Last active
November 15, 2015 22:11
-
-
Save okram999/1a2883cc6ffd0d197091 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| include_recipe 'yum' | |
| include_recipe 'yum-epel' | |
| include_recipe 'abc_jenkins::rubies' | |
| include_recipe 'java' | |
| include_recipe 'nginx' | |
| include_recipe 'jenkins::master' | |
| include_recipe 'abc_jenkins::chef_config' | |
| include_recipe 'abc_jenkins::maven' | |
| include_recipe 'abc_jenkins::git' | |
| require 'pry' | |
| data_bag = Chef::EncryptedDataBagItem.load('utilities', 'utilities') | |
| sub_dirs = ['.ssh', 'scripts'] | |
| sub_dirs.each do |dir| | |
| directory "#{node[:jenkins][:master][:home]}/#{dir}" do | |
| user 'jenkins' | |
| group 'jenkins' | |
| recursive true | |
| end | |
| end | |
| group "rvm" do | |
| action :modify | |
| members "jenkins" | |
| append true | |
| end | |
| template "#{node[:jenkins][:master][:home]}/.ssh/config" do | |
| source 'ssh_config.erb' | |
| owner "jenkins" | |
| group "jenkins" | |
| mode 0600 | |
| variables( | |
| hosts: [{host: "github.com", | |
| hostname: "github.com", | |
| user: "git", | |
| identityfile: '~/.ssh/ubuntu-personal', | |
| stricthostkeychecking: "no", | |
| }] | |
| ) | |
| end | |
| jenkins_user "#{node[:jenkins][:master_config][:user][:username]}" do | |
| full_name "#{node[:jenkins][:master_config][:user][:username]}" | |
| email "#{node[:jenkins][:master_config][:user][:email]}" | |
| public_keys [data_bag["jenkins_public_key"]] | |
| not_if { File.exist?("#{node[:jenkins][:master][:home]}/users/#{node[:jenkins][:master_config][:user][:username]}") } | |
| end | |
| #jenkins_private_key : is the ssh private key that will use to checkout the guthub | |
| template "#{node[:jenkins][:master][:home]}/.ssh/ubuntu-personal" do | |
| source 'ssh_key.erb' | |
| mode 00600 | |
| owner 'jenkins' | |
| group 'jenkins' | |
| variables( | |
| :key => data_bag['jenkins_private_key'] | |
| ) | |
| end | |
| cookbook_file "cacerts.bin" do | |
| path "#{node['java']['java_home']}/jre/lib/security/cacerts" | |
| only_if {"keytool -list -v -storepass changeit -keystore #{node['java']['java_home']}/jre/lib/security/cacerts"} | |
| end | |
| #not going to use the ldap | |
| #localLdap = node[:jenkins][:master_config][:ldap].merge(data_bag['ldap']) | |
| template "#{node[:jenkins][:master][:home]}/config.xml" do | |
| source 'config.xml.erb' | |
| variables( | |
| master_executors: node[:jenkins][:master_config][:master_executors], | |
| #ldap: localLdap, | |
| clouds: node[:jenkins][:master][:clouds] || nil, | |
| views: node[:jenkins][:master][:views] || nil | |
| ) | |
| notifies :restart, 'service[jenkins]', :immediately | |
| end | |
| ruby_block 'set private key' do | |
| block { node.run_state[:jenkins_private_key] = data_bag["jenkins_private_key"] } | |
| end | |
| if node[:jenkins][:master_config][:credentials] | |
| node[:jenkins][:master_config][:credentials].each do |name, credential| | |
| jenkins_private_key_credentials credential["name"] do | |
| description credential["description"] | |
| private_key data_bag["#{credential["databag_key_name"]}"] | |
| if credential["id"] | |
| id credential["id"] | |
| end | |
| end | |
| end | |
| end | |
| if node[:jenkins][:master_config][:slaves] | |
| node[:jenkins][:master_config][:slaves].each do |name, slave| | |
| jenkins_ssh_slave slave['name'] do | |
| remote_fs slave['remote_fs'] | |
| host slave['host'] | |
| user slave['user'] | |
| credentials slave['credentials'] | |
| end | |
| end | |
| end | |
| unless node['jenkins']['plugins'].nil? | |
| node['jenkins']['plugins'].each do |plugin, version| | |
| case version | |
| when 'latest' | |
| jenkins_plugin plugin do | |
| notifies :restart, "service[jenkins]", :delayed | |
| end | |
| else | |
| jenkins_plugin plugin do | |
| version version | |
| notifies :restart, "service[jenkins]", :delayed | |
| end | |
| end | |
| end | |
| end | |
| node[:jenkins][:jobs].each do |name,job| | |
| job_xml = File.join(Chef::Config[:file_cache_path], name) | |
| template job_xml do | |
| source 'jenkins_job.xml.erb' | |
| variables( | |
| maven_plugin: job['maven_plugin'], | |
| description: job['description'], | |
| parameterized: job['parameterized'], | |
| choice_parameters: job['choice_parameters'], | |
| build_parameters: job['build_parameters'], | |
| disabled: job['disabled'], | |
| scm: job['scm'], | |
| scm_name: job['scm_name'], | |
| scm_url: job['scm_url'], | |
| scm_branch: job['scm_branch'], | |
| scm_credentials: job['scm_credentials'], | |
| scm_polling: job['scm_polling'], | |
| scm_checkout_local_branch: job['scm_checkout_local_branch'], | |
| timer_trigger: job['timer_trigger'], | |
| command: job['command'], | |
| child_project: job['child_projects'], | |
| depth: job['depth_option'], | |
| can_roam: job['can_roam'], | |
| concurrent_build: job['concurrent_build'], | |
| group_id: job['group_id'], | |
| artifact_id: job['artifact_id'], | |
| release_goals: job['release_goals'], | |
| dry_run_goals: job['dry_run_goals'], | |
| build_goals: job['build_goals'], | |
| root_pom: job['root_pom'], | |
| parameterized_child_projects: job['parameterized_child_projects'], | |
| user_groups: job['user_groups'] | |
| ) | |
| end | |
| jenkins_job name do | |
| config job_xml | |
| end | |
| end | |
| template "/etc/sv/jenkins/run" do | |
| source 'sv-jenkins-run.erb' | |
| owner "root" | |
| group "root" | |
| mode 00755 | |
| notifies :restart, "service[jenkins]", :delayed | |
| end | |
| template "#{node[:nginx][:dir]}/#{node[:jenkins][:master_config][:server_name]}-server-certificate.pem" do | |
| source 'ssh_key.erb' | |
| owner 'root' | |
| group 'root' | |
| mode 0400 | |
| variables( | |
| :key => data_bag['nginx_certificate'] | |
| ) | |
| end | |
| template "/etc/nginx/sites-available/jenkins" do | |
| source "nginx-jenkins.erb" | |
| owner "root" | |
| group "root" | |
| mode 0644 | |
| variables( | |
| :port => node[:jenkins][:master][:port], | |
| :server_name => node[:jenkins][:master_config][:server_name], | |
| :root_dir => node[:jenkins][:master][:home], | |
| :ssl => node[:jenkins][:master_config][:ssl], | |
| :ssl_pem => "#{node[:nginx][:dir]}/#{node[:jenkins][:master_config][:server_name]}-server-certificate.pem" | |
| ) | |
| notifies :restart, "service[nginx]", :delayed | |
| end | |
| link '/etc/nginx/sites-enabled/jenkins' do | |
| to '/etc/nginx/sites-available/jenkins' | |
| end | |
| file "/etc/nginx/conf.d/default.conf" do | |
| action :delete | |
| notifies :restart, "service[nginx]", :delayed | |
| end | |
| file "/etc/nginx/sites-enabled/000-default" do | |
| action :delete | |
| notifies :restart, "service[nginx]", :delayed | |
| end | |
| service 'nginx' do | |
| action [ :enable, :start ] | |
| end | |
| service "jenkins" do | |
| action [:start] | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment