cookbook 'jenkins', '= 9.3.0'
jenkins
(85) Versions
9.3.0
-
-
9.5.21
-
9.5.20
-
9.5.19
-
9.5.18
-
9.5.17
-
9.5.16
-
9.5.15
-
9.5.14
-
9.5.13
-
9.5.12
-
9.5.11
-
9.5.10
-
9.5.9
-
9.5.8
-
9.5.7
-
9.5.6
-
9.5.5
-
9.5.4
-
9.5.3
-
9.5.2
-
9.5.1
-
9.5.0
-
9.4.0
-
9.3.0
-
9.2.1
-
9.2.0
-
9.1.0
-
9.0.0
-
8.2.3
-
8.2.2
-
8.2.1
-
8.2.0
-
8.1.0
-
8.0.4
-
8.0.3
-
8.0.2
-
8.0.1
-
8.0.0
-
7.1.2
-
7.1.1
-
7.1.0
-
7.0.0
-
6.2.1
-
6.2.0
-
6.1.0
-
6.0.0
-
5.0.6
-
5.0.5
-
5.0.4
-
5.0.3
-
5.0.2
-
5.0.1
-
5.0.0
-
4.2.1
-
4.2.0
-
4.1.2
-
4.1.1
-
4.1.0
-
4.0.1
-
4.0.0
-
3.1.1
-
3.1.0
-
3.0.0
-
2.6.0
-
2.5.0
-
2.4.1
-
2.4.0
-
2.3.1
-
2.3.0
-
2.2.2
-
2.2.1
-
2.2.0
-
2.1.2
-
2.1.1
-
2.1.0
-
2.0.2
-
2.0.0
-
1.2.2
-
1.2.0
-
1.1.0
-
1.0.0
-
0.6.3
-
0.6.2
-
0.6.1
-
0.6.0
Follow278
- 9.5.21
- 9.5.20
- 9.5.19
- 9.5.18
- 9.5.17
- 9.5.16
- 9.5.15
- 9.5.14
- 9.5.13
- 9.5.12
- 9.5.11
- 9.5.10
- 9.5.9
- 9.5.8
- 9.5.7
- 9.5.6
- 9.5.5
- 9.5.4
- 9.5.3
- 9.5.2
- 9.5.1
- 9.5.0
- 9.4.0
- 9.3.0
- 9.2.1
- 9.2.0
- 9.1.0
- 9.0.0
- 8.2.3
- 8.2.2
- 8.2.1
- 8.2.0
- 8.1.0
- 8.0.4
- 8.0.3
- 8.0.2
- 8.0.1
- 8.0.0
- 7.1.2
- 7.1.1
- 7.1.0
- 7.0.0
- 6.2.1
- 6.2.0
- 6.1.0
- 6.0.0
- 5.0.6
- 5.0.5
- 5.0.4
- 5.0.3
- 5.0.2
- 5.0.1
- 5.0.0
- 4.2.1
- 4.2.0
- 4.1.2
- 4.1.1
- 4.1.0
- 4.0.1
- 4.0.0
- 3.1.1
- 3.1.0
- 3.0.0
- 2.6.0
- 2.5.0
- 2.4.1
- 2.4.0
- 2.3.1
- 2.3.0
- 2.2.2
- 2.2.1
- 2.2.0
- 2.1.2
- 2.1.1
- 2.1.0
- 2.0.2
- 2.0.0
- 1.2.2
- 1.2.0
- 1.1.0
- 1.0.0
- 0.6.3
- 0.6.2
- 0.6.1
- 0.6.0
Installs and configures Jenkins CI master & slaves
cookbook 'jenkins', '= 9.3.0', :supermarket
knife supermarket install jenkins
knife supermarket download jenkins
jenkins Cookbook
Installs and configures Jenkins CI master & node slaves. Resource providers to support automation via jenkins-cli, including job create/update.
Maintainers
This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit sous-chefs.org or come chat with us on the Chef Community Slack in #sous-chefs.
Requirements
Platforms
- Debian 9+
- Ubuntu 18.04+
- RHEL/CentOS 7+
Chef
- Chef 13.0+
Java cookbook
This cookbook does not install, manage, or manipulate a JDK, as that is outside of the scope of Jenkins. The package
installation method will automatically pull in a valid Java if one does not exist on Debian. RHEL jenkins packages do not depend on java as there are far too many options for a package to do the right thing. We recommend including the java cookbook on your system which allows for either openJDK or Oracle JDK installations.
Attributes
In order to keep the README manageable and in sync with the attributes, this cookbook documents attributes inline. The usage instructions and default values for attributes can be found in the individual attribute files.
Examples
Documentation and examples are provided inline using YARD. The tests and fixture cookbooks in tests
and tests/fixtures
are intended to be a further source of examples.
Recipes
master
The master recipe will create the required directory structure and install jenkins. There are two installation methods, controlled by the node['jenkins']['master']['install_method']
attribute:
-
package
- Install Jenkins from the official jenkins-ci.org packages -
war
- Download the latest version of the WAR file and configure a systemd service
Resources
jenkins_command
This resource executes arbitrary commands against the Jenkins CLI
Actions
- :execute
Examples
To perform a restart
jenkins_command 'safe-restart'
To reload the configuration from disk:
jenkins_command 'reload-configuration'
To prevent Jenkins from starting any new builds (in preparation for a shutdown):
jenkins_command 'quiet-down'
NOTE You must add your own not_if
/only_if
guards to the jenkins_command
to prevent duplicate commands from executing. Just like Chef's core execute
resource, the jenkins_command
resource has no way of being idempotent.
jenkins_script
This resource executes arbitrary Java or Groovy commands against the Jenkins master. By the nature of this command, it is not idempotent.
Examples
A simple inline Groovy script
jenkins_script 'println("This is Groovy code!")'
More complex inline Groovy
jenkins_script 'add_authentication' do command <<-EOH.gsub(/^ {4}/, '') import jenkins.model.* import hudson.security.* import org.jenkinsci.plugins.* def instance = Jenkins.getInstance() def githubRealm = new GithubSecurityRealm( 'https://github.com', 'https://api.github.com', 'API_KEY', 'API_SECRET' ) instance.setSecurityRealm(githubRealm) def strategy = new FullControlOnceLoggedInAuthorizationStrategy() instance.setAuthorizationStrategy(strategy) instance.save() EOH end
Executing Groovy code on disk
template ::File.join(Chef::Config[:file_cache_path], 'create_jenkins_user' + '.groovy') do source "create_jenkins_user.groovy.erb" mode '0644' owner 'jenkins' group 'jenkins' variables( users: users ) notifies :execute, "jenkins_script[create_jenkins_user]", :immediately end jenkins_script 'create_jenkins_user' do groovy_path ::File.join(Chef::Config[:file_cache_path], 'create_jenkins_user' + '.groovy') end
jenkins_credentials
NOTES
Install version 1.6 or higher of the credentials plugin to use the Jenkins credentials resource.
In version
4.0.0
of this cookbook this resource was changed so that credentials are referenced by their ID instead of by their name. If you are upgrading your nodes from an earlier version of this cookbook ( <= 3.1.1 ), use the credentials resource and do not have explicit IDs assigned to credentials, you will need to go into the Jenkins UI, find the auto-generated UUIDs for your credentials, and add them to your cookbook resources.
Actions
- :create
- :delete
Both actions operate on the credential resources idempotently. It also supports why-run mode.
jenkins_credentials
is a base resource that is not used directly. Instead there are resources for each specific type of credentials supported.
Properties
Use of the credential resource requires a unique id
property. The resource uses this ID to find the credential for future modifications, and it is an immutable resource once the resource is created within Jenkins. This ID is also how you reference the credentials in other Groovy scripts (i.e. Pipeline code).
The username
property (also the name property) corresponds to the username of the credentials on the target node.
You may also specify a description
which is useful in credential identification.
jenkins_password_credentials
Basic username + password credentials.
Examples
# Create password credentials jenkins_password_credentials 'wcoyote' do id 'wcoyote-password' description 'Wile E Coyote' password 'beepbeep' end
# Delete password credentials jenkins_password_credentials 'wcoyote' do id 'wcoyote-password' action :delete end
jenkins_private_key_credentials
Credentials that use a username + private key (optionally protected with a passphrase).
Examples
# Create private key credentials jenkins_private_key_credentials 'wcoyote' do id 'wcoyote-key' description 'Wile E Coyote' private_key "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQ..." end # Private keys with a passphrase will also work jenkins_private_key_credentials 'wcoyote' do id 'wcoyote-key' description 'Eile E Coyote' private_key "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQ..." passphrase 'beepbeep' end
# Delete private key jenkins_private_key_credentials 'wcoyote' do id 'wcoyote-key' action :delete end
jenkins_secret_text_credentials
Generic secret text. Requires the the credentials-binding
plugin.
Examples
# Create secret text credentials jenkins_secret_text_credentials 'wcoyote' do id 'wcoyote-secret' description 'Wile E Coyote Secret' secret 'Some secret text' end
# Delete secret text credentials jenkins_secret_text_credentials 'wcoyote' do id 'wcoyote-secret' action :delete end
jenkins_file_credentials
Generic file credentials.
# Create file credentials jenkins_file_credentials 'wcoyote' do id 'wcoyote-file' description 'Wile E Coyote File' filename 'file.txt' data 'my file content' end
# Delete file credentials jenkins_file_credentials 'wcoyote' do id 'wcoyote-file' action :delete end
Scopes
Credentials in Jenkins can be created with 2 different "scopes" which determines where the credentials can be used:
- GLOBAL - This credential is available to the object on which the credential is associated and all objects that are children of that object. Typically you would use global-scoped credentials for things that are needed by jobs.
- SYSTEM - This credential is only available to the object on which the credential is associated. Typically you would use system-scoped credentials for things like email auth, slave connection, etc, i.e. where the Jenkins instance itself is using the credential. Unlike the global scope, this significantly restricts where the credential can be used, thereby providing a higher degree of confidentiality to the credential.
The credentials created with the jenkins_credentials
resources are assigned a GLOBAL
scope.
jenkins_job
This resource manages Jenkins jobs
Actions
- :create
- :delete
- :disable
- :enable
- :build
The resource is fully idempotent and convergent. It also supports why-run mode.
The :create
action requires a Jenkins job config.xml
. This config file must exist on the target node and contain a valid Jenkins job configuration file. Because the Jenkins CLI actually reads and generates its own copy of this file, do NOT write this configuration inside of the Jenkins job. We recommend putting them in Chef's file cache path:
xml = File.join(Chef::Config[:file_cache_path], 'bacon-config.xml') # You could also use a `cookbook_file` or pure `file` resource to generate # content at this path. template xml do source 'custom-config.xml.erb' end # Create a jenkins job (default action is `:create`) jenkins_job 'bacon' do config xml end
jenkins_job 'bacon' do action :delete end
You can disable a Jenkins job by specifying the :disable
option. This will disable an existing job, if and only if that job exists and is enabled. If the job does not exist, an exception is raised.
jenkins_job 'bacon' do action :disable end
You can enable a Jenkins job by specifying the :enable
option. This will enable an existing job, if and only if that job exists and is disabled. If the job does not exist, an exception is raised.
jenkins_job 'bacon' do action :enable end
You can execute a Jenkins job by specifying the :build
option. This will run the job, if and only if that job exists and is enabled. If the job does not exist, an exception is raised.
jenkins_job 'my-parameterized-job' do parameters( 'STRING_PARAM' => 'meeseeks', 'BOOLEAN_PARAM' => true, ) # if true will live stream the console output of the executing job (default is true) stream_job_output true # if true will block the Chef client run until the build is completed or aborted (defaults to true) wait_for_completion true action :build end
jenkins_view
This resource manages Jenkins view
Actions
- :create
- :delete
The resource is fully idempotent and convergent as long as you're not using free hand code. It also supports whyrun mode.
The :create
action requires an array of jobs:
jenkins_view 'ham' do jobs [ "pig", "giraffe" ] end
The :delete
action deleted a configured view:
jenkins_view 'ham' do action :delete end
It is possible to pass a snippet of groovy code in order to create more sophisticated views, the idea is to override the create_view
and configure_view
groovy closures.
code = <<-GROOVY create_view = { name -> // Return a new view return new BuildPipelineView(...) } configure_view = { view -> // Configure view view.setCssUrl("") } GROOVY jenkins_view 'pipline_view' do code code action :create end
Please note that if you pass code
, it will always run the :create
action as the provider cannot determine when a change has to be made and when not.
jenkins_proxy
This resource manages Jenkins HTTP proxy information
Actions
- :config
- :remove
This uses the Jenkins groovy API to configure the HTTP proxy information, that is provided on the Advanced tab of the Plugin Manager.
The :config
action idempotently configure the Jenkins HTTP proxy information on the current node. The proxy attribute corresponds to the proxy server name and port number that have to use on the target node. You may also specify a list of no proxy host names with the noproxy attribute. The default is localhost and 127.0.0.1.
# Basic proxy configuration jenkins_proxy '1.2.3.4:5678' # Expanded proxy configuration jenkins_proxy '5.6.7.8:9012' do noproxy ['localhost', '127.0.0.1', 'nohost', '*.nodomain'] end
The :remove
action removes the Jenkins HTTP proxy information from the system.
jenkins_proxy '1.2.3.4:5678' do action :remove end
jenkins_plugin
This resource manages Jenkins plugins.
Actions
- :install
- :uninstall
- :enable
- :disable
This uses the Jenkins CLI to install plugins. By default, it does a cold deploy, meaning the plugin is installed while Jenkins is still running. Some plugins may require you restart the Jenkins instance for their changed to take affect.
- This resource does not install plugin dependencies from a a given hpi/jpi URL or a specific version - you must specify all plugin dependencies or Jenkins may not startup correctly!
The :install
action idempotently installs a Jenkins plugin on the current node. The name attribute corresponds to the name of the plugin on the Jenkins Update Center. You can also specify a particular version of the plugin to install. Finally, you can specify a full source URL or local path (on the node) to a plugin.
# Install the latest version of the greenballs plugin and all dependencies jenkins_plugin 'greenballs' # Install version 1.3 of the greenballs plugin and no dependencies jenkins_plugin 'greenballs' do version '1.3' end # Install a plugin from a given hpi (or jpi) and no dependencies jenkins_plugin 'greenballs' do source 'http://updates.jenkins-ci.org/download/plugins/greenballs/1.10/greenballs.hpi' end
Depending on the plugin, you may need to restart the Jenkins instance for the plugin to take affect:
jenkins_plugin 'a_complicated_plugin' do notifies :restart, 'service[jenkins]', :immediately end
For advanced users, this resource exposes an options
attribute that will be passed to the installation command. For more information on the possible values of these options, please consult the documentation for your Jenkins installation.
jenkins_plugin 'a_really_complicated_plugin' do options '-deploy -cold' end
The :uninstall
action removes (uninstalls) a Jenkins plugin idempotently on the current node.
jenkins_plugin 'greenballs' do action :uninstall end
The :enable
action enables a plugin. If the plugin is not installed, an exception is raised. If the plugin is already enabled, no action is taken.
jenkins_plugin 'greenballs' do action :enable end
The :disable
action disables a plugin. If the plugin is not installed, an exception is raised. If the plugin is already disabled, no action is taken.
jenkins_plugin 'greenballs' do action :disable end
NOTE You may need to restart Jenkins after changing a plugin. Because this varies on a case-by-case basis (and because everyone chooses to manage their Jenkins infrastructure differently) this resource does NOT restart Jenkins for you.
jenkins_slave
NOTE The use of the Jenkins user resource requires the Jenkins SSH credentials plugin. This plugin is not shipped by default in jenkins 2.x.
This resource manages Jenkins slaves, supporting the following actions:
:create, :delete, :connect, :disconnect, :online, :offline
The following slave launch methods are supported:
- JNLP/Java Web Start - Starts a slave by launching an agent program through JNLP. The launch in this case is initiated by the slave, thus slaves need not be IP reachable from the master (e.g. behind the firewall). This launch method is supported on *nix and Windows platforms.
-
SSH - Jenkins has a built-in SSH client implementation that it can use to talk to remote
sshd
daemon and start a slave agent. This is the most convenient and preferred method for Unix slaves, which normally hassshd
out-of-the-box.
The jenkins_slave
resource is actually the base resource for several resources that map directly back to a launch method:
-
jenkins_jnlp_slave
- As JNLP Slave connections are slave initiated, this resource should be part of a slave's run list. -
jenkins_ssh_slave
- As SSH Slave connections are master initiated, this resource should be part of a master's run list.
The :create
action idempotently creates a Jenkins slave on the master. The name attribute corresponds to the name of the slave (which is also used to uniquely identify the slave).
# Create a basic JNLP slave jenkins_jnlp_slave 'builder' do description 'A generic slave builder' remote_fs '/home/jenkins' labels ['builder', 'linux'] end # Create a slave launched via SSH jenkins_ssh_slave 'executor' do description 'Run test suites' remote_fs '/share/executor' labels ['executor', 'freebsd', 'jail'] # SSH specific attributes host '172.11.12.53' # or 'slave.example.org' user 'jenkins' credentials 'wcoyote' launch_timeout 30 ssh_retries 5 ssh_wait_retries 60 end # A slave's executors, usage mode and availability can also be configured jenkins_jnlp_slave 'smoke' do description 'Runs a series of high-level smoke tests' remote_fs '/home/jenkins' executors 5 usage_mode 'exclusive' availability 'demand' in_demand_delay 1 idle_delay 3 labels ['runner', 'fast'] # List of groups to run the slave service under service_groups ['jenkins', 'docker'] end # Create a slave with a full environment jenkins_jnlp_slave 'integration' do description 'Runs the high-level integration suite' remote_fs '/home/jenkins' labels ['integration', 'rails', 'ruby'] environment( RAILS_ENV: 'test', GCC: '1_000_000_000' ) end # Windows JNLP slave jenkins_windows_slave 'mywinslave' do remote_fs 'C:/jenkins' user '.\Administrator' password 'MyPassword' end
The :delete
action idempotently removes a slave from the cluster. Any services used to manage the underlying slave process will also be disabled.
jenkins_jnlp_slave 'builder' do action :delete end jenkins_ssh_slave 'executor' do action :delete end
The :connect
action idempotently forces the master to reconnect to the specified slave. You can use the base jenkins_slave
resource or any of its children to perform the connection.
jenkins_slave 'builder' do action :connect end jenkins_ssh_slave 'executor' do action :connect end
The :disconnect
action idempotently forces the master to disconnect the specified slave. You can use the base jenkins_slave
resource or any of its children to perform the connection.
jenkins_slave 'builder' do action :disconnect end jenkins_ssh_slave 'executor' do action :disconnect end
The :online
action idempotently brings a slave back online. You can use the base jenkins_slave
resource or any of its children to bring the slave online.
jenkins_slave 'builder' do action :online end jenkins_ssh_slave 'executor' do action :online end
The :offline
action idempotently takes a slave temporarily offline. An optional reason for going offline can be provided with the offline_reason
attribute. You can use the base jenkins_slave
resource or any of its children to take a slave offline.
jenkins_slave 'builder' do action :offline end jenkins_ssh_slave 'executor' do offline_reason 'ran out of energon' action :offline end
NOTE It's worth noting the somewhat confusing differences between disconnecting and off-lining a slave:
-
Disconnect - Instantly closes the channel of communication between the master and slave. Currently executing jobs will be terminated immediately. If a slave is configured with an availability of
always
the master will attempt to reconnect to the slave. - Offline - Keeps the channel of communication between the master and slave open. Currently executing jobs will be allowed to finish, but no new jobs will be scheduled on the slave.
jenkins_user
NOTE The use of the Jenkins user resource requires the Jenkins mailer plugin. This plugin is not shipped by default in jenkins 2.x.
This resource manages Jenkins users, supporting the following actions:
:create, :delete
This uses the Jenkins groovy API to create users.
The :create
action idempotently creates a Jenkins user on the current node. The id attribute corresponds to the username of the id of the user on the target node. You may also specify a name, email, and list of SSH keys.
# Create a Jenkins user jenkins_user 'grumpy' # Create a Jenkins user with specific attributes jenkins_user 'grumpy' do full_name 'Grumpy Dwarf' email 'grumpy@example.com' public_keys ['ssh-rsa AAAAB3NzaC1y...'] end
The :delete
action removes a Jenkins user from the system.
jenkins_user 'grumpy' do action :delete end
Caveats
Authentication
If you use or plan to use authentication for your Jenkins cluster (which we highly recommend), you will need to set a special value in the run_context
:
node.run_state[:jenkins_private_key]
The underlying executor class (which all HWRPs use) intelligently adds authentication information to the Jenkins CLI commands if this value is set. The method used to generate and populate this key-pair is left to the user:
# Using search master = search(:node, 'fqdn:master.ci.example.com').first node.run_state[:jenkins_private_key] = master['jenkins']['private_key'] # Using encrypted data bags and chef-sugar private_key = encrypted_data_bag_item('jenkins', 'keys')['private_key'] node.run_state[:jenkins_private_key] = private_key
The associated public key must be set on a Jenkins user. You can use the jenkins_user
resource to create this pairing. Here's an example that loads a keypair and assigns it appropriately:
jenkins_keys = encrypted_data_bag_item('jenkins', 'keys') require 'openssl' require 'net/ssh' key = OpenSSL::PKey::RSA.new(jenkins_keys['private_key']) private_key = key.to_pem public_key = "#{key.ssh_type} #{[key.to_blob].pack('m0')}" # Create the Jenkins user with the public key jenkins_user 'chef' do public_keys [public_key] end # Set the private key on the Jenkins executor node.run_state[:jenkins_private_key] = private_key
Please note that older versions of Jenkins (< 1.555) permitted login via CLI for a user defined in Jenkins configuration with an SSH public key but not present in the actual SecurityRealm, and this is no longer permitted. If an operation requires any special permission at all, you must authenticate as a real user. This means that if you have LDAP or GitHub OAuth based authn/authz enabled the user you are using for configuration tasks must have an associated account in the external services. Please see JENKINS-22346 for more details.
If (and only if) you have your Jenkins instance configured to use the PAM (Unix user/group database) security realm you can set the username and password the CLI uses via these two run_context
values:
node.run_state[:jenkins_username] node.run_state[:jenkins_password]
Jenkins 2
Jenkins 2 enables an install wizard by default. To make sure you can manipulate the jenkins instance, you need to disable the wizard. You can do this by setting an attribute:
default['jenkins']['master']['jvm_options'] = '-Djenkins.install.runSetupWizard=false'
This is done by default, but must be kept when overriding the jvm_options!
Proxies
If you need to pass through a proxy to communicate between your masters and slaves, you will need to set a special node attribute:
node['jenkins']['executor']['proxy']
The underlying executor class (which all HWRPs use) intelligently passes proxy information to the Jenkins CLI commands if this attribute is set. It should be set in the form HOST:PORT
:
node.normal['jenkins']['executor']['proxy'] = '1.2.3.4:5678'
Development
Please see the [Contributing](CONTRIBUTING.md) and [Testing](TESTING.md) Guidelines.
Contributors
This project exists thanks to all the people who contribute.
Backers
Thank you to all our backers!
Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website.
jenkins Cookbook CHANGELOG
This file is used to list changes made in each version of the jenkins cookbook.
9.3.0 - 2021-08-31
- Add
jnlp_options
for Windows agents
9.2.1 - 2021-08-30
- Standardise files with files in sous-chefs/repo-management
- Various Cookstyle fixes
9.2.0 - 2021-08-29
- Include yum-epel cookbook on RHEL platforms for new daemonize package dependency
- Add new
update_center_sleep
attribute to set the time to wait for updates to quiesce in Jenkins
9.1.0 - 2021-08-11
- Added option for jenkins-cli authentication with a credential file - @amcappelli and @ddegoede
9.0.0 - 2021-07-19
- Remove runit dependency
- Use systemd units instead of runit services
Breaking Changes / Deprecations
-
jenkins_jnlp_slave
:- Renamed
runit_groups
property toservice_groups
- New service created -- old Runit service will need manual cleanup
- Renamed
-
jenkins::_master_war
:- New service created -- old Runit service will need manual cleanup
8.2.3 - 2021-03-25
- Cookstyle fixes
8.2.2 - 2021-03-10
- Allow setting of
JENKINS_ENABLE_ACCESS_LOG
for Rhel based controllers - @mbaitelman
8.2.1 - 2021-02-10
- Fix idempotency issue with
jenkins_user
when users have more than one public key
8.2.0 - 2021-02-08
- Sous Chefs Adoption
- Fix deprecation warnings
- Cookstyle fixes
- Install missing font packages
- Remove Amazon Linux 1 and EL 6 testing
- Allow anonymous admin access during testing
- Add MAXOPENFILES to RHEL systems
8.1.0 - 2020-12-01
- Fix the implementation of the cli user/password authentication method - @ddegoede
8.0.4 - 2020-11-24
- Retry jenkins CLI command without authenticating after receiving an HTTP 401. - @nuclearsandwich
8.0.3 - 2020-11-23
- Remove touch command run as root from .war-based service definition - @davidsainty
8.0.2 (2020-09-14)
- jenkins_job: Dont quote param unnecessarily - @mbaitelman
8.0.1 (2020-08-27)
- Remove .NET 2.0 from the Windows nodes as this is no longer supported by Jenkins- @mbaitelman
8.0.0 (2020-07-14)
- Fixed groovy indentation errors in the generated code - @ddegoede
- Set default CLI protocol attribute to http now that remoting is deprecated in newer Jenkins releases - @rjbaker
- Adding support for SSH Slaves/SSH Build Agents plugin version >= 1.30 - @joemillerr
- Added attribute value for directory mode for jenkins directories
- Update resources so they can be found by chef 16 - @codayblue
- Remove support for EOL Ubuntu < 16.04 in the java recipe - @tas50
- Update java recipe to install openjdk-1.8.0 on Debian - @tas50
- resolved cookstyle error: spec/recipes/java_spec.rb:6:7 warning:
ChefDeprecations/DeprecatedChefSpecPlatform
- resolved cookstyle error: libraries/credentials_file.rb:91:33 convention:
Style/HashEachMethods
- resolved cookstyle error: libraries/credentials_secret_text.rb:114:33 convention:
Style/HashEachMethods
- resolved cookstyle error: libraries/credentials_user.rb:81:33 convention:
Style/HashEachMethods
- resolved cookstyle error: libraries/slave.rb:401:33 convention:
Style/HashEachMethods
- resolved cookstyle error: libraries/slave_jnlp.rb:64:14 warning:
ChefDeprecations/ChefWindowsPlatformHelper
- resolved cookstyle error: libraries/slave_jnlp.rb:91:83 warning:
ChefDeprecations/ChefWindowsPlatformHelper
- resolved cookstyle error: libraries/slave_jnlp.rb:95:17 warning:
ChefDeprecations/ChefWindowsPlatformHelper
7.1.2 (2020-03-05)
- Add the actions back to the resources - @tas50
- Add redundant name attributes - @tas50
- Avoid chefspec deprecation warnings - @tas50
7.1.1 (2020-03-05)
- Simplify platform check logic - @tas50
- Remove unnecessary foodcritic comments - @tas50
- Cookstyle fixes - @tas50
- Switch to install_adoptopenjdk resource in java cookbook 7.0 for testing - @tas50
7.1.0 (2019-11-29)
- Ajp13 Port from attributes - @rnt
- Debug level for logs from attributes - @rnt
- Maximum number of HTTP worker threads from attributes - @rnt
- Maximum number of idle HTTP worker threads from attributes - @rnt
- Fix typo in java.rb recipe. - @jugatsu
- Auto accept Chef licenses when running tests - @rjbaker
- Switch to openjdk in testing since Oracle jdk artifacts have been removed - @rjbaker
- Cookstyle 5.10 fixes - @tas50
- Additional cookstyle fixes - @tas50
7.0.0 (2019-04-30)
- Require Chef 13 or later - @Stromweld
- Do not quote boolean parameters in the job resource - @mbaitelman
- Resolve ProviderNotFound error in jenkins_view resource - @eitoball
- Support installation on Debian 9 - @mattray
- Wire up JENKINS_ENABLE_ACCESS_LOG to attributes in the config - @mattray
- Fix the executor to -auth instead of --username, --password on the Jenkins CLI - Jakob Pfeiffer
- JNLP slave is configured to not use all the groups of the jenkins user - @jonathanan
- Update plugin resource to work with newer versions of Jenkins which handles dependencies and removes need for additional plugin method. This deprecated the install_deps property previously required - @Stromweld
6.2.1 (2018-11-14)
- @josh-barker entirely rewrote our test suites. Suites have been consolidated, everything now passes, and all validation is performed with all new InSpec tests. Thanks Josh for this massive improvement.
- Fix bug when remote plugin is not found in plugin universe
- Fix broken delete action for jnlp slave
- Fix cloning resources attributes for/var/lib/jenkins
- Set httpKeepAliveTimeout to 5 minutes so that connections are not closed too early
- Increase slave launch timeout to 2 minutes for slow systems
- Add documentation about slave failure due to slow performance
- Mark windows template sensitive if setting password, remove default '.' for windows users domain
6.2.0 (2018-07-30)
- Code improvement for custom plugin update centre
- Don't fail on deprecations for now
- Remove respond_to? on chef_version in metadata
- Fix jenkins_view and jenkins_user resource errors
6.1.0 (2018-07-24)
- Added new jenkins_view resource
- Added new jenkins_proxy resource
- Allow jenkins_script to execute a groovy script on disk
6.0.0 (2018-02-16)
- Require Chef 12.14+ and remove compat_resource dependency
5.0.6 (2018-01-15)
- windows slave fixes
5.0.5 (2017-11-22)
- If the installed plugin version is a SNAPSHOT let it be instead of checking versions for updates
- Allow Jenkins to read system environment variables
- Fix permissions on /var/xxx/jenkins folders for Debian/CentOS
- Plugins: User & Group should be read from attributes
- Resolve Chef 13 failures by not passing new_resource into runit_service
5.0.4 (2017-08-28)
- Modified case statements to support package installation on Amazon Linux
- Changes endpoint for 'wait_until_ready' helper
- Fix permissions for plugin files downloaded from update center
- Wait for Jenkins in case of EADDRNOTAVAIL
- Change groovy scripts to use stdin instead of file. Fixes #620
- And change test to expect new format
- Ensure that we only reject the '-i key' part and not, for instance, parts that contain '-i' in larger strings.
5.0.3 (2017-07-04)
- Removed mention of Amazon Linux support from the readme. We will support this in the future, but at the moment the cookbook does not actually support Amazon Linux
- Note that Package installs of Jenkins now require Debian 9+ and Ubuntu 16.04+ due to Jenkins 2.66 now requiring Java 8 packages to be present
- Fix credentials_private_key to handle passphrase being nil
- Improve idempotence of user resource in case properties are not defined in the new resource
- Make sure plugin path has file:// appended
- Fix some typos in credentials_user that caused failures
- Remove foodcritic file we no longer need
- Remove the rakefile since we have delivery local mode now
- Remove maintainers logic and instead include a maintainers blurb in the readme
- Speed up specs and resolve deprecations
5.0.2 (2017-06-14)
- Fix regex for falling back to anonymous for failed authentication
5.0.1 (2017-05-01)
- Add -remoting option that is required due to Jenkins issue. Attribute
['jenkins']['executor']['protocol']
has been added to allow for using the deprecated remoting option (default) or ssh/http in which attribute['jenkins']['executor']['cli_user']
needs to be assigned.
5.0.0 (2017-03-08)
Improvements
- Add support for 2.x (daften)
- Change default to stable, adding channel toggle #575 (cheeseplus)
- Use
dpkg_autostart
to prevent service from starting post install - Fix update-center.json URL
- Fix Jenkins home dir creation on Ubuntu for package installs #576 (cheeseplus)
- Lots of testing and CI fixes
4.2.1 (2017-01-18)
- Fix the repo URL for RHEL based systems.
4.2.0 (2017-01-17)
- updated the jenkins url and keys for redhat in the attributes
- Remove superfluous call ensure_update_center_present to update center
- Allow overriding of maxopenfiles with a new attribute
- Require the latest compat_resource
4.1.2 (2016-11-03)
- Fix undefined java method
4.1.1 (2016-11-02)
- Fix issue #531
4.1.0 (2016-10-25)
- Add SSH retry attributes and testing to the slave_ssh resource
- Fix Issue #205 allow user groups of runit process owner
4.0.1 (2016-10-18)
- Fix NotImplementedError by removing the use of the Chef::Resource::RESOURCENAME
4.0.0 (2016-10-17)
- Changes how credentials are created, using the id rather than username to fix Issue #447
3.1.1 (2016-10-17)
- Fix implicit argument passing of super Issue #524
- Fix ECDSA check
- include_recipe instead of using recipe_eval in slave_jnlp library
3.1.0 (2016-10-07)
- Fix conversion of multiline string from Ruby to Groovy
- Check for the mailer plugin's availability
- Support ECDSA private keys in addition to RSA keys.
- add use_inline_resources and use action DSL helper in all providers
3.0.0 (2016-10-01)
- apt and yum cookbook dependencies have been replaced with compat_resource
- Base /etc/yum.conf and apt-get update are no longer provided by this cookbook. Both of these tasks were beyond the scope of this cookbook
- The Java recipe has been deprecated. Picking the right Java JDK is a complex task that depends not only on technical issues, but licensing requirements. The Java cookbook should be included in your wrapper cookbook so you can decide between openJDK and Oracle JDK
- The node name has been removed from all configs to make building AMIs or containers easier
- A new attribute has been added to configure file limits for the Java process. See the attributes file for details
- Add chef_version metadata
- Allow using Runit 2.0 cookbook by loosening the dependencies
- Replace node.set with node.normal to avoid deprecation warnings
- Remove the FQDN from the jenkins-slave template
- Add build matcher for jenkins_job
- Require Chef 12.1 not 12.0
- Add platform support to the metadata
- Add basic server testing in Travis CI with kitchen-dokken. More to come!
v2.6.0 (2016-06-14)
- Clarify that this cookbook only supports Chef 12+
- Add the ability to specify jvm_options for executors
- Remove the pin of the apt cookbook in the metadata to the 2.X release
- Switch ruby linting to Cookstyle from Rubocop
v2.5.0 (2016-05-12)
- Increased the required Runit cookbook to 1.7
- Added a new :build action to jenkins_job. See the readme for details
- Updated custom resource format to conform to best practices
- Added support for secret text credentials. See the readme for details
- JENKINS_USER and JENKINS_GROUP can now be set via attribute
- Changed remote directory resource to work with domain users in the windows slave resource
- Refactored user credentials code to new intermediate class
- Fixed the path to the jar cache in the jenkins slave .bat file
- Resolved warnings when using the windows slave resource
- Fixed bad documentation around remote file checksums
- Resolved failing Foodcritic warnings
- Added Chefspec matchers
- Added source_url and issues_url to the metdata for Supermarket
- Resolved Rubocop warnings
- Fixed a label typo in the serverspecs
- Added our standard contributing and testing docs
- Added a Rakefile for simplified testing
- Updated .gitignore and chefignore files to use the standard Chef varieties
- Added testing in Travis CI with docker
v2.4.1 (2015-09-10)
Bug
- Make slave_exe resource only get created if it is missing.
v2.4.0 (2015-09-03)
Bug
- Ensure Jenkins home directory has correct ownership after package installation
- Fix for NPE when creating already registered slave with env vars defined
- Fix ArgumentError when comparing two versions not of the same type
- Don't mutate value when converting to Groovy; Fixes #371
Improvement
- Automatically add "Logon As A Service" right to Windows slaves
- Allow optional 'keyserver' attribute for apt
- Add a
MAINTAINERS
file
v2.3.1 (2015-05-19)
Bug
- Fix Travis badge
- Re-enable lazy attribute defaults in LWRP workaround for Chef 11
- Properly escape single quotes in Groovy code
Improvement
- Download update center metadata every time
v2.3.0 (2015-05-14)
New Feature
- Add stable source support for package installation
- Add support for
jvm_options
onslave_ssh
resource - Support executing commands prior to launching Jenkins Windows slave
- Add username/password support to executor
Improvement
- Remove EOL Ruby, update with current supported Rubies
- Update
.kitchen.yml
- Use ChefDK for all Travis testing
- Fix all Rubocop 0.28.0 style errors
- Create system user and group for jnlp slave if
use_system_account
flag is set. -
jenkins_plugin
: Do a better job understanding "latest" version - Mark all credential resources as sensitive; Fixes #288
- Password credentials ID does not need to be a UUID
- Restart Windows service on failure; Fixes #334
- Re-install the Windows service if the winsw XML changes
- Properly restart the service if the slave jar is updated
Bug
- Instantiate Windows-specific resource class; Fixes #336
- Need to escape the
\n
when there are multiple public keys.
v2.2.2 (2015-01-15)
Bug
- Gem::Version raising ArgumentError for weirdly versioned Jenkins plugins
- Force UTF-8 encoding when parsing update center JSON
- README grammar fixes
v2.2.1 (2014-12-02)
Bug
- Ensure Win service install command respects alternate service names
v2.2.0 (2014-12-02)
Bug
- Handle jobs that do not have a
disabled
attribute - Remove unneeded service restart in Windows slaves
- Update Jenkins service check to use
WIN32OLE
- Properly quote executor file paths cause $WINDOWS
- Properly escape backslashes in generated Groovy code
- Jenkins timeout shouldn't rescue Net::HTTP timeout
- Make sure Net::HTTP#use_ssl is turned on for https end-point
- Wrap converted Groovy strings in single quotes
- Recover from commands executed with unknown credentials. This should also fix some cases of JENKINS-22346.
Improvement
- Use atomic updates when downloading the slave JAR
- Create the
slave.jar
in a slave's JENKINS_HOME - Support a checksum attribute for
winsw.exe
download - Support setting the
PATH
on Windows slave - Add .NET 4.0 compat fix for
winsw
- Restart services when
slave.jar
is updated - Allow
jenkins_slave
to be used as a standalone resource - Add attribute for configuring Runit sv_timeout on masters installed from war
- Add attribute for creating
jenkins
user as a system account - Allow
Executor#execute!
to pass options to underlyingShellout
instance. - Set the senstive attribute for the jenkins cli private key file
- Don't backup plugins on uninstall
- Properly allow installation of specific versions of a plugin. Previously this only worked when a source URL was provided.
- Optionally ensure a plugin's dependencies are installed before proceeding with it's installation
- Handle plugin downgrades correctly (requires an uninstall of existing, newer version).
v2.1.2 (2014-07-02)
- Fix a bug where
jenkins_windows_slave
was being called asjenkins_jnlp_slave
v2.1.1 (2014-06-30)
- Use the update-center to install plugins and their dependencies
- Handle
super
calls correctly inload_current_resource
- Backport Chef patches to temporary libraries
- Default
Slave#environment
tonil
instead of{}
- Fix a bug where
super
was called in DSL methods
v2.1.0 (2014-06-26)
- Change Jenkins command prefix to use the slave object
- Escape data given to the executor
- Always read plugin manifest files as UTF
- Typo: Shelllwords -> Shellwords
- Upgrade to Berkshelf 3
- Add ChefSpec tests for recipes
- Add Jenkins::Executor tests
- Bug: Use ::File instead of File
- Remove foodcritic
- Fix Rubocop warnings
- Only create user, group and directories on war installations
- Only create supporting resources on JNLP slaves
- Split
jnlp
andssh
slave fixtures - Document that SSH slaves should be created on the master
- Ensure compiled attributes respect overrides
- Ensure plugin installs respect global mirror setting
- Add fallback to
jenkins_slave
matcher if authn is enabled - Update authn int tests to load private key from data bag item
- Add integration test coverage for smoke tests
- Add support for listening on a specific address
- Allow user to specify the password
- Use a temporary file to run groovy scripts
- Use executor['timeout'] for timeout in ShellOut in executor.execute!
- Give timeout a default value (60) in the executor
- Ignore Errno::ENETUNREACH until timeout
- Fix a bug in default windows domain name
- Update winsw version to 1.16
- Upgrade to ChefSpec 4 and fix CI
- Use the run_state to store sensitive information
- Switch to LWHRPS for everything
- Handle nil values in credentials comparison
- Add ChefSpec matchers for all LWRPs
- Don't automatically restart after plugin installation
- Add the ability to pass in a list of additional options in
jenkins_plugin
- Specify actions and default_action in inherited resources
v2.0.2 (2014-01-30)
- Add support for prefix and suffix commands on SSH nodes
- Don't commit documentation into git
- Fix YARD-generated documentation
- Fix plugin output parsing
- Accept a 403 response, indicating the server is "ready"
- Use a custom URI joining method
- Document the need for the Jenkins credentials plugin
- Fix a typo in the slave jar URL
- Fix typos in README
- Fix grammar in the Jenkins helper error
- Update Rubocop
v2.0.0 (2014-01-14)
This is a major refactor of the Jenkins cookbook and is not backwards-compatible.
- Updated to the latest gems
- Added a full Test Kitchen integration suite for every resource
- Added Rubocop + Foodcritic + Travis
- Updated contributing guidelines
- Updated issue reporting guidelines
- Refactored README format - attribute documentation is now inline. Please see the specific attribute file for documentation, rather than a verbose README
- Added a Rakefile for encapsulating commands
- Move testing instructions into contribution guidelines
- Remove old TODO file
-
Refactor attributes into semantic groupings and namespaces
-
jenkins.cli
has been removed -
jenkins.java_home
has been changed tojenkins.java
and accepts the full path to the java binary, not the JAVA_HOME -
jenkins.iptables_allow
has been removed -
jenkins.mirror
->jenkins.master.mirror
-
jenkins.executor
created -
jenkins.executor.timeout
created -
jenkins.executor.private_key
created -
jenkins.executor.proxy
created -
jenkins.master
created and only refers to the Jenkins master installation -
jenkins.master.source
created to refer to the full URL of the war download -
jenkins.master.jvm_options
created -
jenkins.master.jenkins_args
added -
jenkins.master.url
->jenkins.master.endpoint
-
jenkins.master.log_directory
created -
jenkins.node
attributes have all been removed -
jenkins.server
attributes have all been removed
-
Removed Chef MiniTest handler
Created a new executor class for running commands through the CLI
Create
jenkins_command
resource for executing arbitrary commands against the Jenkins CLICreate
jenkins_script
resource for executing arbitrary groovy scripts agains the Jenkins CLICreate
jenkins_credentials
resource for creating and managing Jenkins credentialsRefactor
jenkins_job
resource for creating and managing jobsRefactor
jenkins_plugin
resource for creating and managing pluginsCreate
jenkins_slave
(and sub-resources) for managing Jenkins slaves (formerly called "nodes")Add
jenkins_user
resource for creating and managing usersRemove dependencies on java, apache2, nginx, and iptables
Remove
jenkins_cli
resource (it's been replaced byjenkins_command
)Remove
jenkins_execute
resource (it's been replaced byjenkins_command
)Remove the pesky "block_until_operational" Ruby block
Remove
jenkins_node
resource (it's now a series ofjenkins_slave
resources)Don't pin plugins (users should explictly provide a version to ensure pinning)
Upgrade apt and yum dependencies
Allow full customization of the war file download URL
Remove apache2 proxy, nginx proxy, and iptables support; they are outside the scope of this cookbook and add unnecessary complication
Default recipe has been removed
Iptables recipe has been removed
Added a very basic Java recipe with caveats
Added a Jenkins master recipe (formerly called "server")
Removed "node" recipes - they have all been replaced by HWRPs
Removed proxy recipes
Updated Debian and RedHat templates to the latest version
Added the ability to add authentication
Added custom ServerSpec matchers
"node" renamed to "slave"
"server" renamed to "master"
v1.2.2
Bug
- COOK-3742 - Remove trailing comma (restores compatability with Ruby 1.8)
v1.2.0
Improvement
- COOK-3710 - Allow winsw url to be changed with a node attribute
Bug
-
COOK-3709 - Use correct attribute value for
java_home
- COOK-3701 - Fix a refactor bug where a template variable was removed that was used in a nested template
- COOK-3594 - Fix MiniTest Chef Handler tests for directory permissions
v1.1.0
Bug
- COOK-3683 - Fix plugin provider failures finding the current plugin version
- COOK-3667 - Unbreak Travis-CI integration
- COOK-3623 - Fix issue where plugins were never updated even if you bump the plugin version in attributes
-
COOK-3620 - Fix Jenkins
_node_jnlp_test.rb
assumptions -
COOK-3517 - Various bug fixes for
jenkins::windows
- COOK-3516 - Fix Jenkins slaves that use JNLP when Jenkins has security enabled
New Feature
- COOK-3619 - Support intermediate SSL certificates
Improvement
- COOK-3587 - Adding minitest-handler to the runlist for the node suite in Jenkins cookbook
v1.0.0
- Initial Chef Software release
v0.7.0
- Initial import from Heavywater upstream: https://github.com/heavywater/chef-jenkins
Collaborator Number Metric
9.3.0 passed this metric
Contributing File Metric
9.3.0 passed this metric
Foodcritic Metric
9.3.0 passed this metric
No Binaries Metric
9.3.0 passed this metric
Testing File Metric
9.3.0 passed this metric
Version Tag Metric
9.3.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
9.3.0 passed this metric
9.3.0 passed this metric
Foodcritic Metric
9.3.0 passed this metric
No Binaries Metric
9.3.0 passed this metric
Testing File Metric
9.3.0 passed this metric
Version Tag Metric
9.3.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
9.3.0 passed this metric
9.3.0 passed this metric
Testing File Metric
9.3.0 passed this metric
Version Tag Metric
9.3.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
9.3.0 passed this metric
9.3.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number