openstack
/
project-config
Code Issues Proposed changes

Add jenkins-slave element for nodepool 

This should be the final step needed to stop puppet from running on
our images. This also will be the entry point for 3rd party CI users
still depending on jenkins.

Change-Id: I33a67f980289002618a55f4221dcf195dc4a787f
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This commit is contained in:
Paul Belanger 2017-04-26 11:04:54 -04:00
parent b3d8f8f85b
commit 2fe9c2125d
No known key found for this signature in database
GPG Key ID: 611A80832067AF38
3 changed files with 56 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
nodepool/elements/jenkins-slave/extra-data.d/20-jenkins-user Executable file
View File

@ -0,0 +1,20 @@
#!/bin/bash
if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then
set -x
fi
set -eu
set -o pipefail
# TODO(pabelanger): Once we complete remove puppet from our diskimages, we
# should also remove our default SSH key. Since only 3rdparty CI system would be
# using this element moving forward, it doesn't make sense to bake in our
# default key.
NODEPOOL_SSH_KEY=${NODEPOOL_SSH_KEY:-AAAAB3NzaC1yc2EAAAADAQABAAABAQC6WutNHfM+YdnjeNFeaIpvxqt+9aDn95Ykpmc+fASSjlDZJtOrueH3ch/v08wkE4WQKg03i+t8VonqEwMGmApYA3VzFsURUQbxzlSz5kHlBQSqgz5JTwUmnt1RH5sePL5pkuJ6JgqJ8PxJod6fiD7YDjaKJW/wBzXGnGg2EkgqrkBQXYL4hyaPuSwsQF0Gdwg3QFqXl+R/GrM6FscUkkJzbjqGKI2GhLT8mf2BIMEAiMFhF5Wl4FFrbvhTfPfW+9VdcsiMxCXaxp00n1x1+Y7OqR5AZ/id0Lkz9ZoFVGS901OB/L4xXrvUtI2y+kIYeF6hxfmAl/zhY0eWzwo9lDPz}
if [ -z $NODEPOOL_SSH_KEY ]; then
die "Can not find public key for jenkins user!"
fi
# save the public key inside the chroot
echo "ssh-rsa $NODEPOOL_SSH_KEY" > $TMP_HOOKS_PATH/jenkins-user-ssh-public-key

35
nodepool/elements/jenkins-slave/install.d/20-jenkins-slave Executable file
View File

@ -0,0 +1,35 @@
#!/bin/bash
if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then
set -x
fi
set -eu
set -o pipefail
groupadd jenkins
useradd -g jenkins -m jenkins
# this was copied from outside the chroot by extras.d
_pub_key=/tmp/in_target.d/jenkins-user-ssh-public-key
if [ ! -f $_pub_key ]; then
die "Can not find Jenkins public key!"
fi
mkdir /home/jenkins/.ssh
chmod 700 /home/jenkins/.ssh
cp $_pub_key /home/jenkins/.ssh/authorized_keys
chmod 644 /home/jenkins/.ssh/authorized_keys
cat > /home/jenkins/.gitconfig <<EOF
[user]
name = OpenStack Jenkins
email = jenkins@openstack.org
signingkey = jenkins@openstack.org
[gitreview]
rebase = false
username = jenkins
EOF
# cleanup everything to the right owner
chown -R jenkins:jenkins /home/jenkins

1
nodepool/elements/nodepool-base/element-deps
View File

@ -1,3 +1,4 @@
jenkins-slave
package-installs
pip-and-virtualenv
puppet