Skip to content

This cookbook installs a complete Jenkins server with plugins and is highly configurable with attributes in this cookbook. It configures settings, plugins, security and slaves. It also installs (can be disabled) the Jenkins plugins, php-template job and required PHP tools as described on http://jenkins-php.org.

License

Notifications You must be signed in to change notification settings

pietervogelaar/chef-cookbook-jenkins-server

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

70 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

jenkins-server

Cookbook Version Code Climate

This cookbook installs a complete Jenkins server with plugins and is highly configurable with attributes in this cookbook. It configures settings, plugins, security, slaves and depends on the Jenkins cookbook that is used as foundation. It also installs (can be disabled) the Jenkins plugins, php-template job and required PHP tools as described on jenkins-php.org.

Supported Platforms

  • CentOS >= 6.6
  • RHEL >= 6.6
  • Ubuntu >= 12.04
  • Debian >= 7.0

These platforms are officially supported, but it will probably also work on other platforms.

Attributes

General

  • default['jenkins-server']['admin']['username'] - Sets the username for the administrator user. Default "admin"
  • default['jenkins-server']['admin']['password'] - Sets the password for the administrator user. Default "admin". Only used if the security strategy is "generate"
  • default['jenkins-server']['security']['strategy'] - Sets the security strategy. "generate" (default) or "chef-vault"
  • default['jenkins-server']['security']['chef-vault']['data_bag'] - Name of the data bag for jenkins users
  • default['jenkins-server']['security']['chef-vault']['data_bag_item'] - ID of the data bag to use as administrator user. This data bag must contain a password, private_key and public_key property
  • default['jenkins-server']['security']['notifies']['resource'] - Sets the resource that must be executed after admin user creation. By default "jenkins_script[configure permissions]", but use "jenkins_script[configure crowd permissions]" for Jenkins authentication with a JIRA account.

Nginx

  • default['jenkins-server']['nginx']['install'] - Default true. Jenkins is proxied behind Nginx. If you want to disable this, set this attribute to false and default['jenkins']['master']['listen_address'] to 0.0.0.0. Jenkins will then be reachable on port 8080.
  • default['jenkins-server']['nginx']['server_name'] - Server name / hostname. Default "jenkins-server001.local"
  • default['jenkins-server']['nginx']['server_default'] - If the Jenkins server block must be the default/catch all. Default true
  • default['jenkins-server']['nginx']['template_cookbook'] - The cookbook for the Nginx server template. Default "jenkins-server"
  • default['jenkins-server']['nginx']['template_source'] - The source for the Nginx server template. Default "nginx/jenkins.conf.erb"
  • default['jenkins-server']['nginx']['ssl'] - If a SSL connection must be used and forced. Default false
  • default['jenkins-server']['nginx']['ssl_cert_path'] - Path to the SSL certificate. Default nil
  • default['jenkins-server']['nginx']['ssl_key_path'] - Path to the SSL private key. Default nil

Packages

  • default['jenkins-server']['java']['install'] - Installs Java with the Java cookbook
  • default['jenkins-server']['ant']['install'] - Installs Ant with the Ant cookbook
  • default['jenkins-server']['git']['install'] - Installs Git with the Git cookbook
  • default['jenkins-server']['composer']['install'] - Installs Composer with the Composer cookbook. If true, the composer_vendors recipe will install the required Jenkins-php.org vendors "squizlabs/php_codesniffer", "phploc/phploc", "pdepend/pdepend", "phpmd/phpmd", "sebastian/phpcpd" and "theseer/phpdox"
  • default['jenkins-server']['composer']['template_cookbook'] - Template cookbook for composer.json. Default "jenkins-server"
  • default['jenkins-server']['composer']['template_source'] - Template source for composer.json. Default "composer/composer.json.erb"

Settings

  • default['jenkins-server']['settings']['executors'] - Number of executors. Default the number of cores with a minimum of 2
  • default['jenkins-server']['settings']['slave_agent_port'] - Port number, or 0 to indicate random available TCP port (default) or -1 to disable this service
  • default['jenkins-server']['settings']['system_email'] - System email address
  • default['jenkins-server']['settings']['mailer']['smtp_host'] - Mailer SMTP host. Default "localhost"
  • default['jenkins-server']['settings']['mailer']['username'] - Mailer username. Default "mailer"
  • default['jenkins-server']['settings']['mailer']['password'] - Mailer password. Default "mailer"
  • default['jenkins-server']['settings']['mailer']['use_ssl'] - If the mailer must use SSL. Default true
  • default['jenkins-server']['settings']['mailer']['smtp_port'] - SMTP port. Default "25"
  • default['jenkins-server']['settings']['mailer']['reply_to_address'] - Reply to address. Default node['jenkins-server']['settings']['system_email']
  • default['jenkins-server']['settings']['mailer']['charset'] - Mail charset. Default "UTF-8"

Node monitors

Preventive node monitoring, configures the page http://your-jenkins-host/computer/configure.

  • default['jenkins-server']['node_monitors']['architecture_monitor']['ignored'] - This monitor just shows the architecture of the slave for your information. It never marks the slave offline. Default false
  • default['jenkins-server']['node_monitors']['clock_monitor']['ignored'] - This monitors the clock difference between the master and nodes. Default false
  • default['jenkins-server']['node_monitors']['disk_space_monitor']['ignored'] - This monitors the available disk space of $JENKINS_HOME on each slave, and if it gets below a threshold, the slave will be marked offline. Default false
  • default['jenkins-server']['node_monitors']['disk_space_monitor']['free_space_threshold'] - If a slave is found to have less free disk space than this amount, it will be marked offline. Default "1GB"
  • default['jenkins-server']['node_monitors']['swap_space_monitor']['ignored'] - This monitors the available virtual memory space of the computer (commonly known as "swap space"), and if it goes below a threshold, the slave is marked offline. Default false
  • default['jenkins-server']['node_monitors']['temporary_space_monitor']['ignored'] - This monitors the available disk space of the temporary directory, and if it gets below a certain threshold the node will be made offline. Default false
  • default['jenkins-server']['node_monitors']['temporary_space_monitor']['free_space_threshold'] - If a slave is found to have less free disk space than this amount, it will be marked offline. Default "1GB"
  • default['jenkins-server']['node_monitors']['response_time_monitor']['ignored'] - This monitors the round trip network response time from the master to the slave, and if it goes above a threshold repeatedly, it marks the slave offline. Default false

Plugins

These plugins are configured by default. See the attributes/default.rb for more details. Read for how to add a plugin the section "Adding plugins" further on.

  • General: greenballs, locale, antisamy-markup-formatter, gravatar, ws-cleanup, ansicolor, build-monitor-plugin, git and ant
  • Version control: bitbucket, bitbucket-pullrequest-builder
  • Jenkins-php.org: checkstyle, cloverphp, crap4j, dry, htmlpublisher, jdepend, plot, pmd, violations, warnings and xunit

Jobs

Jenkins jobs can be specified with attributes like:

default['jenkins-server']['jobs']['myjob'] = {
  'cookbook' => 'mycookbook',
  'source' => 'jobs/myjob.xml.erb'
}

By default the "php-template" job is installed from Jenkins-php.org.

Views

Jenkins views can be specified with attributes like:

default['jenkins-server']['views']['myview'] = {
  'class' => 'com.smartcodeltd.jenkinsci.plugins.buildmonitor.BuildMonitorView', # A ListView is default if no class is defined  
  'include_regex' => '.*',
  'description' => 'My view'
}
  • default['jenkins-server']['views'] - A hash that contains views
  • default['jenkins-server']['purge_views'] - If views must be purged. Default true

Slaves

  • default['jenkins-server']['slaves']['enable'] - If slaves must be enabled. Default false
  • default['jenkins-server']['slaves']['credential']['username'] - The Jenkins master will login as this user on slaves. Default "deployer"
  • default['jenkins-server']['slaves']['credential']['description'] - Description. Default "Deployer"
  • default['jenkins-server']['slaves']['search_key'] - Attribute that contains slave settings on a slave node. Default "jenkins-server-slave"
  • default['jenkins-server']['slaves']['search_query'] - The search query for finding slaves. Default jenkins-server-slave:* AND chef_environment:#{node.chef_environment} AND NOT fqdn:#{node['fqdn']}

Include or copy the jenkins_slave recipe to a cookbook that is in the run list of each server that you want to be a Jenkins slave.

Dev mode

If you are developing/testing your (wrapper) cookbook locally, chef-vault communication will be very difficult. If you set an attribute default['dev_mode'] to true then these attributes will be used to setup Jenkins security.

  • default['jenkins-server']['dev_mode']['security']['password'] - This password is used for the GUI login. Default "admin"
  • default['jenkins-server']['dev_mode']['security']['public_key'] - This public key (paired with the private key) is used for Jenkins CLI authentication
  • default['jenkins-server']['dev_mode']['security']['private_key'] - This private key (paired with the public key) is used for Jenkins CLI authentication

Jenkins

Some attributes that overwrite the Jenkins cookbook attributes:

  • default['jenkins']['master']['version'] - Jenkins version. Default 1.642-1.1
  • default['jenkins']['master']['jvm_options'] - JVM options. Default "-Xms256m -Xmx256m" which sets the memory usage to 256 MB
  • default['jenkins']['master']['listen_address'] - Listen address. Default "127.0.0.1". So the Jenkins application is only reachable from localhost or through Nginx.

Java

Some attributes that overwrite the Java cookbook attributes:

  • default['java']['jdk_version'] - Version. Default 7

Adding plugins

You can add plugins to the default['jenkins-server']['plugins'] array.

Add a Jenkins plugin "myplugin" like below. You can specify a version. If you want to configure it, set configure to true and specify a cookbook and recipe. Use the jenkins_script resource to configure your plugin with a groovy script. Take a look at the plugin recipes in this cookbook for examples.

default['jenkins-server']['plugins']['myplugin'] = {
  'version' => '1.0',
  'configure' => true,
  'cookbook' => 'mycookbook',
  'recipe' => 'myrecipe_plugin_example'
}

Plugins can be configured with groovy scripts. Test them at your Jenkins instance: http://<host>:8080/script

With the doInspector method from javaworld.com you can figure out the properties and methods of your plugin. The Jenkins core API documentation can be found at http://javadoc.jenkins-ci.org.

def doInspector(obj) {
  def inspector = new groovy.inspect.Inspector(obj)
  def inspectorReport = new StringBuilder()
  inspectorReport << "Object under inspection "
  inspectorReport << (inspector.isGroovy() ? "IS" : "is NOT") << " Groovy!\n"
  inspectorReport << "METHODS\n"
  def methods = inspector.methods
  methods.each {
    inspectorReport << "\t" << it.toString() << "\n"
  }
  inspectorReport << "\nMETA METHODS\n"
  def metaMethods = inspector.metaMethods
  metaMethods.each {
    inspectorReport << "\t" << it.toString() << "\n"
  }
  inspectorReport << "\nPROPERTY INFO\n"
  def properties = inspector.propertyInfo
  properties.each {
    inspectorReport << "\t" << it.toString() << "\n"
  }
  println inspectorReport
}

Usage

jenkins-server::default

Include jenkins-server in your node's run_list:

json
{
  "run_list": [
    "recipe[jenkins-server::default]"
  ]
}

The default recipe includes the following recipies:

if node['jenkins-server']['java']['install']
  include_recipe 'java'
end

if node['jenkins-server']['ant']['install']
  include_recipe 'ant'
end

if node['jenkins-server']['git']['install']
  include_recipe 'git'
end

if node['jenkins-server']['nginx']['install']
  include_recipe 'jenkins-server::nginx'
end

include_recipe 'jenkins-server::master'
include_recipe 'jenkins-server::settings'
include_recipe 'jenkins-server::plugins'
include_recipe 'jenkins-server::security'
include_recipe 'jenkins-server::views'
include_recipe 'jenkins-server::jobs'
include_recipe 'jenkins-server::composer'

if node['jenkins-server']['slaves']['enable']
  include_recipe 'jenkins-server::slaves_credentials'
  include_recipe 'jenkins-server::slaves'
end

jenkins-server::ssh_identity

If SSH connections are made to other servers during a job, then Jenkins uses by default the private key in #{default['jenkins']['master']['home']}/.ssh/id_rsa. A private/public key pair can be generated with this recipe.

License

The MIT License (MIT)

Authors

Author:: Pieter Vogelaar (pieter@pietervogelaar.nl) - Freelancer

About

This cookbook installs a complete Jenkins server with plugins and is highly configurable with attributes in this cookbook. It configures settings, plugins, security and slaves. It also installs (can be disabled) the Jenkins plugins, php-template job and required PHP tools as described on http://jenkins-php.org.

Resources

License

Stars

Watchers

Forks

Packages

No packages published