From 1cf0abc3814733b9a8a1def74ca832882506b630 Mon Sep 17 00:00:00 2001 From: "James E. Blair" Date: Wed, 15 May 2013 16:03:05 -0700 Subject: [PATCH] Add jenkins dev slaves. Allow them to use an ssh key distinct from production. Clean up unused slave classes. Use dedicated keys on dev slaves (do this in prod in the future, but it's a breaking change). Add a dev_slave_template class for devstack-gate to use. Remove devstack-gate deps from jenkins master (they're on devstack-launch now). Clean up unneeded remove statements for glance creds. Tidy up some permissions on files where they weren't specified before. Change-Id: I02cef1ee3951c5780084118073770521bebb9eda Reviewed-on: https://review.openstack.org/29319 Reviewed-by: Jeremy Stanley Reviewed-by: Clark Boylan Approved: Clark Boylan Tested-by: Jenkins --- manifests/master.pp | 67 ++++++++++++++++++++++++--------------------- 1 file changed, 36 insertions(+), 31 deletions(-) diff --git a/manifests/master.pp b/manifests/master.pp index 145d404..09ecd11 100644 --- a/manifests/master.pp +++ b/manifests/master.pp @@ -10,6 +10,8 @@ class jenkins::master( $ssl_cert_file_contents = '', # If left empty puppet will not create file. $ssl_key_file_contents = '', # If left empty puppet will not create file. $ssl_chain_file_contents = '', # If left empty puppet will not create file. + $jenkins_ssh_private_key = '', + $jenkins_ssh_public_key = '', ) { include pip include apt @@ -89,42 +91,11 @@ class jenkins::master( ensure => present, } - # devstack-gate - if ! defined(Package['python-jenkins']) { - package { 'python-jenkins': - ensure => present, - } - } - package { 'jenkins': ensure => present, require => Apt::Source['jenkins'], } - package { 'apache-libcloud': - ensure => present, - provider => pip, - require => Class[pip], - } - - package { 'git-review': - ensure => '1.18', - provider => pip, - require => Class[pip], - } - - package { 'tox': - ensure => latest, # okay to use latest for pip - provider => pip, - require => Class[pip], - } - - package { 'statsd': - ensure => latest, # okay to use latest for pip - provider => pip, - require => Class[pip], - } - exec { 'update apt cache': subscribe => File['/etc/apt/sources.list.d/jenkins.list'], refreshonly => true, @@ -139,6 +110,32 @@ class jenkins::master( require => Package['jenkins'], } + file { '/var/lib/jenkins/.ssh/': + ensure => directory, + owner => 'jenkins', + group => 'nogroup', + mode => '0700', + require => File['/var/lib/jenkins'], + } + + file { '/var/lib/jenkins/.ssh/id_rsa': + owner => 'jenkins', + group => 'nogroup', + mode => '0600', + content => $jenkins_ssh_private_key, + replace => true, + require => File['/var/lib/jenkins/.ssh/'], + } + + file { '/var/lib/jenkins/.ssh/id_rsa.pub': + owner => 'jenkins', + group => 'nogroup', + mode => '0644', + content => $jenkins_ssh_public_key, + replace => true, + require => File['/var/lib/jenkins/.ssh/'], + } + file { '/var/lib/jenkins/plugins': ensure => directory, owner => 'jenkins', @@ -156,24 +153,32 @@ class jenkins::master( file { '/var/lib/jenkins/plugins/simple-theme-plugin/openstack.css': ensure => present, + owner => 'jenkins', + group => 'nogroup', source => 'puppet:///modules/jenkins/openstack.css', require => File['/var/lib/jenkins/plugins/simple-theme-plugin'], } file { '/var/lib/jenkins/plugins/simple-theme-plugin/openstack.js': ensure => present, + owner => 'jenkins', + group => 'nogroup', content => template('jenkins/openstack.js.erb'), require => File['/var/lib/jenkins/plugins/simple-theme-plugin'], } file { '/var/lib/jenkins/plugins/simple-theme-plugin/openstack-page-bkg.jpg': ensure => present, + owner => 'jenkins', + group => 'nogroup', source => 'puppet:///modules/jenkins/openstack-page-bkg.jpg', require => File['/var/lib/jenkins/plugins/simple-theme-plugin'], } file { '/var/lib/jenkins/plugins/simple-theme-plugin/title.png': ensure => present, + owner => 'jenkins', + group => 'nogroup', source => "puppet:///modules/jenkins/${logo}", require => File['/var/lib/jenkins/plugins/simple-theme-plugin'], }