helm-charts icon indicating copy to clipboard operation
helm-charts copied to clipboard

Published 20 hours ago verified publisher icon jenkinsci

xml config is wiped out when pod is restarted

Open acanlord opened this issue 1 year ago • 1 comments

Describe the bug

After I configured persistent mounts and verified data was being written to the mount, I configured LDAP in the jenkins UI and hit save. Upon Deleting the pod my saved configs have been reverted. I have tried to configure using helm chart suggested values as well but neither seem to work.

controller: JCasC: configScripts: ldap-settings: | jenkins: securityRealm: ldap: configurations: - server: ldap.acme.com rootDN: dc=acme,dc=uk managerPasswordSecret: ${LDAP_PASSWORD} groupMembershipStrategy: fromUserRecord: attributeName: "memberOf"

Version of Helm and Kubernetes

- Helm: 3.5.3
- Kubernetes: 1.23.17

Chart version

jenkins-4.3.30

What happened?

LDAP settings were reverted after restarting the POD.

Manually configure:
1. Manually configure LDAP from the jenkins UI. 
2. Hit save in the Jenkins UI.
3. Delete the POD. All saved values will be reverted.

HELM Chart values are not configured in the UI as expected.

Configure via Helm chart:
1. Configured LDAP using helm chart values is not reflected in the UI.
...

What you expected to happen?

I would expect to see the LDAP values which I either configured manually or via helm chart to be configured in the UI.

How to reproduce it

helm install jenkins jenkinsci/jenkins -n jenkins -f values.yaml

Anything else we need to know?

No response

acanlord avatar Jul 24 '23 16:07 acanlord

I can see the values I passed when I run the following command:

helm -n jenkins get values jenkins

The values in ldap-settings look correct however they are not reflected in the UI. Is there something im missing?

controller: JCasC: configScripts: ldap-settings:

acanlord avatar Jul 26 '23 16:07 acanlord

I am facing a similar issue, where I configure SAML and corporate proxy through jcasc. On a restart Jenkins cannot connect to SAML as the proxy config needs to be applied first.

rajali avatar Jul 28 '24 00:07 rajali

That sounds like a different issue.

For the actual issue, unless you've disabled the default scripts you need to override the built-in one here: https://github.com/jenkinsci/helm-charts/tree/main/charts/jenkins#configure-security-realm-and-authorization-strategy

timja avatar Jul 28 '24 20:07 timja