Hello I'm new to writing Ansible Playbooks but I'm trying to have my playbook install Jenkins. It installs Jenkins just fine but the issue becomes that it wants me to do the initial unlock before installing plugins, creating jobs etc. I've seen in here a few times people saying you just need to add this to your playbook and you should be good. When I add it and then run the playbook it still has this issue even if I do it from a brand new server. Wondering what everyone has done to get by this issue. Thanks for your assistance!
Code I've seen from other posts:
Gets error "Cannot get CSRF" when trying to install jenkins-plugin using ANSIBLE
- name: Jenkins Skip startUp for MI
lineinfile:
dest=/etc/sysconfig/jenkins
regexp='^JENKINS_JAVA_OPTIONS='
line='JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false"'
register: result_skip_startup_wizard
My Playbook
---
# jenkins
- name: Create jenkins group
group:
name: jenkins
state: present
- name: Create jenkins user
user:
name: jenkins
group: jenkins
state: present
- name: Import jenkins gpg key
rpm_key:
state: present
key: http://pkg.jenkins.io/redhat-stable/jenkins.io.key
validate_certs: no
- name: Download Jenkins repo
get_url:
url: http://get.jenkins.io/redhat-stable/jenkins-2.332.3-1.1.noarch.rpm
dest: /etc/yum.repos.d/
- name: Install java
yum:
name: java-11-openjdk
state: present
- name: Install Jenkins
package:
name: /etc/yum.repos.d/jenkins-2.332.3-1.1.noarch.rpm
state: latest
- name: Jenkins Skip startUp for MI
lineinfile:
dest=/etc/sysconfig/jenkins
regexp='^JENKINS_JAVA_OPTIONS='
line='JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false"'
register: result_skip_startup_wizard
- name: Start and Enable Jenkins
systemd:
name: jenkins
state: started
enabled: true
- name: Sleep for 30 seconds and continue with Jenkins buildout
wait_for: timeout=30
For reference this is what I see in the server when I check the file and then when I just grep for the process.
jenkins 8474 1 34 18:29 ? 00:00:20 /usr/bin/java -Djava.awt.headless=true -jar /usr/share/java/jenkins.war --webroot=/var/cache/jenkins/war --httpPort=8080
You can see the changes though do get put in the file as mentioned from above. Which makes me think even after restarting the service its not seeing the new option. I even manually stopped jenkins and then started but it still did not pick it up.
JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false"
A little late here but I figured I'd leave a comment in here as well as I discovered when I was testing that the setup depended on the version of Jenkins you were attempting to install. Versions I tested are the comment lines above the code.
On the latest line it is just an assumption on my part not a guarantee.
# testing for jenkins 2.319.1
- name: Jenkins Skip startUp for MI
lineinfile:
dest=/etc/sysconfig/jenkins
regexp='^JENKINS_JAVA_OPTIONS='
line='JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false"'
register: result_skip_startup_wizard
# below works for 2.332.1 or latest
- name: Jenkins Skip startUp for MI
lineinfile:
dest=/usr/lib/systemd/system/jenkins.service
regexp='^Environment="JAVA_OPTS=-Djava.awt.headless=true'
line='Environment="JAVA_OPTS=-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false"'
register: result_skip_startup_wizard
Related
I am trying to setup Jenkins using ansible in ubuntu for which I want to skip the initial setup wizard in Jenkins.
While I am using this code in local host it worked fine but in EC2 instance it's not working .The initial setup wizard appears.
- name: Disable Jenkins setup wizard
lineinfile:
dest=/etc/default/jenkins
regexp=^JAVA_ARGS=
line=JAVA_ARGS="-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false"
become: true
- name: Start jenkins
service:
name: jenkins
enabled: true
state: started
- name: Wait for Jenkins to start up
uri:
url: http://{{ HostName }}:8080
status_code: 200
timeout: 5
register: jenkins_service_status
# Keep trying for 5 mins in 5 sec intervals
retries: 60
delay: 5
until: >
'status' in jenkins_service_status and
jenkins_service_status['status'] == 200
Please can you suggest me how to remove the initial set wizard or else how to configure it using ansible.
parameters:
- name: App_VariableGroup
type: string
default: my-defaults
values:
- my-defaults
trigger:
- main
pool:
vmImage: ubuntu-latest
container: ubuntu:20.04
variables:
- group: ${{ parameters.App_VariableGroup }}
steps:
- checkout: self
submodules: true
- script: |
echo Hello, world! \n
ls -al
displayName: 'Run a one-line script'
- task: AzureStaticWebApp#0
inputs:
app_location: $(publish_path)
api_location: ''
output_location: ''
skip_app_build: true
azure_static_web_apps_api_token: $(swa_deployment_token)
This code is failing with "container: ubuntu:20.04" and give the following error:
##[warning]Environment variable AGENT_CONTAINERMAPPING is a multiline string and cannot be added to the build environment.
/usr/bin/bash /__w/_tasks/AzureStaticWebApp_18aad896-e191-4720-88d6-8ced4806941a/0.200.0/launch-docker.sh
/__w/_tasks/AzureStaticWebApp_18aad896-e191-4720-88d6-8ced4806941a/0.200.0/launch-docker.sh: line 1: docker: command not found
##[error]Error: The process '/usr/bin/bash' failed with exit code 127
Finishing: AzureStaticWebApp
But the Task: AzureStaticWebApp#0 works fine with just the vmImage and no container.
I remember there is docker:dind concept that I used in gitlab-cicd but could anyone advice on what is going wrong here please?
One of the problems is that you need docker installed on your container. You may use this guide for how to do that.
However, there is another issue which seems to be a bug in the task itself causing it to fail, possibly related to not being able to load the AGENT_CONTAINERMAPPING environment variable. I ran into this bug myself with an Ubuntu container loaded with docker and other tools specific to my pipeline.
Please reference this bug I submitted to the Microsoft/azure-pipelines-task project for more details and to include your voice.
I want to setup a Jenkins job which should be triggered by Rundeck. I have already installed Rundeck plugin and tested the connection between Rundeck and Jenkins which is working as expected.
Now, my requirement is that the same Jenkins job should be triggered by Rundeck. I am using Rundeck 3.4.9 community version.
How can I setup a Jenkins job in Rundeck and what configurations I need to do on both Rundeck and Jenkins end?
You can design a Rundeck job that call the Jenkins job using this endpoint via CURL.
I tested successfully with this endpoint:
http://user:JENKINS_USER_TOKEN#localhost:8080/job/TestJob/build
You can use the http workflow step to send post requests using that URL format.
Source.
Here is a job definition example:
- defaultTab: nodes
description: ''
executionEnabled: true
id: 1fa2923a-5b1d-4ea2-97d1-4cc2a3726f07
loglevel: INFO
name: ExampleJENKINS
nodeFilterEditable: false
plugins:
ExecutionLifecycle: null
scheduleEnabled: true
sequence:
commands:
- exec: echo "starting..."
- fileExtension: .sh
interpreterArgsQuoted: false
script: curl -vvv -X POST http://admin:11bd72f1f22653cf7158c7961f60476a1d#localhost:8080/job/MyJenkinsJob/build
scriptInterpreter: /bin/bash
keepgoing: false
strategy: node-first
uuid: 1fa2923a-5b1d-4ea2-97d1-4cc2a3726f07
Another way is to use the HTTP Step plugin with a basic authentication configured.
The job definition example:
- defaultTab: nodes
description: ''
executionEnabled: true
id: 1fa2923a-5b1d-4ea2-97d1-4cc2a3726f07
loglevel: INFO
name: ExampleJENKINS
nodeFilterEditable: false
plugins:
ExecutionLifecycle: null
scheduleEnabled: true
sequence:
commands:
- exec: echo "starting..."
- configuration:
authentication: Basic
checkResponseCode: 'false'
method: POST
password: keys/jenkins_admin_token
printResponse: 'false'
printResponseToFile: 'false'
proxySettings: 'false'
remoteUrl: http://localhost:8080/job/MyJenkinsJob/build
sslVerify: 'true'
timeout: '30000'
username: admin
nodeStep: true
type: edu.ohio.ais.rundeck.HttpWorkflowNodeStepPlugin
keepgoing: false
strategy: node-first
uuid: 1fa2923a-5b1d-4ea2-97d1-4cc2a3726f07
I am using Ansible for provision our servers, I installed the Jenkins 2.0 but it is becomeing with a startup configuration when I open the web UI. How can I do it with Ansible or shell or jenkins-cli. CentOS 7, Ansible 2.0.1.0.
So,
Installing Jenkins 2.0 from http://pkg.jenkins-ci.org/redhat-rc/jenkins-2.0-1.1.noarch.rpm rpm.
Install java with yum.
Service start jenkins.
Open 192.168.46.10:8080, which is opening the Jenkins.
In Web UI adding the initial admin password.
In web UI select and install plugins.
In web UI create a new admin user.
The 5,6,7 points are all the startup config of the new Jenkins. I haven't idea how we can install it autmatically.
Edit 1:
The 1,2,3 point is already done, just I didn't share because it is not necessary, because I only need an advice how can I configure the Jenkins. But now I add it to my question.
---
- name: Jenkins - install | Install java
yum: name=java state=installed
- name: Jenkins - install | Install Jenkins 2.0
yum: pkg=http://pkg.jenkins-ci.org/redhat-rc/jenkins-2.0-1.1.noarch.rpm state=installed
- name: Jenkins - install | Start and enable Jenkins 2.0
service: name=jenkins state=started enabled=yes
You can create an initialization script (in groovy) to add an admin account.
Script should be present in $JENKINS_HOME/init.groovy.d/*.groovy.
See Jenkins CI Wiki for more details.
Here's an example.
security.groovy.j2 file:
#!groovy
import java.util.logging.Level
import java.util.logging.Logger
import hudson.security.*
import jenkins.model.*
def instance = Jenkins.getInstance()
def logger = Logger.getLogger(Jenkins.class.getName())
logger.log(Level.INFO, "Ensuring that local user '{{ jenkins.admin_username }}' is created.")
if (!instance.isUseSecurity()) {
logger.log(Level.INFO, "Creating local admin user '{{ jenkins.admin_username }}'.")
def strategy = new FullControlOnceLoggedInAuthorizationStrategy()
strategy.setAllowAnonymousRead(false)
def hudsonRealm = new HudsonPrivateSecurityRealm(false)
hudsonRealm.createAccount("{{ jenkins.admin_username }}", "{{ jenkins.admin_password }}")
instance.setSecurityRealm(hudsonRealm)
instance.setAuthorizationStrategy(strategy)
instance.save()
}
How to use in Ansible playbook:
- name: Create initialization scripts directory
file: path={{ jenkins.home }}/init.groovy.d
state=directory
owner=jenkins
group=jenkins
mode=0775
- name: Add initialization script to setup basic security
template: src=security.groovy.j2
dest={{ jenkins.home }}/init.groovy.d/security.groovy
I was inspired by this GitHub reposiotry.
I found a solution, this is turn off the setup wizard, after it I was able to change config files.
- name: Jenkins - configure | Turn off Jenkins setup wizard
lineinfile: dest=/etc/sysconfig/jenkins regexp='^JENKINS_JAVA_OPTIONS=' line='JENKINS_JAVA_OPTIONS="-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false"'
notify: restart jenkins
The above solution didn't work for me but give me hint and this is the solution that worked for me on Ubuntu:
- name: Configure JVM Arguments
lineinfile:
dest: /etc/default/jenkins
regexp: '^JAVA_ARGS='
line: 'JAVA_ARGS="-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false"'
notify:
- Restart Jenkins
On Ubuntu 16.04 with Jenkins installed using apt-get, this works:
- name: "Turn off Jenkins setup wizard"
lineinfile:
dest: /etc/init.d/jenkins
regexp: '^JAVA_ARGS='
line: 'JAVA_ARGS="-Djava.awt.headless=true -Djenkins.install.runSetupWizard=false"'
insertbefore: '^DAEMON_ARGS='
notify: restart jenkins
- name: restart jenkins
service: name=jenkins state=restarted
You will still have to setup the security though!
I need to run different jobs on 2 nodes in one job.
#!/bin/bash
#Create the following folders:
mkdir -p /shared_folder/files/Source
mkdir -p /shared_folder/files/Target
#Generate the backups
#Under Source execute the following command:
cp -r /local/folder /shared_folder/files/Source
#Under Target execute the following command:
cp -r /local/folder /shared_folder/files/Target
#Delete all Target mobile configurations:
#Under Target execute the following command:
rm /local/folder/*.*
#Copy the mobile configurations from Source to Target:
#Under Target execute the following command:
cp /shared_folder/files/Source/*.* /local/folder/
Restart Tomcat Service in Target:
Under Target execute the following command:
/sbin/service tomcat restart
Below is my reference job which uses ${option.NodeFilter1} and ${option.NodeFilter2} to pass node names to the actual 2 jobs.
I don't know if I have to run this reference job locally and these 2 actuall jobs to be pushed to the machines or this reference job should also be pushed to the actuall machines. ?
After suggestion I've created this job reference. It references 2 actual jobs.
- id: 98e41ff6-93e3-455a-9744-29bb6e8aae27
project: SecureCloud
loglevel: INFO
sequence:
keepgoing: false
strategy: node-first
commands:
- jobref:
group: apps
name: Synchronize mobile configurations Source
args: -Nodefilter1 ${option.NodeFilter1}
nodeStep: 'true'
nodefilters:
filter: ${option.NodeFilter1}
description: Source
- jobref:
group: apps
name: Synchronize mobile configurations Destination
args: -NodeFilter2 ${option.NodeFilter2}
nodeStep: 'true'
nodefilters:
filter: ${option.NodeFilter2}
description: Destination
description: ''
name: Synchronize mobile configurations Master
uuid: 98e41ff6-93e3-455a-9744-29bb6e8aae27
group: apps
options:
NodeFilter1:
required: true
NodeFilter2:
required: true
This is one of 2 actuall jobs
- id: 47b65475-f14b-4e5e-8d4f-aa9bb3c8e2b6
project: SecureCloud
loglevel: INFO
sequence:
keepgoing: false
strategy: node-first
commands:
- script: |
#!/bin/bash
touch /home/user/source-#option.NodeFilter1#
scriptInterpreter: sudo
interpreterArgsQuoted: false
description: Synchronize mobile configurations
name: Synchronize mobile configurations Source
uuid: 47b65475-f14b-4e5e-8d4f-aa9bb3c8e2b6
nodefilters:
dispatch:
threadcount: 2
keepgoing: true
excludePrecedence: false
rankOrder: ascending
filter: ${option.NodeFilter1}
group: apps
options:
NodeFilter1:
required: true
description: Source Node
I get this error while trying to run this configuration:
Option input was not valid for [apps/Synchronize mobile configurations Source]: Option 'NodeFilter1' is required.
13:50:58 Execution failed: 637: [Workflow result: , step failures: {1=Dispatch failed on 1 nodes: [c000lrdp01na01.na01.mstrci.com: InvalidOptions: Invalid options: [NodeFilter1]]}, Node failures: {c000lrdp01na01.na01.mstrci.com=[InvalidOptions: Invalid options: [NodeFilter1]]}, flow control: Continue, status: failed
You can create two jobs, one each to perform the appropriate task on the separate nodes. Then create another job which executes both of those two jobs via the Job Reference feature. Make sure not to set a node filter in the third job.