diff --git a/.gitignore b/.gitignore deleted file mode 100644 index ea90996..0000000 --- a/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -Gemfile.lock -.bundled_gems/ -log/ -junit/ -.vagrant/ diff --git a/Gemfile b/Gemfile deleted file mode 100644 index 9854cc9..0000000 --- a/Gemfile +++ /dev/null @@ -1,15 +0,0 @@ -source 'https://rubygems.org' - -if ENV['ZUUL_REF'] && File.exists?("#{ENV['WORKSPACE']}/openstack-infra/puppet-openstack_infra_spec_helper") - gem_checkout_method = {:path => "#{ENV['WORKSPACE']}/openstack-infra/puppet-openstack_infra_spec_helper"} -else - gem_checkout_method = {:git => 'https://git.openstack.org/openstack-infra/puppet-openstack_infra_spec_helper'} -end -gem_checkout_method[:require] = false - -group :development, :test, :system_tests do - gem 'puppet-openstack_infra_spec_helper', - gem_checkout_method -end - -# vim:ft=ruby diff --git a/LICENSE b/LICENSE deleted file mode 100644 index d645695..0000000 --- a/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/README.md b/README.md index 84433d6..ec889a9 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,9 @@ -# OpenStack Jenkins Module +This project is no longer maintained. -This module installs and configures Jenkins \ No newline at end of file +The contents of this repository are still available in the Git +source code management system. To see the contents of this +repository before it reached its end of life, please check out the +previous commit with "git checkout HEAD^1". + +For any further questions, please email +service-discuss@lists.opendev.org or join #opendev on OFTC. diff --git a/Rakefile b/Rakefile deleted file mode 100644 index 7f22329..0000000 --- a/Rakefile +++ /dev/null @@ -1,8 +0,0 @@ -require 'rubygems' -require 'puppetlabs_spec_helper/rake_tasks' -require 'puppet-lint/tasks/puppet-lint' -PuppetLint.configuration.fail_on_warnings = true -PuppetLint.configuration.send('disable_80chars') -PuppetLint.configuration.send('disable_autoloader_layout') -PuppetLint.configuration.send('disable_class_inherits_from_params_class') -PuppetLint.configuration.send('disable_class_parameter_defaults') \ No newline at end of file diff --git a/files/10-ptrace.conf b/files/10-ptrace.conf deleted file mode 100644 index 0e8abd2..0000000 --- a/files/10-ptrace.conf +++ /dev/null @@ -1,24 +0,0 @@ -# This file is managed by puppet. -# -# The PTRACE system is used for debugging. With it, a single user process -# can attach to any other dumpable process owned by the same user. In the -# case of malicious software, it is possible to use PTRACE to access -# credentials that exist in memory (re-using existing SSH connections, -# extracting GPG agent information, etc). -# -# A PTRACE scope of "0" is the more permissive mode. A scope of "1" limits -# PTRACE only to direct child processes (e.g. "gdb name-of-program" and -# "strace -f name-of-program" work, but gdb's "attach" and "strace -fp $PID" -# do not). The PTRACE scope is ignored when a user has CAP_SYS_PTRACE, so -# "sudo strace -fp $PID" will work as before. For more details see: -# https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#ptrace -# -# For applications launching crash handlers that need PTRACE, exceptions can -# be registered by the debugee by declaring in the segfault handler -# specifically which process will be using PTRACE on the debugee: -# prctl(PR_SET_PTRACER, debugger_pid, 0, 0, 0); -# -# In general, PTRACE is not needed for the average running Ubuntu system. -# To that end, the default is to set the PTRACE scope to "1". This value -# may not be appropriate for developers or servers with only admin accounts. -kernel.yama.ptrace_scope = 0 diff --git a/files/cgroups/cgconfig.service b/files/cgroups/cgconfig.service deleted file mode 100644 index 9b546a6..0000000 --- a/files/cgroups/cgconfig.service +++ /dev/null @@ -1,17 +0,0 @@ -[Unit] -Description=Control Group configuration service - -# The service should be able to start as soon as possible, -# before any 'normal' services: -DefaultDependencies=no -Conflicts=shutdown.target -Before=basic.target shutdown.target - -[Service] -Type=oneshot -RemainAfterExit=yes -ExecStart=/usr/sbin/cgconfigparser -l /etc/cgconfig.conf -s 1664 -ExecStop=/usr/sbin/cgclear -l /etc/cgconfig.conf -e - -[Install] -WantedBy=sysinit.target diff --git a/files/cgroups/cgred.service b/files/cgroups/cgred.service deleted file mode 100644 index 7280b6e..0000000 --- a/files/cgroups/cgred.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=CGroups Rules Engine Daemon -After=syslog.target - -[Service] -Type=forking -EnvironmentFile=-/etc/sysconfig/cgred -ExecStart=/usr/sbin/cgrulesengd $OPTIONS - -[Install] -WantedBy=multi-user.target diff --git a/files/cgroups/cgrules.conf b/files/cgroups/cgrules.conf deleted file mode 100644 index 03c05d9..0000000 --- a/files/cgroups/cgrules.conf +++ /dev/null @@ -1,3 +0,0 @@ -jenkins:java memory /jenkins -jenkins:sshd memory /jenkins -jenkins memory /jenkins/children diff --git a/files/cgroups/upstart_cgconfig b/files/cgroups/upstart_cgconfig deleted file mode 100644 index 80a12e0..0000000 --- a/files/cgroups/upstart_cgconfig +++ /dev/null @@ -1,6 +0,0 @@ -description "load legacy cgconfig files" -author "Jeremy Stanley " -start on started cgroup-lite -pre-start script - /usr/sbin/cgconfigparser -l /etc/cgconfig.conf -end script diff --git a/files/cgroups/upstart_cgred b/files/cgroups/upstart_cgred deleted file mode 100644 index b6802f2..0000000 --- a/files/cgroups/upstart_cgred +++ /dev/null @@ -1,6 +0,0 @@ -description "launch cgrulesengd" -author "Jeremy Stanley " -start on started cgconfig -pre-start script - /usr/sbin/cgrulesengd -end script diff --git a/files/cli-shutdown.groovy b/files/cli-shutdown.groovy deleted file mode 100644 index bac0c0e..0000000 --- a/files/cli-shutdown.groovy +++ /dev/null @@ -1,47 +0,0 @@ -/* -======================================================================= -Taken directly from https://github.com/jenkinsci-cert/SECURITY-218 -See https://jenkins-ci.org/content - /mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli -======================================================================= - -The MIT License - -Copyright (c) 2015, Kohsuke Kawaguchi - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. -*/ - -import jenkins.*; -import jenkins.model.*; -import hudson.model.*; - -// disabled CLI access over TCP listener (separate port) -def p = AgentProtocol.all() -p.each { x -> - if (x.name.contains("CLI")) p.remove(x) -} - -// disable CLI access over /cli URL -def removal = { lst -> - lst.each { x -> if (x.getClass().name.contains("CLIAction")) lst.remove(x) } -} -def j = Jenkins.instance; -removal(j.getExtensionList(RootAction.class)) -removal(j.actions) diff --git a/files/localrc b/files/localrc deleted file mode 100644 index 00e2535..0000000 --- a/files/localrc +++ /dev/null @@ -1,12 +0,0 @@ -# This file is managed by puppet. - -MYSQL_PASSWORD=secret -RABBIT_PASSWORD=secret -ADMIN_PASSWORD=secret -SERVICE_TOKEN=111222333444 -ROOTSLEEP=0 -SYSLOG=True -ACTIVE_TIMEOUT=60 -BOOT_TIMEOUT=90 -ASSOCIATE_TIMEOUT=60 -MULTI_HOST=1 diff --git a/files/logger.conf b/files/logger.conf deleted file mode 100644 index cf99dfb..0000000 --- a/files/logger.conf +++ /dev/null @@ -1,28 +0,0 @@ -# Properties file which configures the operation of the JDK -# logging facility. -# reference: http://www.javapractices.com/topic/TopicAction.do?Id=143 - -# The system will look for this config file, first using -# a System property specified at startup: -# -# >java -Djava.util.logging.config.file=myLoggingConfigFilePath -# -# If this property is not specified, then the config file is -# retrieved from its default location at: -# -# JDK_HOME/jre/lib/logging.properties - -# Global logging properties. -# ------------------------------------------ -# The set of handlers to be loaded upon startup. -# Comma-separated list of class names. -# (? LogManager docs say no comma here, but JDK example has comma.) -handlers=java.util.logging.ConsoleHandler - -# Loggers -# ------------------------------------------ -# Loggers are usually attached to packages. -# Here, the level for each package is specified. -# The global level is used by default, so levels -# specified here simply act as an override. -org.gearman.session.logger.level=WARNING diff --git a/files/openstack-page-bkg.jpg b/files/openstack-page-bkg.jpg deleted file mode 100644 index f788c41..0000000 Binary files a/files/openstack-page-bkg.jpg and /dev/null differ diff --git a/files/openstack.css b/files/openstack.css deleted file mode 100644 index 01df9a5..0000000 --- a/files/openstack.css +++ /dev/null @@ -1,24 +0,0 @@ -body {color: #535353 !important; background: url("/plugin/simple-theme-plugin/openstack-page-bkg.jpg") no-repeat scroll 0 0 white !important; position: static} -a,a:visited {color: #264D69 !important; text-decoration: none !important;} -a:hover {color: #000 !important; text-decoration: underline !important} -#breadcrumbs {border-top: 1px solid #D3D7CF; background: #fff} - -#header {margin-top: 5px} -#header tr:first-child {height: 60px} -#heading_text {font-size: 26px; padding-left: 10px; color: #CF2F19; font-family: 'PT Sans', sans-serif; font-weight: normal; letter-spacing: -1px} -#top-panel a:hover {text-decoration: none !important} -#top-panel {background: none;} -#top-panel img:first-child {display: none;} -.pane tr:nth-child(even) {background: #EEF3F5; color: #353535} -.pane tr:nth-child(odd) {background: #FFF; color: #353535} -.pane td {border: 1px solid #C5E2EA !important} -div.top-sticker-inner {background: none;} -div[id*='title-dashboard_portlet'] {background-color: #EEEEEE !important; border: 1px solid #D8D8D8 !important} -#statistics th {background-color: #EEEEEE !important; border: 1px solid #D8D8D8 !important} -#viewList td.inactive {border-top: 0; border-right: 0; border-left: 0; border-bottom: 1px solid #C5E2EA;} -#viewList td.inactive a {color: #353535 !important} -#viewList td.inactive:hover {background: none !important} -#viewList td.active {border-top: 0; border-right: 0; border-left: 0; border-bottom: 3px solid #CF2F19; padding-bottom: 0px !important; color: #CF2F19; background: none;} -#viewList td.filler {border: 0} -pre {color: black} -label {color: black} diff --git a/files/openstack.png b/files/openstack.png deleted file mode 100644 index 146faec..0000000 Binary files a/files/openstack.png and /dev/null differ diff --git a/files/safe_jenkins_shutdown b/files/safe_jenkins_shutdown deleted file mode 100755 index 69f527b..0000000 --- a/files/safe_jenkins_shutdown +++ /dev/null @@ -1,93 +0,0 @@ -#!/usr/bin/env python -# Copyright 2015 OpenStack Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -import argparse -import time - -import jenkins - - -def delete_offline_nodes(server, timeout): - start = time.time() - end = start + timeout - while True: - nodes = server.get_nodes() - offline_nodes = [node for node in nodes if node['offline'] and - node['name'] != 'master'] - if not offline_nodes: - # We have converged to no offline nodes state - break - elif time.time() > end: - raise Exception("Offline slave deletion timeout exceeded.") - try: - for n in offline_nodes: - server.delete_node(n['name']) - # This may have raced an external system deleting nodes - # after jobs complete. Just retry as we should - # converage on no jobs running and no deletions. - except jenkins.NotFoundException: - pass - except jenkins.JenkinsException as e: - if '[500]' in str(e): - pass - else: - raise - time.sleep(1) - -def parse_args(): - parser = argparse.ArgumentParser(description='Safely stop Jenkins.') - parser.add_argument('--url', default='http://localhost:8080', - help='Base url for Jenkins master.') - parser.add_argument('--user', required=True, - help='Username to connect to Jenkins with.') - parser.add_argument('--password', required=True, - help='Password to auth with.') - parser.add_argument('--no-delete', dest='delete', action='store_false', - default=True, help="Don't delete offline slaves.") - parser.add_argument('--delete-timeout', type=int, default=300, - help="Seconds to spend deleting offline slaves.") - args = parser.parse_args() - return args - -def main(): - args = parse_args() - server = jenkins.Jenkins(args.url, - username=args.user, - password=args.password) - - # Put in shutdown mode - server.quiet_down() - while True: - try: - if not server.get_running_builds(): - break - # This may have raced an external system deleting executors - # while listing the running jobs. Just retry as we should - # converage on no jobs running and no deletions. - except jenkins.NotFoundException: - pass - except jenkins.JenkinsException as e: - if '[500]' in str(e): - pass - else: - raise - # Jobs are slow wait a minute between polls - time.sleep(60) - if args.delete: - # Remove any offline nodes so they don't go online after restart. - delete_offline_nodes(server, args.delete_timeout) - -if __name__ == '__main__': - main() diff --git a/files/settings.xml b/files/settings.xml deleted file mode 100644 index 8bdfc18..0000000 --- a/files/settings.xml +++ /dev/null @@ -1,34 +0,0 @@ - - - org.jenkins-ci.tools - - - - - - jenkins - - true - - - - repo.jenkins-ci.org - http://repo.jenkins-ci.org/public/ - - - - - repo.jenkins-ci.org - http://repo.jenkins-ci.org/public/ - - - - - - - repo.jenkins-ci.org - http://repo.jenkins-ci.org/public/ - m.g.o-public - - - diff --git a/files/ssh_config b/files/ssh_config deleted file mode 100644 index bccc9c9..0000000 --- a/files/ssh_config +++ /dev/null @@ -1,3 +0,0 @@ -UserKnownHostsFile=/dev/null -StrictHostKeyChecking=no -LogLevel=ERROR diff --git a/files/stackforge.png b/files/stackforge.png deleted file mode 100644 index 29a3ec8..0000000 Binary files a/files/stackforge.png and /dev/null differ diff --git a/files/versions.conf b/files/versions.conf deleted file mode 100644 index abc75d6..0000000 --- a/files/versions.conf +++ /dev/null @@ -1,8 +0,0 @@ -description "BZR smart server of tarball versions" -author "Monty Taylor " - -start on (local-filesystems and net-device-up) -stop on runlevel [!2345] - -exec bzr serve --allow-writes -d /var/lib/jenkins/versions/ - diff --git a/lib/facter/dpkg.rb b/lib/facter/dpkg.rb deleted file mode 100644 index c10ec86..0000000 --- a/lib/facter/dpkg.rb +++ /dev/null @@ -1,19 +0,0 @@ -Facter.add(:dpkg_arch) do - confine :kernel => :linux - confine :osfamily => :Debian - setcode do - arch = Facter::Util::Resolution.exec('dpkg --print-architecture') - arch - end -end - -Facter.add(:dpkg) do - confine :kernel => :linux - confine :osfamily => :Debian - dpkg = {} - setcode do - arch = Facter::Util::Resolution.exec('dpkg --print-architecture') - dpkg['architecture'] = arch - dpkg - end -end diff --git a/lib/facter/memorytotalbytes.rb b/lib/facter/memorytotalbytes.rb deleted file mode 100755 index 157196d..0000000 --- a/lib/facter/memorytotalbytes.rb +++ /dev/null @@ -1,7 +0,0 @@ -# memorytotalbytes.rb - -Facter.add("memorytotalbytes") do - setcode do - Facter::Util::Resolution.exec('free -b | sed -n \'s/^Mem:\W\+\([0-9]\+\).*$/\1/p\'') - end -end diff --git a/manifests/cgroups.pp b/manifests/cgroups.pp deleted file mode 100644 index e0e1814..0000000 --- a/manifests/cgroups.pp +++ /dev/null @@ -1,104 +0,0 @@ -# == Class: jenkins::cgroups -# -class jenkins::cgroups { - - include ::jenkins::params - - if ($::jenkins::params::cgroups_tools_package != '') { - package { 'cgroups-tools': - ensure => present, - name => $::jenkins::params::cgroups_tools_package, - } - } - package { 'cgroups': - ensure => present, - name => $::jenkins::params::cgroups_package, - } - - file { '/etc/cgconfig.conf': - ensure => present, - replace => true, - owner => 'root', - group => 'jenkins', - mode => '0644', - content => template('jenkins/cgconfig.erb'), - } - - file { '/etc/cgrules.conf': - ensure => present, - replace => true, - owner => 'root', - group => 'jenkins', - mode => '0644', - source => 'puppet:///modules/jenkins/cgroups/cgrules.conf', - } - - if $::osfamily == 'Debian' { - # 14.04 and below is using upstart. - if $::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '14.04') <= 0 { - file { 'cgconfig.service': - ensure => present, - replace => true, - owner => 'root', - path => '/etc/init/cgconfig.conf', - group => 'root', - mode => '0644', - source => 'puppet:///modules/jenkins/cgroups/upstart_cgconfig', - } - - file { '/etc/init.d/cgconfig': - ensure => link, - target => '/lib/init/upstart-job', - } - - file { 'cgred.service': - ensure => present, - replace => true, - owner => 'root', - path => '/etc/init/cgred.conf', - group => 'root', - mode => '0644', - source => 'puppet:///modules/jenkins/cgroups/upstart_cgred', - } - - file { '/etc/init.d/cgred': - ensure => link, - target => '/lib/init/upstart-job', - } - } else { - file { 'cgred.service': - ensure => present, - replace => true, - owner => 'root', - path => '/etc/systemd/system/cgred.service', - group => 'root', - mode => '0644', - source => 'puppet:///modules/jenkins/cgroups/cgred.service', - } - - file { 'cgconfig.service': - ensure => present, - replace => true, - owner => 'root', - path => '/etc/systemd/system/cgconfig.service', - group => 'root', - mode => '0644', - source => 'puppet:///modules/jenkins/cgroups/cgconfig.service', - } - } - } - - service { 'cgconfig': - ensure => running, - enable => true, - require => $::jenkins::params::cgconfig_require, - subscribe => File['/etc/cgconfig.conf'], - } - - service { 'cgred': - ensure => running, - enable => true, - require => $::jenkins::params::cgred_require, - subscribe => File['/etc/cgrules.conf'], - } -} diff --git a/manifests/cli.pp b/manifests/cli.pp deleted file mode 100644 index b4c85f8..0000000 --- a/manifests/cli.pp +++ /dev/null @@ -1,23 +0,0 @@ -# == Class: jenkins::cli -# -class jenkins::cli ( - $base_folder = '/opt/jenkins', - $dest_folder = 'cli', -) { - file { $base_folder: - ensure => directory, - } - - file { "${base_folder}/${dest_folder}": - ensure => directory, - require => File[$base_folder], - } - - exec { 'download-cli': - command => '/usr/bin/wget http://localhost:8080/jnlpJars/jenkins-cli.jar', - cwd => "${base_folder}/${dest_folder}", - creates => "${base_folder}/${dest_folder}/jenkins-cli.jar", - require => File["${base_folder}/${dest_folder}"], - onlyif => '/usr/sbin/service jenkins status', - } -} diff --git a/manifests/jenkinsuser.pp b/manifests/jenkinsuser.pp deleted file mode 100644 index 8f2366e..0000000 --- a/manifests/jenkinsuser.pp +++ /dev/null @@ -1,152 +0,0 @@ -# == Class: jenkins::jenkinsuser -# -class jenkins::jenkinsuser( - $ssh_key = undef, - $ensure = present, - $gitfullname = 'OpenStack Jenkins', - $gitemail = 'jenkins@openstack.org', - $gitpgpkey = 'jenkins@openstack.org', - $gerrituser = 'jenkins', - $gerritkeytype = 'rsa', - $gerritkey = undef, -) { - - group { 'jenkins': - ensure => present, - } - - user { 'jenkins': - ensure => present, - comment => 'Jenkins User', - home => '/home/jenkins', - gid => 'jenkins', - shell => '/bin/bash', - membership => 'minimum', - groups => [], - require => Group['jenkins'], - } - - file { '/home/jenkins': - ensure => directory, - owner => 'jenkins', - group => 'jenkins', - mode => '0644', - require => User['jenkins'], - } - - file { '/home/jenkins/.pip': - ensure => directory, - owner => 'jenkins', - group => 'jenkins', - require => File['/home/jenkins'], - } - - file { '/home/jenkins/.gitconfig': - ensure => present, - owner => 'jenkins', - group => 'jenkins', - mode => '0640', - content => template('jenkins/gitconfig.erb'), - require => File['/home/jenkins'], - } - - file { '/home/jenkins/.ssh': - ensure => directory, - owner => 'jenkins', - group => 'jenkins', - mode => '0700', - require => File['/home/jenkins'], - } - - if $ssh_key != undef { - file { '/home/jenkins/.ssh/authorized_keys': - ensure => 'file', - owner => 'jenkins', - group => 'jenkins', - mode => '0600', - content => template('jenkins/authorized_keys.erb'), - require => File['/home/jenkins/.ssh'], - } - } - - if $gerritkey != undef { - file { "/home/jenkins/.ssh/id_${gerritkeytype}": - ensure => 'file', - owner => 'jenkins', - group => 'jenkins', - mode => '0600', - content => $gerritkey, - require => File['/home/jenkins/.ssh'], - } - } - - #NOTE: not all distributions have default bash files in /etc/skel - if ($::osfamily == 'Debian') { - - file { '/home/jenkins/.bashrc': - ensure => present, - owner => 'jenkins', - group => 'jenkins', - mode => '0640', - source => '/etc/skel/.bashrc', - replace => false, - require => File['/home/jenkins'], - } - - file { '/home/jenkins/.bash_logout': - ensure => present, - source => '/etc/skel/.bash_logout', - owner => 'jenkins', - group => 'jenkins', - mode => '0640', - replace => false, - require => File['/home/jenkins'], - } - - file { '/home/jenkins/.profile': - ensure => present, - source => '/etc/skel/.profile', - owner => 'jenkins', - group => 'jenkins', - mode => '0640', - replace => false, - require => File['/home/jenkins'], - } - - } - - file { '/home/jenkins/.ssh/config': - ensure => present, - owner => 'jenkins', - group => 'jenkins', - mode => '0640', - require => File['/home/jenkins/.ssh'], - source => 'puppet:///modules/jenkins/ssh_config', - } - - file { '/home/jenkins/.config': - ensure => directory, - owner => 'jenkins', - group => 'jenkins', - mode => '0755', - require => File['/home/jenkins'], - } - - file { '/home/jenkins/.m2': - ensure => directory, - owner => 'jenkins', - group => 'jenkins', - mode => '0755', - require => File['/home/jenkins'], - } - - file { '/home/jenkins/.m2/settings.xml': - ensure => present, - owner => 'jenkins', - group => 'jenkins', - mode => '0644', - require => File['/home/jenkins/.m2'], - source => 'puppet:///modules/jenkins/settings.xml', - } - -} diff --git a/manifests/job_builder.pp b/manifests/job_builder.pp deleted file mode 100644 index c53fc4d..0000000 --- a/manifests/job_builder.pp +++ /dev/null @@ -1,93 +0,0 @@ -# == Class: jenkins::job_builder -# -class jenkins::job_builder ( - $url, - $username, - $password, - $git_revision = 'master', - $git_url = 'https://git.openstack.org/openstack-infra/jenkins-job-builder', - $config_dir = '', - $jenkins_jobs_update_timeout = '600', - $query_plugins_info = true, - $extensions = [], - $manage_user = false, -) { - validate_array($extensions) - - # A lot of things need yaml, be conservative requiring this package to avoid - # conflicts with other modules. - if ! defined(Package['python-yaml']) { - package { 'python-yaml': - ensure => present, - } - } - - if ! defined(Package['python-jenkins']) { - package { 'python-jenkins': - ensure => latest, - provider => openstack_pip, - } - } - - vcsrepo { '/opt/jenkins_job_builder': - ensure => latest, - provider => git, - revision => $git_revision, - source => $git_url, - } - - exec { 'install_jenkins_job_builder': - command => 'pip install /opt/jenkins_job_builder', - path => '/usr/local/bin:/usr/bin:/bin/', - refreshonly => true, - subscribe => Vcsrepo['/opt/jenkins_job_builder'], - } - - if $manage_user { - ensure_resource('user', $username, { - ensure => present, - password => $password, - comment => 'Jenkins Job Builder', - home => '/etc/jenkins_jobs', - system => true, - }) - } - - file { '/etc/jenkins_jobs': - ensure => directory, - } - - file { '/etc/jenkins_jobs/config': - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - recurse => true, - purge => true, - force => true, - source => $config_dir, - require => File['/etc/jenkins_jobs'], - notify => Exec['jenkins_jobs_update'], - } - - exec { 'jenkins_jobs_update': - command => 'jenkins-jobs update --delete-old /etc/jenkins_jobs/config', - timeout => $jenkins_jobs_update_timeout, - path => '/bin:/usr/bin:/usr/local/bin', - refreshonly => true, - require => [ - File['/etc/jenkins_jobs/jenkins_jobs.ini'], - Package['python-jenkins'], - Package['python-yaml'], - ], - } - -# TODO: We should put in notify Exec['jenkins_jobs_update'] -# at some point, but that still has some problems. - file { '/etc/jenkins_jobs/jenkins_jobs.ini': - ensure => present, - mode => '0400', - content => template('jenkins/jenkins_jobs.ini.erb'), - require => File['/etc/jenkins_jobs'], - } -} diff --git a/manifests/master.pp b/manifests/master.pp deleted file mode 100644 index c5da80e..0000000 --- a/manifests/master.pp +++ /dev/null @@ -1,328 +0,0 @@ -# == Class: jenkins::master -# -# This class will install and configure Jenkins master -# -# === Parameters -# -# [*jenkins_default*] -# (Optional) Puppet source from which to initialize /etc/defaults/jenkins. -# E.g. 'puppet:///modules/ present, - } - package { $::jenkins::params::jre_low_package: - ensure => purged, - require => Package[$::jenkins::params::jre_package], - } - - apt::source { 'jenkins': - location => 'http://pkg.jenkins.io/debian-stable', - release => 'binary/', - repos => '', - key => { - 'id' => 'D50582E6', - 'source' => 'http://pkg.jenkins.io/debian-stable/jenkins.io.key', - }, - require => [ - Package[$::jenkins::params::jre_package], - ], - include_src => false, - } - - ::httpd::vhost { $vhost_name: - port => 443, - docroot => 'MEANINGLESS ARGUMENT', - priority => '50', - template => 'jenkins/jenkins.vhost.erb', - ssl => true, - } - if ! defined(Httpd::Mod['rewrite']) { - httpd::mod { 'rewrite': - ensure => present, - } - } - if ! defined(Httpd::Mod['proxy']) { - httpd::mod { 'proxy': - ensure => present, - } - } - if ! defined(Httpd::Mod['proxy_http']) { - httpd::mod { 'proxy_http': - ensure => present, - } - } - if ! defined(Httpd::Mod['headers']) { - httpd::mod { 'headers': - ensure => present, - } - } - - if $ssl_cert_file_contents != '' { - file { $ssl_cert_file: - owner => 'root', - group => 'root', - mode => '0640', - content => $ssl_cert_file_contents, - before => Httpd::Vhost[$vhost_name], - } - } - - if $ssl_key_file_contents != '' { - file { $ssl_key_file: - owner => 'root', - group => 'ssl-cert', - mode => '0640', - content => $ssl_key_file_contents, - require => Package['ssl-cert'], - before => Httpd::Vhost[$vhost_name], - } - } - - if $ssl_chain_file_contents != '' { - file { $ssl_chain_file: - owner => 'root', - group => 'root', - mode => '0640', - content => $ssl_chain_file_contents, - before => Httpd::Vhost[$vhost_name], - } - } - - $packages = [ - 'python-babel', - 'python-sqlalchemy', # devstack-gate - 'ssl-cert', - 'sqlite3', # interact with devstack-gate DB - ] - - package { $packages: - ensure => present, - } - - # jenkins apt-repo doesn't offer multiple versions - # so if anything other than 'present' or 'latest' - # is set, pull down the .deb using wget - # and install via the dpkg resource - if ($jenkins_version == 'present') or - ($jenkins_version == 'latest') - { - package { 'jenkins': - ensure => $jenkins_version, - require => Apt::Source['jenkins'], - } - } else { - $jenkins_deb = "jenkins_${jenkins_version}_all.deb" - $jenkins_deb_url = "${jenkins_deb_url_base}/${jenkins_deb}" - $jenkins_deb_tmp = "/var/tmp/${jenkins_deb}" - - archive { 'jenkins_deb': - source => $jenkins_deb_url, - path => $jenkins_deb_tmp, - } - - # required by jenkins.deb, but as we're not using apt, - # no dependency resolution is performed. - package { 'daemon': } - - package { 'jenkins': - # for the dpkg provider, latest means check the version, - # installed/present skips the version check, we want to version - # check so that we can move between versions using puppet - ensure => latest, - provider => dpkg, - source => $jenkins_deb_tmp, - require => [Package['daemon'], Archive['jenkins_deb']], - } - } - - exec { 'update apt cache': - subscribe => File['/etc/apt/sources.list.d/jenkins.list'], - refreshonly => true, - path => '/bin:/usr/bin', - command => 'apt-get update', - } - - # Template uses: - # - $java_args_override - # - $run_standalone - # - $max_open_files - # - $http_port - if ! $jenkins_default { - file { '/etc/default/jenkins': - ensure => present, - owner => 'root', - group => 'root', - mode => '0644', - content => template('jenkins/jenkins.default.erb'), - } - } else { - file { '/etc/default/jenkins': - ensure => present, - owner => 'root', - group => 'root', - mode => '0644', - source => $jenkins_default - } - } - - file { '/var/lib/jenkins': - ensure => directory, - owner => 'jenkins', - group => 'adm', - require => Package['jenkins'], - } - - file { '/var/lib/jenkins/.ssh/': - ensure => directory, - owner => 'jenkins', - group => 'jenkins', - mode => '0700', - require => File['/var/lib/jenkins'], - } - - file { '/var/lib/jenkins/.ssh/id_rsa': - owner => 'jenkins', - group => 'jenkins', - mode => '0600', - content => $jenkins_ssh_private_key, - replace => true, - require => File['/var/lib/jenkins/.ssh/'], - } - - file { '/var/lib/jenkins/.ssh/id_rsa.pub': - owner => 'jenkins', - group => 'jenkins', - mode => '0644', - content => "ssh_rsa ${jenkins_ssh_public_key} jenkins@${::fqdn}", - replace => true, - require => File['/var/lib/jenkins/.ssh/'], - } - - file { '/var/lib/jenkins/plugins': - ensure => directory, - owner => 'jenkins', - group => 'jenkins', - mode => '0750', - require => File['/var/lib/jenkins'], - } - - file { '/var/lib/jenkins/plugins/simple-theme-plugin': - ensure => directory, - owner => 'jenkins', - group => 'jenkins', - require => File['/var/lib/jenkins/plugins'], - } - - file { '/var/lib/jenkins/plugins/simple-theme-plugin/openstack.css': - ensure => present, - owner => 'jenkins', - group => 'jenkins', - source => 'puppet:///modules/jenkins/openstack.css', - require => File['/var/lib/jenkins/plugins/simple-theme-plugin'], - } - - file { '/var/lib/jenkins/plugins/simple-theme-plugin/openstack.js': - ensure => present, - owner => 'jenkins', - group => 'jenkins', - content => template('jenkins/openstack.js.erb'), - require => File['/var/lib/jenkins/plugins/simple-theme-plugin'], - } - - file { '/var/lib/jenkins/plugins/simple-theme-plugin/openstack-page-bkg.jpg': - ensure => present, - owner => 'jenkins', - group => 'jenkins', - source => 'puppet:///modules/jenkins/openstack-page-bkg.jpg', - require => File['/var/lib/jenkins/plugins/simple-theme-plugin'], - } - - file { '/var/lib/jenkins/logger.conf': - ensure => present, - owner => 'jenkins', - group => 'jenkins', - source => 'puppet:///modules/jenkins/logger.conf', - require => File['/var/lib/jenkins'], - } - - file { '/var/lib/jenkins/plugins/simple-theme-plugin/title.png': - ensure => present, - owner => 'jenkins', - group => 'jenkins', - source => "puppet:///modules/jenkins/${logo}", - require => File['/var/lib/jenkins/plugins/simple-theme-plugin'], - } - - file { '/var/lib/jenkins/init.groovy.d': - ensure => directory, - owner => 'jenkins', - group => 'jenkins', - require => File['/var/lib/jenkins'], - } - - file { '/var/lib/jenkins/init.groovy.d/cli-shutdown.groovy': - ensure => present, - owner => 'jenkins', - group => 'jenkins', - source => 'puppet:///modules/jenkins/cli-shutdown.groovy', - require => File['/var/lib/jenkins/init.groovy.d'], - } - - file { '/usr/local/jenkins': - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - } - - # Jenkins management utility scripts - if ! defined(Package['python-jenkins']) { - package { 'python-jenkins': - ensure => latest, - provider => openstack_pip, - } - } - - file { '/usr/local/jenkins/bin': - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - } - - file { '/usr/local/jenkins/bin/safe_jenkins_shutdown': - ensure => present, - owner => 'root', - group => 'root', - mode => '0755', - source => 'puppet:///modules/jenkins/safe_jenkins_shutdown', - } -} diff --git a/manifests/params.pp b/manifests/params.pp deleted file mode 100644 index d7293e9..0000000 --- a/manifests/params.pp +++ /dev/null @@ -1,93 +0,0 @@ -# Class: jenkins::params -# -# This class holds parameters that need to be -# accessed by other classes. -class jenkins::params { - case $::osfamily { - 'RedHat': { - #yum groupinstall "Development Tools" - # common packages - if ($::operatingsystem == 'Fedora') and (versioncmp($::operatingsystemrelease, '21') >= 0) { - $jdk_package = 'java-1.8.0-openjdk-devel' - } else { - $jdk_package = 'java-1.7.0-openjdk-devel' - } - $ccache_package = 'ccache' - $python_netaddr_package = 'python-netaddr' - # FIXME: No Maven packages on RHEL - #$maven_package = 'maven' - $cgroups_package = 'libcgroup' - if ($::operatingsystem == 'Fedora') and (versioncmp($::operatingsystemrelease, '19') >= 0) { - $cgroups_tools_package = 'libcgroup-tools' - $cgconfig_require = [ - Package['cgroups'], - Package['cgroups-tools'], - ] - $cgred_require = [ - Package['cgroups'], - Package['cgroups-tools'], - ] - } else { - $cgroups_tools_package = '' - $cgconfig_require = Package['cgroups'] - $cgred_require = Package['cgroups'] - } - $jre_package = 'openjdk-7-jre-headless' - $jre_low_package = 'openjdk-6-jre-headless' - } - 'Suse': { - $jdk_package = 'java-1_8_0-openjdk-devel' - $ccache_package = 'ccache' - $python_netaddr_package = 'python-netaddr' - $cgroups_package = 'libcgroup1' - $cgroups_tools_package = 'libcgroup-tools' - $cgconfig_require = [ - Package['libcgroup-tools'] - ] - $cgred_require = [ - Package['libcgroup-tools'] - ] - $jre_package = 'openjdk-7-jre-headless' - $jre_low_package = 'openjdk-6-jre-headless' - } - 'Debian': { - # common packages - $ccache_package = 'ccache' - $python_netaddr_package = 'python-netaddr' - if ($::operatingsystem == 'Ubuntu') and ($::operatingsystemrelease >= '16.04') { - $jdk_package = 'openjdk-8-jdk' - $maven_package = 'maven' - $jre_package = 'openjdk-8-jre-headless' - $jre_low_package = 'openjdk-7-jre-headless' - } else { - $jdk_package = 'openjdk-7-jdk' - $maven_package = 'maven2' - $jre_package = 'openjdk-7-jre-headless' - $jre_low_package = 'openjdk-6-jre-headless' - } - $cgroups_package = 'cgroup-bin' - $cgroups_tools_package = '' - $cgconfig_require = [ - Package['cgroups'], - File['cgconfig.service'], - ] - $cgred_require = [ - Package['cgroups'], - File['cgred.service'], - ] - # ruby packages - # ruby1.9.1 is not present in Debian Jessie, use ruby instead - if ($::operatingsystem == 'Debian' or $::lsbdistcodename == 'xenial') { - $ruby_package = 'ruby' - $ruby_dev_package = 'ruby-dev' - } - else { - $ruby_package = 'ruby1.9.1' - $ruby_dev_package = 'ruby1.9.1-dev' - } - } - default: { - fail("Unsupported osfamily: ${::osfamily} The 'jenkins' module only supports osfamily Debian, RedHat or Suse (slaves only).") - } - } -} diff --git a/manifests/plugin.pp b/manifests/plugin.pp deleted file mode 100644 index 0676a7e..0000000 --- a/manifests/plugin.pp +++ /dev/null @@ -1,91 +0,0 @@ -# Copyright (C) 2014 R. Tyler Croy -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# Defined resource type to install jenkins plugins. -# -# Borrowed from: https://github.com/jenkinsci/puppet-jenkins -# - -define jenkins::plugin( - $version='latest', - $pin=false, - $plugin_url=undef, -) { - $plugin = "${name}.hpi" - $plugin_dir = '/var/lib/jenkins/plugins' - $plugin_parent_dir = '/var/lib/jenkins' - - if ($version == 'latest') { - $base_url = 'http://updates.jenkins-ci.org/latest' - } else { - $base_url = "http://updates.jenkins-ci.org/download/plugins/${name}/${version}" - } - - if $plugin_url == undef { - $_plugin_url = "${base_url}/${plugin}" - } else { - $_plugin_url = $plugin_url - } - - if (!defined(File[$plugin_dir])) { - file { - [ - $plugin_parent_dir, - $plugin_dir, - ]: - ensure => directory, - owner => 'jenkins', - group => 'jenkins', - require => [Group['jenkins'], User['jenkins']], - } - } - - if (!defined(Group['jenkins'])) { - group { 'jenkins' : - ensure => present, - } - } - - if (!defined(User['jenkins'])) { - user { 'jenkins' : - ensure => present, - } - } - - exec { "download-${name}" : - command => "wget --no-check-certificate ${_plugin_url}", - cwd => $plugin_dir, - require => File[$plugin_dir], - path => ['/usr/bin', '/usr/sbin',], - user => 'jenkins', - unless => "test -f ${plugin_dir}/${name}.?pi", -# OpenStack modification: don't auto-restart jenkins so we can control -# outage timing better. -# notify => Service['jenkins'], - } - - if ($pin) { - file { "${plugin_dir}/${plugin}.pinned": - ensure => present, - require => Exec["download-${name}"], - owner => 'jenkins', - group => 'jenkins', - mode => '0644', - } - } else { - file { "${plugin_dir}/${plugin}.pinned": - ensure => absent, - } - } -} diff --git a/manifests/slave.pp b/manifests/slave.pp deleted file mode 100644 index 4a1f792..0000000 --- a/manifests/slave.pp +++ /dev/null @@ -1,177 +0,0 @@ -# == Class: jenkins::slave -# -class jenkins::slave( - $ssh_key = undef, - $user = true, - $gitfullname = 'OpenStack Jenkins', - $gitemail = 'jenkins@openstack.org', - $gitpgpkey = 'jenkins@openstack.org', - $gerrituser = 'jenkins', - $gerritkeytype = 'rsa', - $gerritkey = undef, -) { - - include ::haveged - include ::pip - include ::jenkins::params - - if ($user == true) { - class { '::jenkins::jenkinsuser': - ensure => present, - ssh_key => $ssh_key, - gitfullname => $gitfullname, - gitemail => $gitemail, - gitpgpkey => $gitpgpkey, - gerrituser => $gerrituser, - gerritkeytype => $gerritkeytype, - gerritkey => $gerritkey, - } - } - - anchor { 'jenkins::slave::update-java-alternatives': } - - # Packages that all jenkins slaves need - $packages = [ - $::jenkins::params::jdk_package, # jdk for building java jobs - $::jenkins::params::ccache_package, - $::jenkins::params::python_netaddr_package, # Needed for devstack address_in_net() - ] - - file { '/etc/apt/sources.list.d/cloudarchive.list': - ensure => absent, - } - - package { $packages: - ensure => present, - before => Anchor['jenkins::slave::update-java-alternatives'] - } - - case $::osfamily { - 'RedHat': { - exec { 'yum Group Install': - unless => '/usr/bin/yum grouplist "Development tools" | /bin/grep "^Installed [Gg]roups"', - command => '/usr/bin/yum -y groupinstall "Development tools"', - timeout => 1800, - } - - if ($::operatingsystem != 'Fedora') { - exec { 'update-java-alternatives': - unless => '/bin/ls -l /etc/alternatives/java | /bin/grep 1.7.0-openjdk', - command => '/usr/sbin/alternatives --set java /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java && /usr/sbin/alternatives --set javac /usr/lib/jvm/java-1.7.0-openjdk.x86_64/bin/javac', - require => Anchor['jenkins::slave::update-java-alternatives'] - } - } - } - 'Suse': { - exec { 'zypper devel pattern install': - unless => '/usr/bin/zypper -n info -t pattern devel_basis | /bin/grep -q "Installed.*yes"', - command => '/usr/bin/zypper -n in -t pattern devel_basis', - timeout => 1800, - } - } - 'Debian': { - # install build-essential package group - package { 'build-essential': - ensure => present, - } - - package { $::jenkins::params::maven_package: - ensure => present, - require => Package[$::jenkins::params::jdk_package], - } - - package { $::jenkins::params::ruby_package: - ensure => present, - } - - package { $::jenkins::params::ruby_dev_package: - ensure => present, - } - - package { 'openjdk-6-jre-headless': - ensure => purged, - require => Package[$::jenkins::params::jdk_package], - } - - if ($::operatingsystem == 'Ubuntu' and versioncmp($::operatingsystemrelease, '16.04') < 0) { - exec { 'update-java-alternatives': - unless => "/bin/ls -l /etc/alternatives/java | /bin/grep java-7-openjdk-${::dpkg_arch}", - command => "/usr/sbin/update-java-alternatives --set java-1.7.0-openjdk-${::dpkg_arch}", - require => Anchor['jenkins::slave::update-java-alternatives'] - } - } - } - default: { - fail("Unsupported osfamily: ${::osfamily} The 'jenkins' module only supports osfamily Debian, RedHat or Suse (slaves only).") - } - } - - package { 'tox': - ensure => 'latest', - provider => openstack_pip, - require => Class[pip], - } - - # TODO(fungi): switch jobs to use /usr/git-review-env/bin/git-review - package { 'git-review': - ensure => '1.25.0', - provider => openstack_pip, - require => Class[pip], - } - - file { '/usr/local/bin/gcc': - ensure => link, - target => '/usr/bin/ccache', - require => Package['ccache'], - } - - file { '/usr/local/bin/g++': - ensure => link, - target => '/usr/bin/ccache', - require => Package['ccache'], - } - - file { '/usr/local/bin/cc': - ensure => link, - target => '/usr/bin/ccache', - require => Package['ccache'], - } - - file { '/usr/local/bin/c++': - ensure => link, - target => '/usr/bin/ccache', - require => Package['ccache'], - } - - file { "/usr/local/bin/${::hardwareisa}-linux-gnu-gcc": - ensure => link, - target => '/usr/bin/ccache', - require => Package['ccache'], - } - - file { "/usr/local/bin/${::hardwareisa}-linux-gnu-g++": - ensure => link, - target => '/usr/bin/ccache', - require => Package['ccache'], - } - - file { "/usr/local/bin/${::hardwareisa}-linux-gnu-cc": - ensure => link, - target => '/usr/bin/ccache', - require => Package['ccache'], - } - - file { "/usr/local/bin/${::hardwareisa}-linux-gnu-c++": - ensure => link, - target => '/usr/bin/ccache', - require => Package['ccache'], - } - - file { '/usr/local/jenkins': - ensure => directory, - owner => 'root', - group => 'root', - mode => '0755', - } - -} diff --git a/metadata.json b/metadata.json deleted file mode 100644 index fd5a644..0000000 --- a/metadata.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name": "openstackinfra-jenkins", - "version": "0.0.1", - "author": "Openstack CI", - "summary": "Puppet module for Jenkins", - "license": "Apache 2.0", - "source": "https://git.openstack.org/openstack-infra/puppet-jenkins.git", - "project_page": "http://docs.openstack.org/infra/system-config/", - "issues_url": "https://storyboard.openstack.org/#!/project/752", - "dependencies": [] -} diff --git a/spec/acceptance/fixtures/master.pp b/spec/acceptance/fixtures/master.pp deleted file mode 100644 index eabda67..0000000 --- a/spec/acceptance/fixtures/master.pp +++ /dev/null @@ -1,7 +0,0 @@ -class { '::jenkins::jenkinsuser': } - -class { '::jenkins::master': - jenkins_ssh_private_key => file('/tmp/jenkins-ssh-keys/ssh_rsa_key'), - jenkins_ssh_public_key => file('/tmp/jenkins-ssh-keys/ssh_rsa_key.pub'), - require => Class['::jenkins::jenkinsuser'], -} diff --git a/spec/acceptance/fixtures/preconditions.pp b/spec/acceptance/fixtures/preconditions.pp deleted file mode 100644 index 3e59a4c..0000000 --- a/spec/acceptance/fixtures/preconditions.pp +++ /dev/null @@ -1,46 +0,0 @@ -exec { 'update apt': - command => '/usr/bin/apt-get update', -} - -# Installing ssl-cert in order to get snakeoil certs -package { 'ssl-cert': - ensure => present, - require => Exec['update apt'], -} - -vcsrepo { '/etc/project-config': - ensure => latest, - provider => git, - revision => 'master', - source => 'https://git.openstack.org/openstack-infra/project-config', -} - -# Generates ssh rsa keys -define ssh_keygen ( - $ssh_directory = undef -) { - Exec { path => '/bin:/usr/bin' } - - $ssh_key_file = "${ssh_directory}/${name}" - - exec { "ssh-keygen for ${name}": - command => "ssh-keygen -t rsa -f ${ssh_key_file} -N ''", - creates => $ssh_key_file, - } -} - -$ssh_key_directory = '/tmp/jenkins-ssh-keys' -file { $ssh_key_directory: - ensure => directory, -} -ssh_keygen { 'ssh_rsa_key': - ssh_directory => $ssh_key_directory, - require => File[$ssh_key_directory], -} - -# JJB doesn't have a --insecure or --capath, so add the snakeoil certs to the system trust store -exec { 'trust snake oil': - command => '/bin/cp /etc/ssl/certs/ssl-cert-snakeoil.pem /usr/local/share/ca-certificates/ubuntu.crt && /usr/sbin/update-ca-certificates', - require => Package['ssl-cert'], -} - diff --git a/spec/acceptance/fixtures/slave.pp b/spec/acceptance/fixtures/slave.pp deleted file mode 100644 index 8caf1db..0000000 --- a/spec/acceptance/fixtures/slave.pp +++ /dev/null @@ -1,12 +0,0 @@ -class { '::jenkins::slave': - user => true -} - -class { '::jenkins::job_builder': - url => "https://${::fqdn}", - username => 'admin', - password => '<>', - jenkins_jobs_update_timeout => 1200, - config_dir => '/etc/project-config/jenkins', - require => Class['::jenkins::slave'], -} diff --git a/spec/acceptance/master_spec.rb b/spec/acceptance/master_spec.rb deleted file mode 100644 index 0d1fdaf..0000000 --- a/spec/acceptance/master_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'puppet-openstack_infra_spec_helper/spec_helper_acceptance' - -describe 'puppet-jenkins master module', :if => ['debian', 'ubuntu'].include?(os[:family]) do - def pp_path - base_path = File.dirname(__FILE__) - File.join(base_path, 'fixtures') - end - - def preconditions_puppet_module - module_path = File.join(pp_path, 'preconditions.pp') - File.read(module_path) - end - - def jenkins_master_puppet_module - module_path = File.join(pp_path, 'master.pp') - File.read(module_path) - end - - before(:all) do - apply_manifest(preconditions_puppet_module, catch_failures: true) - end - - it 'should work with no errors' do - apply_manifest(jenkins_master_puppet_module, catch_failures: true) - end - - it 'should be idempotent' do - apply_manifest(jenkins_master_puppet_module, catch_changes: true) - end - - describe 'required services' do - describe command('curl https://`hostname -f`/login --insecure --location --verbose') do - its(:stdout) { should contain('Jenkins') } - end - end - -end diff --git a/spec/acceptance/nodesets/default.yml b/spec/acceptance/nodesets/default.yml deleted file mode 100644 index 3bb3e62..0000000 --- a/spec/acceptance/nodesets/default.yml +++ /dev/null @@ -1,11 +0,0 @@ -HOSTS: - ubuntu-server-1404-x64: - roles: - - master - platform: ubuntu-14.04-amd64 - box: puppetlabs/ubuntu-14.04-64-nocm - box_url: https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm - hypervisor: vagrant -CONFIG: - log_level: debug - type: git diff --git a/spec/acceptance/nodesets/nodepool-centos7.yml b/spec/acceptance/nodesets/nodepool-centos7.yml deleted file mode 100644 index c552874..0000000 --- a/spec/acceptance/nodesets/nodepool-centos7.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - centos-70-x64: - roles: - - master - platform: el-7-x86_64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/spec/acceptance/nodesets/nodepool-trusty.yml b/spec/acceptance/nodesets/nodepool-trusty.yml deleted file mode 100644 index 9fc624e..0000000 --- a/spec/acceptance/nodesets/nodepool-trusty.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-14.04-amd64: - roles: - - master - platform: ubuntu-14.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/spec/acceptance/nodesets/nodepool-xenial.yml b/spec/acceptance/nodesets/nodepool-xenial.yml deleted file mode 100644 index 99dd318..0000000 --- a/spec/acceptance/nodesets/nodepool-xenial.yml +++ /dev/null @@ -1,10 +0,0 @@ -HOSTS: - ubuntu-16.04-amd64: - roles: - - master - platform: ubuntu-16.04-amd64 - hypervisor: none - ip: 127.0.0.1 -CONFIG: - type: foss - set_env: false diff --git a/spec/acceptance/slave_spec.rb b/spec/acceptance/slave_spec.rb deleted file mode 100644 index 88a8132..0000000 --- a/spec/acceptance/slave_spec.rb +++ /dev/null @@ -1,34 +0,0 @@ -require 'puppet-openstack_infra_spec_helper/spec_helper_acceptance' - -describe 'puppet-jenkins slave module', :if => ['debian', 'ubuntu'].include?(os[:family]) do - def pp_path - base_path = File.dirname(__FILE__) - File.join(base_path, 'fixtures') - end - - def preconditions_puppet_module - module_path = File.join(pp_path, 'preconditions.pp') - File.read(module_path) - end - - def default_password - command('/bin/cat /var/lib/jenkins/secrets/initialAdminPassword').stdout.chomp - end - - def jenkins_slave_puppet_module - module_path = File.join(pp_path, 'slave.pp') - File.read(module_path).gsub('<>', default_password) - end - - before(:all) do - apply_manifest(preconditions_puppet_module, catch_failures: true) - end - - it 'should work with no errors' do - apply_manifest(jenkins_slave_puppet_module, catch_failures: true) - end - - it 'should be idempotent' do - apply_manifest(jenkins_slave_puppet_module, catch_changes: true) - end -end diff --git a/templates/authorized_keys.erb b/templates/authorized_keys.erb deleted file mode 100644 index 8542cb7..0000000 --- a/templates/authorized_keys.erb +++ /dev/null @@ -1,10 +0,0 @@ -# HEADER: This file has been autogenerated by puppet. -# HEADER: While it can still be managed manually, it -# HEADER: is definitely not recommended. -<% if @ssh_key.is_a? Array -%> -<% @ssh_key.each do |key| -%> -ssh-rsa <%= key %> -<% end -%> -<% else %> -ssh-rsa <%= @ssh_key %> -<% end -%> diff --git a/templates/cgconfig.erb b/templates/cgconfig.erb deleted file mode 100644 index 01fb0b5..0000000 --- a/templates/cgconfig.erb +++ /dev/null @@ -1,68 +0,0 @@ -<% if @operatingsystem == "Fedora" then -# Fedora auto-mounts subsystems under /sys/fs/cgroup/ already, so no -# mount section is needed. %> -<% elsif @operatingsystem == "Suse" then -# SUSE auto-mounts subsystems under /sys/fs/cgroup/ already, so no -# mount section is needed. %> -<% elsif @osfamily == "RedHat" then %> - -mount { - cpuset = /cgroup/cpuset; - cpu = /cgroup/cpu; - cpuacct = /cgroup/cpuacct; - memory = /cgroup/memory; - devices = /cgroup/devices; - freezer = /cgroup/freezer; - net_cls = /cgroup/net_cls; - blkio = /cgroup/blkio; -} - -<% elsif ( @operatingsystemrelease < '12.10' ) or ( @operatingsystem != 'Ubuntu' ) then %> -mount { - cpu = /sys/fs/cgroup/cpu; - cpuacct = /sys/fs/cgroup/cpuacct; - devices = /sys/fs/cgroup/devices; - memory = /sys/fs/cgroup/memory; - freezer = /sys/fs/cgroup/freezer; -} -<% end %> - -group jenkins { - perm { - task { - uid = jenkins; - gid = jenkins; - } - admin { - uid = root; - gid = root; - } - } -} - -group jenkins/children { - perm { - task { - uid = jenkins; - gid = jenkins; - } - admin { - uid = root; - gid = root; - } - } - memory { - memory.soft_limit_in_bytes = <%= (@memorytotalbytes.to_f * 0.75).to_i %>; - memory.limit_in_bytes = <%= (@memorytotalbytes.to_f * 0.9).to_i %>; -<% if (@operatingsystem == "Fedora") and (@operatingsystemrelease == "18") then - # Because of Red Hat bug 918951, swap management doesn't - # work in Fedora 18 but should be fixed in 19. %> -<% elsif (@operatingsystem == "Ubuntu") and (@lsbdistrelease == "14.04") then %> -# memory.memsw.limit_in_bytes is not supported on Trusty, setting this -# raises a 'setting not supported by kernel error'. Checked with upstream, -# they confirmed lack of support in several kernels, so we should skip it. -<% else %> - memory.memsw.limit_in_bytes = <%= (@memorytotalbytes.to_f * 0.9).to_i %>; -<% end %> - } -} diff --git a/templates/gitconfig.erb b/templates/gitconfig.erb deleted file mode 100644 index 8b89a9f..0000000 --- a/templates/gitconfig.erb +++ /dev/null @@ -1,7 +0,0 @@ -[user] - name = <%= scope.lookupvar('jenkins::jenkinsuser::gitfullname') %> - email = <%= scope.lookupvar('jenkins::jenkinsuser::gitemail') %> - signingkey = <%= scope.lookupvar('jenkins::jenkinsuser::gitpgpkey') %> -[gitreview] - rebase = false - username = <%= scope.lookupvar('jenkins::jenkinsuser::gerrituser') %> diff --git a/templates/jenkins.default.erb b/templates/jenkins.default.erb deleted file mode 100644 index df29b88..0000000 --- a/templates/jenkins.default.erb +++ /dev/null @@ -1,66 +0,0 @@ -# defaults for jenkins continuous integration server - -# pulled in from the init script; makes things easier. -NAME=jenkins - -# location of java -JAVA=/usr/bin/java - -# arguments to pass to java -#JAVA_ARGS="-Xmx256m" -#JAVA_ARGS="-Djava.net.preferIPv4Stack=true" # make jenkins listen on IPv4 address -# Disable compression as zip deflation threads eat CPU time. -# https://issues.jenkins-ci.org/browse/JENKINS-14362 -<% if @java_args_override -%> -JAVA_ARGS="<%= @java_args_override %>" -<% else -%> -JAVA_ARGS="-Xloggc:/var/log/jenkins/gc.log -XX:+PrintGCDetails -Xmx12g -Dorg.kohsuke.stapler.compression.CompressionFilter.disabled=true -Djava.util.logging.config.file=/var/lib/jenkins/logger.conf" -<% end -%> - -PIDFILE=/var/run/jenkins/jenkins.pid - -# user id to be invoked as (otherwise will run as root; not wise!) -JENKINS_USER=jenkins - -# location of the jenkins war file -JENKINS_WAR=/usr/share/jenkins/jenkins.war - -# jenkins home location -JENKINS_HOME=/var/lib/jenkins - -# set this to false if you don't want Hudson to run by itself -# in this set up, you are expected to provide a servlet container -# to host jenkins. -RUN_STANDALONE=<%= @run_standalone %> - -# log location. this may be a syslog facility.priority -JENKINS_LOG=/var/log/jenkins/$NAME.log -#HUDSON_LOG=daemon.info - -# OS LIMITS SETUP -# comment this out to observe /etc/security/limits.conf -# this is on by default because http://github.com/jenkinsci/jenkins/commit/2fb288474e980d0e7ff9c4a3b768874835a3e92e -# reported that Ubuntu's PAM configuration doesn't include pam_limits.so, and as a result the # of file -# descriptors are forced to 1024 regardless of /etc/security/limits.conf -MAXOPENFILES=<%= @max_open_files %> - -# port for HTTP connector (default 8080; disable with -1) -HTTP_PORT=<%= @http_port %> - -# port for AJP connector (disabled by default) -AJP_PORT=-1 - -# servlet context, important if you want to use apache proxying -PREFIX=/jenkins - -# arguments to pass to jenkins. -# --javahome=$JAVA_HOME -# --httpPort=$HTTP_PORT (default 8080; disable with -1) -# --httpsPort=$HTTP_PORT -# --ajp13Port=$AJP_PORT -# --argumentsRealm.passwd.$ADMIN_USER=[password] -# --argumentsRealm.$ADMIN_USER=admin -# --webroot=~/.jenkins/war -# --prefix=$PREFIX - -JENKINS_ARGS="--webroot=/var/cache/jenkins/war --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT" diff --git a/templates/jenkins.vhost.erb b/templates/jenkins.vhost.erb deleted file mode 100644 index e59335e..0000000 --- a/templates/jenkins.vhost.erb +++ /dev/null @@ -1,45 +0,0 @@ - - ServerName <%= scope.lookupvar("::jenkins::master::vhost_name") %> - ServerAdmin <%= scope.lookupvar("::jenkins::master::serveradmin") %> - - ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("::jenkins::master::vhost_name") %>-error.log - - LogLevel warn - - CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("::jenkins::master::vhost_name") %>-access.log combined - - Redirect / https://<%= scope.lookupvar("::jenkins::master::vhost_name") %>/ - - - -:443> - ServerName <%= scope.lookupvar("::jenkins::master::vhost_name") %> - ServerAdmin <%= scope.lookupvar("::jenkins::master::serveradmin") %> - - ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("::jenkins::master::vhost_name") %>-ssl-error.log - - LogLevel warn - - CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("::jenkins::master::vhost_name") %>-ssl-access.log combined - - SSLEngine on - SSLProtocol All -SSLv2 -SSLv3 - - SSLCertificateFile <%= scope.lookupvar("::jenkins::master::ssl_cert_file") %> - SSLCertificateKeyFile <%= scope.lookupvar("::jenkins::master::ssl_key_file") %> - <% if scope.lookupvar("::jenkins::master::ssl_chain_file") != "" %> - SSLCertificateChainFile <%= scope.lookupvar("::jenkins::master::ssl_chain_file") %> - <% end %> - - BrowserMatch "MSIE [2-6]" \ - nokeepalive ssl-unclean-shutdown \ - downgrade-1.0 force-response-1.0 - # MSIE 7 and newer should be able to use keepalive - BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown - - AllowEncodedSlashes NoDecode - ProxyPass / http://127.0.0.1:8080/ retry=0 nocanon - ProxyPassReverse / http://127.0.0.1:8080/ - RequestHeader set X-Forwarded-Proto "https" - RequestHeader set X-Forwarded-Port "443" - diff --git a/templates/jenkins_jobs.ini.erb b/templates/jenkins_jobs.ini.erb deleted file mode 100644 index 6247c84..0000000 --- a/templates/jenkins_jobs.ini.erb +++ /dev/null @@ -1,12 +0,0 @@ -[jenkins] -user=<%= @username %> -password=<%= @password %> -url=<%= @url %> -query_plugins_info=<%= @query_plugins_info %> - -<% @extensions.each do |extension| -%> -["<%= extension['name'] %>"] -<% extension['parameters'].each do |parameter| -%> -<%= parameter['name'] %> = <%= parameter['value'] %> -<% end -%> -<% end -%> diff --git a/templates/openstack.js.erb b/templates/openstack.js.erb deleted file mode 100644 index 6ca1a77..0000000 --- a/templates/openstack.js.erb +++ /dev/null @@ -1,22 +0,0 @@ -function makeDoubleDelegate(function1, function2) { - return function() { - if (function1) - function1(); - if (function2) - function2(); - } -} - -function chgeLogo() { - var imgs=document.getElementsByTagName("img"); - var imgTag = document.createElement("img"); - imgTag.setAttribute("src","https://<%= @vhost_name %>/plugin/simple-theme-plugin/title.png"); - imgTag.setAttribute("style", "vertical-align: middle;padding-left: 0.75em;"); - imgs[0].parentNode.appendChild(imgTag); - var spanTag = document.createElement("span"); - spanTag.id="heading_text"; - spanTag.innerHTML="Jenkins CI"; - imgs[0].parentNode.appendChild(spanTag); -} - -window.onload = makeDoubleDelegate(window.onload, chgeLogo);