Ansible role which manage Jenkins CI
- Install and configure Jenkins
- Proxy jenkins with nginx/apache (supports http auth)
- Setup SSH credentials for Jenkins (key, knownhosts)
- Install Jenkins plugins
The role does not install a proxy server (nginx, apache) I recommed to use other roles for install proxies (example Stouts.nginx)
The role requires docker installed on the target systems
Here is the list of all variables and their default values:
jenkins_enabled: yes # The role is enabled
jenkins_home: /opt/jenkins
jenkins_http_host: 127.0.0.1 # Set HTTP host
jenkins_http_port: 8000 # Set HTTP port
jenkins_image: jenkinsci/blueocean
jenkins_networks: []
jenkins_proxy: "" # Enable jenkins proxy. Values are: nginx, apache
jenkins_proxy_hostname: "{{inventory_hostname}}" # Set proxy servername
jenkins_proxy_ssl: false # Enable SSL
jenkins_proxy_ssl_redirect: false
jenkins_proxy_ssl_certificate: /etc/nginx/ssl/certificate.crt # Path to certificate
jenkins_proxy_ssl_key: /etc/nginx/ssl/certificate.key # Path to key
jenkins_proxy_auth: no # Enable http auth
jenkins_proxy_auth_users: [] # Add http auth users
jenkins_proxy_port: "{{jenkins_proxy_ssl and 443 or 80}}" # Set proxy port
jenkins_apk_packages: [make] # Ensure the packages installed
jenkins_plugins: [] # Ensure the plugins is installed
jenkins_exec: [] # Exec commands inside Jenkins master
jenkins_ssh_key_file: "" # Set private ssh key for Jenkins user (path to local file)
# Jenkins ssh keys object
# - file_name: id_rsa # optional defaults to id_rsa; please set if you have multiple
# private_key: |
# -----BEGIN RSA PRIVATE KEY-----
# Proc-Type: 4,ENCRYPTED
# DEK-Info: AES-128-CBC,.....
jenkins_ssh_keys: [] # Set multiple private keys from vault or vars
jenkins_ssh_fingerprints: # Set known hosts for ssh
- "bitbucket.org,131.103.20.167 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw=="
- "github.com,204.232.175.90 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ=="
Add Stouts.jenkins
to your roles and setup the variables in your playbook file.
Example:
- hosts: all
roles:
- Stouts.python
- Stouts.docker
- Stouts.jenkins
vars:
jenkins_proxy: nginx
jenkins_proxy_hostname: jenkins.myhost.com
jenkins_ssh_key_file: "{{inventory_dir}}/jenkins/ssh_key"
You could use the role for checking builds during provision. By example, update servers only if last build was successful:
- hosts: all
roles:
- Stouts.jenkins
... # Other server roles
vars:
jenkins_enabled: no # We dont need to install Jenkins on this host
jenkins_check_jobs:
- url: jenkins.myproject.com # Url when jenkins is installed
job: myproject-master # Job name
user: myproject # (optional) HTTP Basic Auth
password: mypassword
In this example, provision will continue only if last build was success.
Licensed under the MIT License. See the LICENSE file for details.
Are welcome!
If you wish to express your appreciation for the role, you are welcome to send a postcard to:
Kirill Klenov
pos. Severny 8-3
MO, Istra, 143500
Russia