system-config/modules/jenkins/manifests/master.pp
James E. Blair 00d9391958 Add jenkins dev slaves.
Allow them to use an ssh key distinct from production.
Clean up unused slave classes.
Use dedicated keys on dev slaves (do this in prod in the future, but it's a
breaking change).
Add a dev_slave_template class for devstack-gate to use.
Remove devstack-gate deps from jenkins master (they're on devstack-launch
now).
Clean up unneeded remove statements for glance creds.
Tidy up some permissions on files where they weren't specified before.

Change-Id: I02cef1ee3951c5780084118073770521bebb9eda
Reviewed-on: https://review.openstack.org/29319
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Approved: Clark Boylan <clark.boylan@gmail.com>
Tested-by: Jenkins
2013-05-20 17:34:27 +00:00

203 lines
5.1 KiB
Puppet

# == Class: jenkins::master
#
class jenkins::master(
$logo = '',
$vhost_name = $::fqdn,
$serveradmin = "webmaster@${::fqdn}",
$ssl_cert_file = '',
$ssl_key_file = '',
$ssl_chain_file = '',
$ssl_cert_file_contents = '', # If left empty puppet will not create file.
$ssl_key_file_contents = '', # If left empty puppet will not create file.
$ssl_chain_file_contents = '', # If left empty puppet will not create file.
$jenkins_ssh_private_key = '',
$jenkins_ssh_public_key = '',
) {
include pip
include apt
include apache
#This key is at http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key
apt::key { 'jenkins':
key => 'D50582E6',
key_source => 'http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key',
require => Package['wget'],
}
apt::source { 'jenkins':
location => 'http://pkg.jenkins-ci.org/debian',
release => 'binary/',
repos => '',
require => Apt::Key['jenkins'],
include_src => false,
}
apache::vhost { $vhost_name:
port => 443,
docroot => 'MEANINGLESS ARGUMENT',
priority => '50',
template => 'jenkins/jenkins.vhost.erb',
ssl => true,
}
a2mod { 'rewrite':
ensure => present,
}
a2mod { 'proxy':
ensure => present,
}
a2mod { 'proxy_http':
ensure => present,
}
if $ssl_cert_file_contents != '' {
file { $ssl_cert_file:
owner => 'root',
group => 'root',
mode => '0640',
content => $ssl_cert_file_contents,
before => Apache::Vhost[$vhost_name],
}
}
if $ssl_key_file_contents != '' {
file { $ssl_key_file:
owner => 'root',
group => 'ssl-cert',
mode => '0640',
content => $ssl_key_file_contents,
require => Package['ssl-cert'],
before => Apache::Vhost[$vhost_name],
}
}
if $ssl_chain_file_contents != '' {
file { $ssl_chain_file:
owner => 'root',
group => 'root',
mode => '0640',
content => $ssl_chain_file_contents,
before => Apache::Vhost[$vhost_name],
}
}
$packages = [
'python-babel',
'python-sqlalchemy', # devstack-gate
'ssl-cert',
'sqlite3', # interact with devstack-gate DB
]
package { $packages:
ensure => present,
}
package { 'jenkins':
ensure => present,
require => Apt::Source['jenkins'],
}
exec { 'update apt cache':
subscribe => File['/etc/apt/sources.list.d/jenkins.list'],
refreshonly => true,
path => '/bin:/usr/bin',
command => 'apt-get update',
}
file { '/var/lib/jenkins':
ensure => directory,
owner => 'jenkins',
group => 'adm',
require => Package['jenkins'],
}
file { '/var/lib/jenkins/.ssh/':
ensure => directory,
owner => 'jenkins',
group => 'nogroup',
mode => '0700',
require => File['/var/lib/jenkins'],
}
file { '/var/lib/jenkins/.ssh/id_rsa':
owner => 'jenkins',
group => 'nogroup',
mode => '0600',
content => $jenkins_ssh_private_key,
replace => true,
require => File['/var/lib/jenkins/.ssh/'],
}
file { '/var/lib/jenkins/.ssh/id_rsa.pub':
owner => 'jenkins',
group => 'nogroup',
mode => '0644',
content => $jenkins_ssh_public_key,
replace => true,
require => File['/var/lib/jenkins/.ssh/'],
}
file { '/var/lib/jenkins/plugins':
ensure => directory,
owner => 'jenkins',
group => 'nogroup',
mode => '0750',
require => File['/var/lib/jenkins'],
}
file { '/var/lib/jenkins/plugins/simple-theme-plugin':
ensure => directory,
owner => 'jenkins',
group => 'nogroup',
require => File['/var/lib/jenkins/plugins'],
}
file { '/var/lib/jenkins/plugins/simple-theme-plugin/openstack.css':
ensure => present,
owner => 'jenkins',
group => 'nogroup',
source => 'puppet:///modules/jenkins/openstack.css',
require => File['/var/lib/jenkins/plugins/simple-theme-plugin'],
}
file { '/var/lib/jenkins/plugins/simple-theme-plugin/openstack.js':
ensure => present,
owner => 'jenkins',
group => 'nogroup',
content => template('jenkins/openstack.js.erb'),
require => File['/var/lib/jenkins/plugins/simple-theme-plugin'],
}
file { '/var/lib/jenkins/plugins/simple-theme-plugin/openstack-page-bkg.jpg':
ensure => present,
owner => 'jenkins',
group => 'nogroup',
source => 'puppet:///modules/jenkins/openstack-page-bkg.jpg',
require => File['/var/lib/jenkins/plugins/simple-theme-plugin'],
}
file { '/var/lib/jenkins/plugins/simple-theme-plugin/title.png':
ensure => present,
owner => 'jenkins',
group => 'nogroup',
source => "puppet:///modules/jenkins/${logo}",
require => File['/var/lib/jenkins/plugins/simple-theme-plugin'],
}
file { '/usr/local/jenkins':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
}
file { '/usr/local/jenkins/slave_scripts':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
recurse => true,
require => File['/usr/local/jenkins'],
source => 'puppet:///modules/jenkins/slave_scripts',
}
}