Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add jenkins_script module for running arbitrary jenkins console scrip… #19640

Merged
merged 1 commit into from Jan 6, 2017

Conversation

@hogarthj
Copy link
Contributor

hogarthj commented Dec 22, 2016

ISSUE TYPE
  • New Module Pull Request
COMPONENT NAME

jenkins_script

ANSIBLE VERSION
ansible 2.1.1.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = Default w/o overrides
SUMMARY

The jenkins cli functionality requires an existing SSH key and user to be created.
There are a number of things that require using the jenkins groovy console to configure programatically.
Currently it requires a lot of effort to handle this for a fully automated jenkins.

This allows for an arbitrary script, with basic python templating on the string for the script, to be passed to the jenkins instance and checks for a stacktrace or authentication error for a failure condition, otherwise the script is run and the results returned.

This allows for a fully configured jenkins via groovy console scripts where the rest API does not expose something suitable - eg authentication or credentials.

For example setting a proxy for jenkins can be carried out via this script, where the variable get replaced by python basic string templating from the args dict passed to the module:

import jenkins.model.*
    def instance = Jenkins.getInstance()
    final String name = "${proxy_host}"
    final int port = ${proxy_port}
    final def pc = new hudson.ProxyConfiguration(name, port)
    instance.proxy = pc
    instance.save()
@hogarthj
Copy link
Contributor Author

hogarthj commented Dec 22, 2016

@hogarthj hogarthj force-pushed the hogarthj:ansible-modules-extras/pull/3068 branch Dec 22, 2016
Copy link
Contributor

gundalow left a comment

needs_revision

lib/ansible/modules/web_infrastructure/jenkins_script.py Outdated
author: James Hogarth
module: jenkins_script
short_description: Executes a groovy script in the jenkins instance
version_added: '2.2'

This comment has been minimized.

Copy link
@gundalow

gundalow Jan 4, 2017

Contributor

2.3

This comment has been minimized.

Copy link
@hogarthj

hogarthj Jan 4, 2017

Author Contributor

updated as requested

lib/ansible/modules/web_infrastructure/jenkins_script.py Outdated
short_description: Executes a groovy script in the jenkins instance
version_added: '2.2'
description:
- The M(jenkins_script) module takes a script and a hash of values

This comment has been minimized.

Copy link
@gundalow

gundalow Jan 4, 2017

Contributor

This module takes a script and a hash of values...

This comment has been minimized.

Copy link
@hogarthj

hogarthj Jan 4, 2017

Author Contributor

grammar cleaned up to make it more readable (yay languages calling dicts hashes and vice versa).

lib/ansible/modules/web_infrastructure/jenkins_script.py Outdated
default: null
host:
description:
- The jenkins host to execute the script against

This comment has been minimized.

Copy link
@gundalow

gundalow Jan 4, 2017

Contributor

All descriptions: should be full sentences, e.g. start with a capital letter, and end with a full stop.

This comment has been minimized.

Copy link
@hogarthj

hogarthj Jan 4, 2017

Author Contributor

Thanks - each description now full.

lib/ansible/modules/web_infrastructure/jenkins_script.py Outdated
- The port to connect to
required: false
default: 8080
ssl:

This comment has been minimized.

Copy link
@gundalow

gundalow Jan 4, 2017

Contributor

To be inline with other modules please change to

validate_certs:
description: If set to C(no), the SSL certificates will not be validated. This should only set to C(no) used on personally controlled sites using self-signed certificates as it avoids verifying the source site.

The default should be True (e.g. require valid cert)

This means playbook writers need to explicitly write validate_certs: False, e.g. the default is to be secure

This comment has been minimized.

Copy link
@hogarthj

hogarthj Jan 4, 2017

Author Contributor

This isn't a validate_certs situation but rather whether the script should use http or https to connect to the jenkins server. A default quick jenkins server will have no SSL enabled, but some people will want it to use only https - particularly for a remote server.

The fetch_url enforces certificate validation by default, which is what's called, but I can see a use case for disabling validation for test environments etc so I'll add this in to be able to disable validation if required.

lib/ansible/modules/web_infrastructure/jenkins_script.py Outdated
port = dict(required=False, type="int", default=8080),
ssl = dict(required=False, type="bool", default=False),
user = dict(required=False, type="str",default=None),
password = dict(required=False, type="str",default=None),

This comment has been minimized.

Copy link
@gundalow

gundalow Jan 4, 2017

Contributor

, no_log=True to hide secret things.

This comment has been minimized.

Copy link
@hogarthj

hogarthj Jan 4, 2017

Author Contributor

no_log added to user and password

@ansibot ansibot removed the needs_revision label Jan 4, 2017
@hogarthj hogarthj force-pushed the hogarthj:ansible-modules-extras/pull/3068 branch 2 times, most recently Jan 4, 2017
@hogarthj
Copy link
Contributor Author

hogarthj commented Jan 4, 2017

Thanks for the review. The changes requested have been pushed and the commit rebased against current devel.

@jimi-c jimi-c removed the plugin label Jan 4, 2017
@abadger abadger requested a review from gundalow Jan 4, 2017
@abadger abadger removed the needs_triage label Jan 4, 2017
Copy link
Contributor

gundalow left a comment

Thanks for the changes

Looking at this again I wonder if we can simplify it further:

url which has a default of http://localhost:8080/
validate_certs which has a default of True

And delete host, port and ssl

@hogarthj
Copy link
Contributor Author

hogarthj commented Jan 6, 2017

You know you're right. That is over complicated and I'm not sure how I ended going down that route before when I first built it internally ...

Probably something crazy like testing locally, then extending to manipulating a remote jenkins and then adding ssl ... but then after the incrementals no refactor to simplify.

I've dropped host, port and ssl from the parameters and just left it with url.

Running it through our local CI (which is where it was built for in the first place to fully automate our jenkins installs) looks good.

@hogarthj
Copy link
Contributor Author

hogarthj commented Jan 6, 2017

ready_for_review

@gundalow
Copy link
Contributor

gundalow commented Jan 6, 2017

@hogarthj Easily done, that's a lot better now, thanks.
If you could just add this new module to the list in CHANGELOG.md in the root of the repo I'll get this merged.

…ts against a jenkins instance
@hogarthj hogarthj force-pushed the hogarthj:ansible-modules-extras/pull/3068 branch to b009cd7 Jan 6, 2017
@hogarthj
Copy link
Contributor Author

hogarthj commented Jan 6, 2017

rebased against current devel and module added to CHANGELOG as requested

thanks for taking the time to review this

ready_for_review

@gundalow gundalow merged commit 513466d into ansible:devel Jan 6, 2017
1 check passed
1 check passed
Shippable Run 8724 status is SUCCESS.
Details
@gundalow
Copy link
Contributor

gundalow commented Jan 6, 2017

Merged, thanks :)

@hogarthj
Copy link
Contributor Author

hogarthj commented Jan 6, 2017

Thanks for looking at this. Now when 2.3 gets released I can pull the internal library out :)

Also this means I should probably finish my blog article on using the jenkins_script module to make life nice and simple for people ;)

@hogarthj hogarthj deleted the hogarthj:ansible-modules-extras/pull/3068 branch Jan 6, 2017
@ansible ansible locked and limited conversation to collaborators Apr 26, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

5 participants
You can’t perform that action at this time.