chl/ansible-jenkins-php-v1: Ansible playbook to install a Jenkins with jenkins-php.org-like jobs [WIP] [quick'n'dirty]

Archived

Ansible playbook to install a Jenkins with jenkins-php.org-like jobs [WIP] [quick'n'dirty]

This repository has been archived on 2023-11-22. You can view files and clone it, but you cannot make any changes to it's state, such as pushing and creating new issues, pull requests or comments.

Find a file

Chl 52e49a7d21 laravel5 skeleton: some updates - logIncompleteSkipped : removed from recent phpunit versions		2020-02-12 21:03:13 +01:00
roles/jenkins-php-v1	laravel5 skeleton: some updates	2020-02-12 21:03:13 +01:00
ansible.cfg	First commit	2020-01-17 23:35:15 +01:00
inventory.yml	cleanup jenkins_installonly	2020-01-18 23:10:55 +01:00
README.md	Add a Laravel 5.5 skeleton	2020-01-19 20:26:19 +01:00
site.yml	First commit	2020-01-17 23:35:15 +01:00

README.md

Important : this playbook is quick'n dirty and work in progress. Carefully review before using it.

This Ansible playbook aims at setting a Jenkins CI host linked to Gitea repositories. It will :

install jenkins from pkg.jenkins.io
install the default JDK
install the Jenkins plugins requested for the jenkins-php.org templates
create a jenkins user gitea with restricted access just to launch a job
creates the specified jobs
install NginX and set up 2 vhost as recommended in https://wiki.jenkins.io/display/JENKINS/Configuring+Content+Security+Policy

Most of the configuration should be available in the inventory.

It is launched usually like this : ansible-playbook site.yml

Prerequisites

Prerequisites for the Jenkins hosts

Hosts should be accessible via SSH as the root user (else, add the usual remote_user/become instructions in ansible.cfg) and with the Python prerequisite of Ansible (usually python-minimal).

Only tested on Debian 10 amd64 so far, with Ansible 2.7.7.

Note : to test or to limit to one particular host :

ansible foo.bar.com -m ping
ansible-playbook -l foo.bar.com -v -C -D site.yml

Prerequisites for the repositories

None at the moment : this playbook will not configure Gitea or anything else outside Jenkins. The webhooks and the access to allow Jenkins to clone/pull the repositories are to be done manually (a recap will be displayed at the end of the playbook).

Prerequisites for the projects

Nothing mandatory except the build.xml file at the root of each project.

See examples in the `roles/jenkins-php-v1/files/skeletons/' directory.

Directory layout

We follow (more or less) the recommendations of https://docs.ansible.com/ansible/latest/user_guide/playbooks_best_practices.html with :

site.yml : master playbook
ansible.cfg and inventory : the first one set up some default configurations and introduce the second one : the inventory.
roles/common/, roles/fooapp/ : the roles with their tree tasks/main.yml, files/, handlers/main.yml, ...
group_vars/group1.yml and host_vars/hostname1.yml : variables dedicated to a group or a host respectively.

Note : contrary to some recommendations, I prefer to set some variables in the inventory instead of host_vars and group_vars. For a small playbook like this one, it seems acceptable and it makes it easier to look where to adapt.

TODO

stop execution if host is running an untested system ?
use jenkins-cli to maintain credentials.xml ? It's not really easy to manipulate in Ansible at the moment...
lookup more throroughfully at configuration as code plugin
update plugins, or at least display a warning when they are not up to date.
integrate docker-plugin nicely

License

CC-BY-SA 3.0 like http://jenkins-php.org/ by Sebastian Bergmann and his contributors.