chl/ansible-jenkins-php-v1: Ansible playbook to install a Jenkins with jenkins-php.org-like jobs [WIP] [quick'n'dirty]

Archived

Ansible playbook to install a Jenkins with jenkins-php.org-like jobs [WIP] [quick'n'dirty]

This repository has been archived on 2023-11-22. You can view files and clone it, but you cannot make any changes to it's state, such as pushing and creating new issues, pull requests or comments.

Find a file

Chl c86c99cc4d readme: add license		2020-01-18 23:00:41 +01:00
roles/jenkins-php-v1	First functional nginx version	2020-01-18 01:04:37 +01:00
ansible.cfg	First commit	2020-01-17 23:35:15 +01:00
inventory.yml	inventory: more generic	2020-01-18 18:29:54 +01:00
README.md	readme: add license	2020-01-18 23:00:41 +01:00
site.yml	First commit	2020-01-17 23:35:15 +01:00

README.md

Important : this playbook is quick'n dirty and work in progress. Carefully review before using it.

This Ansible playbook aims at setting a Jenkins CI host linked to Gitea repositories. It will :

install jenkins from pkg.jenkins.io
install the default JDK
install the Jenkins plugins requested for the jenkins-php.org templates
create a jenkins user gitea with restricted access just to launch a job
creates the specified jobs
install NginX and set up 2 vhost as recommended in https://wiki.jenkins.io/display/JENKINS/Configuring+Content+Security+Policy

Most of the configuration should be available in the inventory.

It is launched usually like this : ansible-playbook site.yml

Prerequisite

Hosts should be accessible via SSH as the root user (else, add the usual remote_user/become instructions in ansible.cfg) and with the Python prerequisite of Ansible (usually python-minimal).

Only tested on Debian 10 amd64 so far, with Ansible 2.7.7.

Note : to test or to limit to one particular host :

ansible foo.bar.com -m ping
ansible-playbook -l foo.bar.com -v -C -D site.yml

Directory layout

We follow (more or less) the recommendations of https://docs.ansible.com/ansible/latest/user_guide/playbooks_best_practices.html with :

site.yml : master playbook
ansible.cfg and inventory : the first one set up some default configurations and introduce the second one : the inventory.
roles/common/, roles/fooapp/ : the roles with their tree tasks/main.yml, files/, handlers/main.yml, ...
group_vars/group1.yml and host_vars/hostname1.yml : variables dedicated to a group or a host respectively.

Note : contrary to some recommendations, I prefer to set some variables in the inventory instead of host_vars and group_vars. For a small playbook like this one, it seems acceptable and it makes it easier to look where to adapt.

TODO

stop execution if host is running an untested system ?
use jenkins-cli to maintain credentials.xml ? It's not really easy to manipulate in Ansible at the moment...
lookup more throroughfully at configuration as code plugin
update plugins, or at least display a warning when they are not up to date.
integrate docker-plugin nicely

License

CC-BY-SA 3.0 like http://jenkins-php.org/