karlmdavis.jenkins2

Panoramica Versioni Approfondimenti

Ansible Role for Jenkins 2+

This Ansible role helps you to install and manage Jenkins 2.

Requirements

You need Ansible version 2.4 or later.
The system you are managing must have either Ansible pipelining or the setfacl command available.

Currently, this role works on Ubuntu 14.04 and Ubuntu 16.04. Contributions for other platforms are welcome!

Role Variables

Here are the variables you can use with their default values:

jenkins_release_line: 'weekly'
- 'long_term_support' will install LTS releases.
- 'weekly' will install weekly releases.
jenkins_release_update: true
- If set to true, it will upgrade Jenkins to the latest version during the role run.
jenkins_home: /var/lib/jenkins
- This is where Jenkins data will be stored.
jenkins_port: 8080
- The port for Jenkins to run on (HTTP).
jenkins_context_path: ''
- The path where Jenkins will be hosted. Use '' for the root.
jenkins_url_external: ''
- The URL users will use to access Jenkins. If left empty, Jenkins will try to auto-discover it.
jenkins_admin_username and jenkins_admin_password: (undefined)
- Use these to set admin credentials. If defined, both must be.
jenkins_session_timeout: 30
- The minutes before sessions timeout (default is 30). Set to 0 to never timeout.
jenkins_plugins_extra: []
- Add any extra plugins you want to install on top of the recommended ones.
jenkins_plugins_timeout: 60
- Time in seconds before a plugin install/update fails.
jenkins_plugins_update: true
- If set to true, plugins will be updated.
jenkins_java_args_extra: ''
- Extra options for Java used by Jenkins.
jenkins_http_proxy_*: (all undefined)
- Set proxy server settings for Jenkins HTTP requests.

Dependencies

Ensure that a Java JRE is available on the system path. This role does not depend on other Ansible roles.

Example Playbook

To install the role, run:

$ ansible-galaxy install karlmdavis.jenkins2

To apply the role, use:

- hosts: some_box
  tasks:
    - import_role:
        name: karlmdavis.ansible-jenkins2
      vars:
        jenkins_plugins_extra:
          - github-oauth

Running Groovy Scripts to Configure Jenkins

After Jenkins installation, you can run Groovy scripts via Ansible for customization.

Here's an example to set up local Jenkins accounts:

- hosts: some_box
  tasks:

    - import_role:
        name: karlmdavis.ansible-jenkins2
      vars:
        jenkins_admin_username: test
        jenkins_admin_password: supersecret

    - meta: flush_handlers

    - name: Configure Security
      jenkins_script:
        url: "{{ jenkins_url_local }}"
        user: "{{ jenkins_dynamic_admin_username | default(omit) }}"
        password: "{{ jenkins_dynamic_admin_password | default(omit) }}"
        script: |
          // Basic imports
          import jenkins.*;
          import jenkins.model.*;
          import hudson.*;
          import hudson.model.*;

          // Set up security realm
          def securityRealm = new hudson.security.HudsonPrivateSecurityRealm(false)
          if(!securityRealm.equals(Jenkins.instance.getSecurityRealm())) {
            Jenkins.instance.setSecurityRealm(securityRealm)
            def testUser = securityRealm.createAccount("test", "supersecret")
            testUser.addProperty(new hudson.tasks.Mailer.UserProperty("[email protected]"));
            testUser.save()
            Jenkins.instance.save()
            println "Changed authentication."
          }

          // Set up authorization strategy
          def authorizationStrategy = new hudson.security.FullControlOnceLoggedInAuthorizationStrategy()
          if(!authorizationStrategy.equals(Jenkins.instance.getAuthorizationStrategy())) {
            authorizationStrategy.setAllowAnonymousRead(false)
            Jenkins.instance.setAuthorizationStrategy(authorizationStrategy)
            Jenkins.instance.save()
            println "Changed authorization."
          }
      register: shell_jenkins_security
      changed_when: "(shell_jenkins_security | success) and 'Changed' not in shell_jenkins_security.stdout"