Jenkaas Jobs

Merge ~saviq/jenkaas-jobs:verify-jenkins-creds into jenkaas-jobs:master

  1. Git
  2. lp:~saviq/jenkaas-jobs
  3. verify-jenkins-creds
  4. Merge into master
Proposed by Michał Sawicz
Status: Merged
Approved by: Michi Henning
Approved revision: 907dcf2e5c22aadc9ab0e0f0482ab47a9be2ccf8
Merged at revision: 67ca3889553aa6b1b9e9b87032c467a4bcb7fe49
Proposed branch: ~saviq/jenkaas-jobs:verify-jenkins-creds
Merge into: jenkaas-jobs:master
Diff against target: 290 lines (+144/-100)
5 files modified
dev/null (+0/-98)
jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin-0.py (+15/-0)
jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin-1.sh (+98/-0)
jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin.yaml (+6/-1)
tests/fixtures/credentials/credentials-3-launchpad-plugin.xml (+25/-1)
Reviewer Review Type Date Requested Status
Michi Henning (community) Approve
Review via email: mp+312889@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Michi Henning (michihenning) wrote :

This is really useful, thank you!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin-0.py b/jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin-0.py
2new file mode 100644
3index 0000000..c5308bd
4--- /dev/null
5+++ b/jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin-0.py
6@@ -0,0 +1,15 @@
7+#!/usr/bin/env python
8+
9+import os
10+import requests
11+import sys
12+
13+if __name__ == '__main__':
14+ resp = requests.get('{backend_url}', auth=('{bot_username}', os.environ['jenkins_api_token']))
15+ if resp.status_code == 200:
16+ print("INFO: Authenticated as: {bot_username}")
17+ else:
18+ print("Authentication as {bot_username} failed:")
19+ print("ERROR: {{}}: {{}}".format(resp.status_code, resp.reason))
20+ sys.exit(1)
21+
22diff --git a/jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin-1.sh b/jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin-1.sh
23new file mode 100644
24index 0000000..34b9c41
25--- /dev/null
26+++ b/jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin-1.sh
27@@ -0,0 +1,98 @@
28+#!/bin/bash
29+set -e
30+
31+# Setup the dependencies including tarmac
32+sudo apt-get install -y python-launchpadlib python-bzrlib python-lockfile python-yaml tarmac jenkins-launchpad-plugin python-jenkins
33+
34+# Apply the configuration file.
35+CONFIG_DIR="${{JENKINS_HOME}}/.jlp"
36+CONFIG_PATH="${{CONFIG_DIR}}/jlp.config"
37+
38+if [ ! -d "${{CONFIG_DIR}}" ]; then
39+ mkdir -p "${{CONFIG_DIR}}"
40+fi
41+
42+cat > "${{CONFIG_PATH}}" << EOF
43+#You must explicitely allow users to trigger the jobs on your jenkins
44+#Otherwise anybody can run arbitrary code on your jenkins servers.
45+allowed_users: [{allowed_users}]
46+
47+#path to your credentials file. The first time you run one of these scripts,
48+#launchpad will ask you to authenticate (via a provided URL). Once you do so
49+#(in launchpad) you won't need to do this again.
50+#If your jenkins "lives" in /var/lib/jenkins you probably don't need to change
51+#this
52+credential_store_path: {credentials_path}
53+
54+# When doing a dput into ppa (in autoland.py) a new changelog entry is
55+# generated. DEBEMAIL and DEBFULLNAME are used to generate the entry correctly.
56+# Please note that the gpg keys of the user specified here must be available
57+# on the host where autoland.py is running
58+DEBEMAIL:
59+DEBFULLNAME:
60+
61+#user and password for accessing jenkins. This is needed as we need to find
62+#out if a job is being published to public jenkins or not. The user needs to be
63+#able to see the job configuration
64+jenkins_user: "{bot_username}"
65+jenkins_password: "${{jenkins_api_token}}"
66+
67+#Actual URL of your jenkins (e.g. the jenkins backend URL)
68+jenkins_url: "{backend_url}"
69+
70+#Proxy URL of your jenkins (e.g. the URL accessed by users)
71+jenkins_proxy_url: "${{JENKINS_URL}}"
72+
73+#Token to pass when triggering a jenkins build (leave blank for none)
74+jenkins_build_token: "BUILD_ME"
75+
76+# console output from the following jobs will not be printed to the
77+# affected merge proposal (in the "Executed test runs:" section)
78+jobs_blacklisted_from_messages:
79+{blacklisted_jobs}
80+
81+#message that is used for "testing in progress" comment
82+launchpad_build_in_progress_message: "Jenkins: testing in progress"
83+
84+#login of the launchpad user you will be using for this plugin
85+#ideally this user is part of your project group
86+launchpad_login: {bot_username}
87+
88+#Review type that is used for voting on merge proposals.
89+#Usually you don't need to change this
90+launchpad_review_type: continuous-integration
91+
92+# directory containing lockfiles for Launchpad merge proposals
93+launchpadlocks_dir: /tmp/jenkins-launchpad-plugin/locks
94+
95+#lock file that is being used to limit the number of parallel launchpad
96+#connections
97+lock_name: launchpad-trigger-lock
98+
99+#you don't need to change this
100+lp_app: launchpad-trigger
101+
102+#which launchpad are you using (production/staging)
103+#you don't need to change this
104+lp_env: production
105+
106+#URL of your public jenkins in case you are publishing your jobs to some
107+#other jenkins
108+public_jenkins_url:
109+
110+#in case you are running jenkins in a private infrastructure you probably don't
111+#want to expose your private IPs in public merge proposals
112+#the following defines (IP, replacement) pairs. Your URLs in merge proposals
113+#are then replaced by the replacement (and you can e.g. edit your /etc/hosts
114+#so the links still work for you). The form to specify a replacement is:
115+#urls_to_hide:
116+# - ['http://1.2.3.4:8080','http://jenkins:8080']
117+#
118+#To specify no replacement:
119+#urls_to_hide: []
120+urls_to_hide: []
121+
122+# verbosity of the commands
123+# one of: debug, info, warning, error, critical
124+log_level: debug
125+EOF
126\ No newline at end of file
127diff --git a/jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin.sh b/jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin.sh
128deleted file mode 100644
129index 34b9c41..0000000
130--- a/jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin.sh
131+++ /dev/null
132@@ -1,98 +0,0 @@
133-#!/bin/bash
134-set -e
135-
136-# Setup the dependencies including tarmac
137-sudo apt-get install -y python-launchpadlib python-bzrlib python-lockfile python-yaml tarmac jenkins-launchpad-plugin python-jenkins
138-
139-# Apply the configuration file.
140-CONFIG_DIR="${{JENKINS_HOME}}/.jlp"
141-CONFIG_PATH="${{CONFIG_DIR}}/jlp.config"
142-
143-if [ ! -d "${{CONFIG_DIR}}" ]; then
144- mkdir -p "${{CONFIG_DIR}}"
145-fi
146-
147-cat > "${{CONFIG_PATH}}" << EOF
148-#You must explicitely allow users to trigger the jobs on your jenkins
149-#Otherwise anybody can run arbitrary code on your jenkins servers.
150-allowed_users: [{allowed_users}]
151-
152-#path to your credentials file. The first time you run one of these scripts,
153-#launchpad will ask you to authenticate (via a provided URL). Once you do so
154-#(in launchpad) you won't need to do this again.
155-#If your jenkins "lives" in /var/lib/jenkins you probably don't need to change
156-#this
157-credential_store_path: {credentials_path}
158-
159-# When doing a dput into ppa (in autoland.py) a new changelog entry is
160-# generated. DEBEMAIL and DEBFULLNAME are used to generate the entry correctly.
161-# Please note that the gpg keys of the user specified here must be available
162-# on the host where autoland.py is running
163-DEBEMAIL:
164-DEBFULLNAME:
165-
166-#user and password for accessing jenkins. This is needed as we need to find
167-#out if a job is being published to public jenkins or not. The user needs to be
168-#able to see the job configuration
169-jenkins_user: "{bot_username}"
170-jenkins_password: "${{jenkins_api_token}}"
171-
172-#Actual URL of your jenkins (e.g. the jenkins backend URL)
173-jenkins_url: "{backend_url}"
174-
175-#Proxy URL of your jenkins (e.g. the URL accessed by users)
176-jenkins_proxy_url: "${{JENKINS_URL}}"
177-
178-#Token to pass when triggering a jenkins build (leave blank for none)
179-jenkins_build_token: "BUILD_ME"
180-
181-# console output from the following jobs will not be printed to the
182-# affected merge proposal (in the "Executed test runs:" section)
183-jobs_blacklisted_from_messages:
184-{blacklisted_jobs}
185-
186-#message that is used for "testing in progress" comment
187-launchpad_build_in_progress_message: "Jenkins: testing in progress"
188-
189-#login of the launchpad user you will be using for this plugin
190-#ideally this user is part of your project group
191-launchpad_login: {bot_username}
192-
193-#Review type that is used for voting on merge proposals.
194-#Usually you don't need to change this
195-launchpad_review_type: continuous-integration
196-
197-# directory containing lockfiles for Launchpad merge proposals
198-launchpadlocks_dir: /tmp/jenkins-launchpad-plugin/locks
199-
200-#lock file that is being used to limit the number of parallel launchpad
201-#connections
202-lock_name: launchpad-trigger-lock
203-
204-#you don't need to change this
205-lp_app: launchpad-trigger
206-
207-#which launchpad are you using (production/staging)
208-#you don't need to change this
209-lp_env: production
210-
211-#URL of your public jenkins in case you are publishing your jobs to some
212-#other jenkins
213-public_jenkins_url:
214-
215-#in case you are running jenkins in a private infrastructure you probably don't
216-#want to expose your private IPs in public merge proposals
217-#the following defines (IP, replacement) pairs. Your URLs in merge proposals
218-#are then replaced by the replacement (and you can e.g. edit your /etc/hosts
219-#so the links still work for you). The form to specify a replacement is:
220-#urls_to_hide:
221-# - ['http://1.2.3.4:8080','http://jenkins:8080']
222-#
223-#To specify no replacement:
224-#urls_to_hide: []
225-urls_to_hide: []
226-
227-# verbosity of the commands
228-# one of: debug, info, warning, error, critical
229-log_level: debug
230-EOF
231\ No newline at end of file
232diff --git a/jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin.yaml b/jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin.yaml
233index 926463b..ae0bd4f 100644
234--- a/jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin.yaml
235+++ b/jenkaas_jobs/yaml/credentials/credentials-3-launchpad-plugin.yaml
236@@ -22,4 +22,9 @@
237 - timestamps
238 builders:
239 - shell:
240- !include-raw: credentials-3-launchpad-plugin.sh
241+ !include-raw: credentials-3-launchpad-plugin-0.py
242+ - shell:
243+ !include-raw: credentials-3-launchpad-plugin-1.sh
244+ publishers:
245+ - description_setter:
246+ set_for_matrix: 'true'
247diff --git a/tests/fixtures/credentials/credentials-3-launchpad-plugin.xml b/tests/fixtures/credentials/credentials-3-launchpad-plugin.xml
248index ac7a8be..3c5dd4d 100644
249--- a/tests/fixtures/credentials/credentials-3-launchpad-plugin.xml
250+++ b/tests/fixtures/credentials/credentials-3-launchpad-plugin.xml
251@@ -49,6 +49,24 @@
252 </axes>
253 <builders>
254 <hudson.tasks.Shell>
255+ <command>#!/usr/bin/env python
256+
257+import os
258+import requests
259+import sys
260+
261+if __name__ == '__main__':
262+ resp = requests.get('http://your-jenkins-be.internal:8080/', auth=('test-ci-bot', os.environ['jenkins_api_token']))
263+ if resp.status_code == 200:
264+ print(&quot;INFO: Authenticated as: test-ci-bot&quot;)
265+ else:
266+ print(&quot;Authentication as test-ci-bot failed:&quot;)
267+ print(&quot;ERROR: {}: {}&quot;.format(resp.status_code, resp.reason))
268+ sys.exit(1)
269+
270+</command>
271+ </hudson.tasks.Shell>
272+ <hudson.tasks.Shell>
273 <command>#!/bin/bash
274 set -e
275
276@@ -151,7 +169,13 @@ log_level: debug
277 EOF</command>
278 </hudson.tasks.Shell>
279 </builders>
280- <publishers/>
281+ <publishers>
282+ <hudson.plugins.descriptionsetter.DescriptionSetterPublisher>
283+ <regexp>^INFO:\s+(.*)</regexp>
284+ <regexpForFailed>(^(ERROR|WARNING):\s+.*)</regexpForFailed>
285+ <setForMatrix>true</setForMatrix>
286+ </hudson.plugins.descriptionsetter.DescriptionSetterPublisher>
287+ </publishers>
288 <buildWrappers>
289 <hudson.plugins.timestamper.TimestamperBuildWrapper plugin="timestamper@1.7.2"/>
290 </buildWrappers>

Subscribers

People subscribed via source and target branches