--- /dev/null
+---
+
+- hosts: all
+ sudo: true
+ user: ubuntu
+ vars:
+ - jenkins_user: 'jenkins-build'
+ # jenkins API credentials:
+ - api_user: 'ceph-jenkins'
+ - token: '{{ token }}'
+ - api_uri: 'https://jenkins.ceph.com'
+ - nodename: '{{ nodename }}'
+ - labels: '{{ labels }}'
+ - use_jnlp: false
+
+ tasks:
+ - name: create a {{ jenkins_user }} user
+ user: name={{ jenkins_user }} comment="Jenkins Build Slave User"
+
+ - name: create a {{ jenkins_user }} home directory
+ file:
+ path: "/home/{{ jenkins_user }}/"
+ state: directory
+ owner: "{{ jenkins_user }}"
+
+ - name: Create .ssh directory
+ file:
+ path: "/home/{{ jenkins_user }}/.ssh"
+ state: directory
+ owner: "{{ jenkins_user }}"
+
+ - name: set the authorized keys
+ authorized_key: user={{ jenkins_user }} key="{{ lookup('file', 'playbook/files/ssh/keys/jenkins_build.pub') }}"
+
+ - name: ensure {{ jenkins_user }} can sudo without a prompt
+ sudo: yes
+ lineinfile:
+ dest: /etc/sudoers
+ regexp: '^{{ jenkins_user }} ALL'
+ line: '{{ jenkins_user }} ALL=(ALL:ALL) NOPASSWD:ALL'
+ validate: 'visudo -cf %s'
+
+ - name: set utf-8 for LC_ALL
+ lineinfile:
+ dest: "/home/{{ jenkins_user }}/.bashrc"
+ regexp: '^export LC_ALL='
+ line: "export LC_ALL=en_US.UTF-8"
+ create: true
+ state: present
+
+ - name: set utf-8 for LANG
+ lineinfile:
+ dest: "/home/{{ jenkins_user }}/.bashrc"
+ regexp: '^export LANG='
+ line: "export LANG=en_US.UTF-8"
+
+ - name: set utf-8 for LANGUAGE
+ lineinfile:
+ dest: "/home/{{ jenkins_user }}/.bashrc"
+ regexp: '^export LANGUAGE='
+ line: "export LANGUAGE=en_US.UTF-8"
+
+ - name: ensure the build dir exists
+ file: path=/home/{{ jenkins_user }}/build state=directory owner={{ jenkins_user }}
+
+ - name: ensure the home dir has the right owner permissions
+ file: path=/home/{{ jenkins_user }} state=directory owner={{ jenkins_user }} group={{ jenkins_user }} recurse=yes
+
+ - name: Install RPM requirements
+ sudo: yes
+ yum: name={{ item }} state=present
+ with_items:
+ - createrepo
+ - epel-release
+ - java-1.7.0-openjdk
+ - git
+ - python-pip
+ - python-virtualenv
+ - libtool
+ #- rpm-sign
+ - autoconf
+ - redhat-lsb-core
+ - automake
+ - cmake
+ - binutils
+ - bison
+ - flex
+ - gcc
+ - gcc-c++
+ - gettext
+ - libtool
+ - make
+ - patch
+ - pkgconfig
+ - redhat-rpm-config
+ - rpm-build
+ - rpmdevtools
+ - openssl-devel
+ - libffi-devel
+ when: ansible_pkg_mgr == "yum"
+
+ # Run the equivalent of "apt-get update" as a separate step
+ - apt: update_cache=yes
+ when: ansible_pkg_mgr == "apt"
+
+ - name: Install DEB requirements
+ sudo: yes
+ apt: name={{ item }} state=present
+ with_items:
+ - git
+ - fakeroot
+ - fakeroot-ng
+ - debhelper
+ - reprepro
+ - dchroot
+ - devscripts
+ - pbuilder
+ - pkg-config
+ - python-dev
+ - python-pip
+ - python-virtualenv
+ - libtool
+ - autotools-dev
+ - automake
+ - libssl-dev
+ - libffi-dev
+ - debian-archive-keyring
+ # jenkins-job-builder job:
+ - libyaml-dev
+ # ceph-docs job:
+ - doxygen
+ - ditaa
+ - ant
+ when: ansible_pkg_mgr == "apt"
+
+ - name: Add the Debian Jessie Key
+ sudo: yes
+ when: ansible_pkg_mgr == "apt"
+ apt_key: id=2B90D010 url=https://ftp-master.debian.org/keys/archive-key-8.asc keyring=/etc/apt/trusted.gpg state=present
+
+ - name: Add the Debian Security Jessie Key
+ sudo: yes
+ when: ansible_pkg_mgr == "apt"
+ apt_key: id=C857C906 url=https://ftp-master.debian.org/keys/archive-key-8-security.asc keyring=/etc/apt/trusted.gpg state=present
+
+ - name: Add the Debian Jessie Stable Key
+ sudo: yes
+ when: ansible_pkg_mgr == "apt"
+ apt_key: keyserver=pgp.mit.edu id=518E17E1
+
+ - name: Install openjdk-7-jre
+ apt: name=openjdk-7-jre state=present
+ when:
+ ansible_distribution_release in ['precise', 'trusty', 'wheezy', 'jessie']
+
+ - name: Install default openjdk for Xenial only
+ apt: name={{ item }} state=present
+ with_items:
+ - default-jdk
+ - default-jre
+ when:
+ ansible_distribution_release == 'xenial'
+
+ - name: correct java version selected
+ alternatives: name=java path=/usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java
+ when:
+ (ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'precise') or
+ (ansible_distribution == 'Debian' and ansible_distribution_release == 'wheezy')
+
+ - name: ensure the rpmmacros file exists to fix centos builds
+ file: path="/home/{{ jenkins_user }}/.rpmmacros" owner="{{ jenkins_user }}" state=touch
+
+ - name: write the rpmmacros needed in centos
+ lineinfile:
+ dest: "/home/{{ jenkins_user }}/.rpmmacros"
+ regexp: '^%dist'
+ line: '%dist .el{{ ansible_distribution_major_version }}'
+ when: ansible_pkg_mgr == "yum"
+
+ - name: ensure the gitconfig file exists
+ shell: printf "[user]\name=Ceph CI\nemail=ceph-release-team@redhat.com\n" > /home/{{ jenkins_user }}/.gitconfig
+
+ - name: ensure the gitconfig file has right permissions
+ file:
+ path: "/home/{{ jenkins_user }}/.gitconfig"
+ owner: "{{ jenkins_user }}"
+
+ - name: Set Hostname with hostname command
+ sudo: yes
+ hostname:
+ name: "ceph-builders"
+
+ - name: ensure that 127.0.1.1 is present with an actual hostname
+ sudo: true
+ lineinfile:
+ backup: yes
+ dest: /etc/hosts
+ line: '127.0.1.1 ceph-builders'
+
+ - name: update etc cloud templates for debian /etc/hosts
+ sudo: true
+ lineinfile:
+ backup: yes
+ dest: /etc/cloud/templates/hosts.debian.tmpl
+ line: '127.0.1.1 ceph-builders'
+
+ - name: update etc cloud templates for red hat /etc/hosts
+ sudo: true
+ lineinfile:
+ backup: yes
+ dest: /etc/cloud/templates/hosts.redhat.tmpl
+ line: '127.0.1.1 ceph-builders'
+ failed_when: false
+
+ - name: install six, latest one
+ sudo: true
+ pip: name=six state=latest
+
+ - name: install python-jenkins
+ sudo: true
+ # https://bugs.launchpad.net/python-jenkins/+bug/1500898
+ pip: name=python-jenkins version=0.4.7
+
+ - name: add github.com host key
+ sudo: true
+ known_hosts:
+ path: '/etc/ssh/ssh_known_hosts'
+ # we need to use 'host' here because prado currently uses ansible-playbook==1.9.1
+ host: 'github.com'
+ # github.com.pub is the output of `ssh-keyscan github.com`
+ key: "{{ lookup('file', 'playbook/files/ssh/hostkeys/github.com.pub') }}"
+
+ - name: register the new slave to jenkins master with ssh
+ jenkins_node:
+ username: "{{ api_user }}"
+ uri: "{{ api_uri }}"
+ password: "{{ token }}"
+ # relies on a convention to set a unique name that allows a reverse
+ # mapping from Jenkins back to whatever service created the current
+ # node
+ name: "{{ ansible_default_ipv4.address }}+{{ nodename }}"
+ labels: "{{ labels }}"
+ host: "{{ ansible_default_ipv4.address }}"
+ credentialsId: '39fa150b-b2a1-416e-b334-29a9a2c0b32d'
+ remoteFS: '/home/{{ jenkins_user }}/build'
+ executors: '{{ executors|default(1) }}'
+ exclusive: true
+ when: not use_jnlp
+
+ - name: register the new slave to jenkins master with jnlp
+ jenkins_node:
+ username: "{{ api_user }}"
+ uri: "{{ api_uri }}"
+ password: "{{ token }}"
+ # relies on a convention to set a unique name that allows a reverse
+ # mapping from Jenkins back to whatever service created the current
+ # node
+ name: "{{ ansible_default_ipv4.address }}+{{ nodename }}"
+ labels: "{{ labels }}"
+ host: "{{ ansible_default_ipv4.address }}"
+ credentialsId: '39fa150b-b2a1-416e-b334-29a9a2c0b32d'
+ launcher: 'hudson.slaves.JNLPLauncher'
+ remoteFS: '/home/{{ jenkins_user }}/build'
+ # XXX this should be configurable, not all nodes should have one executor
+ executors: '{{ executors|default(1) }}'
+ exclusive: true
+ when: use_jnlp
projects / ceph-build.git / commitdiff