--- /dev/null
+---
+
+- hosts: all
+ sudo: true
+ user: ubuntu
+ vars:
+ - jenkins_user: 'jenkins-build'
+ # jenkins API credentials:
+ - api_user: 'ceph-jenkins'
+ - token: '{{ token }}'
+ - api_uri: 'https://jenkins.ceph.com'
+ - nodename: '{{ nodename }}'
+ - labels: '{{ labels }}'
+ - use_jnlp: false
+
+ tasks:
+
+ # vagrant doesn't have repositories, this chacra repo will be better to have
+ # around and can get updates as soon as a new vagrant version is published via
+ # chacractl
+ - name: add the vagrant repository
+ sudo: yes
+ apt_repository:
+ repo: "deb [trusted=yes] https://chacra.ceph.com/r/vagrant/latest/HEAD/ubuntu/xenial/flavors/default/ main"
+ state: present
+ filename: "vagrant"
+
+ # Run the equivalent of "apt-get update" as a separate step
+ - apt: update_cache=yes
+ when: ansible_pkg_mgr == "apt"
+
+ - name: Install DEB requirements
+ sudo: yes
+ apt: name={{ item }} state=present
+ with_items:
+ - git
+ - python-dev
+ - python-pip
+ - python-virtualenv
+ - libtool
+ - debian-archive-keyring
+ # jenkins-job-builder job:
+ - libyaml-dev
+ - libvirt
+ - qemu-kvm
+ - libvirt-bin
+ - vagrant
+ when: ansible_pkg_mgr == "apt"
+
+ - name: create a {{ jenkins_user }} user
+ user:
+ name: "{{ jenkins_user }}"
+ groups: libvirtd
+ append: yes
+ comment: "Jenkins Build Slave User"
+
+ - name: create a {{ jenkins_user }} home directory
+ file:
+ path: "/home/{{ jenkins_user }}/"
+ state: directory
+ owner: "{{ jenkins_user }}"
+
+ - name: Create .ssh directory
+ file:
+ path: "/home/{{ jenkins_user }}/.ssh"
+ state: directory
+ owner: "{{ jenkins_user }}"
+
+ - name: install the vagrant-libvirt plugin
+ shell: vagrant plugin install vagrant-libvirt
+ become: yes
+ become_user: "{{ jenkins_user }}"
+
+ - name: set the authorized keys
+ authorized_key: user={{ jenkins_user }} key="{{ lookup('file', 'files/ssh/keys/jenkins_build.pub') }}"
+
+ - name: ensure {{ jenkins_user }} can sudo without a prompt
+ sudo: yes
+ lineinfile:
+ dest: /etc/sudoers
+ regexp: '^{{ jenkins_user }} ALL'
+ line: '{{ jenkins_user }} ALL=(ALL:ALL) NOPASSWD:ALL'
+ validate: 'visudo -cf %s'
+
+ - name: set utf-8 for LC_ALL
+ lineinfile:
+ dest: "/home/{{ jenkins_user }}/.bashrc"
+ regexp: '^export LC_ALL='
+ line: "export LC_ALL=en_US.UTF-8"
+ create: true
+ state: present
+
+ - name: set utf-8 for LANG
+ lineinfile:
+ dest: "/home/{{ jenkins_user }}/.bashrc"
+ regexp: '^export LANG='
+ line: "export LANG=en_US.UTF-8"
+
+ - name: set utf-8 for LANGUAGE
+ lineinfile:
+ dest: "/home/{{ jenkins_user }}/.bashrc"
+ regexp: '^export LANGUAGE='
+ line: "export LANGUAGE=en_US.UTF-8"
+
+ - name: ensure the build dir exists
+ file: path=/home/{{ jenkins_user }}/build state=directory owner={{ jenkins_user }}
+
+ - name: ensure the home dir has the right owner permissions
+ file: path=/home/{{ jenkins_user }} state=directory owner={{ jenkins_user }} group={{ jenkins_user }} recurse=yes
+
+ - name: Add the Debian Jessie Key
+ sudo: yes
+ when: ansible_pkg_mgr == "apt"
+ apt_key: id=2B90D010 url=https://ftp-master.debian.org/keys/archive-key-8.asc keyring=/etc/apt/trusted.gpg state=present
+
+ - name: Add the Debian Security Jessie Key
+ sudo: yes
+ when: ansible_pkg_mgr == "apt"
+ apt_key: id=C857C906 url=https://ftp-master.debian.org/keys/archive-key-8-security.asc keyring=/etc/apt/trusted.gpg state=present
+
+ - name: Add the Debian Jessie Stable Release Key
+ sudo: yes
+ when: ansible_pkg_mgr == "apt"
+ apt_key: keyserver=pgp.mit.edu id=75DDC3C4A499F1A18CB5F3C8CBF8D6FD518E17E1 state=present
+
+ - name: Install openjdk-7-jre
+ apt: name=openjdk-7-jre state=present
+ when:
+ ansible_distribution_release in ['precise', 'trusty', 'wheezy', 'jessie']
+
+ - name: Install default openjdk for Xenial only
+ apt: name={{ item }} state=present
+ with_items:
+ - default-jdk
+ - default-jre
+ when:
+ ansible_distribution_release == 'xenial'
+
+ - name: correct java version selected
+ alternatives: name=java path=/usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java
+ when:
+ (ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'precise') or
+ (ansible_distribution == 'Debian' and ansible_distribution_release == 'wheezy')
+
+ - name: ensure the gitconfig file exists
+ shell: printf "[user]\name=Ceph CI\nemail=ceph-release-team@redhat.com\n" > /home/{{ jenkins_user }}/.gitconfig
+
+ - name: ensure the gitconfig file has right permissions
+ file:
+ path: "/home/{{ jenkins_user }}/.gitconfig"
+ owner: "{{ jenkins_user }}"
+
+ - name: Set Hostname with hostname command
+ sudo: yes
+ hostname:
+ name: "ceph-builders"
+
+ - name: ensure that 127.0.1.1 is present with an actual hostname
+ sudo: true
+ lineinfile:
+ dest: /etc/hosts
+ line: '127.0.1.1 ceph-builders'
+
+ # we need to update the cloud templates because 'manage_etc_hosts' is
+ # set to true on the image we use in OVH and some jobs will reboot
+ # these nodes causing the /etc/hosts file to be replace with these
+ # templates making jobs fail because the hostname is not resolvable
+ # not all our images have this setting though, so ignore failures on
+ # those nodes
+ - name: update the etc cloud templates for debian /etc/hosts
+ sudo: true
+ lineinfile:
+ dest: /etc/cloud/templates/hosts.debian.tmpl
+ line: '127.0.1.1 ceph-builders'
+ failed_when: false
+
+ - name: update the etc cloud templates for debian /etc/hosts
+ sudo: true
+ lineinfile:
+ dest: /etc/cloud/templates/hosts.redhat.tmpl
+ line: '127.0.1.1 ceph-builders'
+ failed_when: false
+
+ - name: install six, latest one
+ sudo: true
+ pip: name=six state=latest
+
+ - name: install python-jenkins
+ sudo: true
+ # https://bugs.launchpad.net/python-jenkins/+bug/1500898
+ pip: name=python-jenkins version=0.4.7
+
+ - name: add github.com host key
+ sudo: true
+ known_hosts:
+ path: '/etc/ssh/ssh_known_hosts'
+ # we need to use 'host' here because prado currently uses ansible-playbook==1.9.1
+ host: 'github.com'
+ # github.com.pub is the output of `ssh-keyscan github.com`
+ key: "{{ lookup('file', 'files/ssh/hostkeys/github.com.pub') }}"
+
+ - name: register the new slave to jenkins master with ssh
+ jenkins_node:
+ username: "{{ api_user }}"
+ uri: "{{ api_uri }}"
+ password: "{{ token }}"
+ # relies on a convention to set a unique name that allows a reverse
+ # mapping from Jenkins back to whatever service created the current
+ # node
+ name: "{{ ansible_default_ipv4.address }}+{{ nodename }}"
+ labels: "{{ labels }}"
+ host: "{{ ansible_default_ipv4.address }}"
+ credentialsId: '39fa150b-b2a1-416e-b334-29a9a2c0b32d'
+ remoteFS: '/home/{{ jenkins_user }}/build'
+ executors: '{{ executors|default(1) }}'
+ exclusive: true
+ when: not use_jnlp
+
+ - name: register the new slave to jenkins master with jnlp
+ jenkins_node:
+ username: "{{ api_user }}"
+ uri: "{{ api_uri }}"
+ password: "{{ token }}"
+ # relies on a convention to set a unique name that allows a reverse
+ # mapping from Jenkins back to whatever service created the current
+ # node
+ name: "{{ ansible_default_ipv4.address }}+{{ nodename }}"
+ labels: "{{ labels }}"
+ host: "{{ ansible_default_ipv4.address }}"
+ credentialsId: '39fa150b-b2a1-416e-b334-29a9a2c0b32d'
+ launcher: 'hudson.slaves.JNLPLauncher'
+ remoteFS: '/home/{{ jenkins_user }}/build'
+ # XXX this should be configurable, not all nodes should have one executor
+ executors: '{{ executors|default(1) }}'
+ exclusive: true
+ when: use_jnlp
projects / ceph-build.git / commitdiff