diff --git a/jenkins/master/defaults/main.yml b/jenkins/master/defaults/main.yml index 758e9ec..b6141ff 100644 --- a/jenkins/master/defaults/main.yml +++ b/jenkins/master/defaults/main.yml @@ -25,18 +25,19 @@ jenkins_sbt_launch_jars: jenkins_http_port: 8080 jenkins_http_host: 127.0.0.1 -jenkins_local_url: 'http://{{ jenkins_http_host }}:{{ jenkins_http_port }}' +jenkins_local_url: 'http://127.0.0.1:{{ jenkins_http_port }}' jenkins_dest: "/var/lib/jenkins" jenkins_webroot: /var/cache/jenkins/war jenkins_username: jenkins jenkins_group: jenkins jenkins_shell: /bin/bash -jenkins_restart_delay: 120 -jenkins_admin_user: jenkins.admin +jenkins_restart_delay: 60 +jenkins_admin_user: admin jenkins_jdk_xmx: 4096M jenkins_jdk_gc_opts: "-XX:+UseConcMarkSweepGC -XX:+CMSClassUnloadingEnabled" jenkins_ajp_port: -1 jenkins_servlet_context: / +jenkins_java_path: /usr/bin/java jenkins_cli_dest: "{{ jenkins_dest }}/jenkins-cli.jar" # Jenkins CLI destination jenkins_updates_dest: "{{ jenkins_dest }}/updates_jenkins.json" # Jenkins updates file @@ -48,41 +49,26 @@ jenkins_access_params: url: '{{ jenkins_local_url }}' jenkins_plugins: - chucknorris: - enabled: True - credentials: - enabled: True - disk-usage: - enabled: True - github: - enabled: True - github-api: - enabled: True - global-build-stats: - enabled: True - mailer: - enabled: True - maven-plugin: - enabled: True - monitoring: - enabled: True - extended-read-permission: - enabled: True - dependency-queue-plugin: - enabled: True - dependencyanalyzer: - enabled: True - depgraph-view: - enabled: True - progress-bar-column-plugin: - enabled: True - slave-utilization-plugin: - enabled: True - build-pipeline-plugin: - enabled: True - build-timeout-plugin: - enabled: True - embeddable-build-status: - enabled: True - github-branch-source: - enabled: True + - { name: 'chucknorris', state: 'latest', dependencies: 'True' } + - { name: 'credentials', state: 'latest', dependencies: 'True' } + - { name: 'disk-usage', state: 'latest', dependencies: 'True' } + - { name: 'github', state: 'latest', dependencies: 'True' } + - { name: 'github-api', state: 'latest', dependencies: 'True' } + - { name: 'global-build-stats', state: 'latest', dependencies: 'True' } + - { name: 'mailer', state: 'latest', dependencies: 'True' } + - { name: 'maven-plugin', state: 'latest', dependencies: 'True' } + - { name: 'monitoring', state: 'latest', dependencies: 'True' } + - { name: 'extended-read-permission', state: 'latest', dependencies: 'True' } + - { name: 'dependency-queue-plugin', state: 'latest', dependencies: 'True' } + - { name: 'dependencyanalyzer', state: 'latest', dependencies: 'True' } + - { name: 'depgraph-view', state: 'latest', dependencies: 'True' } + - { name: 'progress-bar-column-plugin', state: 'latest', dependencies: 'True' } + - { name: 'slave-utilization-plugin', state: 'latest', dependencies: 'True' } + - { name: 'build-pipeline-plugin', state: 'latest', dependencies: 'True' } + - { name: 'embeddable-build-status', state: 'latest', dependencies: 'True' } + - { name: 'github-branch-source', state: 'latest', dependencies: 'True' } + - { name: 'jquery', state: 'latest', dependencies: 'True' } + - { name: 'jquery-ui', state: 'latest', dependencies: 'True' } + - { name: 'parameterized-trigger', state: 'latest', dependencies: 'True' } + - { name: 'javadoc', state: 'latest', dependencies: 'True' } + - { name: 'job-dsl-plugin', state: 'latest', dependencies: 'True' } diff --git a/jenkins/master/handlers/main.yml b/jenkins/master/handlers/main.yml index 2d9751a..ea30690 100644 --- a/jenkins/master/handlers/main.yml +++ b/jenkins/master/handlers/main.yml @@ -1,28 +1,3 @@ --- -- name: Update apt cache - apt: update_cache=yes - -- name: Reload nginx - service: name=nginx state=reloaded - -- name: Set permissions on the javadoc dir - raw: chown -R {{ jenkins.username }}:{{ jenkins.group }} {{ jenkins.dnet_javadoc_dir }}/ - -- name: Set permissions on the webroot public dir - raw: chown -R {{ jenkins.username }}:{{ jenkins.group }} {{ nginx.web_root }}/public/ - -- name: Start sonar - service: name=sonar state=started - -- name: Stop sonar - service: name=sonar state=stopped - -- name: Restart sonar - service: name=sonar state=restarted - - name: Restart jenkins service: name=jenkins state=restarted - -- name: Reload nginx - service: name=nginx state=reloaded - diff --git a/jenkins/master/tasks/jenkins_deb_pkgs.yml b/jenkins/master/tasks/jenkins_deb_pkgs.yml index ebdb8c3..111be20 100644 --- a/jenkins/master/tasks/jenkins_deb_pkgs.yml +++ b/jenkins/master/tasks/jenkins_deb_pkgs.yml @@ -26,7 +26,16 @@ - name: Set the startup jenkins options template: src=jenkins.default.j2 dest=/etc/default/jenkins owner=root group=root mode=0444 - notify: Restart jenkins + register: jenkins_must_be_restarted + + - name: Start and enable the Jenkins service + service: name=jenkins state=started enabled=yes + register: jenkins_has_been_started + + - name: Restart jenkins if the configuration changed + service: name=jenkins state=restarted + when: jenkins_must_be_restarted is changed + register: jenkins_has_been_restarted when: jenkins_install tags: [ 'jenkins', 'jenkins_master' ] diff --git a/jenkins/master/tasks/jenkins_plugins.yml b/jenkins/master/tasks/jenkins_plugins.yml index 5a7cba8..f52cfe4 100644 --- a/jenkins/master/tasks/jenkins_plugins.yml +++ b/jenkins/master/tasks/jenkins_plugins.yml @@ -2,81 +2,32 @@ - block: # Handle plugins # If Jenkins is installed or updated, wait for pulling the Jenkins CLI, assuming 10s should be sufficiant - - name: 120 seconds delay while starting Jenkins + - name: Wait for jenkins wait_for: port={{ jenkins_http_port }} delay={{ jenkins_restart_delay }} + when: jenkins_has_been_restarted is changed or jenkins_has_been_started is changed # Create Jenkins CLI destination directory - name: "Create Jenkins CLI destination directory" file: path={{ jenkins_dest }} state=directory - name: Get Jenkins CLI - get_url: url=http://localhost:{{ jenkins_http_port }}/jnlpJars/jenkins-cli.jar dest={{ jenkins_cli_dest }} mode=0440 + get_url: url={{ jenkins_local_url}}/jnlpJars/jenkins-cli.jar dest={{ jenkins_cli_dest }} mode=0440 # Create the Jenkins administrative user password file - name: Create the Jenkins administrative user password file copy: content={{ jenkins_admin_pwd }} dest={{ jenkins_admin_user_pwd_file }} mode=600 - name: Install plugins without a specific version - jenkins_plugin: name="{{ item.key }}" params='{{ jenkins_access_params }}' - register: my_jenkins_plugin_unversioned - when: '"version" not in item.value' - with_dict: '{{ jenkins_plugins }}' + jenkins_plugin: name="{{ item.name }}" state={{ item.state | default('latest') }} with_dependencies={{ item.dependencies | default(True) }} url={{ jenkins_local_url }} url_username={{ jenkins_access_params.url_username }} url_password={{ jenkins_access_params.url_password }} + when: item.version is not defined + with_items: '{{ jenkins_plugins }}' + notify: Restart jenkins - name: Install plugins with a specific version - jenkins_plugin: name="{{ item.key }}" version="{{ item.value['version'] }}" params='{{ jenkins_access_params }}' - register: my_jenkins_plugin_versioned - when: '"version" in item.value' - with_dict: '{{ jenkins_plugins }}' - - - name: Initiate the jenkins_restart_required fact - set_fact: - jenkins_restart_required: no - - - name: Check if restart is required by any of the versioned plugins - set_fact: - jenkins_restart_required: yes - when: item is changed - with_items: '{{ my_jenkins_plugin_versioned.results }}' - - - name: Check if restart is required by any of the unversioned plugins - set_fact: - jenkins_restart_required: yes - when: item is changed - with_items: '{{ my_jenkins_plugin_unversioned.results }}' - - - name: Restart Jenkins if required - become_user: root - service: name=jenkins state=restarted - when: jenkins_restart_required - - - name: Wait for Jenkins to start up - uri: - url: '{{ jenkins_local_url }}' - status_code: 200 - timeout: 5 - register: jenkins_service_status - # Keep trying for 5 mins in 5 sec intervals - retries: 60 - delay: 5 - until: > - 'status' in jenkins_service_status and - jenkins_service_status['status'] == 200 - when: jenkins_restart_required - - - name: Reset the jenkins_restart_required fact - set_fact: - jenkins_restart_required: no - when: jenkins_restart_required - - - name: Plugin pinning - jenkins_plugin: name="{{ item.key }}" state="{{ 'pinned' if item.value['pinned'] else 'unpinned'}}" params='{{ jenkins_access_params }}' - when: '"pinned" in item.value' - with_dict: '{{ jenkins_plugins }}' - - - name: Plugin enabling - jenkins_plugin: name="{{ item.key }}" state="{{ 'enabled' if item.value['enabled'] else 'disabled'}}" params='{{ jenkins_access_params }}' - when: '"enabled" in item.value' - with_dict: '{{ jenkins_plugins }}' + jenkins_plugin: name="{{ item.name }}" state={{ item.state | default('latest') }} version='{{ item.version }}' url={{ jenkins_local_url }} url_username={{ jenkins_access_params.url_username }} url_password={{ jenkins_access_params.url_password }} + when: item.version is defined + with_items: '{{ jenkins_plugins }}' + notify: Restart jenkins become: True become_user: '{{ jenkins_username }}' diff --git a/jenkins/master/tasks/jenkins_rh_pkgs.yml b/jenkins/master/tasks/jenkins_rh_pkgs.yml index 5d9ff40..d5e3e34 100644 --- a/jenkins/master/tasks/jenkins_rh_pkgs.yml +++ b/jenkins/master/tasks/jenkins_rh_pkgs.yml @@ -5,10 +5,10 @@ name: Jenkins description: Jenkins stable repository file: jenkins - baseurl: {{ jenkins_rh_stable_repo}} + baseurl: '{{ jenkins_rh_stable_repo}}' enabled: yes gpgcheck: True - gpgkey: {{ jenkins_rh_stable_repo_key }} + gpgkey: '{{ jenkins_rh_stable_repo_key }}' state: present when: not jenkins_use_latest @@ -17,10 +17,10 @@ name: Jenkins description: Jenkins latest repository file: jenkins - baseurl: {{ jenkins_rh_latest_repo}} + baseurl: '{{ jenkins_rh_latest_repo}}' enabled: yes gpgcheck: True - gpgkey: {{ jenkins_rh_latest_repo_key }} + gpgkey: '{{ jenkins_rh_latest_repo_key }}' state: present when: jenkins_use_latest @@ -28,13 +28,23 @@ yum: pkg={{ jenkins_packages }} state={{ jenkins_pkg_state }} register: jenkins_install + - name: Set the startup jenkins options + template: src=jenkins.default.j2 dest=/etc/sysconfig/jenkins owner=root group=root mode=0444 + register: jenkins_must_be_restarted + + - name: Start and enable the Jenkins service + service: name=jenkins state=started enabled=yes + register: jenkins_has_been_started + + - name: Restart jenkins if the configuration changed + service: name=jenkins state=restarted + when: jenkins_must_be_restarted is changed + register: jenkins_has_been_restarted + when: jenkins_install tags: [ 'jenkins', 'jenkins_master' ] - block: - - name: Ensure that jenkins is stoppend and disabled - service: name=jenkins state=stopped enabled=no - - name: Remove jenkins yum: pkg={{ jenkins_packages }} state=absent @@ -46,3 +56,4 @@ when: not jenkins_install tags: [ 'jenkins', 'jenkins_master' ] + diff --git a/jenkins/master/tasks/main.yml b/jenkins/master/tasks/main.yml index 2859373..8a696f5 100644 --- a/jenkins/master/tasks/main.yml +++ b/jenkins/master/tasks/main.yml @@ -3,7 +3,7 @@ when: ansible_distribution_file_variety == "Debian" - import_tasks: jenkins_rh_pkgs.yml - when: ansible_distribution_file_variety == "RedHat" + when: ansible_distribution_file_variety != "Debian" - import_tasks: jenkins_plugins.yml when: jenkins_install diff --git a/jenkins/master/templates/jenkins.default.j2 b/jenkins/master/templates/jenkins.default.j2 index 3d448cc..7d0880a 100644 --- a/jenkins/master/templates/jenkins.default.j2 +++ b/jenkins/master/templates/jenkins.default.j2 @@ -1,15 +1,18 @@ -# defaults for jenkins continuous integration server - # pulled in from the init script; makes things easier. NAME=jenkins -# location of java -JAVA=/usr/bin/java +# Java executable to run Jenkins +# When left empty, we'll try to find the suitable Java. +# +JENKINS_JAVA_CMD="{{ jenkins_java_path }}" # arguments to pass to java JAVA_ARGS="-server -Djava.awt.headless=true -Xmx{{ jenkins_jdk_xmx }}" JAVA_ARGS="-Djava.net.preferIPv4Stack=true $JAVA_ARGS" # make jenkins listen on IPv4 address JAVA_ARGS="$JAVA_ARGS {{ jenkins_jdk_gc_opts }}" +JAVA_ARGS="$JAVA_ARGS -Djenkins.install.runSetupWizard=false" + +JENKINS_JAVA_OPTIONS="$JAVA_ARGS" PIDFILE=/var/run/jenkins/jenkins.pid @@ -17,7 +20,11 @@ PIDFILE=/var/run/jenkins/jenkins.pid JENKINS_USER={{ jenkins_username }} # location of the jenkins war file +{% if ansible_distribution_file_variety == "Debian" %} JENKINS_WAR=/usr/share/jenkins/jenkins.war +{% else %} +JENKINS_WAR=/usr/lib/jenkins/jenkins.war +{% endif %} # jenkins home location JENKINS_HOME={{ jenkins_dest }} @@ -30,6 +37,10 @@ RUN_STANDALONE=true # log location. this may be a syslog facility.priority JENKINS_LOG=/var/log/jenkins/$NAME.log #HUDSON_LOG=daemon.info +JENKINS_DEBUG_LEVEL="5" +JENKINS_ENABLE_ACCESS_LOG="no" +JENKINS_HANDLER_MAX="100" +JENKINS_HANDLER_IDLE="20" # OS LIMITS SETUP # comment this out to observe /etc/security/limits.conf @@ -39,24 +50,26 @@ JENKINS_LOG=/var/log/jenkins/$NAME.log MAXOPENFILES=8192 HTTP_HOST={{ jenkins_http_host }} +JENKINS_LISTEN_ADDRESS="${HTTP_HOST}" # port for HTTP connector (default 8080; disable with -1) HTTP_PORT={{ jenkins_http_port }} +JENKINS_PORT="${HTTP_PORT}" # port for AJP connector (disabled by default) AJP_PORT={{ jenkins_ajp_port }} +JENKINS_HTTPS_PORT="" +JENKINS_HTTPS_KEYSTORE="" +JENKINS_HTTPS_KEYSTORE_PASSWORD="" +JENKINS_HTTPS_LISTEN_ADDRESS="" + # servlet context, important if you want to use apache proxying PREFIX=/{{ jenkins_servlet_context }} -# arguments to pass to jenkins. -# --javahome=$JAVA_HOME -# --httpPort=$HTTP_PORT (default 8080; disable with -1) -# --httpsPort=$HTTP_PORT -# --ajp13Port=$AJP_PORT -# --argumentsRealm.passwd.$ADMIN_USER=[password] -# --argumentsRealm.$ADMIN_USER=admin -# --webroot=~/.jenkins/war -# --prefix=$PREFIX - +{% if ansible_distribution_file_variety == "Debian" %} JENKINS_ARGS="--webroot={{ jenkins_webroot }} --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT --httpListenAddress=$HTTP_HOST" +{% else %} +JENKINS_ARGS="" +{% endif %} +