Jenkins Node Puppet Module

Table of Contents

1. Module Description - What the module does and why it is useful
2. Setup - The basics of getting started with jenkins_node
   • What jenkins_node affects
   • Setup requirements
   • Beginning with jenkins_node
3. Usage - Configuration options and additional functionality
4. Reference - An under-the-hood peek at what the module is doing and how
   • Module Parameters (jenkins_node class)
5. Limitations - OS compatibility, etc.
6. Development - Guide for contributing to the module

Module Description

Jenkins node setup for building packages in chroot environment using mock or pbuilder.

Setup

What jenkins_node affects

• Packages: Java, build tools
• Sudo: pbuilder under jenkins user, cleanups
• Files:
• config files for dput, mini-dinstall
• user rpm macros
• credentials (gpg, ssh)
• build scripts checkout
• helper ~jenkins/.puppet-* files
• SELinux setup
• cron:
• refresh chroot images

Setup Requirements

gnupg directory with key needs to be prepared locally at each Jenkins node or at the puppet master.

Usage

class{'jenkins_node':
  gpg_dir      => [
    "puppet:///extra_files/${::fqdn}/gnupg",
    "puppet:///extra_files/cluster-${::cluster}/gnupg",
  ],
  gpg_identity => 'Jenkins Builder <jenkins@emian.zcu.cz>',
  gpg_keyid => '64fa8786',
  gpg_keys => {
    '64fa8786' => 'http://scientific.zcu.cz/repos/jenkins-builder.asc',
  },
}

SSH keys

SSH keys must be specified separately. For example:

ssh_authorized_key{'root@myriads.zcu.cz':
  user => 'jenkins',
  type => 'ssh-dss',
  key => 'AAAA...',
}

Reference

Classes

• jenkins_node: Jenkins Node

Resources

• jenkins_node::gpgkey_rpm (internal): Import GPG key into rpm

###jenkins_node class

Parameters

#####homedir

Jenkins user home directory. Default: '/var/lib/jenkins'.

#####gpg_dir

GnuPG config directory with key pair. Default: undef.

Note, it is passed directly to source of file type.

#####gpg_identity

gnupg identity in the form of "Name <email_address>". Default: "Jenkins Builder <jenkins@${::fqdn}>".

Used for rpm.

#####gpg_keyid

GPG key ID. Default: undef.

#####gpg_keys

Hash of GPG key ID and GPG key URL pairs. Default: undef.

Example:

gpg_keys => {
  '64fa8786' => 'http://scientific.zcu.cz/repos/jenkins-builder.asc'
}

#####jenkins_principals

Array of Kerberos principals to authenticate to Jenkins node into jenkins user. Default: undef.

#####parameters

Hash of parameters for build scripts. Default: undef.

#####platforms

List of supported platforms. Default: (autodetect).

#####refresh_enable

Enable creating and refreshing chroot images. Default: true.

#####refresh_hour #####refresh_minute #####refresh_month #####refresh_monthday #####refresh_weekday

Parameters for the refresh image cron job. Default: 0, 0, *, *, 0.

##Limitations

RHEL 5

RHEL 5 platform is not supported.

It is possible to build for RHEL 5 though:

• any other RedHat-like platform can be used for the build node (it is used mock tool)
• there is limit on the GPG key size (see below)

Build platforms

Some build platforms can be collocated on the single node, but each "OS family" need its own machine.

Build "OS families":

• Debian
• Ubuntu
• Fedora/EPEL

Different GPG key:

• separated build machine must be used when different GPG key is needed for some platform

##Development

• Repository: https://github.com/valtri/cesnet-jenkins_node
• Tests: see .travis.yml
• Email: František Dvořák <valtri@civ.zcu.cz>