[libvirt] [jenkins-ci PATCH 1/3] guests: Configure Jenkins agent based on secret availability
Pavel Hrdina
phrdina at redhat.com
Wed Mar 21 14:52:22 UTC 2018
On Tue, Mar 20, 2018 at 05:23:58PM +0100, Andrea Bolognani wrote:
> We're going to remove the 'jenkins' pseudo-project from the list
> of per-guest projects soon, so we need another way of deciding
> whether to install and configure the Jenkins agent.
>
> The availability of the Jenkins secret in the vault is a perfect
> candidate, and using it improves things in general because we can
> now store the information about which guests are part of the
> Jenkins setup in a single place instead of duplicating it.
>
> Signed-off-by: Andrea Bolognani <abologna at redhat.com>
> ---
> guests/site.yml | 3 ---
> guests/tasks/jenkins.yml | 7 +++++++
> 2 files changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/guests/site.yml b/guests/site.yml
> index 5f69cfd..8d32561 100644
> --- a/guests/site.yml
> +++ b/guests/site.yml
> @@ -32,6 +32,3 @@
> - include: tasks/jenkins.yml
> when:
> - flavor == 'jenkins'
> - - projects is defined
> - # jenkins is a pseudo-project
> - - ( 'jenkins' in projects )
> diff --git a/guests/tasks/jenkins.yml b/guests/tasks/jenkins.yml
> index 94c2404..10aeec7 100644
> --- a/guests/tasks/jenkins.yml
> +++ b/guests/tasks/jenkins.yml
> @@ -6,6 +6,8 @@
> - name: Look up Jenkins secret
> set_fact:
> jenkins_secret: '{{ vault.jenkins_secrets[inventory_hostname] }}'
> + when:
> + - vault.jenkins_secrets[inventory_hostname] is defined
>
> - name: Download Jenkins agent
> get_url:
> @@ -14,6 +16,8 @@
> owner: jenkins
> group: jenkins
> force: yes
> + when:
> + - jenkins_secret is defined
>
> - name: Configure and enable Jenkins agent
> lineinfile:
> @@ -24,6 +28,7 @@
> line: "nohup {{ su }} - jenkins -c '{{ java }} -jar /home/jenkins/slave.jar -jnlpUrl \"{{ jenkins_url }}\" -secret \"{{ jenkins_secret }}\"' >/var/log/jenkins.log 2>&1 &"
> insertbefore: '^exit .*$'
> when:
> + - jenkins_secret is defined
> - ansible_service_mgr != 'systemd'
>
> - name: Configure Jenkins agent
> @@ -31,6 +36,7 @@
> src: templates/jenkins.service.j2
> dest: /etc/systemd/system/jenkins.service
> when:
> + - jenkins_secret is defined
> - ansible_service_mgr == 'systemd'
>
> - name: Enable Jenkins agent
> @@ -39,4 +45,5 @@
> enabled: yes
> daemon_reload: yes
> when:
> + - jenkins_secret is defined
> - ansible_service_mgr == 'systemd'
Would it be possible to create a group of tasks that should be run
only if "jenkins_secret is defined" and guard the whole group with
that check?
Pavel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20180321/ce6e0052/attachment-0001.sig>
More information about the libvir-list
mailing list