Jenkins CI Agent Charm

Merge jenkins-agent-charm:fix_master_relation_setup into jenkins-agent-charm:master

  1. Git
  2. lp:jenkins-agent-charm
  3. fix_master_relation_setup
  4. Merge into master
Proposed by Alexandre Gomes
Status: Merged
Merged at revision: 5559ec399791c92f499dc478564782cfaffb7d8f
Proposed branch: jenkins-agent-charm:fix_master_relation_setup
Merge into: jenkins-agent-charm:master
Diff against target: 77 lines (+12/-4)
4 files modified
files/jenkins-slave-systemd-config (+1/-1)
files/jenkins-slave-upstart-config (+1/-0)
reactive/jenkins_slave.py (+4/-3)
templates/jenkins-slave-default (+6/-0)
Reviewer Review Type Date Requested Status
Haw Loeung Needs Fixing
Tom Haddon Approve
Canonical IS Reviewers Pending
Review via email: mp+386124@code.launchpad.net

Commit message

Fix the relation setup by making use of the slave secret provided by the master.

To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
Tom Haddon (mthaddon) wrote :

One very minor change, otherwise looks good.

review: Approve
Revision history for this message
Haw Loeung (hloeung) wrote :

write_default_conf() is also called outside of relation context though, specifically in configure_jenkins_slave(). This is why 'url' is saved using unitdata.kv.set().

So I think we'll want to also save the secret, then in configure_jenkins_slave():

| elif kv.get('url'):
| status.maintenance("Using url from relation as 'master_url'")
| write_default_conf(kv.get('url'))

This should retrieve the saved secret and use it for write_default_conf().

review: Needs Fixing

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/files/jenkins-slave-systemd-config b/files/jenkins-slave-systemd-config
2index 516b703..21a4809 100644
3--- a/files/jenkins-slave-systemd-config
4+++ b/files/jenkins-slave-systemd-config
5@@ -11,7 +11,7 @@ Type=simple
6 # Always be Jenkinsing!
7 Restart=always
8 RestartSec=3
9-ExecStartPre=/bin/bash -c '[ -r /etc/default/jenkins-slave ] && . /etc/default/jenkins-slave ; [ -n "$JENKINS_URL" ] || { exit 1; }; mkdir $JENKINS_RUN > /dev/null 2>&1 || true ; chown -R $JENKINS_USER $JENKINS_RUN || true ; /usr/local/sbin/download-slave.sh $JENKINS_URL'
10+ExecStartPre=/bin/bash -c '[ -r /etc/default/jenkins-slave ] && . /etc/default/jenkins-slave ; [ -n "$JENKINS_URL" ] || { exit 1; }; mkdir $JENKINS_RUN > /dev/null 2>&1 || true ; chown -R $JENKINS_USER $JENKINS_RUN || true ; /usr/local/sbin/download-slave.sh $JENKINS_URL ; chown -R $JENKINS_USER $JENKINS_HOME'
11 ExecStart=/bin/bash -c '[ -r /etc/default/jenkins-slave ] && . /etc/default/jenkins-slave ; exec start-stop-daemon --start -c $JENKINS_USER --exec $JAVA --name jenkins-slave -- $JAVA_ARGS -jar $JENKINS_RUN/slave.jar $JENKINS_ARGS'
12
13 [Install]
14diff --git a/files/jenkins-slave-upstart-config b/files/jenkins-slave-upstart-config
15index 0456e1d..c02ec9d 100644
16--- a/files/jenkins-slave-upstart-config
17+++ b/files/jenkins-slave-upstart-config
18@@ -18,6 +18,7 @@ pre-start script
19 mkdir $JENKINS_RUN > /dev/null 2>&1 || true
20 chown -R $JENKINS_USER $JENKINS_RUN || true
21 /usr/local/sbin/download-slave.sh $JENKINS_URL
22+ chown -R $JENKINS_USER $JENKINS_HOME || true
23 end script
24
25 script
26diff --git a/reactive/jenkins_slave.py b/reactive/jenkins_slave.py
27index 8d54436..615084e 100644
28--- a/reactive/jenkins_slave.py
29+++ b/reactive/jenkins_slave.py
30@@ -187,7 +187,8 @@ def slave_relation():
31 url = hookenv.relation_get('url')
32 if url:
33 kv.set('url', url)
34- write_default_conf(url)
35+ secret = hookenv.relation_get('secret')
36+ write_default_conf(url, secret=secret)
37 else:
38 hookenv.log("Master hasn't exported its url yet, exiting...")
39 return
40@@ -228,13 +229,13 @@ def file_to_units(local_path, unit_path, perms=None, owner='root', group='root')
41 host.write_file(path=unit_path, content=fh.read().encode(), owner=owner, group=group, perms=file_perms)
42
43
44-def write_default_conf(master_url=None, owner='root', group='root', conf_path='/etc/default/jenkins-slave'):
45+def write_default_conf(master_url=None, owner='root', group='root', conf_path='/etc/default/jenkins-slave', secret=None):
46 templates_dir = os.path.join(hookenv.charm_dir(), 'templates')
47 slave_host = hookenv.local_unit().replace('/', '-')
48 templating.render(
49 'jenkins-slave-default',
50 conf_path,
51- {'master_url': master_url, 'slave_host': slave_host},
52+ {'master_url': master_url, 'slave_host': slave_host, 'secret': secret},
53 owner=owner,
54 group=group,
55 perms=0o444,
56diff --git a/templates/jenkins-slave-default b/templates/jenkins-slave-default
57index 2e32e7d..b0db0d3 100644
58--- a/templates/jenkins-slave-default
59+++ b/templates/jenkins-slave-default
60@@ -24,6 +24,7 @@ JENKINS_USER=jenkins
61 JENKINS_ROOT=/usr/share/jenkins
62
63 # jenkins home location
64+
65 JENKINS_HOME=/var/lib/jenkins
66
67 # jenkins /run location
68@@ -60,4 +61,9 @@ JENKINS_SLAVE_LOG=/var/log/jenkins/$NAME.log
69 MAXOPENFILES=8192
70
71 # Arguments to pass to jenkins slave on startup
72+{% if secret %}
73+JENKINS_SLAVE_SECRET="{{secret}}"
74+JENKINS_ARGS="-jnlpUrl $JENKINS_URL/computer/$JENKINS_HOSTNAME/slave-agent.jnlp -secret ${JENKINS_SLAVE_SECRET}"
75+{% else %}
76 JENKINS_ARGS="-jnlpUrl $JENKINS_URL/computer/$JENKINS_HOSTNAME/slave-agent.jnlp"
77+{% endif %}

Subscribers

People subscribed via source and target branches

to all changes: