Abstract
A complete list of available configuration values.
Jenkins Helm Chart Values#
Configuration#
The following tables list the configurable parameters of the Jenkins chart and their default values.
Values#
Key |
Type |
Description |
Default |
|---|---|---|---|
object |
Configure additional |
|
|
object |
|
||
bool |
Allocate pseudo tty to the side container |
|
|
list |
Add additional containers to the agents |
|
|
bool |
Always pull agent container image before build |
|
|
object |
Annotations to apply to the pod |
|
|
string |
Arguments passed to command to execute |
|
|
string |
Command to execute when side container starts |
|
|
string |
|
||
int |
Timeout in seconds for an agent to be online |
|
|
int |
Max number of agents to launch for a whole cluster. |
|
|
list |
Append Jenkins labels to the agent |
|
|
string |
The name of the pod template to use for providing default values |
|
|
bool |
|
||
bool |
Disable the default Jenkins Agent configuration |
|
|
bool |
Enable Kubernetes plugin jnlp-agent podTemplate |
|
|
list |
Environment variables for the agent Pod |
|
|
bool |
When enabled, Jenkins will periodically check for orphan pods that have not been touched for the given timeout period and delete them. |
|
|
string |
Namespaces to look at for garbage collection, in addition to the default namespace defined for the cloud. One namespace per line. |
|
|
int |
Timeout value for orphaned pods |
|
|
bool |
Enables the agent to use the host network |
|
|
int |
Allows the Pod to remain active for reuse until the configured number of minutes has passed since the last step was executed on it |
|
|
string |
Registry to pull the agent jnlp image from |
|
|
string |
Repository to pull the agent jnlp image from |
|
|
string |
Tag of the image to pull |
|
|
string |
Name of the secret to be used to pull the image |
|
|
bool |
Controls whether the defined yaml merge strategy will be inherited if another defined pod template is configured to inherit from the current one |
|
|
int |
Max number of agents to launch for this type of agent |
|
|
string |
Overrides the Kubernetes Jenkins tunnel |
|
|
string |
Overrides the Kubernetes Jenkins URL |
|
|
string |
Custom registry used to pull the agent jnlp image from |
|
|
int |
The connection timeout in seconds for connections to Kubernetes API. The minimum value is 5 |
|
|
int |
The read timeout in seconds for connections to Kubernetes API. The minimum value is 15 |
|
|
object |
|
||
string |
The maximum concurrent connections to Kubernetes API |
|
|
string |
Namespace in which the Kubernetes agents should be launched |
|
|
object |
Node labels for pod assignment |
|
|
string |
|
||
object |
Custom Pod labels (an object with |
|
|
string |
Agent Pod base name |
|
|
string |
|
||
object |
Configures extra pod templates for the default kubernetes cloud |
|
|
bool |
Agent privileged container |
|
|
object |
Resources allocation (Requests and Limits) |
|
|
bool |
Set a restricted securityContext on jnlp containers |
|
|
int |
Time in minutes after which the Kubernetes cloud plugin will clean up an idle worker that has not already terminated |
|
|
string |
Configure container group |
|
|
string |
Configure container user |
|
|
list |
Mount a secret as environment variable |
|
|
string |
Override the default service account |
|
|
bool |
|
||
string |
Side container name |
|
|
bool |
Disables the verification of the controller certificate on remote connection. This flag correspond to the “Disable https certificate check” flag in kubernetes plugin UI |
|
|
bool |
Enable the possibility to restrict the usage of this agent to specific folder. This flag correspond to the “Restrict pipeline support to authorized folders” flag in kubernetes plugin UI |
|
|
bool |
Use |
|
|
list |
Additional volumes |
|
|
int |
Seconds to wait for pod to be running |
|
|
bool |
Enables agent communication via websockets |
|
|
string |
Configure working directory for default agent |
|
|
object |
Workspace volume (defaults to EmptyDir) |
|
|
string |
Defines how the raw yaml field gets merged with yaml definitions from inherited pod templates. Possible values: “merge” or “override” |
|
|
string |
The raw yaml of a Pod API Object to merge into the agent spec |
|
|
bool |
|
||
string |
|
||
object |
|
||
list |
|
||
bool |
Checks if any deprecated values are used |
|
|
string |
Override the cluster name for FQDN resolving |
|
|
string |
Jenkins Config as Code Authorization Strategy-section |
|
|
object |
Annotations for the JCasC ConfigMap |
|
|
object |
List of Jenkins Config as Code scripts |
|
|
list |
Remote URLs for configuration files. |
|
|
bool |
Enables default Jenkins configuration via configuration as code plugin |
|
|
bool |
Whether Jenkins Config as Code should overwrite any existing configuration |
|
|
object |
Jenkins Config as Code security-section |
|
|
string |
Jenkins Config as Code Security Realm-section |
|
|
list |
List of additional existing secrets to mount |
|
|
list |
List of plugins to install in addition to those listed in controller.installPlugins |
|
|
list |
List of additional secrets to create and mount |
|
|
bool |
Create secret for admin user |
|
|
string |
The name of an existing secret containing the admin credentials |
|
|
string |
Admin password created as a secret if |
|
|
string |
The key in the existing admin secret containing the password |
|
|
string |
The key in the existing admin secret containing the username |
|
|
string |
Admin username created as a secret if |
|
|
object |
Affinity settings |
|
|
bool |
Create Agent listener service |
|
|
string |
Traffic Policy of for the agentListener service |
|
|
string |
Host port to listen for agents |
|
|
string |
Static IP for the agentListener LoadBalancer |
|
|
list |
Allowed inbound IP for the agentListener service |
|
|
string |
Node port to listen for agents |
|
|
int |
Listening port for agents |
|
|
object |
Annotations for the agentListener service |
|
|
string |
Defines how to expose the agentListener service |
|
|
object |
backendconfig annotations |
|
|
string |
backendconfig API version |
|
|
bool |
Enables backendconfig |
|
|
object |
backendconfig labels |
|
|
string |
backendconfig name |
|
|
object |
backendconfig spec |
|
|
string |
Name of default cloud configuration. |
|
|
string |
k8s service clusterIP. Only used if serviceType is ClusterIP |
|
|
string |
Used for label app.kubernetes.io/component |
|
|
list |
Environment variables for Jenkins Container |
|
|
list |
Environment variable sources for Jenkins Container |
|
|
object |
Allow controlling the securityContext for the jenkins container |
|
|
bool |
Enable the default CSRF Crumb issuer |
|
|
bool |
Enable proxy compatibility. This setting is ignored if you are not on the current LTS release and will be dropped with the next LTS. |
|
|
list |
Custom init-container specification in raw-yaml format |
|
|
list |
Append Jenkins labels to the controller |
|
|
bool |
Disable use of remember me |
|
|
list |
Disabled agent protocols |
|
|
object |
DNS config for the pod |
|
|
bool |
Enable HTML parsing using OWASP Markup Formatter Plugin (antisamy-markup-formatter) |
|
|
bool |
|
||
string |
Sets the executor mode of the Jenkins node. Possible values are “NORMAL” or “EXCLUSIVE” |
|
|
string |
|
||
list |
Optionally configure other ports to expose in the controller container |
|
|
int |
Deprecated in favor of |
|
|
string |
|
||
bool |
|
||
string |
|
||
string |
|
||
bool |
Enable Kubernetes Probes configuration configured in |
|
|
list |
Allows for adding entries to Pod /etc/hosts |
|
|
bool |
|
||
bool |
|
||
bool |
Enables HTTPS keystore on jenkins controller |
|
|
string |
Jenkins keystore filename which will appear under controller.httpsKeyStore.path |
|
|
int |
HTTP Port that Jenkins should listen to along with HTTPS, it also serves as the liveness and readiness probes port. |
|
|
string |
Name of the key in the secret that contains the JKS password |
|
|
string |
Name of the secret that contains the JKS password, if it is not in the same secret as the JKS file |
|
|
string |
Name of the key in the secret that already has SSL keystore |
|
|
string |
Name of the secret that already has SSL keystore |
|
|
string |
Base64 encoded Keystore content. Keystore must be converted to base64 then being pasted here |
|
|
string |
Jenkins keystore password |
|
|
string |
Path of HTTPS keystore file |
|
|
string |
Controller image pull policy |
|
|
string |
Controller image registry |
|
|
string |
Controller image repository |
|
|
string |
Controller image tag override; i.e., tag: “2.440.1-jdk21” |
|
|
string |
Controller image tag label |
|
|
string |
Controller image pull secret |
|
|
object |
Ingress annotations |
|
|
string |
Ingress API version |
|
|
bool |
Enables ingress |
|
|
string |
Ingress hostname |
|
|
object |
Ingress labels |
|
|
string |
Ingress path |
|
|
string |
Ingress rule pathType, choices are: Exact, ImplementationSpecific, Prefix |
|
|
list |
Override for the default Ingress paths |
|
|
string |
Hostname to serve assets from |
|
|
list |
Ingress TLS configuration |
|
|
string |
Name of the existing ConfigMap that contains init scripts |
|
|
list |
Environment variables for Init Container |
|
|
list |
Environment variable sources for Init Container |
|
|
object |
Resources allocation (Requests and Limits) for Init Container |
|
|
object |
Map of groovy init scripts to be executed during Jenkins controller start |
|
|
bool |
Initialize only on first installation. Ensures plugins do not get updated inadvertently. Requires |
|
|
bool |
Download the minimum required version or latest version of all dependencies |
|
|
bool |
Set to true to download the latest version of any plugin that is requested to have the latest version |
|
|
list |
List of Jenkins plugins to install. If you don’t want to install plugins, set it to |
|
|
string |
Append to |
|
|
string |
Email address for the administrator of the Jenkins instance |
|
|
string |
Custom Jenkins home path |
|
|
string |
Append to |
|
|
string |
Custom Jenkins reference path |
|
|
string |
Root URI Jenkins will be served on |
|
|
string |
Set Jenkins URL if you are not using the ingress definitions provided by the chart |
|
|
string |
Set protocol for Jenkins URL; |
|
|
string |
|
||
string |
Open a port, for JMX stats |
|
|
bool |
Whether legacy remoting security should be enabled |
|
|
object |
Lifecycle specification for controller-container |
|
|
string |
Optionally assign a known public LB IP |
|
|
list |
Allowed inbound IP addresses |
|
|
string |
Yaml of the markup formatter to use |
|
|
string |
k8s node port. Only used if serviceType is NodePort |
|
|
object |
Node labels for pod assignment |
|
|
int |
Set Number of executors |
|
|
bool |
Overwrite installed plugins on start |
|
|
bool |
Overwrite plugins that are already installed in the controller image |
|
|
object |
Annotations for controller pod |
|
|
object |
|
||
string |
Policy API version |
|
|
bool |
Enable Kubernetes Pod Disruption Budget configuration |
|
|
object |
|
||
string |
Number of pods that can be unavailable. Either an absolute number or a percentage |
|
|
object |
Custom Pod labels (an object with |
|
|
string |
Completely overwrites the contents of the pod security context, ignoring the values provided for |
|
|
string |
The name of a |
|
|
int |
Set the failure threshold for the liveness probe |
|
|
string |
Set the Pod’s HTTP path for the liveness probe |
|
|
string |
Set the Pod’s HTTP port to use for the liveness probe |
|
|
string |
Set the initial delay for the liveness probe in seconds |
|
|
int |
Set the time interval between two liveness probes executions in seconds |
|
|
int |
Set the timeout for the liveness probe in seconds |
|
|
int |
Set the failure threshold for the readiness probe |
|
|
string |
Set the Pod’s HTTP path for the liveness probe |
|
|
string |
Set the Pod’s HTTP port to use for the readiness probe |
|
|
string |
Set the initial delay for the readiness probe in seconds |
|
|
int |
Set the time interval between two readiness probes executions in seconds |
|
|
int |
Set the timeout for the readiness probe in seconds |
|
|
int |
Set the failure threshold for the startup probe |
|
|
string |
Set the Pod’s HTTP path for the startup probe |
|
|
string |
Set the Pod’s HTTP port to use for the startup probe |
|
|
int |
Set the time interval between two startup probes executions in seconds |
|
|
int |
Set the timeout for the startup probe in seconds |
|
|
string |
|
||
object |
Additional labels to add to the PrometheusRule object |
|
|
list |
Array of prometheus alerting rules |
|
|
bool |
Enables prometheus service monitor |
|
|
list |
|
||
string |
Set a custom namespace where to deploy PrometheusRule resource |
|
|
list |
|
||
string |
The endpoint prometheus should get metrics from |
|
|
string |
How often prometheus should scrape metrics |
|
|
object |
Additional labels to add to the service monitor object |
|
|
string |
Set a custom namespace where to deploy ServiceMonitor resource |
|
|
string |
|
||
object |
Resource allocation (Requests and Limits) |
|
|
object |
Route annotations |
|
|
bool |
Enables openshift route |
|
|
object |
Route labels |
|
|
string |
Route path |
|
|
int |
Deprecated in favor of |
|
|
string |
Name of the Kubernetes scheduler to use |
|
|
list |
List of groovy functions to approve |
|
|
object |
|
||
string |
|
||
bool |
|
||
string |
|
||
object |
|
||
list |
|
||
string |
|
||
list |
List of |
|
|
object |
|
||
object |
Jenkins controller service annotations |
|
|
bool |
enable or disable the controller k8s service |
|
|
string |
|
||
object |
Labels for the Jenkins controller-service |
|
|
int |
k8s service port |
|
|
string |
k8s service type |
|
|
bool |
|
||
list |
Configures additional sidecar container(s) for the Jenkins controller |
|
|
list |
Enables additional volume mounts for the config auto-reload container |
|
|
controller.sidecars.configAutoReload.containerSecurityContext |
object |
Enable container security context |
|
bool |
Enable Jenkins Config as Code auto-reload |
|
|
list |
Environment variables for the Jenkins Config as Code auto-reload container |
|
|
list |
Environment variable sources for the Jenkins Config as Code auto-reload container |
|
|
string |
|
||
string |
Registry for the image that triggers the reload |
|
|
string |
Repository of the image that triggers the reload |
|
|
string |
Tag for the image that triggers the reload |
|
|
string |
|
||
object |
Config auto-reload logging settings |
|
|
controller.sidecars.configAutoReload.logging.configuration.override |
bool |
Enables custom log config utilizing using the settings below. |
|
int |
How many connection-related errors to retry on |
|
|
object |
|
||
string |
The scheme to use when connecting to the Jenkins configuration as code endpoint |
|
|
bool |
Skip TLS verification when connecting to the Jenkins configuration as code endpoint |
|
|
string |
How many seconds to wait before updating config-maps/secrets (sets METHOD=SLEEP on the sidecar) |
|
|
int |
|
||
object |
Annotations for controller StatefulSet |
|
|
object |
Jenkins controller custom labels for the StatefulSet |
|
|
int |
k8s target port |
|
|
string |
Set TerminationGracePeriodSeconds |
|
|
string |
Set the termination message path |
|
|
string |
Set the termination message policy |
|
|
bool |
Can be used to disable rendering controller test resources when using helm template |
|
|
list |
Toleration labels for pod assignment |
|
|
object |
Topology spread constraints |
|
|
object |
Update strategy for StatefulSet |
|
|
bool |
Enable pod security context (must be |
|
|
string |
The Jenkins credentials to access the Kubernetes API server. For the default cluster it is not needed. |
|
|
object |
Configures extra labels for the agent all objects |
|
|
string |
Override the full resource names |
|
|
string |
Registry of the image used to test the framework |
|
|
string |
Repository of the image used to test the framework |
|
|
string |
Tag of the image to test the framework |
|
|
string |
The URL of the Kubernetes API server |
|
|
string |
Override the resource name prefix |
|
|
string |
Override the deployment namespace |
|
|
string |
NetworkPolicy ApiVersion |
|
|
bool |
Enable the creation of NetworkPolicy resources |
|
|
list |
A list of IP sub-ranges to be excluded from the allowlisted IP range |
|
|
string |
The IP range from which external agents are allowed to connect to controller, i.e., 172.17.0.0/16 |
|
|
bool |
Allow internal agents (from the same cluster) to connect to controller. Agent pods will be filtered based on PodLabels |
|
|
object |
A map of labels (keys/values) that agents namespaces must have to be able to connect to controller |
|
|
object |
A map of labels (keys/values) that agent pods must have to be able to connect to controller |
|
|
string |
The PVC access mode |
|
|
object |
Annotations for the PVC |
|
|
object |
Existing data source to clone PVC from |
|
|
bool |
Enable the use of a Jenkins PVC |
|
|
string |
Provide the name of a PVC |
|
|
object |
Labels for the PVC |
|
|
list |
Additional mounts |
|
|
string |
The size of the PVC |
|
|
string |
Storage class for the PVC |
|
|
string |
SubPath for jenkins-home mount |
|
|
list |
Additional volumes |
|
|
bool |
Whether RBAC resources are created |
|
|
bool |
Whether the Jenkins service account should be able to read Kubernetes secrets |
|
|
bool |
Whether the Jenkins service account should be able to use the OpenShift “nonroot” Security Context Constraints |
|
|
bool |
Enables rendering of the helm.sh/chart label to the annotations |
|
|
object |
Configures annotations for the ServiceAccount |
|
|
bool |
Auto-mount ServiceAccount token |
|
|
bool |
Configures if a ServiceAccount with this name should be created |
|
|
object |
Configures extra labels for the ServiceAccount |
|
|
string |
Controller ServiceAccount image pull secret |
|
|
string |
|
||
object |
Configures annotations for the agent ServiceAccount |
|
|
bool |
Auto-mount ServiceAccount token |
|
|
bool |
Configures if an agent ServiceAccount should be created |
|
|
object |
Configures extra labels for the agent ServiceAccount |
|
|
string |
Agent ServiceAccount image pull secret |
|
|
string |
The name of the agent ServiceAccount to be used by access-controlled resources |
|