "../secrets/config/get-jenkins-io/secrets.yaml"
   - name: plugin-site-issues
     namespace: plugin-site
     chart: jenkins-infra/plugin-site-issues
diff --git a/config/get-jenkins-io.yaml b/config/get-jenkins-io.yaml
new file mode 100644
index 000000000..553cb56b0
--- /dev/null
+++ b/config/get-jenkins-io.yaml
@@ -0,0 +1,121 @@
+global:
+  ingress:
+    enabled: true
+    className: public-nginx
+    annotations:
+      "cert-manager.io/cluster-issuer": "letsencrypt-prod"
+      "nginx.ingress.kubernetes.io/ssl-redirect": "true"
+      "nginx.ingress.kubernetes.io/use-regex": "true"  # Required to allow regexp path matching with Nginx
+    hosts:
+      - host: azure.get.jenkins.io
+        paths:
+          - path: /
+            backendService: httpd
+          - path: /.*[.](deb|hpi|war|rpm|msi|pkg|sha256|md5sum|zip|gz|pdf|json|svg|sh|jpeg|ico|png|html)$ # Requires the regexp engine of Nginx to be enabled
+            pathType: ImplementationSpecific
+            backendService: mirrorbits
+      # - host: mirrors.jenkins.io
+      #   paths:
+      #     - path: /
+      #       backendService: httpd
+      #     - path: /.*[.](deb|hpi|war|rpm|msi|pkg|sha256|md5sum|zip|gz|pdf|json|svg|sh|jpeg|ico|png|html)$ # Requires the regexp engine of Nginx to be enabled
+      #       pathType: ImplementationSpecific
+      #       backendService: mirrorbits
+      # - host: mirrors.jenkins-ci.org
+      #   paths:
+      #     - path: /
+      #       backendService: httpd
+      #     - path: /.*[.](deb|hpi|war|rpm|msi|pkg|sha256|md5sum|zip|gz|pdf|json|svg|sh|jpeg|ico|png|html)$ # Requires the regexp engine of Nginx to be enabled
+      #       pathType: ImplementationSpecific
+      #       backendService: mirrorbits
+      # - host: fallback.get.jenkins.io
+      #   paths:
+      #     - path: /
+      #       backendService: httpd
+    tls:
+      - secretName: get-jenkins-io-tls
+        hosts:
+          - azure.get.jenkins.io
+          # - mirrors.jenkins.io
+          # - mirrors.jenkins-ci.org
+          # - fallback.get.jenkins.io
+  storage:
+    enabled: true
+    claimNameTpl: '{{ include "mirrorbits-parent.pvc-name" $ }}'
+    storageClassName: azurefile-csi-premium
+    storageSize: 1000Gi
+    accessModes:
+      - ReadOnlyMany
+    persistentVolume:
+      azureFile:
+        resourceGroup: prod-core-releases
+        shareName: mirrorbits
+        readOnly: true
+      additionalSpec:
+        persistentVolumeReclaimPolicy: Retain
+        mountOptions:
+          - dir_mode=0755
+          - file_mode=0644
+          - uid=1000
+          - gid=1000
+          - mfsymlinks
+          - nobrl
+          - serverino
+          - cache=strict
+
+mirrorbits-lite:
+  enabled: true
+  replicaCount: 2
+  resources:
+    limits:
+      cpu: 2
+      memory: 2048Mi
+    requests:
+      cpu: 500m
+      memory: 500Mi
+  nodeSelector:
+    kubernetes.io/arch: amd64
+  affinity:
+    podAntiAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        - labelSelector:
+            matchExpressions:
+              - key: "app.kubernetes.io/name"
+                operator: In
+                values:
+                  - mirrorbits
+          topologyKey: "kubernetes.io/hostname"
+
+httpd:
+  enabled: true
+  replicaCount: 2
+  resources:
+    limits:
+      cpu: 800m
+      memory: 2048Mi
+    requests:
+      cpu: 200m
+      memory: 500Mi
+  nodeSelector:
+    kubernetes.io/arch: arm64
+  tolerations:
+    - key: "kubernetes.io/arch"
+      operator: "Equal"
+      value: "arm64"
+      effect: "NoSchedule"
+  affinity:
+    podAntiAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        - labelSelector:
+            matchExpressions:
+              - key: "app.kubernetes.io/name"
+                operator: In
+                values:
+                  - mirrorbits-files
+          topologyKey: "kubernetes.io/hostname"
+
+rsyncd:
+  enabled: false
+
+serviceaccount:
+  enabled: false