diff --git a/instances/iot.4diac/config.jsonnet b/instances/iot.4diac/config.jsonnet index 09093ff93..44171c5c5 100644 --- a/instances/iot.4diac/config.jsonnet +++ b/instances/iot.4diac/config.jsonnet @@ -9,4 +9,5 @@ "copyartifact", ], }, + seLinuxLevel: "s0:c28,c7", } diff --git a/instances/iot.4diac/target/config.json b/instances/iot.4diac/target/config.json index ed60695d1..4eaf955f2 100644 --- a/instances/iot.4diac/target/config.json +++ b/instances/iot.4diac/target/config.json @@ -899,6 +899,7 @@ }, "generate": false }, + "seLinuxLevel": "s0:c28,c7", "secrets": { "dockerconfigjson": { "dockerconfigjson-for-pull-as-4diac": { diff --git a/instances/iot.4diac/target/jenkins/configuration.yml b/instances/iot.4diac/target/jenkins/configuration.yml index e9c8662fc..282f752fd 100644 --- a/instances/iot.4diac/target/jenkins/configuration.yml +++ b/instances/iot.4diac/target/jenkins/configuration.yml @@ -702,7 +702,7 @@ unclassified: createAccountBasedOnEmail: true useExistingAccountWithSameEmail: true jobConfigHistory: - excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml" + excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml|hudson.plugins.xvnc.Xvnc\\.xml" maxDaysToKeepEntries: "60" maxEntriesPerPage: "12" maxHistoryEntries: "500" @@ -843,7 +843,7 @@ tool: - installSource: installers: - antFromApache: - id: "1.10.12" + id: "1.10.15" maven: installations: - name: "apache-maven-latest" diff --git a/instances/iot.4diac/target/k8s/configmap-jenkins-config.yml b/instances/iot.4diac/target/k8s/configmap-jenkins-config.yml index 5482fb69d..ab90fbf53 100644 --- a/instances/iot.4diac/target/k8s/configmap-jenkins-config.yml +++ b/instances/iot.4diac/target/k8s/configmap-jenkins-config.yml @@ -725,7 +725,7 @@ data: createAccountBasedOnEmail: true useExistingAccountWithSameEmail: true jobConfigHistory: - excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml" + excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml|hudson.plugins.xvnc.Xvnc\\.xml" maxDaysToKeepEntries: "60" maxEntriesPerPage: "12" maxHistoryEntries: "500" @@ -866,7 +866,7 @@ data: - installSource: installers: - antFromApache: - id: "1.10.12" + id: "1.10.15" maven: installations: - name: "apache-maven-latest" diff --git a/instances/iot.4diac/target/k8s/statefulset.json b/instances/iot.4diac/target/k8s/statefulset.json index 2d5f867bc..2e375bb2f 100644 --- a/instances/iot.4diac/target/k8s/statefulset.json +++ b/instances/iot.4diac/target/k8s/statefulset.json @@ -119,7 +119,12 @@ "cpu": "250m" } }, - "securityContext": { }, + "securityContext": { + "seLinuxOptions": { + "level": "s0:c28,c7", + "type": "spc_t" + } + }, "volumeMounts": [ { "mountPath": "/var/jenkins", diff --git a/instances/modeling.emf-parsley/config.jsonnet b/instances/modeling.emf-parsley/config.jsonnet index 85ba658a7..956aea324 100644 --- a/instances/modeling.emf-parsley/config.jsonnet +++ b/instances/modeling.emf-parsley/config.jsonnet @@ -10,4 +10,5 @@ "warnings-ng", ], }, + seLinuxLevel: "s0:c38,c2", } diff --git a/instances/modeling.emf-parsley/target/config.json b/instances/modeling.emf-parsley/target/config.json index 659d225d5..098186cee 100644 --- a/instances/modeling.emf-parsley/target/config.json +++ b/instances/modeling.emf-parsley/target/config.json @@ -900,6 +900,7 @@ }, "generate": false }, + "seLinuxLevel": "s0:c38,c2", "secrets": { "dockerconfigjson": { "dockerconfigjson-for-pull-as-default": { diff --git a/instances/modeling.emf-parsley/target/jenkins/configuration.yml b/instances/modeling.emf-parsley/target/jenkins/configuration.yml index 478fc0e5e..06f4175fb 100644 --- a/instances/modeling.emf-parsley/target/jenkins/configuration.yml +++ b/instances/modeling.emf-parsley/target/jenkins/configuration.yml @@ -729,7 +729,7 @@ unclassified: createAccountBasedOnEmail: true useExistingAccountWithSameEmail: true jobConfigHistory: - excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml" + excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml|hudson.plugins.xvnc.Xvnc\\.xml" maxDaysToKeepEntries: "60" maxEntriesPerPage: "12" maxHistoryEntries: "500" @@ -870,7 +870,7 @@ tool: - installSource: installers: - antFromApache: - id: "1.10.12" + id: "1.10.15" maven: installations: - name: "apache-maven-latest" diff --git a/instances/modeling.emf-parsley/target/k8s/configmap-jenkins-config.yml b/instances/modeling.emf-parsley/target/k8s/configmap-jenkins-config.yml index 3eca816dd..94f4810a9 100644 --- a/instances/modeling.emf-parsley/target/k8s/configmap-jenkins-config.yml +++ b/instances/modeling.emf-parsley/target/k8s/configmap-jenkins-config.yml @@ -752,7 +752,7 @@ data: createAccountBasedOnEmail: true useExistingAccountWithSameEmail: true jobConfigHistory: - excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml" + excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml|hudson.plugins.xvnc.Xvnc\\.xml" maxDaysToKeepEntries: "60" maxEntriesPerPage: "12" maxHistoryEntries: "500" @@ -893,7 +893,7 @@ data: - installSource: installers: - antFromApache: - id: "1.10.12" + id: "1.10.15" maven: installations: - name: "apache-maven-latest" diff --git a/instances/modeling.emf-parsley/target/k8s/statefulset.json b/instances/modeling.emf-parsley/target/k8s/statefulset.json index 19efa3c87..c818eb60e 100644 --- a/instances/modeling.emf-parsley/target/k8s/statefulset.json +++ b/instances/modeling.emf-parsley/target/k8s/statefulset.json @@ -119,7 +119,12 @@ "cpu": "250m" } }, - "securityContext": { }, + "securityContext": { + "seLinuxOptions": { + "level": "s0:c38,c2", + "type": "spc_t" + } + }, "volumeMounts": [ { "mountPath": "/var/jenkins", diff --git a/instances/modeling.gmf-runtime/config.jsonnet b/instances/modeling.gmf-runtime/config.jsonnet index ee8fd1cf8..eb98d6c1e 100644 --- a/instances/modeling.gmf-runtime/config.jsonnet +++ b/instances/modeling.gmf-runtime/config.jsonnet @@ -3,4 +3,5 @@ fullName: "modeling.gmf-runtime", displayName: "Eclipse GMF Runtime", }, + seLinuxLevel: "s0:c41,c5", } diff --git a/instances/modeling.gmf-runtime/target/config.json b/instances/modeling.gmf-runtime/target/config.json index dde32bf13..3f9e8dc55 100644 --- a/instances/modeling.gmf-runtime/target/config.json +++ b/instances/modeling.gmf-runtime/target/config.json @@ -896,6 +896,7 @@ }, "generate": false }, + "seLinuxLevel": "s0:c41,c5", "secrets": { "dockerconfigjson": { "dockerconfigjson-for-pull-as-default": { diff --git a/instances/modeling.gmf-runtime/target/jenkins/configuration.yml b/instances/modeling.gmf-runtime/target/jenkins/configuration.yml index 296c1cbec..baa306a11 100644 --- a/instances/modeling.gmf-runtime/target/jenkins/configuration.yml +++ b/instances/modeling.gmf-runtime/target/jenkins/configuration.yml @@ -702,7 +702,7 @@ unclassified: createAccountBasedOnEmail: true useExistingAccountWithSameEmail: true jobConfigHistory: - excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml" + excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml|hudson.plugins.xvnc.Xvnc\\.xml" maxDaysToKeepEntries: "60" maxEntriesPerPage: "12" maxHistoryEntries: "500" @@ -843,7 +843,7 @@ tool: - installSource: installers: - antFromApache: - id: "1.10.12" + id: "1.10.15" maven: installations: - name: "apache-maven-latest" diff --git a/instances/modeling.gmf-runtime/target/k8s/configmap-jenkins-config.yml b/instances/modeling.gmf-runtime/target/k8s/configmap-jenkins-config.yml index 3d91566bb..0fb28cacc 100644 --- a/instances/modeling.gmf-runtime/target/k8s/configmap-jenkins-config.yml +++ b/instances/modeling.gmf-runtime/target/k8s/configmap-jenkins-config.yml @@ -725,7 +725,7 @@ data: createAccountBasedOnEmail: true useExistingAccountWithSameEmail: true jobConfigHistory: - excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml" + excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml|hudson.plugins.xvnc.Xvnc\\.xml" maxDaysToKeepEntries: "60" maxEntriesPerPage: "12" maxHistoryEntries: "500" @@ -866,7 +866,7 @@ data: - installSource: installers: - antFromApache: - id: "1.10.12" + id: "1.10.15" maven: installations: - name: "apache-maven-latest" diff --git a/instances/modeling.gmf-runtime/target/k8s/statefulset.json b/instances/modeling.gmf-runtime/target/k8s/statefulset.json index 274781836..657e585a6 100644 --- a/instances/modeling.gmf-runtime/target/k8s/statefulset.json +++ b/instances/modeling.gmf-runtime/target/k8s/statefulset.json @@ -119,7 +119,12 @@ "cpu": "250m" } }, - "securityContext": { }, + "securityContext": { + "seLinuxOptions": { + "level": "s0:c41,c5", + "type": "spc_t" + } + }, "volumeMounts": [ { "mountPath": "/var/jenkins", diff --git a/instances/technology.lemminx/config.jsonnet b/instances/technology.lemminx/config.jsonnet index 7038d2dbe..b93b452e8 100644 --- a/instances/technology.lemminx/config.jsonnet +++ b/instances/technology.lemminx/config.jsonnet @@ -9,4 +9,5 @@ "embeddable-build-status", ], }, + seLinuxLevel: "s0:c46,c25", } diff --git a/instances/technology.lemminx/target/config.json b/instances/technology.lemminx/target/config.json index bf5b0ffe3..6417c868e 100644 --- a/instances/technology.lemminx/target/config.json +++ b/instances/technology.lemminx/target/config.json @@ -899,6 +899,7 @@ }, "generate": false }, + "seLinuxLevel": "s0:c46,c25", "secrets": { "dockerconfigjson": { "dockerconfigjson-for-pull-as-default": { diff --git a/instances/technology.lemminx/target/jenkins/configuration.yml b/instances/technology.lemminx/target/jenkins/configuration.yml index 6c6d8d853..756877b35 100644 --- a/instances/technology.lemminx/target/jenkins/configuration.yml +++ b/instances/technology.lemminx/target/jenkins/configuration.yml @@ -702,7 +702,7 @@ unclassified: createAccountBasedOnEmail: true useExistingAccountWithSameEmail: true jobConfigHistory: - excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml" + excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml|hudson.plugins.xvnc.Xvnc\\.xml" maxDaysToKeepEntries: "60" maxEntriesPerPage: "12" maxHistoryEntries: "500" @@ -843,7 +843,7 @@ tool: - installSource: installers: - antFromApache: - id: "1.10.12" + id: "1.10.15" maven: installations: - name: "apache-maven-latest" diff --git a/instances/technology.lemminx/target/k8s/configmap-jenkins-config.yml b/instances/technology.lemminx/target/k8s/configmap-jenkins-config.yml index 637e9b663..8c314b49b 100644 --- a/instances/technology.lemminx/target/k8s/configmap-jenkins-config.yml +++ b/instances/technology.lemminx/target/k8s/configmap-jenkins-config.yml @@ -725,7 +725,7 @@ data: createAccountBasedOnEmail: true useExistingAccountWithSameEmail: true jobConfigHistory: - excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml" + excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml|hudson.plugins.xvnc.Xvnc\\.xml" maxDaysToKeepEntries: "60" maxEntriesPerPage: "12" maxHistoryEntries: "500" @@ -866,7 +866,7 @@ data: - installSource: installers: - antFromApache: - id: "1.10.12" + id: "1.10.15" maven: installations: - name: "apache-maven-latest" diff --git a/instances/technology.lemminx/target/k8s/statefulset.json b/instances/technology.lemminx/target/k8s/statefulset.json index 3e64f6bd0..ae40ffcd7 100644 --- a/instances/technology.lemminx/target/k8s/statefulset.json +++ b/instances/technology.lemminx/target/k8s/statefulset.json @@ -119,7 +119,12 @@ "cpu": "250m" } }, - "securityContext": { }, + "securityContext": { + "seLinuxOptions": { + "level": "s0:c46,c25", + "type": "spc_t" + } + }, "volumeMounts": [ { "mountPath": "/var/jenkins", diff --git a/instances/technology.lyo/config.jsonnet b/instances/technology.lyo/config.jsonnet index a3b168de0..e2f4a705e 100644 --- a/instances/technology.lyo/config.jsonnet +++ b/instances/technology.lyo/config.jsonnet @@ -11,4 +11,5 @@ maven+: { showVersion: false, }, + seLinuxLevel: "s0:c47,c19", } diff --git a/instances/technology.lyo/target/config.json b/instances/technology.lyo/target/config.json index 9a84210d5..5d4d63b72 100644 --- a/instances/technology.lyo/target/config.json +++ b/instances/technology.lyo/target/config.json @@ -898,6 +898,7 @@ }, "generate": false }, + "seLinuxLevel": "s0:c47,c19", "secrets": { "dockerconfigjson": { "dockerconfigjson-for-pull-as-default": { diff --git a/instances/technology.lyo/target/jenkins/configuration.yml b/instances/technology.lyo/target/jenkins/configuration.yml index 1c4bd7383..9b5178a52 100644 --- a/instances/technology.lyo/target/jenkins/configuration.yml +++ b/instances/technology.lyo/target/jenkins/configuration.yml @@ -702,7 +702,7 @@ unclassified: createAccountBasedOnEmail: true useExistingAccountWithSameEmail: true jobConfigHistory: - excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml" + excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml|hudson.plugins.xvnc.Xvnc\\.xml" maxDaysToKeepEntries: "60" maxEntriesPerPage: "12" maxHistoryEntries: "500" @@ -843,7 +843,7 @@ tool: - installSource: installers: - antFromApache: - id: "1.10.12" + id: "1.10.15" maven: installations: - name: "apache-maven-latest" diff --git a/instances/technology.lyo/target/k8s/configmap-jenkins-config.yml b/instances/technology.lyo/target/k8s/configmap-jenkins-config.yml index cb2861bb0..8e6373c01 100644 --- a/instances/technology.lyo/target/k8s/configmap-jenkins-config.yml +++ b/instances/technology.lyo/target/k8s/configmap-jenkins-config.yml @@ -725,7 +725,7 @@ data: createAccountBasedOnEmail: true useExistingAccountWithSameEmail: true jobConfigHistory: - excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml" + excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml|hudson.plugins.xvnc.Xvnc\\.xml" maxDaysToKeepEntries: "60" maxEntriesPerPage: "12" maxHistoryEntries: "500" @@ -866,7 +866,7 @@ data: - installSource: installers: - antFromApache: - id: "1.10.12" + id: "1.10.15" maven: installations: - name: "apache-maven-latest" diff --git a/instances/technology.lyo/target/k8s/statefulset.json b/instances/technology.lyo/target/k8s/statefulset.json index 3d7338222..70e714ef7 100644 --- a/instances/technology.lyo/target/k8s/statefulset.json +++ b/instances/technology.lyo/target/k8s/statefulset.json @@ -119,7 +119,12 @@ "cpu": "250m" } }, - "securityContext": { }, + "securityContext": { + "seLinuxOptions": { + "level": "s0:c47,c19", + "type": "spc_t" + } + }, "volumeMounts": [ { "mountPath": "/var/jenkins", diff --git a/instances/technology.packaging/config.jsonnet b/instances/technology.packaging/config.jsonnet index c4f3be9ce..14d08f0c2 100644 --- a/instances/technology.packaging/config.jsonnet +++ b/instances/technology.packaging/config.jsonnet @@ -14,4 +14,5 @@ local permissionsTemplates = import '../../templates/permissions.libsonnet'; "pipeline-graph-view", ] }, + seLinuxLevel: "s0:c51,c0", } diff --git a/instances/technology.packaging/target/config.json b/instances/technology.packaging/target/config.json index a2034d08f..9eb755448 100644 --- a/instances/technology.packaging/target/config.json +++ b/instances/technology.packaging/target/config.json @@ -912,6 +912,7 @@ }, "generate": false }, + "seLinuxLevel": "s0:c51,c0", "secrets": { "dockerconfigjson": { "dockerconfigjson-for-pull-as-default": { diff --git a/instances/technology.packaging/target/k8s/statefulset.json b/instances/technology.packaging/target/k8s/statefulset.json index 6446b4e18..6b779102f 100644 --- a/instances/technology.packaging/target/k8s/statefulset.json +++ b/instances/technology.packaging/target/k8s/statefulset.json @@ -119,7 +119,12 @@ "cpu": "250m" } }, - "securityContext": { }, + "securityContext": { + "seLinuxOptions": { + "level": "s0:c51,c0", + "type": "spc_t" + } + }, "volumeMounts": [ { "mountPath": "/var/jenkins", diff --git a/instances/tools.mat/config.jsonnet b/instances/tools.mat/config.jsonnet index 85e0af5cf..e5c3b8241 100644 --- a/instances/tools.mat/config.jsonnet +++ b/instances/tools.mat/config.jsonnet @@ -7,5 +7,6 @@ plugins+: [ "gerrit-trigger", ] - } + }, + seLinuxLevel: "s0:c47,c34", } diff --git a/instances/tools.mat/target/config.json b/instances/tools.mat/target/config.json index 6b15d4091..8507a8c49 100644 --- a/instances/tools.mat/target/config.json +++ b/instances/tools.mat/target/config.json @@ -900,6 +900,7 @@ }, "generate": false }, + "seLinuxLevel": "s0:c47,c34", "secrets": { "dockerconfigjson": { "dockerconfigjson-for-pull-as-default": { diff --git a/instances/tools.mat/target/jenkins/configuration.yml b/instances/tools.mat/target/jenkins/configuration.yml index f65e2d00d..b12493736 100644 --- a/instances/tools.mat/target/jenkins/configuration.yml +++ b/instances/tools.mat/target/jenkins/configuration.yml @@ -704,7 +704,7 @@ unclassified: createAccountBasedOnEmail: true useExistingAccountWithSameEmail: true jobConfigHistory: - excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml" + excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml|hudson.plugins.xvnc.Xvnc\\.xml" maxDaysToKeepEntries: "60" maxEntriesPerPage: "12" maxHistoryEntries: "500" @@ -845,7 +845,7 @@ tool: - installSource: installers: - antFromApache: - id: "1.10.12" + id: "1.10.15" maven: installations: - name: "apache-maven-latest" diff --git a/instances/tools.mat/target/k8s/configmap-jenkins-config.yml b/instances/tools.mat/target/k8s/configmap-jenkins-config.yml index 70502daf5..9b8453a3e 100644 --- a/instances/tools.mat/target/k8s/configmap-jenkins-config.yml +++ b/instances/tools.mat/target/k8s/configmap-jenkins-config.yml @@ -727,7 +727,7 @@ data: createAccountBasedOnEmail: true useExistingAccountWithSameEmail: true jobConfigHistory: - excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml" + excludePattern: "queue\\.xml|nodeMonitors\\.xml|UpdateCenter\\.xml|global-build-stats|LockableResourcesManager\\.xml|MilestoneStep\\.xml|hudson.plugins.xvnc.Xvnc\\.xml" maxDaysToKeepEntries: "60" maxEntriesPerPage: "12" maxHistoryEntries: "500" @@ -868,7 +868,7 @@ data: - installSource: installers: - antFromApache: - id: "1.10.12" + id: "1.10.15" maven: installations: - name: "apache-maven-latest" diff --git a/instances/tools.mat/target/k8s/statefulset.json b/instances/tools.mat/target/k8s/statefulset.json index 5ab44926a..eb50d23bb 100644 --- a/instances/tools.mat/target/k8s/statefulset.json +++ b/instances/tools.mat/target/k8s/statefulset.json @@ -119,7 +119,12 @@ "cpu": "250m" } }, - "securityContext": { }, + "securityContext": { + "seLinuxOptions": { + "level": "s0:c47,c34", + "type": "spc_t" + } + }, "volumeMounts": [ { "mountPath": "/var/jenkins",