Enabled: false
Style/SpaceBeforeFirstArg:
Enabled: false
+Style/SpaceInsideBlockBraces:
+ Enabled: false
Style/TrailingCommaInLiteral:
- EnforcedStyleForMultiline: comma
+ EnforcedStyleForMultiline: consistent_comma
Style/WordArray:
Enabled: false
# jenkins-grid CHANGELOG
+0.2.4
+-----
+- includes the `ssl_cert::server_key_pairs` recipe automatically.
+
0.2.3
-----
- adds default ports settings.
source 'https://rubygems.org'
-#gem 'foodcritic'
+# with Chef DK
+gem 'stove'
'services' => {
'jenkins' => {
'restart' => 'always',
- 'image' => 'jenkins:2.19.4',
+ 'image' => 'jenkins:latest',
'ports' => [
'8080:8080',
'50000:50000',
description 'Jenkins setup with ssl_cert cookbook'
run_list(
- 'recipe[ssl_cert::server_key_pairs]',
+ #'recipe[ssl_cert::server_key_pairs]', # jenkins-grid <= 0.2.3
'role[docker]',
'recipe[jenkins-grid::docker-compose]',
)
'services' => {
'jenkins' => {
'restart' => 'always',
- 'image' => 'jenkins:2.19.4',
+ 'image' => 'jenkins:latest',
'expose' => [
'8083', # for https
],
)
```
-### SSL server keys and certificates management by ssl_cert cookbook
+### SSL server keys and certificates management by `ssl_cert` cookbook
- create vault items.
```text
-$ ruby -rjson -e 'puts JSON.generate({"private" => File.read("jenkins_io_example_com.prod.key")})' \
-> > ~/tmp/jenkins_io_example_com.prod.key.json
+$ ruby -rjson -e 'puts JSON.generate({"private" => File.read("jenkins.io.example.com.prod.key")})' \
+> > ~/tmp/jenkins.io.example.com.prod.key.json
-$ knife vault create ssl_server_keys jenkins.io.example.com.prod \
-> --json ~/tmp/jenkins_io_example_com.prod.key.json
+$ ruby -rjson -e 'puts JSON.generate({"public" => File.read("jenkins.io.example.com.prod.crt")})' \
+> > ~/tmp/jenkins.io.example.com.prod.crt.json
+
+$ cd $CHEF_REPO
-$ ruby -rjson -e 'puts JSON.generate({"public" => File.read("jenkins_io_example_com.prod.crt")})' \
-> > ~/tmp/jenkins_io_example_com.prod.crt.json
+$ knife vault create ssl_server_keys jenkins.io.example.com.prod \
+> --json ~/tmp/jenkins.io.example.com.prod.key.json
$ knife vault create ssl_server_certs jenkins.io.example.com.prod \
-> --json ~/tmp/jenkins_io_example_com.prod.crt.json
+> --json ~/tmp/jenkins.io.example.com.prod.crt.json
```
- grant reference permission to the Jenkins host
```ruby
run_list(
- 'recipe[ssl_cert::server_key_pairs]',
+ #'recipe[ssl_cert::server_key_pairs]', # jenkins-grid <= 0.2.3
'recipe[jenkins-grid::docker-compose]',
)
require 'rspec/core/rake_task'
require 'rubocop/rake_task'
require 'foodcritic'
+require 'stove/rake_task'
namespace :style do
desc 'Run Ruby style checks'
- RuboCop::RakeTask.new(:ruby)
+ RuboCop::RakeTask.new(:ruby) do |t|
+ t.options = [
+ '--auto-gen-config', # creates .rubocop_todo.yml
+ ]
+ end
desc 'Run Chef style checks'
FoodCritic::Rake::LintTask.new(:chef) do |t|
desc 'Run ChefSpec examples'
RSpec::Core::RakeTask.new(:spec)
+desc 'Publish cookbook'
+Stove::RakeTask.new(:publish) do |t|
+ t.stove_opts = [
+ # `--username` and `--key` are set in ~/.stove typically.
+ #'--username', 'somebody',
+ #'--key', '~/chef/chef.io.example.com/somebody.pem',
+ #'--endpoint', 'https://supermarket.io.example.com/api/v1', # default: supermarket.chef.io
+ #'--no-ssl-verify',
+ '--no-git',
+ '--log-level', 'info',
+ ]
+end
+
task default: ['style', 'spec']
# Cookbook Name:: jenkins-grid
# Attributes:: default
#
-# Copyright 2016, whitestar
+# Copyright 2016-2017, whitestar
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
'services' => {
'jenkins' => {
'restart' => 'always',
- 'image' => 'jenkins:2.19.4',
+ 'image' => 'jenkins:latest',
#'expose' => [
# #'8083', # for https
#],
--- /dev/null
+---
+# $ fly -t target sp -p jenkins-grid-cookbook -c concourse.yml -l fly-vars.yml -l ~/sec/credentials-prod.yml
+resources:
+- name: src-git
+ type: git
+ source:
+ uri: ((git-id-osdn))@git.osdn.net:/gitroot/metasearch/grid-chef-repo.git
+ branch: master
+ paths:
+ - cookbooks/((cookbook-name))
+ private_key: ((git-private-key))
+ git_user: ((git-user-osdn))
+ #check_every: 1h # default: 1m
+- name: chefdk-cache
+ type: docker-image
+ source:
+ repository: chef/chefdk
+ tag: ((chefdk-version))
+ # ((param)) style: fly >= 3.2.0
+ registry_mirror: https://((registry-mirror-domain)) # e.g. https://registry.docker.example.com:5000
+ ca_certs:
+ - domain: ((registry-mirror-domain)) # e.g. registry.docker.example.com:5000
+ cert: ((docker-reg-ca-cert))
+ check_every: 12h # default: 1m
+
+jobs:
+- name: test-cookbook
+ plan:
+ - aggregate:
+ - get: src-git
+ params:
+ depth: 5
+ trigger: true
+ - get: chefdk-cache
+ - task: ci-build
+ image: chefdk-cache
+ params:
+ http_proxy: ((http-proxy)) # e.g. http://proxy.example.com:3128
+ #HTTP_PROXY: ((http-proxy))
+ config:
+ platform: linux
+ #image_resource:
+ # type: docker-image
+ # source:
+ # repository: chef/chefdk
+ # tag: ((chefdk-version))
+ # NG, setting disable
+ #registry_mirror: https://((registry-mirror-domain))
+ #ca_certs:
+ #- domain: ((registry-mirror-domain))
+ # cert: ((docker-reg-ca-cert))
+ inputs:
+ - name: src-git
+ run:
+ #dir: ./src-git/cookbooks/((cookbook-name))
+ #path: rake
+ path: /bin/bash
+ args:
+ - -c
+ - |
+ cd ./src-git/cookbooks/((cookbook-name))
+ bundle install
+ rake
+- name: publish-cookbook
+ plan:
+ - aggregate:
+ - get: src-git
+ params:
+ depth: 5
+ trigger: false
+ passed: [test-cookbook]
+ - get: chefdk-cache
+ passed: [test-cookbook]
+ - task: publish
+ image: chefdk-cache
+ params:
+ http_proxy: ((http-proxy))
+ chef_username: ((chef-username))
+ chef_client_key: ((chef-client-key))
+ config:
+ platform: linux
+ inputs:
+ - name: src-git
+ run:
+ path: /bin/bash
+ args:
+ - -c
+ - |
+ echo '{"username":"((chef-username))","key":"/root/chef-client-key.pem"}' > /root/.stove
+ echo "$chef_client_key" > /root/chef-client-key.pem
+ cd ./src-git/cookbooks/((cookbook-name))
+ bundle install
+ rake publish
+ - put: src-git
+ params:
+ repository: src-git
+ tag_prefix: ((cookbook-name))-
+ tag: src-git/cookbooks/((cookbook-name))/version
+ only_tag: true
+ annotate: ../src-git/cookbooks/((cookbook-name))/version
--- /dev/null
+---
+cookbook-name: jenkins-grid
+chefdk-version: 1.4.3
license 'Apache 2.0'
description 'Installs/Configures jenkins-grid'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version '0.2.3'
+version IO.read(File.join(File.dirname(__FILE__), 'version')).chomp
source_url 'http://scm.osdn.jp/gitroot/metasearch/grid-chef-repo.git'
issues_url 'https://osdn.jp/projects/metasearch/ticket'
+chef_version '>= 12'
+supports 'ubuntu', '>= 14.04'
+%w(centos redhat).each do |os|
+ supports os, '>= 7.3'
+end
+
depends 'docker-grid', '>= 0.3.6'
depends 'ssl_cert', '>= 0.3.3'
end
if node['jenkins-grid']['with_ssl_cert_cookbook']
+ include_recipe 'ssl_cert::server_key_pairs'
::Chef::Recipe.send(:include, SSLCert::Helper)
cn = node['jenkins-grid']['ssl_cert']['common_name']
key_path = server_key_path(cn)
'--bip=192.168.100.1/24 --fixed-cidr=192.168.100.0/24',
].join(' ')
network_mode_bridge = false
-aptly_port = '7080' # default: 8080
-aptly_api_port = '7081' # default: 8081
-concourse_port = '8080'
-gitlab_http_port = '80' # default: 80, Note: 8080 already in use.
-gitlab_ssh_port = '2022'
+aptly_port = '7080' # default: 8080
+aptly_api_port = '7081' # default: 8081
+concourse_port = '8080'
+jenkins_port = '9080' # default: 8080
+jenkins_agent_port = '50000' # default: 50000
+jenkins_home_path = '/opt/docker-compose/app/jenkins/home'
+gitlab_http_port = '80' # default: 80, Note: 8080 already in use.
+gitlab_ssh_port = '2022'
nexus_ver = '3'
nexus_port = nexus_ver == '3' ? '8081' : '8071'
'role[concourse-on-docker]',
'role[gitlab-on-docker]',
'role[gitlab-runner]',
+ 'role[jenkins-on-docker]',
"role[nexus#{nexus_ver}-on-docker]",
)
'import_ca' => false,
},
},
+ 'jenkins-grid' => {
+ 'docker-compose' => {
+ 'jenkins_home' => {
+ 'path' => jenkins_home_path,
+ },
+ 'config' => {
+ 'services' => {
+ 'jenkins' => {
+ 'ports' => [
+ "#{jenkins_port}:8080",
+ "#{jenkins_agent_port}:50000",
+ ],
+ },
+ },
+ },
+ },
+ },
'nexus-grid' => {
'docker-compose' => {
'config' => {
name 'jenkins'
description 'Jenkins'
+#jenkins_cn = 'jenkins.io.example.com'
+
run_list(
#'recipe[ssl_cert::server_key_pairs]',
'role[docker]',
#default_attributes()
-jenkins_cn = 'jenkins.io.example.com'
-
override_attributes(
'ssl_cert' => {
- 'common_names' => [
- jenkins_cn,
- ],
+ # 'common_names' => [
+ # jenkins_cn,
+ # ],
},
'docker-grid' => {
'engine' => {
'jenkins-grid' => {
#'with_ssl_cert_cookbook' => true,
'ssl_cert' => {
- 'common_name' => jenkins_cn,
+ #'common_name' => jenkins_cn,
},
'docker-compose' => {
'config' => {
'services' => {
'jenkins' => {
'restart' => 'always',
- 'image' => 'jenkins:2.19.4',
+ 'image' => 'jenkins:latest',
#'expose' => [
# '8083', # for https
#],
- 'ports' => [
- '8080:8080',
- #'8083:8083',
- '50000:50000',
- ],
+ #'ports' => [
+ #],
'environment' => {
'JENKINS_OPTS' => [
#'--httpPort=-1 --httpsPort=8083',