← Back to branch summary

~pwlars/charms/precise/jenkins/citrain-remove-unused-creds

« back to all changes in this revision

Viewing changes to hooks/install.d/jenkins

  • Committer: Evan Dandrea
  • Date: 2014-05-08 10:24:40 UTC
  • Revision ID: evan.dandrea@canonical.com-20140508102440-yxecm3c13xiypku7
Move install.d scripts from lp:ci-train here.

Show diffs side-by-side

added added

removed removed

Lines of Context:
hooks/install.d/jenkins
 
1
#!/bin/sh -ex
 
2
 
 
3
# For JENKINS_HOME, JENKINS_USER
 
4
. /etc/default/jenkins
 
5
 
 
6
AS_JENKINS="sudo -i -u $JENKINS_USER"
 
7
 
 
8
PACKAGES="rsync cowbuilder eatmydata bzr bzr-builddeb python-jenkins python-jinja2 python-yaml python-requests dput"
 
9
apt-get install $PACKAGES -yq --force-yes
 
10
 
 
11
 
 
12
mkdir -p /etc/rsyncd.d
 
13
cp hooks/install.d/config/rsyncd.conf /etc/rsyncd.d/020-ci-train
 
14
cat <<EOF >/etc/rsyncd.conf
 
15
max connections = 2
 
16
log file = /var/log/rsyncd.log
 
17
timeout = 300
 
18
EOF
 
19
cat /etc/rsyncd.d/* > /etc/rsyncd.conf
 
20
sed -i 's,RSYNC_ENABLE=false,RSYNC_ENABLE=true,' /etc/default/rsync
 
21
 
 
22
# Import credentials
 
23
mkdir -p $JENKINS_HOME/.ssh
 
24
chown $JENKINS_USER $JENKINS_HOME/.ssh
 
25
chmod 700 $JENKINS_HOME/.ssh
 
26
cp -a hooks/install.d/creds/id_rsa* $JENKINS_HOME/.ssh/
 
27
chmod 600 $JENKINS_HOME/.ssh/id_rsa*
 
28
chown $JENKINS_USER $JENKINS_HOME/.ssh/id_rsa*
 
29
if ! grep -qs bazaar.launchpad.net $JENKINS_HOME/.ssh/known_hosts; then
 
30
    $AS_JENKINS ssh-keyscan -t rsa bazaar.launchpad.net > $JENKINS_HOME/.ssh/known_hosts
 
31
fi
 
32
if ! $AS_JENKINS gpg --list-keys | grep -qs ps-jenkins; then
 
33
    cp hooks/install.d/creds/setup_psjenkins_gpg.sh $JENKINS_HOME
 
34
    $AS_JENKINS $JENKINS_HOME/setup_psjenkins_gpg.sh
 
35
    rm $JENKINS_HOME/setup_psjenkins_gpg.sh
 
36
fi
 
37
 
 
38
 
 
39
# We've changed the public key from the generated version. Tell the slaves.
 
40
for rid in $(relation-ids public_key); do
 
41
    relation-set -r$rid public_key="`su $JENKINS_USER -c "cat $JENKINS_HOME/.ssh/id_rsa.pub"`"
 
42
done
 
43
 
 
44
$AS_JENKINS bzr whoami 'CI bot <ps-jenkins@lists.canonical.com>'
 
45
$AS_JENKINS bzr launchpad-login ps-jenkins
 
46
$AS_JENKINS rm -rf $JENKINS_HOME/citrain-preprod
 
47
$AS_JENKINS rm -rf $JENKINS_HOME/citrain
 
48
$AS_JENKINS bzr branch lp:cupstream2distro $JENKINS_HOME/citrain-preprod
 
49
$AS_JENKINS bzr branch $JENKINS_HOME/citrain-preprod $JENKINS_HOME/citrain
 
50
 
 
51
# XXX note: DIST=trusty here, will need to create a job later on to create a
 
52
# new release (would be easier)
 
53
# || true because you'll get an error about libeatmydata.so not being preloaded
 
54
if [ ! -e "/var/cache/pbuilder/trusty-$(dpkg --print-architecture)" ]; then
 
55
    DIST=trusty HOME=$JENKINS_HOME/citrain/chroot-tools/ sudo -E cowbuilder --create --debootstrapopts --variant=buildd || true
 
56
    DIST=trusty HOME=$JENKINS_HOME/citrain/chroot-tools/ sudo -E cowbuilder --save --execute -- /usr/bin/apt-get install eatmydata bzr-builddeb software-properties-common -yq --force-yes
 
57
fi
 
58
 
 
59
cat <<EOF > /etc/sudoers.d/citrain
 
60
jenkins ALL=(ALL) NOPASSWD:SETENV: /usr/sbin/cowbuilder
 
61
jenkins ALL=(ALL) NOPASSWD:SETENV: /usr/bin/apt-get clean
 
62
jenkins ALL=(ALL) NOPASSWD:SETENV: /usr/sbin/pbuilder --clean
 
63
EOF
 
64
chmod 0440 /etc/sudoers.d/citrain
 
65
 
 
66
# XXX It seems to want the password set to token here. I'm not sure why, but it
 
67
# works.
 
68
TOKEN="$(config-get jenkins-token)"
 
69
USERNAME="$(config-get jenkins-admin-user)"
 
70
if [ -n "$TOKEN" ]; then
 
71
    cat <<EOF > $JENKINS_HOME/.cu2d.cred
 
72
citrain:
 
73
    username: $USERNAME
 
74
    password: $TOKEN
 
75
    url: http://127.0.0.1:8080
 
76
    token: $TOKEN
 
77
EOF
 
78
    chmod 0600 $JENKINS_HOME/.cu2d.cred
 
79
    sleep 10 # FIXME something needs time to settle.
 
80
    $AS_JENKINS $JENKINS_HOME/citrain/citrain/manual/setup-citrain --allsilos --prepare --checkpublicationmigration --deploydeploy
 
81
fi