apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: jenkins-rbac
subjects:
  - kind: ServiceAccount
    name: default
    namespace: default
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    kompose.cmd: kompose convert
    kompose.version: 1.34.0 (cbf2835db)
  labels:
    io.kompose.service: jenkins
  name: jenkins
  namespace: jenkins
spec:
  replicas: 1
  selector:
    matchLabels:
      io.kompose.service: jenkins
  strategy:
    type: Recreate
  template:
    metadata:
      annotations:
        kompose.cmd: kompose convert
        kompose.version: 1.34.0 (cbf2835db)
      labels:
        io.kompose.service: jenkins
    spec:
      #securityContext:
          #fsGroup: 0
          #runAsUser: 0
      containers:
        - image: jenkins/jenkins:2.484
        #- image: cirolini/jenkins-docker-kubectl
        #- image: localhost:30400/jenkins-cicd
          name: jenkins
          ports:
            - containerPort: 8080
              protocol: TCP
            - containerPort: 50000
              protocol: TCP
          #securityContext:
            #privileged: true
          volumeMounts:
            - mountPath: /var/jenkins_home
              name: jenkins-claim0
            - mountPath: /var/jenkins_home/.ssh
              name: jenkins-claim1
              readOnly: true
      restartPolicy: Always
      volumes:
        - name: jenkins-claim0
          persistentVolumeClaim:
            claimName: jenkins-claim0
        - name: jenkins-claim1
          persistentVolumeClaim:
            claimName: jenkins-claim1
            readOnly: true