Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / jenkins / 83129fc2b5ee567623fa878ffffc983744db69e4 / . / README.rst
blob: b24514df31040e8d71e686753b9afe2c9051b81b [file] [log] [blame]
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]1===============
2Jenkins formula
3===============
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200[diff] [blame]4
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]5Jenkins is an application that monitors executions of repeated jobs, such as
6building a software project or jobs run by cron.
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200[diff] [blame]7
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]8Setup jenkins client, works with Salt 2016.3+, supports pipeline workflow
9projects only now.
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200[diff] [blame]10
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200[diff] [blame]11
Ales Komareke5a1ed62016-08-27 12:02:48 +0200[diff] [blame]12Sample pillars
13==============
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200[diff] [blame]14
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]15Master role
16-----------
Ales Komareke5a1ed62016-08-27 12:02:48 +0200[diff] [blame]17
18Simple master with reverse proxy
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200[diff] [blame]19
20.. code-block:: yaml
21
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200[diff] [blame]22 nginx:
23 server:
24 site:
25 jenkins:
26 enabled: true
27 type: nginx_proxy
28 name: jenkins
29 proxy:
30 host: 127.0.0.1
31 port: 8080
32 protocol: http
33 host:
34 name: jenkins.example.com
35 port: 80
36 jenkins:
37 master:
38 mode: EXCLUSIVE
Filip Pytloun52b9c2c2016-01-28 13:45:57 +0100[diff] [blame]39 # Do not manage config.xml from Salt, use UI instead
40 no_config: true
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200[diff] [blame]41 slaves:
42 - name: slave01
43 label: pbuilder
44 executors: 2
45 - name: slave02
46 label: image_builder
47 mode: EXCLUSIVE
48 executors: 2
49 views:
50 - name: "Package builds"
51 regex: "debian-build-.*"
52 - name: "Contrail builds"
53 regex: "contrail-build-.*"
54 - name: "Aptly"
55 regex: "aptly-.*"
56 plugins:
57 - name: slack
58 - name: extended-choice-parameter
59 - name: rebuild
60 - name: test-stability
61
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]62Jenkins master with experimental plugin source support
Ales Komarekaf967ee2016-08-31 19:38:50 +0200[diff] [blame]63
64.. code-block:: yaml
65
66 jenkins:
67 master:
68 enabled: true
69 update_site_url: 'http://updates.jenkins-ci.org/experimental/update-center.json'
70
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]71SMTP server settings
Ales Komarekaf967ee2016-08-31 19:38:50 +0200[diff] [blame]72
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]73.. code-block:: yaml
74
75 jenkins:
76 master:
77 email:
78 engine: "smtp"
79 host: "smtp.domain.com"
80 user: "user@domain.cz"
81 password: "smtp-password"
82 port: 25
83
84Script approvals
85
86.. code-block:: yaml
87
88 jenkins:
89 master:
90 approved_scripts:
91 - method groovy.json.JsonSlurperClassic parseText java.lang.String
92
93User enforcement
94
95.. code-block:: yaml
96
97 jenkins:
98 master:
99 user:
100 admin:
101 api_token: xxxxxxxxxx
102 password: admin_password
103 email: admin@domain.com
104 user01:
105 api_token: xxxxxxxxxx
106 password: user_password
107 email: user01@domain.com
108
109
110Agent (slave) role
111------------------
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200[diff] [blame]112
113.. code-block:: yaml
114
Ales Komarek4c0bab12016-01-22 12:10:50 +0100[diff] [blame]115 jenkins:
116 slave:
117 master:
118 host: jenkins.example.com
119 port: 80
Michael Kutý37a35952016-06-10 23:51:36 +0200[diff] [blame]120 protocol: http
Ales Komarek4c0bab12016-01-22 12:10:50 +0100[diff] [blame]121 user:
122 name: jenkins_slave
123 password: dexiech6AepohthaiHook2iesh7ol5ook4Ov3leid3yek6daid2ooNg3Ee2oKeYo
124 gpg:
125 keypair_id: A76882D3
126 public_key: |
127 -----BEGIN PGP PUBLIC KEY BLOCK-----
128 ...
129 private_key: |
130 -----BEGIN PGP PRIVATE KEY BLOCK-----
131 ...
Ales Komarekaf967ee2016-08-31 19:38:50 +0200[diff] [blame]132
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]133
134Client role
135-----------
Ales Komareke5a1ed62016-08-27 12:02:48 +0200[diff] [blame]136
137Simple client with workflow job definition
138
139.. code-block:: yaml
140
141 jenkins:
142 client:
143 master:
144 host: jenkins.example.com
145 port: 80
146 protocol: http
147 job:
148 jobname:
149 type: workflow
150 param:
151 bool_param:
152 type: boolean
153 description: true/false
154 default: true
155 string_param:
156 type: string
157 description: 1 liner
158 default: default_string
159 text_param:
160 type: text
161 description: multi-liner
162 default: default_text
Filip Pytlounebd4d172016-09-01 14:23:20 +0200[diff] [blame]163 jobname_scm:
164 type: workflow-scm
165 concurrent: false
166 scm:
167 type: git
168 url: https://github.com/jenkinsci/docker.git
169 branch: master
170 script: Jenkinsfile
171 github:
172 url: https://github.com/jenkinsci/docker
173 name: "Jenkins Docker Image"
174 trigger:
175 github:
176 pollscm:
177 spec: "H/15 * * * *"
178 reverse:
179 projects:
180 - test1
181 - test2
182 state: SUCCESS
183 param:
184 bool_param:
185 type: boolean
186 description: true/false
187 default: true
188 string_param:
189 type: string
190 description: 1 liner
191 default: default_string
192 text_param:
193 type: text
194 description: multi-liner
195 default: default_text
Ales Komareke5a1ed62016-08-27 12:02:48 +0200[diff] [blame]196
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]197Inline Groovy scripts
Ales Komareke5a1ed62016-08-27 12:02:48 +0200[diff] [blame]198
199.. code-block:: yaml
200
201 jenkins:
202 client:
203 job:
204 test_workflow_jenkins_simple:
205 type: workflow
206 display_name: Test jenkins simple workflow
Ales Komarek5b672fd2016-08-29 16:05:03 +0200[diff] [blame]207 script:
208 content: |
209 node {
210 stage 'Stage 1'
211 echo 'Hello World 1'
212 stage 'Stage 2'
213 echo 'Hello World 2'
214 }
Ales Komareke5a1ed62016-08-27 12:02:48 +0200[diff] [blame]215 test_workflow_jenkins_input:
216 type: workflow
217 display_name: Test jenkins workflow inputs
Ales Komarek5b672fd2016-08-29 16:05:03 +0200[diff] [blame]218 script:
219 content: |
220 node {
221 stage 'Enter string'
222 input message: 'Enter job parameters', ok: 'OK', parameters: [
223 string(defaultValue: 'default', description: 'Enter a string.', name: 'string'),
224 ]
225 stage 'Enter boolean'
226 input message: 'Enter job parameters', ok: 'OK', parameters: [
227 booleanParam(defaultValue: false, description: 'Select boolean.', name: 'Bool'),
228 ]
229 stage 'Enter text'
230 input message: 'Enter job parameters', ok: 'OK', parameters: [
231 text(defaultValue: '', description: 'Enter multiline', name: 'Multiline')
232 ]
233 }
Ales Komareke5a1ed62016-08-27 12:02:48 +0200[diff] [blame]234
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200[diff] [blame]235
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]236GIT controlled groovy scripts
Ales Komarekdaf31f72016-08-29 11:00:13 +0200[diff] [blame]237
238.. code-block:: yaml
239
240 jenkins:
241 client:
242 source:
Ales Komarek5b672fd2016-08-29 16:05:03 +0200[diff] [blame]243 base:
244 engine: git
245 address: repo_url
246 branch: branch
247 domain:
248 engine: git
249 address: domain_url
250 branch: branch
Ales Komarekdaf31f72016-08-29 11:00:13 +0200[diff] [blame]251 job:
252 test_workflow_jenkins_simple:
253 type: workflow
254 display_name: Test jenkins simple workflow
Ales Komarek5b672fd2016-08-29 16:05:03 +0200[diff] [blame]255 param:
256 bool_param:
257 type: boolean
258 description: true/false
259 default: true
260 script:
261 repository: base
262 file: workflows/test_workflow_jenkins_simple.groovy
Ales Komarekdaf31f72016-08-29 11:00:13 +0200[diff] [blame]263 test_workflow_jenkins_input:
264 type: workflow
265 display_name: Test jenkins workflow inputs
Ales Komarek5b672fd2016-08-29 16:05:03 +0200[diff] [blame]266 script:
267 repository: domain
268 file: workflows/test_workflow_jenkins_input.groovy
269 test_workflow_jenkins_input_jenkinsfile:
270 type: workflow
271 display_name: Test jenkins workflow inputs (jenknisfile)
272 script:
273 repository: domain
274 file: workflows/test_workflow_jenkins_input/Jenkinsfile
Ales Komarekdaf31f72016-08-29 11:00:13 +0200[diff] [blame]275
Ales Komarek5b672fd2016-08-29 16:05:03 +0200[diff] [blame]276GIT controlled groovy script with shared libraries
277
278.. code-block:: yaml
279
280 jenkins:
281 client:
282 source:
283 base:
284 engine: git
285 address: repo_url
286 branch: branch
287 domain:
288 engine: git
289 address: domain_url
290 branch: branch
291 job:
292 test_workflow_jenkins_simple:
293 type: workflow
294 display_name: Test jenkins simple workflow
295 param:
296 bool_param:
297 type: boolean
298 description: true/false
299 default: true
300 script:
301 repository: base
302 file: workflows/test_workflow_jenkins_simple.groovy
303 libs:
304 - repository: base
305 file: macros/cookiecutter.groovy
306 - repository: base
307 file: macros/git.groovy
Ales Komarekdaf31f72016-08-29 11:00:13 +0200[diff] [blame]308
Jakub Josef120714d2017-02-09 16:29:18 +0100[diff] [blame]309Setting job max builds to keep (amount of last builds stored on Jenkins master)
310
311.. code-block:: yaml
312
313 jenkins:
314 client:
315 job:
316 my-amazing-job:
317 type: workflow
318 discard:
319 build:
320 keep_num: 5
321 keep_days: 5
322 artifact:
323 keep_num: 6
324 keep_days: 6
325
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]326
327Using job templates in similar way as in jjb. For now just 1 defined param is
328supported.
329
330.. code-block:: yaml
331
332 jenkins:
333 client:
334 job_template:
335 test_workflow_template:
336 name: test-{{formula}}-workflow
337 template:
338 type: workflow
339 display_name: Test jenkins {{name}} workflow
340 param:
341 repo_param:
342 type: string
343 default: repo/{{formula}}
344 script:
345 repository: base
346 file: workflows/test_formula_workflow.groovy
347 param:
348 formula:
349 - aodh
350 - linux
351 - openssh
352
353Interpolating parameters for job templates.
354
Filip Pytloun83129fc2017-02-23 10:07:32 +0100[diff] [blame^]355.. code-block:: yaml
356
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]357 _param:
358 salt_formulas:
359 - aodh
360 - git
361 - nova
362 - xorg
363 jenkins:
364 client:
365 job_template:
366 test_workflow_template:
367 name: test-{{formula}}-workflow
368 template:
369 ...
370 param:
371 formula: ${_param:salt_formulas}
372
Filip Pytloun83129fc2017-02-23 10:07:32 +0100[diff] [blame^]373Or simply define multiple jobs and it's parameters to replace from template:
374
375.. code-block:: yaml
376
377 jenkins:
378 client:
379 job_template:
380 test_workflow_template:
381 name: test-{{name}}-{{myparam}}
382 template:
383 ...
384 jobs:
385 - name: firstjob
386 myparam: dummy
387 - name: secondjob
388 myparam: dummyaswell
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]389
Jakub Josef2a7739b2017-01-24 18:33:44 +0100[diff] [blame]390Purging undefined jobs from Jenkins
391
392.. code-block:: yaml
393
394 jenkins:
395 client:
396 purge_jobs: true
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]397 job:
398 my-amazing-job:
399 type: workflow
Jakub Josef2a7739b2017-01-24 18:33:44 +0100[diff] [blame]400
Jakub Josef10b4e102017-01-05 18:18:41 +0100[diff] [blame]401Plugins management from client
402
403.. code-block:: yaml
404
405
406 jenkins:
407 client:
408 plugin:
409 swarm:
410 restart: false
411 hipchat:
412 enabled: false
413 restart: true
414
Jakub Josef063a7532017-01-11 15:48:01 +0100[diff] [blame]415LDAP configuration (depends on LDAP plugin)
416
417.. code-block:: yaml
418
419 jenkins:
420 client:
421 security:
422 ldap:
423 server: 1.2.3.4
424 root_dn: dc=foo,dc=com
425 user_search_base: cn=users,cn=accounts
426 manager_dn: ""
427 manager_password: password
428 user_search: ""
429 group_search_base: ""
430 inhibit_infer_root_dn: false
431
432
433Matrix configuration (depends on auth-matrix plugin)
434
435.. code-block:: yaml
436
437 jenkins:
438 client:
439 security:
440 matrix:
Jakub Josef0ee470e2017-01-17 11:46:58 +0100[diff] [blame]441 # set true for use ProjectMatrixAuthStrategy instead of GlobalMatrixAuthStrategy
442 project_based: false
Jakub Josef063a7532017-01-11 15:48:01 +0100[diff] [blame]443 permissions:
444 Jenkins:
445 # administrator access
446 ADMINISTER:
447 - admin
448 # read access (anonymous too)
449 READ:
450 - anonymous
451 - user1
452 - user2
453 # agents permissions
454 MasterComputer:
455 BUILD:
456 - user3
457 # jobs permissions
458 hudson:
459 model:
460 Item:
461 BUILD:
462 - user4
463
464`Common matrix strategies <https://github.com/arbabnazar/configuration/blob/c08a5eaf4e04a68d2481375502a926517097b253/playbooks/roles/tools_jenkins/templates/projectBasedMatrixSecurity.groovy.j2>`_
465
Jakub Josef7bb17ab2017-01-12 14:52:53 +0100[diff] [blame]466Views enforcing from client
467
468.. code-block:: yaml
469
470 jenkins:
471 client:
472 view:
473 my-list-view:
474 enabled: true
475 type: ListView
476 include_regex: ".\*."
477 my-view:
478 # set false to disable
479 enabled: true
480 type: MyView
481
482View specific params:
483
484- include_regex for ListView
485
Jakub Josef063a7532017-01-11 15:48:01 +0100[diff] [blame]486
Jakub Josef123be7a2016-12-12 16:02:36 +0100[diff] [blame]487Credentials enforcing from client
488
489.. code-block:: yaml
490
491 jenkins:
492 client:
493 credential:
494 cred_first:
495 username: admin
496 password: password
497 cred_second:
498 username: salt
499 password: password
500 cred_with_key:
501 username: admin
502 key: SOMESSHKEY
503
504Users enforcing from client
505
506.. code-block:: yaml
507
508 jenkins:
509 client:
510 user:
511 admin:
512 password: admin_password
513 admin: true
514 user01:
515 password: user_password
516
517Node enforcing from client using JNLP launcher
518
519.. code-block:: yaml
520
521 jenkins:
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]522 client:
523 node:
524 node01:
525 remote_home: /remote/home/path
526 desc: node-description
527 num_executors: 1
528 node_mode: Normal
529 ret_strategy: Always
530 labels:
531 - example
532 - label
533 launcher:
534 type: jnlp
Jakub Josef123be7a2016-12-12 16:02:36 +0100[diff] [blame]535
536Node enforcing from client using SSH launcher
537
538.. code-block:: yaml
539
540 jenkins:
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]541 client:
542 node:
543 node01:
544 remote_home: /remote/home/path
545 desc: node-description
546 num_executors: 1
547 node_mode: Normal
548 ret_strategy: Always
549 labels:
550 - example
551 - label
552 launcher:
553 type: ssh
554 host: test-launcher
555 port: 22
556 username: launcher-user
557 password: launcher-pass
Jakub Josef123be7a2016-12-12 16:02:36 +0100[diff] [blame]558
559Setting node labels
560
561.. code-block:: yaml
562
563 jenkins:
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]564 client:
565 label:
566 node-name:
567 lbl_text: label-offline
568 append: false # set true for label append instead of replace
Jakub Josefd8e04292016-11-28 18:02:27 +0100[diff] [blame]569
Jakub Josef60cc9d22017-01-18 12:02:14 +0100[diff] [blame]570SMTP server settings from client
571
572.. code-block:: yaml
573
574 jenkins:
575 client:
576 smtp:
577 host: "smtp.domain.com"
578 username: "user@domain.cz"
579 password: "smtp-password"
580 port: 25
581 ssl: false
582 reply_to: reply_to@address.com
583
Jakub Josefa6d4c832017-01-19 14:06:12 +0100[diff] [blame]584Slack plugin configuration
585
586.. code-block:: yaml
587
588 jenkins:
589 client:
590 slack:
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]591 team_domain: example.com
592 token: slack-token
593 room: slack-room
Jakub Josef6e0cda92017-02-14 18:01:58 +0100[diff] [blame]594 token_credential_id: cred_id
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]595 send_as: Some slack user
Jakub Josefa6d4c832017-01-19 14:06:12 +0100[diff] [blame]596
Jakub Josef6e0cda92017-02-14 18:01:58 +0100[diff] [blame]597Pipeline global libraries setup
598
599.. code-block:: yaml
600
601 jenkins:
602 client:
603 lib:
604 my-pipeline-library:
605 enabled: true
606 url: https://path-to-my-library
607 credential_id: github
608 branch: master # optional, default master
609 implicit: true # optional default true
Jakub Josefd8e04292016-11-28 18:02:27 +0100[diff] [blame]610
Ales Komarek4c0bab12016-01-22 12:10:50 +0100[diff] [blame]611Usage
612=====
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200[diff] [blame]613
Ales Komarek4c0bab12016-01-22 12:10:50 +0100[diff] [blame]614Generate password hash:
615
616.. code-block:: bash
617
618 echo -n "salt{plainpassword}" | openssl dgst -sha256
619
620Place in the configuration ``salt:hashpassword``.
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200[diff] [blame]621
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]622
623External links
624==============
Filip Pytloun8bfd2bf2015-10-06 16:28:32 +0200[diff] [blame]625
626* https://wiki.jenkins-ci.org/display/JENKINS/Use+Jenkins
Filip Pytlounadf72fa2017-02-02 13:02:03 +0100[diff] [blame]627
Ales Komarekffe8bb22017-02-09 11:10:16 +0100[diff] [blame]628
Filip Pytlounadf72fa2017-02-02 13:02:03 +0100[diff] [blame]629Documentation and Bugs
630======================
631
632To learn how to install and update salt-formulas, consult the documentation
633available online at:
634
635 http://salt-formulas.readthedocs.io/
636
637In the unfortunate event that bugs are discovered, they should be reported to
638the appropriate issue tracker. Use Github issue tracker for specific salt
639formula:
640
641 https://github.com/salt-formulas/salt-formula-jenkins/issues
642
643For feature requests, bug reports or blueprints affecting entire ecosystem,
644use Launchpad salt-formulas project:
645
646 https://launchpad.net/salt-formulas
647
648You can also join salt-formulas-users team and subscribe to mailing list:
649
650 https://launchpad.net/~salt-formulas-users
651
652Developers wishing to work on the salt-formulas projects should always base
653their work on master branch and submit pull request against specific formula.
654
655 https://github.com/salt-formulas/salt-formula-jenkins
656
657Any questions or feedback is always welcome so feel free to join our IRC
658channel:
659
660 #salt-formulas @ irc.freenode.net