Chuan Chuan Law

DevOps | Software Automation | Continuous Integration

Tag: ansible

Jenkins – How To Automate Credentials Creation

Below is how to create a Jenkins new credentials of type Username & Password via Jenkins API using Ansible

– name: Automatically create Jenkins username & password credentials
uri:
body: |
json={
“”: “0”,
“credentials”: {
“scope”: “GLOBAL”,
“id”: “abcdefg”,
“username”: “testuser@jenkins.com”,
“password”: “{{ testuser_password }}”,
“description”: “test jenkins credentials”,
“$class”: “com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl”
}
}
follow_redirects: all
force_basic_auth: true
method: POST
password: “{{ jenkins_admin_password }}”
return_content: true
url: “{{ jenkins_url }}/credentials/store/system/domain/_/createCredentials”
user: “admin”
validate_certs: false

How To Fix “Cannot get CSRF” When Installing Jenkins-Plugin Using Ansible

Previous Ansible installation with jenkins_plugin will break with newer version of Jenkins. The workaround is as below before the jenkins_plugin step:

– name: disable csrf so we can install plugin
lineinfile:
path: /etc/default/jenkins
regexp: ‘JAVA_ARGS=”- Djava.awt.headless=true’
line: JAVA_ARGS=”- Djava.awt.headless=true – Dhudson.security.csrf.DefaultCrumbIssuer.EXCLUDE_SESSION_ID=true”


– name: restart jenkins
service:
name: jenkins
state: restarted


– pause:
minutes: 1

– name: Install plugins
jenkins_plugin:
name: “{{ item }}”
url_username: admin
url_password: “{{ jenkins_admin_password }}”
url: “{{ jenkins_url }}”
timeout: 90
with_items:
– artifactory

Consul – Alerts

Consul alerts comes really handy in order to notify you whenever the services that you are monitoring goes down. There are many channels that we could integrate. In this blog, I’ll be using HipChat.

To set up:

  • Install consul alerts

/usr/local/go/bin/go get -u github.com/AcalephStorage/consul-alerts

  • Set the HipChat keys. We could do this via :
  1. Key/Value on Consul UI

Screen Shot 2017-08-31 at 1.29.06 PM

 

2. Ansible Consul module for Ansible version >= 2.0

– name: set consul HipChat enable key
consul_kv:
key: consul-alerts/config/notifiers/hipchat/enabled
value: true
when: ansible_version.major|int>=2.0

  • Create a Start script in /etc/init/consul-alert.conf

description “Consul alert process”

start on (local-filesystems and net-device-up IFACE=eth0)
stop on runlevel [!12345]

respawn

setuid consul
setgid consul

exec /opt/alert/bin/./consul-alerts start –alert-addr=localhost:9000 –consul-addr=localhost:8500 –consul-dc=dev –consul-acl-token=”” –watch-events –watch-checks –log-level=err

To use Ansible consul module, you will need to install the module:

– name: install ansible consul module
pip:
name: python-consul
state: present

  • Start service

service consul-alert start

© 2020 Chuan Chuan Law

Theme by Anders NorenUp ↑