opendev/puppet-jenkins
Code Issues Proposed changes
puppet-jenkins/manifests/jenkinsuser.pp
Colleen Murphy 275e22f63f Make ssh_key parameter optional 
The main reason to do this is for CI. We don't want to overwrite the
real jenkins user's SSH authorized keys, but we still want to test
everything else about the jenkinsuser class, so allow the ssh_key
parameter to be empty and don't overwrite authorized_keys if it is.

Change-Id: Ic2c12940767d53928fa07170c32f34619019287c
2017-06-10 20:26:05 +02:00

153 lines
3.5 KiB
Puppet
Raw Blame History

# == Class: jenkins::jenkinsuser
#
class jenkins::jenkinsuser(
$ssh_key = undef,
$ensure = present,
$gitfullname = 'OpenStack Jenkins',
$gitemail = 'jenkins@openstack.org',
$gitpgpkey = 'jenkins@openstack.org',
$gerrituser = 'jenkins',
$gerritkeytype = 'rsa',
$gerritkey = undef,
) {
group { 'jenkins':
ensure => present,
}
user { 'jenkins':
ensure => present,
comment => 'Jenkins User',
home => '/home/jenkins',
gid => 'jenkins',
shell => '/bin/bash',
membership => 'minimum',
groups => [],
require => Group['jenkins'],
}
file { '/home/jenkins':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0644',
require => User['jenkins'],
}
file { '/home/jenkins/.pip':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
require => File['/home/jenkins'],
}
file { '/home/jenkins/.gitconfig':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
content => template('jenkins/gitconfig.erb'),
require => File['/home/jenkins'],
}
file { '/home/jenkins/.ssh':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0700',
require => File['/home/jenkins'],
}
if $ssh_key != undef {
file { '/home/jenkins/.ssh/authorized_keys':
ensure => 'file',
owner => 'jenkins',
group => 'jenkins',
mode => '0600',
content => template('jenkins/authorized_keys.erb'),
require => File['/home/jenkins/.ssh'],
}
}
if $gerritkey != undef {
file { "/home/jenkins/.ssh/id_${gerritkeytype}":
ensure => 'file',
owner => 'jenkins',
group => 'jenkins',
mode => '0600',
content => $gerritkey,
require => File['/home/jenkins/.ssh'],
}
}
#NOTE: not all distributions have default bash files in /etc/skel
if ($::osfamily == 'Debian') {
file { '/home/jenkins/.bashrc':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
source => '/etc/skel/.bashrc',
replace => false,
require => File['/home/jenkins'],
}
file { '/home/jenkins/.bash_logout':
ensure => present,
source => '/etc/skel/.bash_logout',
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
replace => false,
require => File['/home/jenkins'],
}
file { '/home/jenkins/.profile':
ensure => present,
source => '/etc/skel/.profile',
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
replace => false,
require => File['/home/jenkins'],
}
}
file { '/home/jenkins/.ssh/config':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0640',
require => File['/home/jenkins/.ssh'],
source => 'puppet:///modules/jenkins/ssh_config',
}
file { '/home/jenkins/.config':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0755',
require => File['/home/jenkins'],
}
file { '/home/jenkins/.m2':
ensure => directory,
owner => 'jenkins',
group => 'jenkins',
mode => '0755',
require => File['/home/jenkins'],
}
file { '/home/jenkins/.m2/settings.xml':
ensure => present,
owner => 'jenkins',
group => 'jenkins',
mode => '0644',
require => File['/home/jenkins/.m2'],
source => 'puppet:///modules/jenkins/settings.xml',
}
}
View Git Blame Copy Permalink