summary |
shortlog | log |
commit |
commitdiff |
review |
tree
first ⋅ prev ⋅ next
Trevor Bramwell [Thu, 5 Dec 2019 14:47:07 +0000 (06:47 -0800)]
Modify Jenkins OpenSSH Key Format for Gerrit
Newer versions of openssh generate private keys in an 'openssh' format
(see man 1 ssh-keygen: -o option), and not the classic PEM format.
The PEM format is needed by the SSH library Jenkins uses (JSch) in order
to read the private key from disk for the Gerrit plugin.
This fixes the error seen from the logs:
IOException:
com.jcraft.jsch.JSchException: invalid privatekey
Note: This was not changed in the Ansible task for generating user SSH
keys, as there does not appear to be a way to specify the key format.
Change-Id: I978f59b25f0ae17f56e03e898f896971c4c4b424
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
DW Talton [Tue, 20 Aug 2019 17:27:27 +0000 (10:27 -0700)]
JDK update to 11
The underlying containers for ci-workshop have
updated to debian 10, which no longer includes
java 8. Bumped the version to 11. Also, added
python-wheel to the jenkins agent container as
Docker builds were failing without it.
Signed-off-by: DW Talton <dtalton@contractor.linuxfoundation.org>
Change-Id: Ia6607a1f89a39f9fd42dc12b41bd19407adb7da6
Milin Jaiswal [Thu, 2 May 2019 16:10:51 +0000 (16:10 +0000)]
Merge "add artifactory to start testing for zowe"
Daniel Pono Takamori [Thu, 2 May 2019 00:06:50 +0000 (17:06 -0700)]
add artifactory to start testing for zowe
Issue: RELENG-1938
Change-Id: If0c872e29b79d8c647da2d5c499bc148223dde18
Signed-off-by: Pono <dtakamori@contractor.linuxfoundation.org>
Trevor Bramwell [Wed, 13 Mar 2019 22:41:12 +0000 (15:41 -0700)]
Fix uploading workshop user's ssh pubkey to Gerrit
By default the 'uri' module will use "Content-Type: 'raw'", while Gerrit
only accepts 'text/plain' when uploading sshkeys. Forcing basic auth
also ensures the request passes username/password instead of looking for
an 401 HTTP response before submitting the data.
Change-Id: Idadfa50a4b6e81f6c8cfc5d6f839c53df8be5417
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Tue, 26 Feb 2019 23:34:20 +0000 (15:34 -0800)]
Fix Jenkins Credentials
The new version of Jenkins no longer allows SSH credentials to come from
the master filesystem, so instead they are uploaded using the
jenkins-cli.jar.
An initial credential setting is created when Jenkins starts with the
private key added later.
Change-Id: Id4e80625cca06a5047f592c58ee6bae1b698228a
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Tue, 26 Feb 2019 23:28:18 +0000 (15:28 -0800)]
Use python3 for running Ansible in init
Because the python docker container installs python to a location other
than /usr/bin, ansible doesn't know it have python3 available. Setting
this flag allows the build to use python3 and fix a pip error.
An extra setting ANSIBLE_STDOUT_CALLBACK=yaml is added to add clearer
output when running ansible, and can be overridden in the
docker-compose.yaml file.
Change-Id: I9dfc1aa0be17fb93d73e3ce321330558b44f7829
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Thu, 4 Oct 2018 04:23:00 +0000 (21:23 -0700)]
Remove Version strings from Jenkins Plugins
Removing the version string will always install the newest version of
the plugins when the container is built. This removes the need to update
the version strings periodically as plugins get out of date.
Specific plugin versions can still be installed by modifying the
plugins.txt file, specifying the version, and rebuilding the container.
Change-Id: I265656d4675e38749f29889ff20b151173622af3
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Wed, 3 Oct 2018 22:57:33 +0000 (15:57 -0700)]
Move Nexus Context path to '/'
This reduces the confusion when trying to access Nexus at
'nexus.localhost' as the default context is '/nexus'. Without going
directly to 'nexus.localhost/nexus' users were given a 404 response.
Change-Id: I024f447a60f53f35626752f44f556c4883421149
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Fri, 28 Sep 2018 20:11:18 +0000 (13:11 -0700)]
Convert Init Container and Scripts to Ansible
The init container ran a script that was not fully idempotent. Migrating
that script to Ansible allows for strong idempotency (ensuring things
that change get changed), and reduces the overhead of maintaining bash.
This change also splits up the docker-compose.yml file in preperation
for Zuul support.
Jenkins groovy init scripts are renamed to run-parts syntax in order to
ensure ordering, and the Gerrit groovy configuration is set to run
immediately instead of waiting for plugins to finish loading.
Change-Id: Ib6d355e15a13a6d03769c6a8c0b3bfb6056dd3e7
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Aric Gardner [Tue, 24 Jul 2018 19:20:38 +0000 (15:20 -0400)]
Fix credentials and ssh-credentials version
updaed these plugins which casued
ssh-credentials-plugin.BasicSSHUserPrivateKey.UsersPrivateKeySource
method to fail
def gerrit_credentials = new BasicSSHUserPrivateKey(
CredentialsScope.GLOBAL,
"ciworkshop-jenkins-ssh", // ID
"jenkins-workshop", // username
private_key_on_master,
null, // password
"Gerrit User" // description
)
The option to add a key: From the Jenkins master ~/.ssh
is gone in the new version
Change-Id: Iad4c1e12b45ca8d4205ab3d2109cfe19163a797d
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
Aric Gardner [Mon, 23 Jul 2018 21:41:58 +0000 (17:41 -0400)]
JDK tool has been split out as a plugin
groovy scripts fail to deploy as the jdk
install method is now in a plugin.
Add jdktool and update ssh slave plugins
Change-Id: I59221653e219ebbded9bc9744ffa663fe1c2f480
Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
Anil Belur [Wed, 16 May 2018 03:12:17 +0000 (13:12 +1000)]
Fix missing pip dependency
This fixies the following error when bringing
up Jenkins docker image
"error: invalid command 'bdist_wheel'"
Change-Id: I50b16758b3dc5bded36b628279b849e39ed1ac35
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Anil Belur [Thu, 10 May 2018 01:51:38 +0000 (11:51 +1000)]
Add the openstack-cloud plugin
Change-Id: I14fccb0b4a8259d1849662ade59664cf1ef7f465
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Trevor Bramwell [Wed, 9 May 2018 17:59:29 +0000 (10:59 -0700)]
Update Global JJB to 0.19.2
This includes updates to all Jenkins plugins, specifically
postbuildscript which needs to be updated to 2.X in order to use
global-jjb >0.17
Change-Id: I1364918abba6e09182cd081fa833ade51d42a8df
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Wed, 9 May 2018 14:41:59 +0000 (07:41 -0700)]
Update init Docker image to Ubuntu 16.04
Include python-setuptools package and organize package list
Change-Id: Ie391a410af309d08d4c9b1a4540ad1389a5548fe
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Anil Belur [Mon, 9 Apr 2018 23:55:19 +0000 (09:55 +1000)]
Install ansible plugin
Ansible plugin also requires ansible binary to be installed
on the docker container.
Include the required dependencies and also format the Dockerfile
to make the dependencies readable.
Change-Id: I3e9e9ce92399e766dbce0c7d068020d8a10764ab
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Trevor Bramwell [Wed, 11 Apr 2018 18:09:10 +0000 (11:09 -0700)]
Upgrade Jenkins Plugins
Bringing Jenkins plugins up to date to reduce the security warnings and
keep things current.
Change-Id: I41ac6357506e9f888eaeaa19fb4b962853daa45f
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Tue, 10 Apr 2018 13:59:42 +0000 (06:59 -0700)]
Fix adding of the global-jjb submodule
As the URL changed and the path is not explicilty set, this was being
added at jjb/releng-global-jjb instead of jjb/global-jjb.
Change-Id: Ieccc7298aef213eb8997f8e516a3c907e515164f
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Fri, 6 Apr 2018 23:38:00 +0000 (16:38 -0700)]
Switch Global-JJB Submodule URL to Github
This is the recommended practice for adding global-jjb as a submodule
to the ci-management repo.
Change-Id: I713da3ec1637dbe2c89ecba5f4b573ed0e81024b
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Thanh Ha [Sat, 7 Apr 2018 14:49:19 +0000 (14:49 +0000)]
Merge "Change 'sandbox' user to 'workshop'"
Thanh Ha [Sat, 7 Apr 2018 14:47:37 +0000 (14:47 +0000)]
Merge "Add npmrc and pipconf to Config File Provider"
Trevor Bramwell [Thu, 29 Mar 2018 19:57:50 +0000 (12:57 -0700)]
Don't always restart the nginx container
If there are errors bringing up the docker-compose environment, the
nginx container will still continue to run causing other projects that
expect port 80 to be available to fail.
Change-Id: I33715f5326514ef7945826d717e7a44ac1e5337b
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Fri, 6 Apr 2018 23:41:13 +0000 (16:41 -0700)]
Add npmrc and pipconf to Config File Provider
global-jjb requires these file exist in order to run successfully. For
now the don't include any specific content.
Change-Id: I06a037b0ba449fae7a3fc492f5f2f9ae3c40403e
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Fri, 6 Apr 2018 23:13:01 +0000 (16:13 -0700)]
Change 'sandbox' user to 'workshop'
This requires rebuilding the containers and recreating the volumes.
Change-Id: I60e2edf757112024e7315a367bf4ccfe20557c54
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Fri, 6 Apr 2018 23:16:11 +0000 (23:16 +0000)]
Merge "Bump the initial global-jjb version to v0.17.0"
Trevor Bramwell [Fri, 6 Apr 2018 19:56:52 +0000 (12:56 -0700)]
Keep Jenkins Job Builder from upgrading to 2.0
jenkins-job-builder (JJB) 2.0 adds support for the post build script
plugin and defaults to assuming the newest version
(postbuildscript:2.X.X) is installed. The new version of postbuildscript
is not yet supported in global-jjb, so installing a newer version of JJB
breaks the initial population of the ci-management repo.
Change-Id: I873dda9d7c58ae33d4f0c0417eb95929397861ae
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Fri, 6 Apr 2018 20:01:18 +0000 (13:01 -0700)]
Bump the initial global-jjb version to v0.17.0
Change-Id: I7267f7ab563e8c21ea9a979d49eace0386406bef
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Fri, 6 Apr 2018 21:13:38 +0000 (14:13 -0700)]
Fix Shellcheck bugs in Gerrit Auth Script
Change-Id: I7d1846fe50274576e71e30c2bdeeef7578722b04
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Sat, 28 Oct 2017 12:55:56 +0000 (05:55 -0700)]
Setup and Configure Nexus
Adds the Nexus (v2) container and does the following:
- Creates the initial 'logs' repository
- Configures Jenkins to be able to talk to Nexus by creating a
settings.xml, and installing the needed packages on the
jenkins-agent.
- Installs required plugins for the jjb logs publishing job, including
downloading PostBuildScript during the Jenkins container build.
- Directs requests to 'jenkins.localhost', etc, on the jenkins-agent
through the nginx container.
- Sets the Jenkins Markup Formatter to 'Safe HTML' so the logs link can
be displayed.
Change-Id: I63c783156bcffd1699e9ca7fe1a114ee2ed54bed
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Sat, 28 Oct 2017 12:51:21 +0000 (05:51 -0700)]
Configure GLOBAL_JJB_VERSION Through Environment
Pulling GLOBAL_JJB_VERSION from the environment allows for creating the
initial ci-management repo with a specific global-jjb version without
having to rebuild the init container.
This also modifies paths to the 'wait-for-it.sh' script to be absolute.
Change-Id: Ic2e7c2a9871fda176a678e245a57d1fde898c0a9
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Sat, 28 Oct 2017 12:48:58 +0000 (05:48 -0700)]
Configure Jenkins Global Properties through Env
By looking for these properties through the Jenkins environment, the
container no longer needs to be rebuilt each time JJB configuration
variables change; it can just be restarted.
Change-Id: I4b96e130ee94963f3ea94c9eb5eb3b5b77a1413f
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Sat, 28 Oct 2017 12:45:12 +0000 (05:45 -0700)]
Rearrange Jenkins Agent Environment Variables
Moves the public key into config.env, and JAVA_OPTS into
docker-compose.yml since other containers look for the JAVA_OPTS
variable and it contains Jenkins specific information.
Change-Id: I775ac6fee8fdf3ec318368be973c43e8925d0fe5
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Thu, 26 Oct 2017 18:57:05 +0000 (11:57 -0700)]
Create script for uploading ssh pubkey to Gerrit
'gerrit-auth.sh' takes a single argument of an ssh public-key file to be
added to the sandbox user in Gerrit. This way users don't need to go
through an error-prone setup of copy & pasting the curl command. Some
explainations of curl errors are also provided.
Change-Id: I5b3af284348953b2cea37dedfff5b6bed852e4b7
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Wed, 18 Oct 2017 05:51:28 +0000 (22:51 -0700)]
Make Container Versions Configurable
There is a global 'environment' file for docker-compose called '.env'
which sits in the same directory as the yaml file[1]. Besides a shell
environment, This is where default values passed to the docker-compose
command line can be stored.
By having container specific versions listed here users of
ci-management will have an eaiser time bringing up a matrix of
different infrastructure configurations.
[1] https://docs.docker.com/compose/environment-variables/#the-env-file
Change-Id: Ie2bd92376fa817b13f4eb1d123f9fca8e10b99a5
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Tue, 10 Oct 2017 23:33:00 +0000 (16:33 -0700)]
Move LDAP configs to base directory
This removes the need for a 'config' directory and config values have
been collapsed to 'config.env' and instance specific configuration is
stored under the instance name.
Change-Id: I64e2c93f42c799750ff2baf47033c2a909279483
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Tue, 10 Oct 2017 23:31:13 +0000 (16:31 -0700)]
Move Jenkins Groovy Scripts under jenkins/scripts
This should help de-clutter the current jenkins directory containing the
Dockerfile and configs.
Change-Id: Iea68c13640291e9a654424300454319a0df2bd1a
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Thu, 5 Oct 2017 18:35:37 +0000 (11:35 -0700)]
Collapse Environment Files
Having all the environment variables in one place should help people
track down where settings are instead of having to dig through several
files.
Change-Id: Iceea0e7bf508f7a427a777077ed23b51e6791f0d
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Sun, 13 Aug 2017 06:27:46 +0000 (23:27 -0700)]
Full Integration of Jenkins and Gerrit
- Run exclusive services with NGINX
In favor of writing individual configs for NGINX, and since all we're
doing is reverse proxying, using jwilder/nginx-proxy and setting
VIRTUAL_HOST should be all we need to get NGINX working and allows for
individual services to be brought up without causing NGINX to fall
over due the other upstream not being online.
- Config Jenkins & Gerrit integration through several Groovy scripts
These scripts provide all the initial configuration needed to get
Jenkins and Gerrit talking to each other. They include:
- Disabling the CLI over remoting
- Enabling CSRF protection
- Enabling the Agent -> Master subsystem
- Setting the Jenkins hostname
- Creating SSH credentials for connecting Jenkins to Gerrit
- Configuring the Gerrit-Trigger plugins
- Adding a single Jenkins SSH agent
- Creating a JJB ini file through the Config Files plugin that Jenkins
agent will use to configure JJB
- Setting the global environment variable GIT_URL requires by
Global-JJB
- Initialization Container
After the Jenkins and Gerrit are some more work is needed to allow
them to interact such as:
- Creating an ssh key in Jenkins home directory
- Creating a user in Gerrit that Jenkins will use to access the
event-stream over ssh
- Writing out the basic configuration for a ci-management repository
- Bootstrapping JJB jobs into Jenkins
- Adding the Verified label to Gerrit
These are all done outside of the context of the Gerrit and Jenkins
containers because most of them rely on processes already running, and
allow us to use unmodified upstream containers.
- Updating plugins required by Global-JJB
Change-Id: I13cda69989c4832d451be1b841d177c9fdaf9e27
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Trevor Bramwell [Wed, 9 Aug 2017 17:47:35 +0000 (10:47 -0700)]
Initial Commit
Change-Id: I8cfcd9adc88146a32c7621470a4dcbf5b5643690
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
Andrew Grimberg [Tue, 8 Aug 2017 22:01:40 +0000 (15:01 -0700)]
Setup initial .gitreview and .gitignore
Configure new repository with .gitreview and .gitignore
Change-Id: I8251a6d0ae1da9f50be57160795055b5c8d3a413
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
Andrew Grimberg [Wed, 9 Aug 2017 17:29:39 +0000 (10:29 -0700)]
Add Coala linting
Change-Id: Id378925dcebe48c23465401240df0f647f8ae1ad
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
Andrew Grimberg [Tue, 8 Aug 2017 21:59:50 +0000 (21:59 +0000)]
Initial empty repository
Code Review / releng / ci-workshop.git / log