• R/O
  • HTTP
  • SSH
  • HTTPS

grid-chef-repo: Commit

Grid環境構築用のChefリポジトリです。


Commit MetaInfo

Revision422b374e68aab6d1a64b626adb56686f200d9e36 (tree)
Zeit2017-08-11 18:48:58
Autorwhitestar <whitestar@user...>
Commiterwhitestar

Log Message

includes the ssl_cert::server_key_pairs recipe automatically.

Ändern Zusammenfassung

Diff

--- a/cookbooks/jenkins-grid/.rubocop.yml
+++ b/cookbooks/jenkins-grid/.rubocop.yml
@@ -24,8 +24,10 @@ Style/RescueModifier:
2424 Enabled: false
2525 Style/SpaceBeforeFirstArg:
2626 Enabled: false
27+Style/SpaceInsideBlockBraces:
28+ Enabled: false
2729 Style/TrailingCommaInLiteral:
28- EnforcedStyleForMultiline: comma
30+ EnforcedStyleForMultiline: consistent_comma
2931 Style/WordArray:
3032 Enabled: false
3133
--- a/cookbooks/jenkins-grid/CHANGELOG.md
+++ b/cookbooks/jenkins-grid/CHANGELOG.md
@@ -1,5 +1,9 @@
11 # jenkins-grid CHANGELOG
22
3+0.2.4
4+-----
5+- includes the `ssl_cert::server_key_pairs` recipe automatically.
6+
37 0.2.3
48 -----
59 - adds default ports settings.
--- a/cookbooks/jenkins-grid/Gemfile
+++ b/cookbooks/jenkins-grid/Gemfile
@@ -1,3 +1,4 @@
11 source 'https://rubygems.org'
22
3-#gem 'foodcritic'
3+# with Chef DK
4+gem 'stove'
--- a/cookbooks/jenkins-grid/README.md
+++ b/cookbooks/jenkins-grid/README.md
@@ -76,7 +76,7 @@ override_attributes(
7676 'services' => {
7777 'jenkins' => {
7878 'restart' => 'always',
79- 'image' => 'jenkins:2.19.4',
79+ 'image' => 'jenkins:latest',
8080 'ports' => [
8181 '8080:8080',
8282 '50000:50000',
@@ -102,7 +102,7 @@ name 'jenkins-with-ssl-cert'
102102 description 'Jenkins setup with ssl_cert cookbook'
103103
104104 run_list(
105- 'recipe[ssl_cert::server_key_pairs]',
105+ #'recipe[ssl_cert::server_key_pairs]', # jenkins-grid <= 0.2.3
106106 'role[docker]',
107107 'recipe[jenkins-grid::docker-compose]',
108108 )
@@ -126,7 +126,7 @@ override_attributes(
126126 'services' => {
127127 'jenkins' => {
128128 'restart' => 'always',
129- 'image' => 'jenkins:2.19.4',
129+ 'image' => 'jenkins:latest',
130130 'expose' => [
131131 '8083', # for https
132132 ],
@@ -161,22 +161,24 @@ override_attributes(
161161 )
162162 ```
163163
164-### SSL server keys and certificates management by ssl_cert cookbook
164+### SSL server keys and certificates management by `ssl_cert` cookbook
165165
166166 - create vault items.
167167
168168 ```text
169-$ ruby -rjson -e 'puts JSON.generate({"private" => File.read("jenkins_io_example_com.prod.key")})' \
170-> > ~/tmp/jenkins_io_example_com.prod.key.json
169+$ ruby -rjson -e 'puts JSON.generate({"private" => File.read("jenkins.io.example.com.prod.key")})' \
170+> > ~/tmp/jenkins.io.example.com.prod.key.json
171171
172-$ knife vault create ssl_server_keys jenkins.io.example.com.prod \
173-> --json ~/tmp/jenkins_io_example_com.prod.key.json
172+$ ruby -rjson -e 'puts JSON.generate({"public" => File.read("jenkins.io.example.com.prod.crt")})' \
173+> > ~/tmp/jenkins.io.example.com.prod.crt.json
174+
175+$ cd $CHEF_REPO
174176
175-$ ruby -rjson -e 'puts JSON.generate({"public" => File.read("jenkins_io_example_com.prod.crt")})' \
176-> > ~/tmp/jenkins_io_example_com.prod.crt.json
177+$ knife vault create ssl_server_keys jenkins.io.example.com.prod \
178+> --json ~/tmp/jenkins.io.example.com.prod.key.json
177179
178180 $ knife vault create ssl_server_certs jenkins.io.example.com.prod \
179-> --json ~/tmp/jenkins_io_example_com.prod.crt.json
181+> --json ~/tmp/jenkins.io.example.com.prod.crt.json
180182 ```
181183
182184 - grant reference permission to the Jenkins host
@@ -190,7 +192,7 @@ $ knife vault update ssl_server_certs jenkins.io.example.com.prod -S 'name:jenki
190192
191193 ```ruby
192194 run_list(
193- 'recipe[ssl_cert::server_key_pairs]',
195+ #'recipe[ssl_cert::server_key_pairs]', # jenkins-grid <= 0.2.3
194196 'recipe[jenkins-grid::docker-compose]',
195197 )
196198
--- a/cookbooks/jenkins-grid/Rakefile
+++ b/cookbooks/jenkins-grid/Rakefile
@@ -1,10 +1,15 @@
11 require 'rspec/core/rake_task'
22 require 'rubocop/rake_task'
33 require 'foodcritic'
4+require 'stove/rake_task'
45
56 namespace :style do
67 desc 'Run Ruby style checks'
7- RuboCop::RakeTask.new(:ruby)
8+ RuboCop::RakeTask.new(:ruby) do |t|
9+ t.options = [
10+ '--auto-gen-config', # creates .rubocop_todo.yml
11+ ]
12+ end
813
914 desc 'Run Chef style checks'
1015 FoodCritic::Rake::LintTask.new(:chef) do |t|
@@ -20,4 +25,17 @@ task style: ['style:chef', 'style:ruby']
2025 desc 'Run ChefSpec examples'
2126 RSpec::Core::RakeTask.new(:spec)
2227
28+desc 'Publish cookbook'
29+Stove::RakeTask.new(:publish) do |t|
30+ t.stove_opts = [
31+ # `--username` and `--key` are set in ~/.stove typically.
32+ #'--username', 'somebody',
33+ #'--key', '~/chef/chef.io.example.com/somebody.pem',
34+ #'--endpoint', 'https://supermarket.io.example.com/api/v1', # default: supermarket.chef.io
35+ #'--no-ssl-verify',
36+ '--no-git',
37+ '--log-level', 'info',
38+ ]
39+end
40+
2341 task default: ['style', 'spec']
--- a/cookbooks/jenkins-grid/attributes/default.rb
+++ b/cookbooks/jenkins-grid/attributes/default.rb
@@ -2,7 +2,7 @@
22 # Cookbook Name:: jenkins-grid
33 # Attributes:: default
44 #
5-# Copyright 2016, whitestar
5+# Copyright 2016-2017, whitestar
66 #
77 # Licensed under the Apache License, Version 2.0 (the "License");
88 # you may not use this file except in compliance with the License.
@@ -39,7 +39,7 @@ default['jenkins-grid']['docker-compose']['config'] = {
3939 'services' => {
4040 'jenkins' => {
4141 'restart' => 'always',
42- 'image' => 'jenkins:2.19.4',
42+ 'image' => 'jenkins:latest',
4343 #'expose' => [
4444 # #'8083', # for https
4545 #],
--- /dev/null
+++ b/cookbooks/jenkins-grid/concourse.yml
@@ -0,0 +1,100 @@
1+---
2+# $ fly -t target sp -p jenkins-grid-cookbook -c concourse.yml -l fly-vars.yml -l ~/sec/credentials-prod.yml
3+resources:
4+- name: src-git
5+ type: git
6+ source:
7+ uri: ((git-id-osdn))@git.osdn.net:/gitroot/metasearch/grid-chef-repo.git
8+ branch: master
9+ paths:
10+ - cookbooks/((cookbook-name))
11+ private_key: ((git-private-key))
12+ git_user: ((git-user-osdn))
13+ #check_every: 1h # default: 1m
14+- name: chefdk-cache
15+ type: docker-image
16+ source:
17+ repository: chef/chefdk
18+ tag: ((chefdk-version))
19+ # ((param)) style: fly >= 3.2.0
20+ registry_mirror: https://((registry-mirror-domain)) # e.g. https://registry.docker.example.com:5000
21+ ca_certs:
22+ - domain: ((registry-mirror-domain)) # e.g. registry.docker.example.com:5000
23+ cert: ((docker-reg-ca-cert))
24+ check_every: 12h # default: 1m
25+
26+jobs:
27+- name: test-cookbook
28+ plan:
29+ - aggregate:
30+ - get: src-git
31+ params:
32+ depth: 5
33+ trigger: true
34+ - get: chefdk-cache
35+ - task: ci-build
36+ image: chefdk-cache
37+ params:
38+ http_proxy: ((http-proxy)) # e.g. http://proxy.example.com:3128
39+ #HTTP_PROXY: ((http-proxy))
40+ config:
41+ platform: linux
42+ #image_resource:
43+ # type: docker-image
44+ # source:
45+ # repository: chef/chefdk
46+ # tag: ((chefdk-version))
47+ # NG, setting disable
48+ #registry_mirror: https://((registry-mirror-domain))
49+ #ca_certs:
50+ #- domain: ((registry-mirror-domain))
51+ # cert: ((docker-reg-ca-cert))
52+ inputs:
53+ - name: src-git
54+ run:
55+ #dir: ./src-git/cookbooks/((cookbook-name))
56+ #path: rake
57+ path: /bin/bash
58+ args:
59+ - -c
60+ - |
61+ cd ./src-git/cookbooks/((cookbook-name))
62+ bundle install
63+ rake
64+- name: publish-cookbook
65+ plan:
66+ - aggregate:
67+ - get: src-git
68+ params:
69+ depth: 5
70+ trigger: false
71+ passed: [test-cookbook]
72+ - get: chefdk-cache
73+ passed: [test-cookbook]
74+ - task: publish
75+ image: chefdk-cache
76+ params:
77+ http_proxy: ((http-proxy))
78+ chef_username: ((chef-username))
79+ chef_client_key: ((chef-client-key))
80+ config:
81+ platform: linux
82+ inputs:
83+ - name: src-git
84+ run:
85+ path: /bin/bash
86+ args:
87+ - -c
88+ - |
89+ echo '{"username":"((chef-username))","key":"/root/chef-client-key.pem"}' > /root/.stove
90+ echo "$chef_client_key" > /root/chef-client-key.pem
91+ cd ./src-git/cookbooks/((cookbook-name))
92+ bundle install
93+ rake publish
94+ - put: src-git
95+ params:
96+ repository: src-git
97+ tag_prefix: ((cookbook-name))-
98+ tag: src-git/cookbooks/((cookbook-name))/version
99+ only_tag: true
100+ annotate: ../src-git/cookbooks/((cookbook-name))/version
--- /dev/null
+++ b/cookbooks/jenkins-grid/fly-vars.yml
@@ -0,0 +1,3 @@
1+---
2+cookbook-name: jenkins-grid
3+chefdk-version: 1.4.3
--- a/cookbooks/jenkins-grid/metadata.rb
+++ b/cookbooks/jenkins-grid/metadata.rb
@@ -5,9 +5,15 @@ maintainer_email ''
55 license 'Apache 2.0'
66 description 'Installs/Configures jenkins-grid'
77 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
8-version '0.2.3'
8+version IO.read(File.join(File.dirname(__FILE__), 'version')).chomp
99 source_url 'http://scm.osdn.jp/gitroot/metasearch/grid-chef-repo.git'
1010 issues_url 'https://osdn.jp/projects/metasearch/ticket'
1111
12+chef_version '>= 12'
13+supports 'ubuntu', '>= 14.04'
14+%w(centos redhat).each do |os|
15+ supports os, '>= 7.3'
16+end
17+
1218 depends 'docker-grid', '>= 0.3.6'
1319 depends 'ssl_cert', '>= 0.3.3'
--- a/cookbooks/jenkins-grid/recipes/docker-compose.rb
+++ b/cookbooks/jenkins-grid/recipes/docker-compose.rb
@@ -70,6 +70,7 @@ unless jenkins_home_path.nil?
7070 end
7171
7272 if node['jenkins-grid']['with_ssl_cert_cookbook']
73+ include_recipe 'ssl_cert::server_key_pairs'
7374 ::Chef::Recipe.send(:include, SSLCert::Helper)
7475 cn = node['jenkins-grid']['ssl_cert']['common_name']
7576 key_path = server_key_path(cn)
--- /dev/null
+++ b/cookbooks/jenkins-grid/version
@@ -0,0 +1 @@
1+0.2.4
--- a/roles/devops-suite-on-docker.rb
+++ b/roles/devops-suite-on-docker.rb
@@ -22,11 +22,14 @@ dockerd_extra_opts = [
2222 '--bip=192.168.100.1/24 --fixed-cidr=192.168.100.0/24',
2323 ].join(' ')
2424 network_mode_bridge = false
25-aptly_port = '7080' # default: 8080
26-aptly_api_port = '7081' # default: 8081
27-concourse_port = '8080'
28-gitlab_http_port = '80' # default: 80, Note: 8080 already in use.
29-gitlab_ssh_port = '2022'
25+aptly_port = '7080' # default: 8080
26+aptly_api_port = '7081' # default: 8081
27+concourse_port = '8080'
28+jenkins_port = '9080' # default: 8080
29+jenkins_agent_port = '50000' # default: 50000
30+jenkins_home_path = '/opt/docker-compose/app/jenkins/home'
31+gitlab_http_port = '80' # default: 80, Note: 8080 already in use.
32+gitlab_ssh_port = '2022'
3033 nexus_ver = '3'
3134 nexus_port = nexus_ver == '3' ? '8081' : '8071'
3235
@@ -36,6 +39,7 @@ run_list(
3639 'role[concourse-on-docker]',
3740 'role[gitlab-on-docker]',
3841 'role[gitlab-runner]',
42+ 'role[jenkins-on-docker]',
3943 "role[nexus#{nexus_ver}-on-docker]",
4044 )
4145
@@ -117,6 +121,23 @@ attrs = {
117121 'import_ca' => false,
118122 },
119123 },
124+ 'jenkins-grid' => {
125+ 'docker-compose' => {
126+ 'jenkins_home' => {
127+ 'path' => jenkins_home_path,
128+ },
129+ 'config' => {
130+ 'services' => {
131+ 'jenkins' => {
132+ 'ports' => [
133+ "#{jenkins_port}:8080",
134+ "#{jenkins_agent_port}:50000",
135+ ],
136+ },
137+ },
138+ },
139+ },
140+ },
120141 'nexus-grid' => {
121142 'docker-compose' => {
122143 'config' => {
--- a/roles/jenkins.rb
+++ b/roles/jenkins-on-docker.rb
@@ -1,6 +1,8 @@
11 name 'jenkins'
22 description 'Jenkins'
33
4+#jenkins_cn = 'jenkins.io.example.com'
5+
46 run_list(
57 #'recipe[ssl_cert::server_key_pairs]',
68 'role[docker]',
@@ -11,13 +13,11 @@ run_list(
1113
1214 #default_attributes()
1315
14-jenkins_cn = 'jenkins.io.example.com'
15-
1616 override_attributes(
1717 'ssl_cert' => {
18- 'common_names' => [
19- jenkins_cn,
20- ],
18+ # 'common_names' => [
19+ # jenkins_cn,
20+ # ],
2121 },
2222 'docker-grid' => {
2323 'engine' => {
@@ -30,7 +30,7 @@ override_attributes(
3030 'jenkins-grid' => {
3131 #'with_ssl_cert_cookbook' => true,
3232 'ssl_cert' => {
33- 'common_name' => jenkins_cn,
33+ #'common_name' => jenkins_cn,
3434 },
3535 'docker-compose' => {
3636 'config' => {
@@ -39,15 +39,12 @@ override_attributes(
3939 'services' => {
4040 'jenkins' => {
4141 'restart' => 'always',
42- 'image' => 'jenkins:2.19.4',
42+ 'image' => 'jenkins:latest',
4343 #'expose' => [
4444 # '8083', # for https
4545 #],
46- 'ports' => [
47- '8080:8080',
48- #'8083:8083',
49- '50000:50000',
50- ],
46+ #'ports' => [
47+ #],
5148 'environment' => {
5249 'JENKINS_OPTS' => [
5350 #'--httpPort=-1 --httpsPort=8083',
Show on old repository browser