infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions
ansible/playbooks/groups/jenkins-cloud.yml
Kevin Fenzi 531427d083 Wonder if it doesn't like the quotes here.
2015-01-24 22:24:07 +00:00

565 lines
17 KiB
YAML
Raw Blame History

- name: check/create instance for jenkins-master
hosts: jenkins-cloud # 209.132.184.153
user: root
gather_facts: False
tags:
- jenkins_master
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
tasks:
- include: "{{ tasks }}/persistent_cloud.yml"
- include: "{{ tasks }}/growroot_cloud.yml"
- name: provision master
hosts: 209.132.184.153
user: root
gather_facts: True
tags:
- jenkins_master
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
vars:
- resolvconf: resolv.conf/jenkins-cloud
roles:
- base
tasks:
- include: "{{ tasks }}/cloud_setup_basic.yml"
- name: make the jenkins path
action: file state=directory path=/var/lib/jenkins
- name: mount our persistent space
action: mount name=/var/lib/jenkins src='LABEL=jenkins' fstype=ext4 state=mounted
- name: install pkgs for jenkins
action: yum state=present pkg={{ item }}
with_items:
- vim
- dejavu-s\*
- fontconfig
- httpd
- openssh-clients
- git
- nrpe
tags:
- packages
- name: install java-1.8.0 except on rhel7 for jenkins
action: yum state=present pkg={{ item }}
with_items:
- java-1.8.0-openjdk
tags:
- packages
when: ansible_distribution_major_version != '7'
- name: add jenkins proxy config file for apache
action: copy src="{{ files }}/jenkins/master/jenkins-apache.conf"
dest=/etc/httpd/conf.d/jenkins-apache.conf
owner=root group=root mode=0644
notify:
- restart httpd
tags:
- config
- name: enable apache
action: service name=httpd state=running enabled=true
- name: add jenkins upstream repo
action: copy src="{{ files }}/jenkins/master/jenkins.repo"
dest=/etc/yum.repos.d/jenkins.repo
owner=root group=root
tags:
- config
- name: import jenkins upstream gpg key
action: copy src="{{ files }}/jenkins/master/jenkins-ci.org.key"
dest=/etc/pki/rpm-gpg/RPM-GPG-KEY-jenkins-ci.org
owner=root group=root
tags:
- config
- name: install pkgs for jenkins
action: yum state=present pkg={{ item }}
with_items:
- jenkins
tags:
- packages
- name: set the hostname to jenkins-osversion
action: command hostname jenkins-master-{{ dist_tag }}
tags:
- config
- name: make sure jenkins is stopped
action: service name=jenkins state=stopped
- name: clean any previous plugin deployments
action: file state=absent path=/var/lib/jenkins/plugins
- name: mkdir dir for jenkins data
action: file state=directory path=/var/lib/jenkins/plugins/ owner=jenkins group=jenkins
# - name: Download jenkins plugins
# get_url: url=https://updates.jenkins-ci.org/download/plugins/{{ item.name }}/{{ item.version }}/{{ item.name }}.hpi
# dest=/var/lib/jenkins/plugins/{{ item.name }}.hpi
# sha256sum={{ item.sha }}
# with_items:
# - name: bazaar
# version: '1.22'
# sha: d7ff0987c96e2a694257ecf897ceee376908c5f94abfd1d5efc32482e4d54141
# - name: chucknorris
# version: '0.5'
# sha: bd9df0507008255ad2ed046368d10a4d039a6cbcfefb53c71c1768cc0dcbf65b
# - name: cobertura
# version: '1.9.5'
# sha: a76bc1524efc5ba05672638001c0e951edd2a853d222efcfb035e02169e4252a
# - name: cvs
# version: '2.12'
# sha: 6e6dfd35e8501bf5f84a9d43d210db61165ce51a606327fc81f2efc5208478ba
# - name: external-monitor-job
# version: '1.2'
# sha: 8dd2644271d0138839490342833e9ff7f82772038f673f5ac6220193c587747d
# - name: git
# version: '2.2.5'
# sha: 92c51f33fbcbe858d05b40083d3c628f03b6ba5218626ee22db9a367947b7670
# - name: git-client
# version: '1.10.1'
# sha: 19de6979a1360bc022bba9e061c4f946e51f252912234453d7f70af62d089e65
# - name: instant-messaging
# version: '1.29'
# sha: b8fc1bff0c6f899f60d2d02b4ed321baf045fc0e5d4e0c3676d99197f94a8e5c
# - name: ldap
# version: '1.8'
# sha: 491905ec3675b6a5acf2098722c121732801fd6210e6ff54bc99d213b5b8ee58
# - name: matrix-auth
# version: '1.2'
# sha: a773c2fd6b2d70b2ff1c0466308290326d97f05b6fa72a217922997750aef39a
# - name: maven-plugin
# version: '2.6'
# sha: 3a3a1e1d7e3416ea85ec09f953f5b8e37d943ca55b8e4224bbcfd702bed72fa5
# - name: mercurial
# version: '1.50'
# sha: 934a6bd38e2109b97c915d80fdb6abc74a8ef4aff882b94ef0b1a274919ea407
# - name: openid
# version: '1.8'
# sha: fed09c7da7762323cf55c3b725493622a4a2460eab8622230497e35914ac9d7e
# - name: python
# version: '1.2'
# sha: e3358a945f21b84a8156237b0d621815a7822322e1180ae1e66d10798aaf1f56
# - name: scm-api
# version: '0.2'
# sha: cc856d8dc8b951cf9a195baa2bf7bbff0d12368534a6b973e43e2909141eff3f
# - name: ssh-agent
# version: '1.4.1'
# sha: ae8227bf219e96a4d76f36dc6d6e652ddd0209e8d9c4cf4483a07858d707ce6e
# - name: subversion
# version: '2.2'
# sha: 221ed61c8e4ef959bb316ea93d188e19c8f980edac0f1e45a6cd8d7e13808b51
# - name: translation
# version: '1.11'
# sha: 4d88b8d74ade119cef76827bd385693447fa68fa18fd1bfc8806aff9d931f00e
# - name: violations
# version: '0.7.11'
# sha: f8eacb53eb01f83f3702009a41cef89e520a72933671ac1ee9154d88bde2d67a
# - name: xunit
# version: '1.90'
# sha: 2beade6d7769db9d52ff147c7a491cd1e7c53b01c07b9eeb44daa27ee75b25ca
# - name: multiple-scms
# version: '0.3'
# sha: e79d7e855ffe0ad060d11ae1ce0b39f68e7fa031c6e831f60fe33e5ddb3392ac
# - name: credentials
# version: '1.16.1'
# sha: ae7e8ab317c03355390135d5eec683db7dceb5d513717d9fab624238a5ffe2bf
# - name: mailer
# version: '1.11'
# sha: 9217be3008f323ac0535d4fb34118ed2681d6170d2d7de2f38b99ba331c4a256
# - name: javadoc
# version: '1.2'
# sha: 4bde54b288b24d5deaa7f809df78373d3b37d683d4693ab42278f019252c86b9
# notify:
# - restart jenkins
# tags:
# - config
#
# - name: Download additional jenkins plugins (from the maven repo)
# get_url: url=http://maven.jenkins-ci.org/content/repositories/releases/org/jvnet/hudson/plugins/{{ item.name }}/{{ item.version }}/{{ item.name }}-{{ item.version }}.hpi
# dest=/var/lib/jenkins/plugins/{{ item.name }}.hpi
# sha256sum={{ item.sha }}
# with_items:
# - name: warnings
# version: '4.39'
# sha: 7652b7ed8971de932f46323aa8e0ddee2bcf4f14839296481ae79590e09f7606
# notify:
# - restart jenkins
# tags:
# - config
- name: Install custom jenkins plugins (from ansible bigfiles)
action: copy src="{{ bigfiles }}/jenkins/{{ item }}.hpi" dest=/var/lib/jenkins/plugins/{{ item }}.hpi
with_items:
- fedmsg
- bazaar
- chucknorris
- cobertura
- cvs
- external-monitor-job
- git
- git-client
- instant-messaging
- ldap
- matrix-auth
- maven-plugin
- mercurial
- openid
- python
- scm-api
- ssh-agent
- subversion
- translation
- violations
- xunit
- multiple-scms
- credentials
- mailer
- javadoc
- warnings
- ghprb
notify:
- restart jenkins
tags:
- config
- name: import jenkins configuration files
action: copy src={{ item }} owner=jenkins group=jenkins dest=/var/lib/jenkins/ backup=yes
with_fileglob:
- "{{ files }}/jenkins/master/*.xml"
tags:
- config
- name: Give the user jenkins the ownership of the /var/lib/jenkins
file: path=/var/lib/jenkins/
owner=jenkins group=jenkins recurse=yes
- name: add jenkins ssh priv key so it can connect to clients
action: copy src="{{ private }}/files/jenkins/ssh/jenkins_master" dest=/var/tmp/jenkins_master_id_rsa mode=600 owner=jenkins group=jenkins
tags:
- config
- name: add jenkins credentials it can connect to clients
action: copy src="{{ private }}/files/jenkins/ssh/credentials.xml" dest=/var/lib/jenkins/
tags:
- config
- name: start jenkins itself
action: service name=jenkins state=running
- name: wait for a dir to exist - this is just ugly
shell: while `true`; do [ -d /var/lib/jenkins/plugins/openid/WEB-INF/lib/ ] && break; sleep 5; done
async: 1800
poll: 20
- name: jenkins hotfix big file
copy: src={{ item }} dest=/var/lib/jenkins/plugins/openid/WEB-INF/lib/ group=jenkins mode=655
with_fileglob:
- "{{ bigfiles }}/hotfixes/jenkins/openid/*.jar"
notify:
- restart jenkins
handlers:
- include: "{{ handlers }}/restart_services.yml"
- name: setup fedmsg for the master (after jenkins has been installed)
hosts: 209.132.184.153
user: root
gather_facts: True
tags:
- jenkins_master
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
roles:
- role: fedmsg/base
fedmsg_fqdn: jenkins.cloud.fedoraproject.org
handlers:
- include: "{{ handlers }}/restart_services.yml"
###################################################
# jenkins slaves
- name: check/create instance for jenkins-slaves
hosts: jenkins-slaves
user: root
gather_facts: False
tags:
- jenkins_workers
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
vars:
- keypair: fedora-admin-20130801
- security_group: default
tasks:
- include: "{{ tasks }}/persistent_cloud.yml"
- include: "{{ tasks }}/growroot_cloud.yml"
- name: provision workers
hosts: jenkins-slaves
user: root
gather_facts: True
tags:
- jenkins_workers
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
tasks:
- include: "{{ tasks }}/cloud_setup_basic.yml"
- name: add jenkins repos
action: copy src={{ item }} dest=/etc/yum.repos.d/ owner=root group=root
with_fileglob:
- "{{ files }}/jenkins/slaves/*.repo"
tags:
- config
- packages
- name: install pkgs for jenkins
action: yum state=present pkg={{ item }}
with_items:
- vim
- subversion
- bzr
- git
- rpmlint
- rpmdevtools
- mercurial
- mock
- gcc
- gcc-c++
- libjpeg-turbo-devel
- python-bugzilla
- python-pip
- python-virtualenv
- python-coverage
- pylint
- python-argparse
- python-nose
- python-BeautifulSoup
- python-fedora
- python-unittest2
- python-pep8
- python-psycopg2
- postgresql-devel # Required to install python-psycopg2 w/in a venv
- docbook-style-xsl # Required by gimp-help-2
- make # Required by gimp-help-2
- automake # Required by gimp-help-2
- libcurl-devel # Required by blockerbugs
- python-formencode # Required by javapackages-tools
- asciidoc # Required by javapackages-tools
- xmlto # Required by javapackages-tools
- pycairo-devel # Required by dogtail
- packagedb-cli # Required by FedoraReview
- xorg-x11-server-Xvfb # Required by fedora-rube
- libffi-devel # Required by bodhi/cffi/cryptography
- openssl-devel # Required by bodhi/cffi/cryptography
tags:
- packages
- name: install packages not (yet) available on el7 builder
action: yum state=present pkg={{ item }}
with_items:
- java-1.8.0-openjdk
- java-1.8.0-openjdk-devel
- python-straight-plugin
- pyflakes # Requested by user rholy (ticket #4175)
- dia # Required by javapackages-tools ticket #4279
when: ansible_distribution_version != "7.0"
tags:
- packages
- name: install pkgs for jenkins for fedora systems > F19
action: yum state=present pkg={{ item }}
when: is_fedora is defined and ansible_distribution_major_version > 20
with_items:
- sbt-extras
- name: install pkgs for jenkins for fedora systems
action: yum state=present pkg={{ item }}
when: is_fedora is defined
with_items:
- python3
- python-nose-cover3
- python3-nose-cover3
- glibc.i686
- glibc-devel.i686
- libstdc++.i686
- zlib-devel.i686
- ncurses-devel.i686
- libX11-devel.i686
- libXrender.i686
- libXrandr.i686
- nspr-devel ## Requested by 389-ds-base
- nss-devel
- svrcore-devel
- openldap-devel
- libdb-devel
- cyrus-sasl-devel
- icu
- libicu-devel
- gcc-c++
- net-snmp-devel
- lm_sensors-devel
- bzip2-devel
- zlib-devel
- openssl-devel
- tcp_wrappers
- pam-devel
- systemd-units
- policycoreutils-python
- openldap-clients
- perl-Mozilla-LDAP
- nss-tools
- cyrus-sasl-gssapi
- cyrus-sasl-md5
- libdb-utils
- systemd-units
- perl-Socket
- perl-NetAddr-IP
- pcre-devel ## End of request list for 389-ds-base
- maven # Required by xmvn https://fedorahosted.org/fedora-infrastructure/ticket/4054
- gtk3-devel # Required by dogtail
- glib2-devel # Required by Cockpit
- libgudev1-devel
- json-glib-devel
- gobject-introspection-devel
- libudisks2-devel
- NetworkManager-glib-devel
- systemd-devel
- accountsservice-devel
- pam-devel
- autoconf
- libtool
- intltool
- jsl
- python-scss
- gtk-doc
- krb5-devel
- sshpass
- perl-Locale-PO
- perl-JSON
- glib-networking
- realmd
- udisks2
- mdadm
- lvm2
- sshpass # End requires for Cockpit
- tito # Requested by msrb for javapackages-tools and xmvn (ticket#4113)
- pyflakes # Requested by user rholy (ticket #4175)
- devscripts-minimal # Required by FedoraReview
- firefox # Required for rube
- python-devel # Required for mpi4py
- python3-devel # Required for mpi4py
- pwgen # Required for mpi4py
- openmpi-devel # Required for mpi4py
- mpich2-devel # Required for mpi4py
- python-openid # Required by Ipsilon
- python-openid-teams # Required by Ipsilon
- python-openid-cla # Required by Ipsilon
- python-cherrypy # Required by Ipsilon
- m2crypto # Required by Ipsilon
- lasso-python # Required by Ipsilon
- python-sqlalchemy # Required by Ipsilon
- python-ldap # Required by Ipsilon
- python-pam # Required by Ipsilon
- freeipa-python # Required by Ipsilon
- httpd # Required by Ipsilon
- mod_auth_mellon # Required by Ipsilon
- postgresql-server # Required by Ipsilon
- mod_wsgi # Required by Ipsilon
- python-jinja2 # Required by Ipsilon
tags:
- packages
- name: drop current android SDK
when: is_fedora is defined
action: file state=absent path=/var/android
- name: mkdir dir for android SDK
when: is_fedora is defined
action: file state=directory path=/var/android owner=jenkins_slave group=jenkins_slave
- name: copy android SDK
when: is_fedora is defined
action: copy src="{{ bigfiles }}/jenkins/android-sdk-with-platform-17.tar.gz" dest=/var/android/ owner=jenkins_slave group=jenkins_slave
- name: extract android SDK
when: is_fedora is defined
command: tar -xvf /var/android/android-sdk-with-platform-17.tar.gz --owner=jenkins_slave --group=jenkins_slave -C /var/android/
- name: make /var/android belong to jenkins_slave
when: is_fedora is defined
action: file path=/var/android state=directory recurse=true owner=jenkins_slave group=jenkins_slave
- name: delete sdk archive
when: is_fedora is defined
action: file state=absent path=/var/android/android-sdk-with-platform-17.tar.gz
- name: Install newer android build-tools
when: is_fedora is defined
shell: echo y | /var/android/tools/android update sdk -u -a -t build-tools-19.1.0
- name: set the hostname to jenkins-osversion
action: command hostname jenkins-{{ dist_tag }}
tags:
- config
- name: setup jenkins_slave user
action: user name=jenkins_slave state=present createhome=yes system=no
tags:
- jenkinsuser
- name: setup jenkins_slave ssh key
action: authorized_key user=jenkins_slave key="{{ item }}"
with_file:
- "{{ private }}/files/jenkins/ssh/jenkins_master.pub"
- name: jenkins_slave to mock group
action: user name=jenkins_slave groups=mock
- name: add .gitconfig for jenkins_slave user
action: copy src="{{ files }}/jenkins/gitconfig" dest=/home/jenkins_slave/.gitconfig owner=jenkins_slave group=jenkins_slave mode=664
tags:
- config
- name: template sshd_config
copy: src="{{ item }}" dest=/etc/ssh/sshd_config mode=0600 owner=root group=root
with_first_found:
- "{{ files }}/jenkins/sshd_config_slave.{{ ansible_distribution }}"
- "{{ files }}/jenkins/sshd_config_slave"
notify:
- restart sshd
tags:
- config
- name: mkdir dir for jenkins data
action: file state=directory path=/mnt/jenkins owner=jenkins_slave group=jenkins_slave
handlers:
- include: "{{ handlers }}/restart_services.yml"
View git blame Copy permalink