diff --git a/manifests/cli_helper.pp b/manifests/cli_helper.pp index 241d2ec8e..1ca66c55a 100644 --- a/manifests/cli_helper.pp +++ b/manifests/cli_helper.pp @@ -20,8 +20,8 @@ $helper_groovy = "${libdir}/puppet_helper.groovy" file {$helper_groovy: source => 'puppet:///modules/jenkins/puppet_helper.groovy', - owner => 'jenkins', - group => 'jenkins', + owner => $::jenkins::user, + group => $::jenkins::group, mode => '0444', require => Class['jenkins::cli'], } diff --git a/manifests/config.pp b/manifests/config.pp index 8de7bad57..16127a824 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -1,14 +1,4 @@ -# Parameters: -# config_hash = {} (Default) -# Hash with config options to set in sysconfig/jenkins defaults/jenkins -# -# Example use -# -# class{ 'jenkins::config': -# config_hash => { -# 'HTTP_PORT' => { 'value' => '9090' }, 'AJP_PORT' => { 'value' => '9009' } -# } -# } +# This class should be considered private # class jenkins::config { @@ -17,4 +7,35 @@ } create_resources( 'jenkins::sysconfig', $::jenkins::config_hash ) + + $dir_params = { + ensure => directory, + owner => $::jenkins::user, + group => $::jenkins::group, + mode => '0755', + } + + # ensure_resource is used to try to maintain backwards compatiblity with + # manifests that were able to external declare resources due to the + # old conditional behavior of jenkins::plugin + if $::jenkins::manage_user { + ensure_resource('user', $::jenkins::user, { + ensure => present, + gid => $::jenkins::group, + home => $::jenkins::localstatedir, + managehome => false, + system => true, + }) + } + + if $::jenkins::manage_group { + ensure_resource('group', $::jenkins::group, { + ensure => present, + system => true, + }) + } + + ensure_resource('file', $::jenkins::localstatedir, $dir_params) + ensure_resource('file', $::jenkins::plugin_dir, $dir_params) + ensure_resource('file', $::jenkins::job_dir, $dir_params) } diff --git a/manifests/init.pp b/manifests/init.pp index 826b8b393..8bfebbd72 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -44,12 +44,26 @@ # config_hash = undef (Default) # Hash with config options to set in sysconfig/jenkins defaults/jenkins # +# localstatedir = '/var/lib/jenkins' (default) +# base path, in the autoconf sense, for jenkins local data including jobs and +# plugins +# # executors = undef (Default) # Integer number of executors on the Jenkin's master. # # slaveagentport = undef (Default) # Integer number of portnumber for the slave agent. # +# manage_user = true (default) +# +# user = 'jenkins' (default) +#` system user that owns the jenkins master's files +# +# manage_group = true (default) +# +# group = 'jenkins' (default) +#` system group that owns the jenkins master's files +# # Example use # # class{ 'jenkins': @@ -146,6 +160,10 @@ # - Accepts input as array only. # - Only effective if "proxy_host" and "proxy_port" are set. # +# user = 'jenkins' (default) +# +# group = 'jenkins' (default) +# # class jenkins( $version = $jenkins::params::version, @@ -173,8 +191,13 @@ $cli_try_sleep = $jenkins::params::cli_try_sleep, $port = $jenkins::params::port, $libdir = $jenkins::params::libdir, + $localstatedir = $::jenkins::params::localstatedir, $executors = undef, $slaveagentport = undef, + $manage_user = $::jenkins::params::manage_user, + $user = $::jenkins::params::user, + $manage_group = $::jenkins::params::manage_group, + $group = $::jenkins::params::group, ) inherits jenkins::params { validate_bool($lts, $install_java, $repo) @@ -184,6 +207,8 @@ validate_bool($configure_firewall) } + validate_absolute_path($localstatedir) + if $no_proxy_list { validate_array($no_proxy_list) } @@ -192,6 +217,14 @@ validate_integer($executors) } + validate_bool($manage_user) + validate_string($user) + validate_bool($manage_group) + validate_string($group) + + $plugin_dir = "${localstatedir}/plugins" + $job_dir = "${localstatedir}/jobs" + anchor {'jenkins::begin':} anchor {'jenkins::end':} diff --git a/manifests/job/absent.pp b/manifests/job/absent.pp index 85726f27a..6dae80164 100644 --- a/manifests/job/absent.pp +++ b/manifests/job/absent.pp @@ -20,7 +20,7 @@ } $tmp_config_path = "/tmp/${jobname}-config.xml" - $job_dir = "/var/lib/jenkins/jobs/${jobname}" + $job_dir = "${::jenkins::job_dir}/${jobname}" $config_path = "${job_dir}/config.xml" # Temp file to use as stdin for Jenkins CLI executable diff --git a/manifests/job/present.pp b/manifests/job/present.pp index 061530c77..b015e847f 100644 --- a/manifests/job/present.pp +++ b/manifests/job/present.pp @@ -27,7 +27,7 @@ $jenkins_cli = $jenkins::cli::cmd $tmp_config_path = "/tmp/${jobname}-config.xml" - $job_dir = "/var/lib/jenkins/jobs/${jobname}" + $job_dir = "${::jenkins::jobs_dir}/${jobname}" $config_path = "${job_dir}/config.xml" # Bring variables from Class['::jenkins'] into local scope. diff --git a/manifests/params.pp b/manifests/params.pp index 8de5e9a0f..d52d66364 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -16,6 +16,12 @@ $cli_try_sleep = 10 $package_cache_dir = '/var/cache/jenkins_pkgs' $package_name = 'jenkins' + $localstatedir = '/var/lib/jenkins' + + $manage_user = true + $user = 'jenkins' + $manage_group = true + $group = 'jenkins' case $::osfamily { 'Debian': { @@ -27,7 +33,7 @@ $package_provider = 'rpm' } default: { - $libdir = '/usr/lib/jenkins' + $libdir = '/usr/lib/jenkins' $package_provider = false } } diff --git a/manifests/plugin.pp b/manifests/plugin.pp index 6872c51c3..152e9f982 100644 --- a/manifests/plugin.pp +++ b/manifests/plugin.pp @@ -21,18 +21,18 @@ $config_filename = undef, $config_content = undef, $update_url = undef, - $plugin_dir = '/var/lib/jenkins/plugins', - $username = 'jenkins', - $group = 'jenkins', $enabled = true, - $create_user = true, $source = undef, $digest_string = '', $digest_type = 'sha1', + # deprecated + $plugin_dir = undef, + $username = undef, + $group = undef, + $create_user = true, ) { - include ::jenkins::params + include ::jenkins - $plugin_parent_dir = inline_template('<%= @plugin_dir.split(\'/\')[0..-2].join(\'/\') %>') validate_bool($manage_config) validate_bool($enabled) # TODO: validate_str($update_url) @@ -40,9 +40,22 @@ validate_string($digest_string) validate_string($digest_type) + if $plugin_dir { + warning('jenkins::plugin::plugin_dir is deprecated and has no effect -- see jenkins::localstatedir') + } + if $username { + warning('jenkins::plugin::username is deprecated and has no effect -- see jenkins::user') + } + if $group { + warning('jenkins::plugin::group is deprecated and has no effect -- see jenkins::group') + } + if $create_user { + warning('jenkins::plugin::create_user is deprecated and has no effect') + } + if ($version != 0) { $plugins_host = $update_url ? { - undef => $::jenkins::params::default_plugins_host, + undef => $::jenkins::default_plugins_host, default => $update_url, } $base_url = "${plugins_host}/download/plugins/${name}/${version}/" @@ -50,7 +63,7 @@ } else { $plugins_host = $update_url ? { - undef => $::jenkins::params::default_plugins_host, + undef => $::jenkins::default_plugins_host, default => $update_url, } $base_url = "${plugins_host}/latest/" @@ -66,50 +79,6 @@ $plugin_ext = regsubst($download_url, '^.*\.(hpi|jpi)$', '\1') $plugin = "${name}.${plugin_ext}" - if (!defined(File[$plugin_dir])) { - if (!defined(File[$plugin_parent_dir])) { - # ensure ownership only when it's home directory for the new user - if $create_user { - file { $plugin_parent_dir: - ensure => directory, - owner => $username, - group => $group, - mode => '0755', - } - } else { - file { $plugin_parent_dir: - ensure => directory, - } - } - } - - file { $plugin_dir: - ensure => directory, - owner => $username, - group => $group, - mode => '0755', - } - - } - - if $create_user { - if (!defined(Group[$group])) { - group { $group : - ensure => present, - require => Package[$::jenkins::package_name], - } - } - if (!defined(User[$username])) { - user { $username : - ensure => present, - home => $plugin_parent_dir, - require => Package[$::jenkins::package_name], - } - } - User[$username] -> File[$plugin_dir] - Group[$group] -> File[$plugin_dir] - } - if (empty(grep([ $::jenkins_plugins ], $search))) { if ($jenkins::proxy_host) { $proxy_server = "${jenkins::proxy_host}:${jenkins::proxy_port}" @@ -123,16 +92,18 @@ } # Allow plugins that are already installed to be enabled/disabled. - file { "${plugin_dir}/${plugin}.disabled": + file { "${::jenkins::plugin_dir}/${plugin}.disabled": ensure => $enabled_ensure, - owner => $username, + owner => $::jenkins::user, + group => $::jenkins::group, mode => '0644', - require => File["${plugin_dir}/${plugin}"], + require => File["${::jenkins::plugin_dir}/${plugin}"], notify => Service['jenkins'], } - file { "${plugin_dir}/${plugin}.pinned": - owner => $username, + file { "${::jenkins::plugin_dir}/${plugin}.pinned": + owner => $::jenkins::user, + group => $::jenkins::group, require => Archive::Download[$plugin], } @@ -144,21 +115,22 @@ archive::download { $plugin: url => $download_url, - src_target => $plugin_dir, + src_target => $::jenkins::plugin_dir, allow_insecure => true, follow_redirects => true, checksum => $checksum, digest_string => $digest_string, digest_type => $digest_type, - user => $username, + user => $::jenkins::user, proxy_server => $proxy_server, notify => Service['jenkins'], - require => File[$plugin_dir], + require => File[$::jenkins::plugin_dir], } - file { "${plugin_dir}/${plugin}" : + file { "${::jenkins::plugin_dir}/${plugin}" : require => Archive::Download[$plugin], - owner => $username, + owner => $::jenkins::user, + group => $::jenkins::group, mode => '0644', } } @@ -168,11 +140,11 @@ fail 'To deploy config file for plugin, you need to specify both $config_filename and $config_content' } - file {"${plugin_parent_dir}/${config_filename}": + file {"${::jenkins::localstatedir}/${config_filename}": ensure => present, content => $config_content, - owner => $username, - group => $group, + owner => $::jenkins::user, + group => $::jenkins::group, mode => '0644', notify => Service['jenkins'] } diff --git a/manifests/proxy.pp b/manifests/proxy.pp index 6c9b09f04..55e06bf38 100644 --- a/manifests/proxy.pp +++ b/manifests/proxy.pp @@ -10,10 +10,10 @@ $proxy_port = $::jenkins::proxy_port $no_proxy_list = $::jenkins::no_proxy_list - file { '/var/lib/jenkins/proxy.xml': + file { "${::jenkins::localstatedir}/proxy.xml": content => template('jenkins/proxy.xml.erb'), - owner => 'jenkins', - group => 'jenkins', + owner => $::jenkins::user, + group => $::jenkins::group, mode => '0644' } diff --git a/spec/classes/jenkins_cli_helper_spec.rb b/spec/classes/jenkins_cli_helper_spec.rb index 7766042fe..adbc4b89f 100644 --- a/spec/classes/jenkins_cli_helper_spec.rb +++ b/spec/classes/jenkins_cli_helper_spec.rb @@ -13,5 +13,14 @@ that_comes_before('Anchor[jenkins::end]') end end + + it do + should contain_file('/usr/lib/jenkins/puppet_helper.groovy').with( + :source => 'puppet:///modules/jenkins/puppet_helper.groovy', + :owner => 'jenkins', + :group => 'jenkins', + :mode => '0444', + ) + end end diff --git a/spec/classes/jenkins_master_spec.rb b/spec/classes/jenkins_master_spec.rb index e372dae6c..f08176f11 100644 --- a/spec/classes/jenkins_master_spec.rb +++ b/spec/classes/jenkins_master_spec.rb @@ -1,6 +1,7 @@ require 'spec_helper' describe 'jenkins::master' do + let(:facts) {{ :osfamily => 'RedHat', :operatingsystem => 'CentOS' }} let(:params) { { :version => '1.2.3' } } it { should contain_jenkins__plugin('swarm').with_version('1.2.3') } diff --git a/spec/classes/jenkins_proxy_spec.rb b/spec/classes/jenkins_proxy_spec.rb index 60823454a..9a8ea8781 100644 --- a/spec/classes/jenkins_proxy_spec.rb +++ b/spec/classes/jenkins_proxy_spec.rb @@ -11,7 +11,13 @@ context 'with basic proxy config' do let(:params) { { :proxy_host => 'myhost', :proxy_port => 1234 } } it { should create_class('jenkins::proxy') } - it { should contain_file('/var/lib/jenkins/proxy.xml') } + it do + should contain_file('/var/lib/jenkins/proxy.xml').with( + :owner => 'jenkins', + :group => 'jenkins', + :mode => '0644', + ) + end it { should contain_file('/var/lib/jenkins/proxy.xml').with(:content => /myhost<\/name>/) } it { should contain_file('/var/lib/jenkins/proxy.xml').with(:content => /1234<\/port>/) } it { should contain_file('/var/lib/jenkins/proxy.xml').without(:content => //) } @@ -20,7 +26,13 @@ context 'with "no_proxy_list" proxy config' do let(:params) { { :proxy_host => 'myhost', :proxy_port => 1234, :no_proxy_list => ['example.com','test.host.net'] } } it { should create_class('jenkins::proxy') } - it { should contain_file('/var/lib/jenkins/proxy.xml') } + it do + should contain_file('/var/lib/jenkins/proxy.xml').with( + :owner => 'jenkins', + :group => 'jenkins', + :mode => '0644', + ) + end it { should contain_file('/var/lib/jenkins/proxy.xml').with(:content => /myhost<\/name>/) } it { should contain_file('/var/lib/jenkins/proxy.xml').with(:content => /1234<\/port>/) } it { should contain_file('/var/lib/jenkins/proxy.xml').with(:content => /example\.com\ntest\.host\.net<\/noProxyHost>/) } diff --git a/spec/classes/jenkins_spec.rb b/spec/classes/jenkins_spec.rb index 4409e66fe..b85c0be44 100755 --- a/spec/classes/jenkins_spec.rb +++ b/spec/classes/jenkins_spec.rb @@ -65,6 +65,22 @@ it { expect { should raise_error(Puppet::Error) } } end + describe 'localstatedir =>' do + context 'undef' do + it { should contain_file('/var/lib/jenkins') } + end + + context '/dne' do + let(:params) {{ :localstatedir => '/dne' }} + it { should contain_file('/dne') } + end + + context './tmp' do + let(:params) {{ :localstatedir => './tmp' }} + it { should raise_error(Puppet::Error, /is not an absolute path/) } + end + end + describe 'executors =>' do context 'undef' do it { should_not contain_class('jenkins::cli_helper') } @@ -123,5 +139,136 @@ end end end # slaveagentport => + + describe 'manage_user =>' do + context '(default)' do + it { should contain_user('jenkins') } + end + + context 'true' do + let(:params) {{ :manage_user => true }} + it { should contain_user('jenkins') } + end + + context 'false' do + let(:params) {{ :manage_user => false }} + it { should_not contain_user('jenkins') } + end + + context '{}' do + let(:params) {{ :manage_user => {} }} + + it 'should fail' do + should raise_error(Puppet::Error, /is not a boolean./) + end + end + end # manage_user => + + describe 'user =>' do + context '(default)' do + it do + should contain_user('jenkins').with( + :ensure => 'present', + :gid => 'jenkins', + :home => '/var/lib/jenkins', + :managehome => false, + :system => true, + ) + end + end + + context 'bob' do + let(:params) {{ :user => 'bob' }} + + it do + should contain_user('bob').with( + :ensure => 'present', + :gid => 'jenkins', + :home => '/var/lib/jenkins', + :managehome => false, + :system => true, + ) + end + end + + context '{}' do + let(:params) {{ :user => {} }} + + it 'should fail' do + should raise_error(Puppet::Error, /is not a string./) + end + end + end # user => + + describe 'manage_group =>' do + context '(default)' do + it { should contain_group('jenkins') } + end + + context 'true' do + let(:params) {{ :manage_group => true }} + it { should contain_group('jenkins') } + end + + context 'false' do + let(:params) {{ :manage_group => false }} + it { should_not contain_group('jenkins') } + end + + context '{}' do + let(:params) {{ :manage_group => {} }} + + it 'should fail' do + should raise_error(Puppet::Error, /is not a boolean./) + end + end + end # manage_group => + + describe 'group =>' do + context '(default)' do + it do + should contain_group('jenkins').with( + :ensure => 'present', + :system => true, + ) + end + end + + context 'fred' do + let(:params) {{ :group => 'fred' }} + + it do + should contain_group('fred').with( + :ensure => 'present', + :system => true, + ) + end + end + + context '{}' do + let(:params) {{ :group => {} }} + + it 'should fail' do + should raise_error(Puppet::Error, /is not a string./) + end + end + end # group => + + describe 'manages state dirs' do + [ + '/var/lib/jenkins', + '/var/lib/jenkins/jobs', + '/var/lib/jenkins/plugins', + ].each do |dir| + it do + should contain_file(dir).with( + :ensure => 'directory', + :owner => 'jenkins', + :group => 'jenkins', + :mode => '0755', + ) + end + end + end # manages state dirs end end diff --git a/spec/defines/jenkins_plugin_spec.rb b/spec/defines/jenkins_plugin_spec.rb index 48ba08898..534414822 100644 --- a/spec/defines/jenkins_plugin_spec.rb +++ b/spec/defines/jenkins_plugin_spec.rb @@ -2,26 +2,7 @@ describe 'jenkins::plugin' do let(:title) { 'myplug' } - - shared_examples 'manages plugins dirs' do - it { should contain_file('/var/lib/jenkins') } - it { should contain_file('/var/lib/jenkins/plugins') } - end - - include_examples 'manages plugins dirs' - it { should contain_group('jenkins') } - it { should contain_user('jenkins').with('home' => '/var/lib/jenkins') } - - context 'with my plugin parent directory already defined' do - let(:pre_condition) do - [ - "file { '/var/lib/jenkins' : ensure => directory, }", - ] - end - - include_examples 'manages plugins dirs' - end - + let(:facts) {{ :osfamily => 'RedHat', :operatingsystem => 'CentOS' }} describe 'without version' do it do @@ -47,7 +28,7 @@ describe 'with version and in middle of jenkins_plugins fact' do let(:params) { { :version => '1.2.3' } } - let(:facts) { { :jenkins_plugins => 'myplug 1.2.3, fooplug 1.4.5' } } + before { facts[:jenkins_plugins] = 'myplug 1.2.3, fooplug 1.4.5' } it { should_not contain_archive__download('myplug.hpi') } it { should_not contain_file('/var/lib/jenkins/plugins/myplug.hpi')} @@ -55,7 +36,7 @@ describe 'with version and at end of jenkins_plugins fact' do let(:params) { { :version => '1.2.3' } } - let(:facts) { { :jenkins_plugins => 'fooplug 1.4.5, myplug 1.2.3' } } + before { facts[:jenkins_plugins] = 'fooplug 1.4.5, myplug 1.2.3' } it { should_not contain_archive__download('myplug.hpi') } it { should_not contain_file('/var/lib/jenkins/plugins/myplug.hpi')} @@ -69,6 +50,7 @@ it { should contain_file('/var/lib/jenkins/plugins/myplug.hpi.disabled').with({ :ensure => 'present', :owner => 'jenkins', + :group => 'jenkins', })} end @@ -80,6 +62,7 @@ it { should contain_file('/var/lib/jenkins/plugins/myplug.hpi.disabled').with({ :ensure => 'absent', :owner => 'jenkins', + :group => 'jenkins', })} end @@ -153,15 +136,6 @@ end end end - context 'when not installing users' do - let :params do - {'create_user' => false} - end - it 'should not create user or group' do - should_not contain_group('jenkins') - should_not contain_user('jenkins') - end - end describe 'source' do shared_examples 'should download from $source url' do @@ -216,6 +190,7 @@ it do should contain_file('/var/lib/jenkins/plugins/foo.hpi.pinned').with( :owner => 'jenkins', + :group => 'jenkins', ).that_requires('Archive::Download[foo.hpi]') end end @@ -226,8 +201,22 @@ it do should contain_file('/var/lib/jenkins/plugins/foo.jpi.pinned').with( :owner => 'jenkins', + :group => 'jenkins', ).that_requires('Archive::Download[foo.jpi]') end end end # pinned file extension name + + describe 'deprecated params' do + [ + 'plugin_dir', + 'username', + 'group', + 'create_user', + ].each do |param| + context param do + pending('rspec-puppet support for testing warning()') + end + end + end # deprecated params end