Allow auth on jenkins, split slave system
Change-Id: I35416dcd6baaa0159f2191be9b4029228545aa53
diff --git a/jenkins/client/credential/gerrit.yml b/jenkins/client/credential/gerrit.yml
index 3b7eb0c..b42f5af 100644
--- a/jenkins/client/credential/gerrit.yml
+++ b/jenkins/client/credential/gerrit.yml
@@ -1,7 +1,9 @@
parameters:
+ _param:
+ gerrit_admin_user: admin
jenkins:
client:
credential:
gerrit:
- username: admin
+ username: ${_param:gerrit_admin_user}
key: ${_param:gerrit_admin_private_key}
diff --git a/jenkins/client/init.yml b/jenkins/client/init.yml
index 36da8b6..02589e0 100644
--- a/jenkins/client/init.yml
+++ b/jenkins/client/init.yml
@@ -2,11 +2,15 @@
- service.jenkins.support
- service.jenkins.client
parameters:
+ _param:
+ jenkins_client_user: none
+ jenkins_client_password: none
+ jenkins_master_host: ${_param:control_vip_address}
+ jenkins_master_port: 8081
jenkins:
client:
master:
- host: ${_param:cluster_vip_address}
- port: 8081
- # When Jenkins auth is enabled
- #user: admin
- #password: dummy
+ host: ${_param:jenkins_master_host}
+ port: ${_param:jenkins_master_port}
+ user: ${_param:jenkins_client_user}
+ password: ${_param:jenkins_client_password}
diff --git a/jenkins/master/config.yml b/jenkins/master/config.yml
index eb7e112..3c9268b 100644
--- a/jenkins/master/config.yml
+++ b/jenkins/master/config.yml
@@ -40,6 +40,9 @@
- method java.net.URLConnection setRequestProperty java.lang.String java.lang.String
- method java.util.LinkedHashMap$LinkedHashIterator hasNext
- method java.util.Map size
+ - method java.util.regex.MatchResult group int
+ - method java.util.regex.Matcher matches
+ - method java.util.regex.Pattern matcher java.lang.CharSequence
- method org.jenkinsci.plugins.workflow.job.WorkflowRun doStop
- method org.jenkinsci.plugins.workflow.support.steps.build.RunWrapper build
- new groovy.json.JsonBuilder java.lang.Object
@@ -69,3 +72,18 @@
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods plus java.util.List java.util.Collection
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods putAt java.lang.Object java.lang.String java.lang.Object
- staticMethod org.codehaus.groovy.runtime.EncodingGroovyMethods encodeBase64 byte[]
+ - staticMethod org.codehaus.groovy.runtime.ScriptBytecodeAdapter bitwiseNegate java.lang.Object
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods println java.lang.Object java.lang.Object
+ - method hudson.PluginWrapper getShortName
+ - method hudson.PluginManager getPlugins
+ - method jenkins.model.Jenkins getPluginManager
+ - method hudson.model.ItemGroup getItem java.lang.String
+ - method hudson.model.Job getLastBuild
+ - method hudson.model.Run getResult
+ - method hudson.model.Job getBuilds
+ - staticMethod java.lang.String format java.lang.String java.lang.Object[]
+ - staticMethod java.util.regex.Pattern quote java.lang.String
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods findAll java.util.List groovy.lang.Closure
+ - method java.util.Collection remove java.lang.Object
+ - staticMethod java.lang.System exit int
+
diff --git a/jenkins/slave.yml b/jenkins/slave.yml
deleted file mode 100644
index 42f3ca0..0000000
--- a/jenkins/slave.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-applications:
- - jenkins
-classes:
- - service.java.environment
- - system.docker.host
-parameters:
- _param:
- java_environment_version: "8"
- java_environment_platform: openjdk
- java:
- environment:
- headless: true
- jenkins:
- slave:
- enabled: true
- pkgs: false
- sudo: false
- scripts: []
- master:
- host: ${_param:control_vip_address}
- port: 8081
- protocol: http
-# user:
-# name: admin
-# password: ${_param:jenkins_admin_password}
- linux:
- system:
- user:
- jenkins:
- enabled: true
- name: jenkins
- home: /var/lib/jenkins
- sudo: false
- groups:
- - docker
diff --git a/jenkins/slave/docker.yml b/jenkins/slave/docker.yml
new file mode 100644
index 0000000..b134225
--- /dev/null
+++ b/jenkins/slave/docker.yml
@@ -0,0 +1,9 @@
+classes:
+ - system.jenkins.slave
+parameters:
+ linux:
+ system:
+ user:
+ jenkins:
+ groups:
+ - docker
diff --git a/jenkins/slave/init.yml b/jenkins/slave/init.yml
new file mode 100644
index 0000000..c445c14
--- /dev/null
+++ b/jenkins/slave/init.yml
@@ -0,0 +1,37 @@
+applications:
+ - jenkins
+classes:
+ - service.java.environment
+parameters:
+ _param:
+ java_environment_version: "8"
+ java_environment_platform: openjdk
+ jenkins_slave_user: none
+ jenkins_slave_password: none
+ jenkins_master_host: ${_param:control_vip_address}
+ jenkins_master_port: 8081
+ jenkins_master_protocol: http
+ java:
+ environment:
+ headless: true
+ jenkins:
+ slave:
+ enabled: true
+ pkgs: false
+ sudo: false
+ scripts: []
+ master:
+ host: ${_param:jenkins_master_host}
+ port: ${_param:jenkins_master_port}
+ protocol: ${_param:jenkins_master_protocol}
+ user:
+ name: ${_param:jenkins_slave_user}
+ password: ${_param:jenkins_slave_password}
+ linux:
+ system:
+ user:
+ jenkins:
+ enabled: true
+ name: jenkins
+ home: /var/lib/jenkins
+ sudo: false
diff --git a/jenkins/slave/libvirt.yml b/jenkins/slave/libvirt.yml
new file mode 100644
index 0000000..e40b841
--- /dev/null
+++ b/jenkins/slave/libvirt.yml
@@ -0,0 +1,25 @@
+classes:
+ - system.jenkins.slave
+ - service.iptables.server
+parameters:
+ linux:
+ system:
+ user:
+ jenkins:
+ groups:
+ - kvm
+ - libvirtd
+ package:
+ qemu:
+ version: latest
+ libvirt-bin:
+ version: latest
+ # Ensure FORWARD chain to be ACCEPT to avoid issue when running with docker
+ # 1.13 and newer that sets chain to DROP, see:
+ # https://github.com/docker/docker/pull/28257
+ iptables:
+ service:
+ enabled: true
+ chain:
+ FORWARD:
+ policy: ACCEPT