blob: 7dc19af1ed4b3576c4c2798b23f1c3c31d066b02 [file] [log] [blame]
Ales Komarekffe8bb22017-02-09 11:10:16 +01001===============
2Jenkins formula
3===============
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +02004
Ales Komarekffe8bb22017-02-09 11:10:16 +01005Jenkins is an application that monitors executions of repeated jobs, such as
6building a software project or jobs run by cron.
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +02007
Ales Komarekffe8bb22017-02-09 11:10:16 +01008Setup jenkins client, works with Salt 2016.3+, supports pipeline workflow
9projects only now.
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +020010
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +020011
Ales Komareke5a1ed62016-08-27 12:02:48 +020012Sample pillars
13==============
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +020014
Ales Komarekffe8bb22017-02-09 11:10:16 +010015Master role
16-----------
Ales Komareke5a1ed62016-08-27 12:02:48 +020017
18Simple master with reverse proxy
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +020019
20.. code-block:: yaml
21
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +020022 nginx:
23 server:
24 site:
25 jenkins:
26 enabled: true
27 type: nginx_proxy
28 name: jenkins
29 proxy:
30 host: 127.0.0.1
31 port: 8080
32 protocol: http
33 host:
34 name: jenkins.example.com
35 port: 80
36 jenkins:
37 master:
38 mode: EXCLUSIVE
Filip Pytloun52b9c2c2016-01-28 13:45:57 +010039 # Do not manage config.xml from Salt, use UI instead
40 no_config: true
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +020041 slaves:
42 - name: slave01
43 label: pbuilder
44 executors: 2
45 - name: slave02
46 label: image_builder
47 mode: EXCLUSIVE
48 executors: 2
49 views:
50 - name: "Package builds"
51 regex: "debian-build-.*"
52 - name: "Contrail builds"
53 regex: "contrail-build-.*"
54 - name: "Aptly"
55 regex: "aptly-.*"
56 plugins:
57 - name: slack
58 - name: extended-choice-parameter
59 - name: rebuild
60 - name: test-stability
61
Ales Komarekffe8bb22017-02-09 11:10:16 +010062Jenkins master with experimental plugin source support
Ales Komarekaf967ee2016-08-31 19:38:50 +020063
64.. code-block:: yaml
65
66 jenkins:
67 master:
68 enabled: true
69 update_site_url: 'http://updates.jenkins-ci.org/experimental/update-center.json'
70
Ales Komarekffe8bb22017-02-09 11:10:16 +010071SMTP server settings
Ales Komarekaf967ee2016-08-31 19:38:50 +020072
Ales Komarekffe8bb22017-02-09 11:10:16 +010073.. code-block:: yaml
74
75 jenkins:
76 master:
77 email:
78 engine: "smtp"
79 host: "smtp.domain.com"
80 user: "user@domain.cz"
81 password: "smtp-password"
82 port: 25
83
Jakub Josefbf0b73e2017-03-22 14:32:45 +010084Script approvals from client
85
86.. code-block:: yaml
87
88 jenkins:
89 client:
90 approved_scripts:
91 - method groovy.json.JsonSlurperClassic parseText java.lang.String
92
93
Ales Komarekffe8bb22017-02-09 11:10:16 +010094Script approvals
95
96.. code-block:: yaml
97
98 jenkins:
99 master:
100 approved_scripts:
101 - method groovy.json.JsonSlurperClassic parseText java.lang.String
102
103User enforcement
104
105.. code-block:: yaml
106
107 jenkins:
108 master:
109 user:
110 admin:
111 api_token: xxxxxxxxxx
112 password: admin_password
113 email: admin@domain.com
114 user01:
115 api_token: xxxxxxxxxx
116 password: user_password
117 email: user01@domain.com
118
119
120Agent (slave) role
121------------------
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200122
123.. code-block:: yaml
124
Ales Komarek4c0bab12016-01-22 12:10:50 +0100125 jenkins:
126 slave:
127 master:
128 host: jenkins.example.com
129 port: 80
Michael Kutý37a35952016-06-10 23:51:36 +0200130 protocol: http
Ales Komarek4c0bab12016-01-22 12:10:50 +0100131 user:
132 name: jenkins_slave
133 password: dexiech6AepohthaiHook2iesh7ol5ook4Ov3leid3yek6daid2ooNg3Ee2oKeYo
134 gpg:
135 keypair_id: A76882D3
136 public_key: |
137 -----BEGIN PGP PUBLIC KEY BLOCK-----
138 ...
139 private_key: |
140 -----BEGIN PGP PRIVATE KEY BLOCK-----
141 ...
Ales Komarekaf967ee2016-08-31 19:38:50 +0200142
Ales Komarekffe8bb22017-02-09 11:10:16 +0100143
144Client role
145-----------
Ales Komareke5a1ed62016-08-27 12:02:48 +0200146
147Simple client with workflow job definition
148
149.. code-block:: yaml
150
151 jenkins:
152 client:
153 master:
154 host: jenkins.example.com
155 port: 80
156 protocol: http
157 job:
158 jobname:
159 type: workflow
160 param:
161 bool_param:
162 type: boolean
163 description: true/false
164 default: true
165 string_param:
166 type: string
167 description: 1 liner
168 default: default_string
169 text_param:
170 type: text
171 description: multi-liner
172 default: default_text
Filip Pytlounebd4d172016-09-01 14:23:20 +0200173 jobname_scm:
174 type: workflow-scm
175 concurrent: false
176 scm:
177 type: git
178 url: https://github.com/jenkinsci/docker.git
179 branch: master
180 script: Jenkinsfile
181 github:
182 url: https://github.com/jenkinsci/docker
183 name: "Jenkins Docker Image"
184 trigger:
Tomáš Kukrála9cf2c62017-03-04 11:25:20 +0100185 timer:
186 spec: "H H * * *"
Filip Pytlounebd4d172016-09-01 14:23:20 +0200187 github:
188 pollscm:
189 spec: "H/15 * * * *"
190 reverse:
191 projects:
192 - test1
193 - test2
194 state: SUCCESS
195 param:
196 bool_param:
197 type: boolean
198 description: true/false
199 default: true
200 string_param:
201 type: string
202 description: 1 liner
203 default: default_string
204 text_param:
205 type: text
206 description: multi-liner
207 default: default_text
Ales Komareke5a1ed62016-08-27 12:02:48 +0200208
Ales Komarekffe8bb22017-02-09 11:10:16 +0100209Inline Groovy scripts
Ales Komareke5a1ed62016-08-27 12:02:48 +0200210
211.. code-block:: yaml
212
213 jenkins:
214 client:
215 job:
216 test_workflow_jenkins_simple:
217 type: workflow
218 display_name: Test jenkins simple workflow
Ales Komarek5b672fd2016-08-29 16:05:03 +0200219 script:
220 content: |
221 node {
222 stage 'Stage 1'
223 echo 'Hello World 1'
224 stage 'Stage 2'
225 echo 'Hello World 2'
226 }
Ales Komareke5a1ed62016-08-27 12:02:48 +0200227 test_workflow_jenkins_input:
228 type: workflow
229 display_name: Test jenkins workflow inputs
Ales Komarek5b672fd2016-08-29 16:05:03 +0200230 script:
231 content: |
232 node {
233 stage 'Enter string'
234 input message: 'Enter job parameters', ok: 'OK', parameters: [
235 string(defaultValue: 'default', description: 'Enter a string.', name: 'string'),
236 ]
237 stage 'Enter boolean'
238 input message: 'Enter job parameters', ok: 'OK', parameters: [
239 booleanParam(defaultValue: false, description: 'Select boolean.', name: 'Bool'),
240 ]
241 stage 'Enter text'
242 input message: 'Enter job parameters', ok: 'OK', parameters: [
243 text(defaultValue: '', description: 'Enter multiline', name: 'Multiline')
244 ]
245 }
Ales Komareke5a1ed62016-08-27 12:02:48 +0200246
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200247
Ales Komarekffe8bb22017-02-09 11:10:16 +0100248GIT controlled groovy scripts
Ales Komarekdaf31f72016-08-29 11:00:13 +0200249
250.. code-block:: yaml
251
252 jenkins:
253 client:
254 source:
Ales Komarek5b672fd2016-08-29 16:05:03 +0200255 base:
256 engine: git
257 address: repo_url
258 branch: branch
259 domain:
260 engine: git
261 address: domain_url
262 branch: branch
Ales Komarekdaf31f72016-08-29 11:00:13 +0200263 job:
264 test_workflow_jenkins_simple:
265 type: workflow
266 display_name: Test jenkins simple workflow
Ales Komarek5b672fd2016-08-29 16:05:03 +0200267 param:
268 bool_param:
269 type: boolean
270 description: true/false
271 default: true
272 script:
273 repository: base
274 file: workflows/test_workflow_jenkins_simple.groovy
Ales Komarekdaf31f72016-08-29 11:00:13 +0200275 test_workflow_jenkins_input:
276 type: workflow
277 display_name: Test jenkins workflow inputs
Ales Komarek5b672fd2016-08-29 16:05:03 +0200278 script:
279 repository: domain
280 file: workflows/test_workflow_jenkins_input.groovy
281 test_workflow_jenkins_input_jenkinsfile:
282 type: workflow
283 display_name: Test jenkins workflow inputs (jenknisfile)
284 script:
285 repository: domain
286 file: workflows/test_workflow_jenkins_input/Jenkinsfile
Ales Komarekdaf31f72016-08-29 11:00:13 +0200287
Ales Komarek5b672fd2016-08-29 16:05:03 +0200288GIT controlled groovy script with shared libraries
289
290.. code-block:: yaml
291
292 jenkins:
293 client:
294 source:
295 base:
296 engine: git
297 address: repo_url
298 branch: branch
299 domain:
300 engine: git
301 address: domain_url
302 branch: branch
303 job:
304 test_workflow_jenkins_simple:
305 type: workflow
306 display_name: Test jenkins simple workflow
307 param:
308 bool_param:
309 type: boolean
310 description: true/false
311 default: true
312 script:
313 repository: base
314 file: workflows/test_workflow_jenkins_simple.groovy
315 libs:
316 - repository: base
317 file: macros/cookiecutter.groovy
318 - repository: base
319 file: macros/git.groovy
Ales Komarekdaf31f72016-08-29 11:00:13 +0200320
Jakub Josef120714d2017-02-09 16:29:18 +0100321Setting job max builds to keep (amount of last builds stored on Jenkins master)
322
323.. code-block:: yaml
324
325 jenkins:
326 client:
327 job:
328 my-amazing-job:
329 type: workflow
330 discard:
331 build:
332 keep_num: 5
333 keep_days: 5
334 artifact:
335 keep_num: 6
336 keep_days: 6
337
Ales Komarekffe8bb22017-02-09 11:10:16 +0100338
339Using job templates in similar way as in jjb. For now just 1 defined param is
340supported.
341
342.. code-block:: yaml
343
344 jenkins:
345 client:
346 job_template:
347 test_workflow_template:
348 name: test-{{formula}}-workflow
349 template:
350 type: workflow
351 display_name: Test jenkins {{name}} workflow
352 param:
353 repo_param:
354 type: string
355 default: repo/{{formula}}
356 script:
357 repository: base
358 file: workflows/test_formula_workflow.groovy
359 param:
360 formula:
361 - aodh
362 - linux
363 - openssh
364
365Interpolating parameters for job templates.
366
Filip Pytloun83129fc2017-02-23 10:07:32 +0100367.. code-block:: yaml
368
Ales Komarekffe8bb22017-02-09 11:10:16 +0100369 _param:
370 salt_formulas:
371 - aodh
372 - git
373 - nova
374 - xorg
375 jenkins:
376 client:
377 job_template:
378 test_workflow_template:
379 name: test-{{formula}}-workflow
380 template:
381 ...
382 param:
383 formula: ${_param:salt_formulas}
384
Filip Pytloun83129fc2017-02-23 10:07:32 +0100385Or simply define multiple jobs and it's parameters to replace from template:
386
387.. code-block:: yaml
388
389 jenkins:
390 client:
391 job_template:
392 test_workflow_template:
393 name: test-{{name}}-{{myparam}}
394 template:
395 ...
396 jobs:
397 - name: firstjob
398 myparam: dummy
399 - name: secondjob
400 myparam: dummyaswell
Ales Komarekffe8bb22017-02-09 11:10:16 +0100401
Jakub Josef2a7739b2017-01-24 18:33:44 +0100402Purging undefined jobs from Jenkins
403
404.. code-block:: yaml
405
406 jenkins:
407 client:
408 purge_jobs: true
Ales Komarekffe8bb22017-02-09 11:10:16 +0100409 job:
410 my-amazing-job:
411 type: workflow
Jakub Josef2a7739b2017-01-24 18:33:44 +0100412
Jakub Josef10b4e102017-01-05 18:18:41 +0100413Plugins management from client
414
415.. code-block:: yaml
416
417
418 jenkins:
419 client:
420 plugin:
421 swarm:
422 restart: false
423 hipchat:
424 enabled: false
425 restart: true
426
Jakub Josef063a7532017-01-11 15:48:01 +0100427LDAP configuration (depends on LDAP plugin)
428
429.. code-block:: yaml
430
431 jenkins:
432 client:
433 security:
434 ldap:
435 server: 1.2.3.4
436 root_dn: dc=foo,dc=com
437 user_search_base: cn=users,cn=accounts
438 manager_dn: ""
439 manager_password: password
440 user_search: ""
441 group_search_base: ""
442 inhibit_infer_root_dn: false
443
444
445Matrix configuration (depends on auth-matrix plugin)
446
447.. code-block:: yaml
448
449 jenkins:
450 client:
451 security:
452 matrix:
Jakub Josef0ee470e2017-01-17 11:46:58 +0100453 # set true for use ProjectMatrixAuthStrategy instead of GlobalMatrixAuthStrategy
454 project_based: false
Jakub Josef063a7532017-01-11 15:48:01 +0100455 permissions:
456 Jenkins:
457 # administrator access
458 ADMINISTER:
459 - admin
460 # read access (anonymous too)
461 READ:
462 - anonymous
463 - user1
464 - user2
465 # agents permissions
466 MasterComputer:
467 BUILD:
468 - user3
469 # jobs permissions
470 hudson:
471 model:
472 Item:
473 BUILD:
474 - user4
475
476`Common matrix strategies <https://github.com/arbabnazar/configuration/blob/c08a5eaf4e04a68d2481375502a926517097b253/playbooks/roles/tools_jenkins/templates/projectBasedMatrixSecurity.groovy.j2>`_
477
Jakub Josef7bb17ab2017-01-12 14:52:53 +0100478Views enforcing from client
479
480.. code-block:: yaml
481
482 jenkins:
483 client:
484 view:
485 my-list-view:
486 enabled: true
487 type: ListView
Jakub Josef7d9fce32017-03-24 16:46:56 +0100488 include_regex: ".*"
Jakub Josef7bb17ab2017-01-12 14:52:53 +0100489 my-view:
490 # set false to disable
491 enabled: true
492 type: MyView
493
494View specific params:
495
Jakub Josef7d9fce32017-03-24 16:46:56 +0100496- include_regex for ListView and CategorizedJobsView
497- categories for CategorizedJobsView
498
499Categorized views
500
501.. code-block:: yaml
502
503 jenkins:
504 client:
505 view:
506 my-categorized-view:
507 enabled: true
508 type: CategorizedJobsView
509 include_regex: ".*"
510 categories:
511 - group_regex: "aptly-.*-nightly-testing"
512 naming_rule: "Nightly -> Testing"
513 - group_regex: "aptly-.*-nightly-production"
514 naming_rule: "Nightly -> Production"
Jakub Josef7bb17ab2017-01-12 14:52:53 +0100515
Jakub Josef063a7532017-01-11 15:48:01 +0100516
Jakub Josef123be7a2016-12-12 16:02:36 +0100517Credentials enforcing from client
518
519.. code-block:: yaml
520
521 jenkins:
522 client:
523 credential:
524 cred_first:
525 username: admin
526 password: password
527 cred_second:
528 username: salt
529 password: password
530 cred_with_key:
531 username: admin
532 key: SOMESSHKEY
533
534Users enforcing from client
535
536.. code-block:: yaml
537
538 jenkins:
539 client:
540 user:
541 admin:
542 password: admin_password
543 admin: true
544 user01:
545 password: user_password
546
547Node enforcing from client using JNLP launcher
548
549.. code-block:: yaml
550
551 jenkins:
Ales Komarekffe8bb22017-02-09 11:10:16 +0100552 client:
553 node:
554 node01:
555 remote_home: /remote/home/path
556 desc: node-description
557 num_executors: 1
558 node_mode: Normal
559 ret_strategy: Always
560 labels:
561 - example
562 - label
563 launcher:
564 type: jnlp
Jakub Josef123be7a2016-12-12 16:02:36 +0100565
566Node enforcing from client using SSH launcher
567
568.. code-block:: yaml
569
570 jenkins:
Ales Komarekffe8bb22017-02-09 11:10:16 +0100571 client:
572 node:
573 node01:
574 remote_home: /remote/home/path
575 desc: node-description
576 num_executors: 1
577 node_mode: Normal
578 ret_strategy: Always
579 labels:
580 - example
581 - label
582 launcher:
583 type: ssh
584 host: test-launcher
585 port: 22
586 username: launcher-user
587 password: launcher-pass
Jakub Josef123be7a2016-12-12 16:02:36 +0100588
589Setting node labels
590
591.. code-block:: yaml
592
593 jenkins:
Ales Komarekffe8bb22017-02-09 11:10:16 +0100594 client:
595 label:
596 node-name:
597 lbl_text: label-offline
598 append: false # set true for label append instead of replace
Jakub Josefd8e04292016-11-28 18:02:27 +0100599
Jakub Josef60cc9d22017-01-18 12:02:14 +0100600SMTP server settings from client
601
602.. code-block:: yaml
603
604 jenkins:
605 client:
606 smtp:
607 host: "smtp.domain.com"
608 username: "user@domain.cz"
609 password: "smtp-password"
610 port: 25
611 ssl: false
612 reply_to: reply_to@address.com
613
Jakub Josefa6d4c832017-01-19 14:06:12 +0100614Slack plugin configuration
615
616.. code-block:: yaml
617
618 jenkins:
619 client:
620 slack:
Ales Komarekffe8bb22017-02-09 11:10:16 +0100621 team_domain: example.com
622 token: slack-token
623 room: slack-room
Jakub Josef6e0cda92017-02-14 18:01:58 +0100624 token_credential_id: cred_id
Ales Komarekffe8bb22017-02-09 11:10:16 +0100625 send_as: Some slack user
Jakub Josefa6d4c832017-01-19 14:06:12 +0100626
Jakub Josef6e0cda92017-02-14 18:01:58 +0100627Pipeline global libraries setup
628
629.. code-block:: yaml
630
631 jenkins:
632 client:
633 lib:
634 my-pipeline-library:
635 enabled: true
636 url: https://path-to-my-library
637 credential_id: github
638 branch: master # optional, default master
639 implicit: true # optional default true
Jakub Josefd8e04292016-11-28 18:02:27 +0100640
Ales Komarek4c0bab12016-01-22 12:10:50 +0100641Usage
642=====
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200643
Ales Komarek4c0bab12016-01-22 12:10:50 +0100644Generate password hash:
645
646.. code-block:: bash
647
648 echo -n "salt{plainpassword}" | openssl dgst -sha256
649
650Place in the configuration ``salt:hashpassword``.
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200651
Ales Komarekffe8bb22017-02-09 11:10:16 +0100652
653External links
654==============
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200655
656* https://wiki.jenkins-ci.org/display/JENKINS/Use+Jenkins
Filip Pytlounadf72fa2017-02-02 13:02:03 +0100657
Ales Komarekffe8bb22017-02-09 11:10:16 +0100658
Filip Pytlounadf72fa2017-02-02 13:02:03 +0100659Documentation and Bugs
660======================
661
662To learn how to install and update salt-formulas, consult the documentation
663available online at:
664
665 http://salt-formulas.readthedocs.io/
666
667In the unfortunate event that bugs are discovered, they should be reported to
668the appropriate issue tracker. Use Github issue tracker for specific salt
669formula:
670
671 https://github.com/salt-formulas/salt-formula-jenkins/issues
672
673For feature requests, bug reports or blueprints affecting entire ecosystem,
674use Launchpad salt-formulas project:
675
676 https://launchpad.net/salt-formulas
677
678You can also join salt-formulas-users team and subscribe to mailing list:
679
680 https://launchpad.net/~salt-formulas-users
681
682Developers wishing to work on the salt-formulas projects should always base
683their work on master branch and submit pull request against specific formula.
684
685 https://github.com/salt-formulas/salt-formula-jenkins
686
687Any questions or feedback is always welcome so feel free to join our IRC
688channel:
689
690 #salt-formulas @ irc.freenode.net