diff --git a/jenkins/common/defaults/main.yml b/jenkins/common/defaults/main.yml new file mode 100644 index 0000000..dc125c3 --- /dev/null +++ b/jenkins/common/defaults/main.yml @@ -0,0 +1,12 @@ +--- +# There are some duplicates here +jenkins_dest: "/var/lib/jenkins" +jenkins_username: jenkins +jenkins_group: jenkins +jenkins_shell: /bin/bash + +jenkins_maven_config: True +jenkins_maven_settings_dirs: + - .m2 + +jenkins_maven_settings_url: http://localhost/settings.xml diff --git a/jenkins/common/tasks/main.yml b/jenkins/common/tasks/main.yml new file mode 100644 index 0000000..b57d2d2 --- /dev/null +++ b/jenkins/common/tasks/main.yml @@ -0,0 +1,20 @@ +--- +- block: + - name: Create the maven setting directory + file: dest={{ jenkins_dest }}/{{ item }} state=directory + with_items: '{{ jenkins_maven_settings_dirs }}' + + - name: Fetch the maven settings template file + become: False + become_user: root + run_once: True + get_url: url={{ jenkins_maven_settings_url }} dest=/tmp/settings.xml.j2 force=yes + delegate_to: localhost + + - name: Install the maven settings + template: src=/tmp/settings.xml.j2 dest={{ jenkins_dest }}/.m2/settings.xml + + become: True + become_user: '{{ jenkins_username }}' + when: jenkins_maven_config + tags: [ 'jenkins', 'jenkins_common', 'jenkins_master', 'jenkins_slave' ] diff --git a/jenkins/master/defaults/main.yml b/jenkins/master/defaults/main.yml index 9d8a240..f3562bc 100644 --- a/jenkins/master/defaults/main.yml +++ b/jenkins/master/defaults/main.yml @@ -74,3 +74,5 @@ jenkins_plugins: enabled: True build-pipeline-plugin: enabled: True + build-timeout-plugin: + enabled: True diff --git a/jenkins/master/tasks/main.yml b/jenkins/master/tasks/main.yml index 289fdc2..63365db 100644 --- a/jenkins/master/tasks/main.yml +++ b/jenkins/master/tasks/main.yml @@ -32,14 +32,13 @@ service: name=jenkins state=started enabled=yes when: jenkins_install - tags: jenkins + tags: [ 'jenkins', 'jenkins_master' ] - block: # Handle plugins # If Jenkins is installed or updated, wait for pulling the Jenkins CLI, assuming 10s should be sufficiant - name: 120 seconds delay while starting Jenkins wait_for: port={{ jenkins_http_port }} delay={{ jenkins_restart_delay }} - when: jenkins_install | changed # Create Jenkins CLI destination directory - name: "Create Jenkins CLI destination directory" @@ -55,14 +54,14 @@ - name: Install plugins without a specific version jenkins_plugin: name="{{ item.key }}" params='{{ jenkins_access_params }}' register: my_jenkins_plugin_unversioned - when: 'version' not in item.value - with_dict: jenkins_plugins + when: '"version" not in item.value' + with_dict: '{{ jenkins_plugins }}' - name: Install plugins with a specific version jenkins_plugin: name="{{ item.key }}" version="{{ item.value['version'] }}" params='{{ jenkins_access_params }}' register: my_jenkins_plugin_versioned - when: 'version' in item.value - with_dict: jenkins_plugins + when: '"version" in item.value' + with_dict: '{{ jenkins_plugins }}' - name: Initiate the jenkins_restart_required fact set_fact: @@ -72,16 +71,17 @@ set_fact: jenkins_restart_required: yes when: item.changed - with_items: my_jenkins_plugin_versioned.results + with_items: '{{ my_jenkins_plugin_versioned.results }}' - name: Check if restart is required by any of the unversioned plugins set_fact: jenkins_restart_required: yes when: item.changed - with_items: my_jenkins_plugin_unversioned.results + with_items: '{{ my_jenkins_plugin_unversioned.results }}' - name: Restart Jenkins if required - service: name=jenkins state= restarted + become_user: root + service: name=jenkins state=restarted when: jenkins_restart_required - name: Wait for Jenkins to start up @@ -105,18 +105,18 @@ - name: Plugin pinning jenkins_plugin: name="{{ item.key }}" state="{{ 'pinned' if item.value['pinned'] else 'unpinned'}}" params='{{ jenkins_access_params }}' - when: 'pinned' in item.value - with_dict: jenkins_plugins + when: '"pinned" in item.value' + with_dict: '{{ jenkins_plugins }}' - name: Plugin enabling jenkins_plugin: name="{{ item.key }}" state="{{ 'enabled' if item.value['enabled'] else 'disabled'}}" params='{{ jenkins_access_params }}' - when: 'enabled' in item.value - with_dict: jenkins_plugins + when: '"enabled" in item.value' + with_dict: '{{ jenkins_plugins }}' become: True become_user: '{{ jenkins_username }}' when: jenkins_install - tags: [ 'jenkins', 'jenkins_plugins' ] + tags: [ 'jenkins', 'jenkins_plugins', 'jenkins_master' ] - block: - name: Ensure that jenkins is stoppend and disabled @@ -140,4 +140,4 @@ apt_key: url='{{ jenkins_repo_key }}' state=absent when: not jenkins_install - tags: jenkins + tags: [ 'jenkins', 'jenkins_master' ] diff --git a/jenkins/slave/defaults/main.yml b/jenkins/slave/defaults/main.yml index e69de29..4d5bc9a 100644 --- a/jenkins/slave/defaults/main.yml +++ b/jenkins/slave/defaults/main.yml @@ -0,0 +1,10 @@ +--- +jenkins_slave: False +# There are some duplicates here +jenkins_dest: "/var/lib/jenkins" +jenkins_username: jenkins +jenkins_group: jenkins +jenkins_shell: /bin/bash +jenkins_tmp_retain_days: 5 +# TODO: fetch the public key from the master +#jenkins_master_pubkey: diff --git a/jenkins/slave/tasks/main.yml b/jenkins/slave/tasks/main.yml index e69de29..916f5b6 100644 --- a/jenkins/slave/tasks/main.yml +++ b/jenkins/slave/tasks/main.yml @@ -0,0 +1,17 @@ +--- +- block: + - name: add the user that will run the jenkins jobs + user: name={{ jenkins_username }} home={{ jenkins_dest }} shell={{ jenkins_shell }} generate_ssh_key=yes + + - name: ensure the jenkins master has ssh access on each slave, as jenkins user + authorized_key: user={{ jenkins_username }} key="{{ item }}" state=present + with_items: + - '{{ jenkins_master_pubkey }}' + + - name: Daily cron job to cleanup the /tmp junk + template: src={{ item }}.j2 dest=/etc/cron.daily/{{ item }} owner=root group=root mode=0755 + with_items: + - tmp-cleaner + + when: jenkins_slave + tags: [ 'jenkins', 'jenkins_slave' ] diff --git a/jenkins/slave/templates/tmp-cleaner.j2 b/jenkins/slave/templates/tmp-cleaner.j2 new file mode 100644 index 0000000..54e8c23 --- /dev/null +++ b/jenkins/slave/templates/tmp-cleaner.j2 @@ -0,0 +1,8 @@ +#!/bin/bash + +RETAIN_DAYS={{ jenkins_tmp_retain_days }} +LOG_FILE=/var/log/tmp-cleaner.log +find /tmp/ -ctime +${RETAIN_DAYS} -exec rm -fr {} \; >>$LOG_FILE 2>&1 + +exit 0 +