puppet-jenkins

This is intended to be a re-usable Puppet module that you can include in your own tree.

Experimental Types and Providers

The experimental types/providers are not for the faint of heart. If you are starting out with this module you probably want to skip directly to Getting Started.

A family of experimental native types and providers has been added to this module, in parallel to the existing classes and defined types, with the goal of soliciting feedback. One of the primary benefits of these new types is not requiring manifest changes to manage jenkins with or without "security" enabled. The goal is to eventually replace the functionality of the existing classes/defines with the new types. Usage feedback (positive and negative), bug reports and/or PRs would be greatly welcomed.

The semantics and API of these types should be considered unstable and almost certainly will change based on feedback. It is currently unclear if these types will be considered part of the public API or treated as private to the module.

See NATIVE_TYPES_AND_PROVIDERS.md

Jenkins 2.54 and 2.46.2 remoting free CLI and username / password CLI auth

Jenkins refactored the CLI in 2.54 and 2.46.2 in response to several security incidents (See JENKINS-41745. This module has been adjusted to support the new CLI.

The CLI supports proper authentication with username and password. It's a requirement for supporting AD and OpenID authentications (there is no ssh key there). You can supply $jenkins::cli_username and $jenkins::cli_password to use username / password based authentication. Then the puppet automation user can also reside in A.D

Note: Jenkins requires a ssh username, so you must also provide $jenkins::cli_username for ssh. If you specify both username/password and ssh key file, SSH authentication is preferred.

Using puppet-jenkins

Getting Started

puppet module install puppet/jenkins

    node 'hostname.example.com' {
        include jenkins
    }

Then the service should be running at http://hostname.example.com:8080/.

Jenkins' options

Master Executor Threads

class { 'jenkins':
  executors => 0,
}

Managing Jenkins jobs

Build jobs can be managed using the jenkins::job define

Creating or updating a build job

  jenkins::job { 'test-build-job':
    config => template("${templates}/test-build-job.xml.erb"),
  }

Removing an existing build job

  jenkins::job { 'test-build-job':
    ensure => 'absent',
  }

Installing Jenkins plugins

The Jenkins puppet module defines the jenkins::plugin resource which will download and install the plugin "by hand"

The names of the plugins can be found on the update site

Latest

By default, the resource will install the latest plugin, i.e.:

  jenkins::plugin { 'git': }

If you specify version => 'latest' in current releases of the module, the plugin will be downloaded and installed with every run of Puppet. This is a known issue and will be addressed in future releases.

By version

If you need to peg a specific version, simply specify that as a string, i.e.:

  jenkins::plugin { 'git':
    version => '1.1.11',
  }

Note that plugin will timeout if it takes longer than 120 seconds to download. You can increase this by specifying a timeout value, i.e: timeout => 240.

Verifying

This module will download the jenkins modules over HTTP, without SSL. In order to add some verification regarding the downloaded file, you can specify a checksum. You can also define a checksum type with 'digest_type' (default to sha1 if unspecified) ie.:

  jenkins::plugin { 'git':
    version       => '2.2.12',
    digest_string => '48141822e0eea1faa1a1a99b35372494e7352c2746ca3aa3a19a07f34b021848d2cd0bffc8959c1b809c5be231c1b49e9ffec0430dd68938197ac0f34588ee25',
    digest_type   => 'sha512',
  }

Direct URL

Direct URL from which to download plugin without modification. This is particularly useful for development and testing of plugins which may not be hosted in the typical Jenkins' plugin directory structure.

  jenkins::plugin { 'myplugin':
    source => 'https://example.org/myplugin.hpi',
  }

Note that that when source is specified, the version and plugin_url parameters will have no effect on the plugin retrieval URL.

Plugin dependencies

Dependencies are not automatically installed. You need to manually determine the plugin dependencies and include those as well. The Jenkins wiki is a good place to do this. For example: The Git plugin page is at https://wiki.jenkins-ci.org/display/JENKINS/Git+Plugin.

Slaves

You can automatically add slaves to jenkins, and have them auto register themselves. Most options are actually optional, as nodes will auto-discover the master, and connect.

Full documentation for the slave code is in jenkins::slave.

It requires the swarm plugin on the master & the class jenkins::slave on the slaves, as below:

    node /jenkins-slave.*/ {
      class { 'jenkins::slave':
        masterurl => 'http://jenkins-master1.domain.com:8080',
        ui_user => 'adminuser',
        ui_pass => 'adminpass',
      }
    }

    node /jenkins-master.*/ {
        include jenkins
        include jenkins::master
    }

Depending on Jenkins

If you have any resource in Puppet that depends on Jenkins being present, add the following require statement:

  exec { 'some-exec':
    require => Class['jenkins::package'],
    # ... etc
  }

Advanced features

1. Plugin Hash - jenkins::plugins
2. Config Hash - jenkins::config
3. Configure Firewall - jenkins (init.pp)
4. Outbound Jenkins Proxy Config - jenkins (init.pp)
5. CLI Helper
   • exec_cli_helper
6. Jenkins Users
7. Credentials
8. Simple security model configuration

API-based Resources and Settings (Users, Credentials, security)

This module includes a groovy-based helper script that uses the Jenkins CLI to interact with the Jenkins API. Users, Credentials, and security model configuration are all driven through this script.

When an API-based resource is defined, the Jenkins' CLI is installed and run against the local system (127.0.0.1). Jenkins is assumed to be listening on port 8080, but the module is smart enough to notice if you've configured an alternate port using jenkins::config_hash['JENKINS_PORT'].

Users and credentials are Puppet-managed, meaning that changes made to them from outside Puppet will be reset at the next puppet run. In this way, you can ensure that certain accounts are present and have the appropriate login credentials.

CLI Helper

The CLI helper assumes unauthenticated access unless configured otherwise. You can configure jenkins::cli_helper to use an SSH key on the managed system by passing the keyfile path as a class parameter:

  class {'jenkins':
    cli_ssh_keyfile => '/path/to/id_rsa',
  }

... or via hiera:

jenkins::cli_ssh_keyfile: "/path/to/id_rsa"

Direct including of the jenkins::cli_helper class into the manifest is deprecated.

There's an open bug in Jenkins (JENKINS-22346) that causes authentication to fail when a key is used but authentication is disabled. Until the bug is fixed, you may need to bootstrap jenkins out-of-band to ensure that resources and security policy are configured in the correct order. For example:

# In puppet:
  anchor {'jenkins-bootstrap-start': } ->
    Class['jenkins::cli_helper'] ->
      Exec[$bootstrap_script] ->
        anchor {'jenkins-bootstrap-complete': }

# Code for $bootstrap_script
#!/bin/bash -e
# Generate an SSH key for the admin user
ADMIN_USER='<%= admin_user_name %>'
ADMIN_EMAIL='<%= admin_user_email %>'
ADMIN_PASSWORD='<%= admin_user_password %>'
ADMIN_FULLNAME='<%= admin_user_full_name %>'
ADMIN_SSH_KEY='<%= admin_ssh_keyfile %>'
JENKINS_CLI='<%= jenkins_libdir %>/jenkins-cli.jar'
PUPPET_HELPER='<%= jenkins_libdir %>/puppet_helper.groovy'
HELPER="java -jar $JENKINS_CLI -s http://127.0.0.1:8080 groovy $PUPPET_HELPER"
DONEFILE='<%= jenkins_libdir %>/jenkins-bootstrap.done'

ADMIN_PUBKEY="$(cat ${ADMIN_SSH_KEY}.pub)"

# Create the admin user, passing no credentials
$HELPER create_or_update_user "$ADMIN_USER" "$ADMIN_EMAIL" "$ADMIN_PASSWORD" "$ADMIN_FULLNAME" "$ADMIN_PUBKEY"
# Enable security. After this, credentials will be required.
$HELPER set_security full_control

touch $DONEFILE

jenkins::cli::exec

The defined type jenkins::cli::exec may be used to execute arbitrary CLI helper commands.

Arguments to the CLI helper script may be specified as the resource's title.

  jenkins::cli::exec { 'set_num_executors 0': }

Or passed as an array to the command parameter. This example is semantically equivalent to the first.

  jenkins::cli::exec { 'set_num_executors 0':
    command => ['set_num_executors', '0'],
  }

which is also equivalent to:

  jenkins::cli::exec { 'set_num_executors 0':
    command => 'set_num_executors 0',
  }

If the unless parameter is specified, an environment variable named $HELPER_CMD is declared which contains the complete string needed to execute the CLI helper script (minus arguments). This may be useful in constructing idempotent exec statements.

  $num_executors = 0
  jenkins::cli::exec { "set_num_executors ${num_executors}":
    unless => "[ \$(\$HELPER_CMD get_num_executors) -eq ${num_executors} ]"
  }

Users

Email and password are required.

Create a johndoe user account whose full name is "Managed by Puppet":

  jenkins::user { 'johndoe':
    email    => 'jdoe@example.com',
    password => 'changeme',
  }

Credentials

Password is required. For ssh credentials, password is the key passphrase (or '' if there is none). private_key_or_path is the text of key itself or an absolute path to a key file on the managed system.

Create ssh credentials named 'github-deploy-key', providing an unencrypted private key:

    jenkins::credentials { 'github-deploy-key':
      password            => '',
      private_key_or_path => hiera('::github_deploy_key'),
    }

Setting a UUID:

You can also specify a UUID to use with the credentials, which will be used to identify the credentials from within the job config. This is necessary when setting credentials for use with the git plugin, for example.

You can either manually generate a UUID from a site like UUIDTools.com, or use the UUID from an existing user, which is accessible within the URL of the Jenkins console when managing an existing user's credentials.

    jenkins::credentials { 'deploy-user':
      password            => '',
      private_key_or_path => hiera('::deploy_key'),
      uuid                => hiera('::deploy_credentials_uuid'),
    }

Configuring Security

The Jenkins security model can be set to one of two modes:

• full_control - Users have full control after login. Authentication uses Jenkins' built-in user database.
• unsecured - Authentication is not required.

Jenkins security is not managed by puppet unless jenkins::security is defined.

Using from Github / source

With librarian

If you use librarian-puppet, add the following to your Puppetfile:

mod "puppet/jenkins"

With the "puppet module" tool

This module is compatible with the puppet module tool. Appropriately this module has been released to the Puppet Forge, allowing you to easily install the released version of the module

To quickly try this module with the puppet module tool:

% sudo puppet module install puppet/jenkins
% sudo puppet apply -v -e 'include jenkins'
info: Loading facts in facter_dot_d
info: Loading facts in facter_dot_d
info: Applying configuration version '1323459431'
notice: /Stage[main]/Jenkins::Repo::El/Yumrepo[jenkins]/descr: descr changed '' to 'Jenkins'
notice: /Stage[main]/Jenkins::Repo::El/Yumrepo[jenkins]/baseurl: baseurl changed '' to 'http://pkg.jenkins-ci.org/redhat/'
notice: /Stage[main]/Jenkins::Repo::El/Yumrepo[jenkins]/gpgcheck: gpgcheck changed '' to '1'
notice: /Stage[main]/Jenkins::Repo::El/File[/etc/yum/jenkins-ci.org.key]/ensure: defined content as '{md5}9fa06089848262c5a6383ec27fdd2575'
notice: /Stage[main]/Jenkins::Repo::El/Exec[rpm --import /etc/yum/jenkins-ci.org.key]/returns: executed successfully
notice: /Stage[main]/Jenkins::Package/Package[jenkins]/ensure: created
notice: /Stage[main]/Jenkins::Service/Service[jenkins]/ensure: ensure changed 'stopped' to 'running'
notice: Finished catalog run in 27.46 seconds

Overriding the jenkins package name

It's possible to specify a different package name to the default jenkins if you wish:

class { 'jenkins':
  package_name => 'jenkins_custom',
}

Installing from a hosted RPM

Sometimes you don't have an RPM repository available and are not allowed to directly install from repositories on the Internet. In this case, you can still install Jenkins with this module by hosting the jenkins RPM file somewhere accessible (http server, S3 bucket, etc.) and tell

class { 'jenkins':
  direct_download => 'http://myserver/rpms/jenkins-x.xxx-1-1.rpm',
}

Reference

Table of Contents

Classes

Public Classes

• jenkins: This class manages the Jenkins CI/CD service. Note that if different jenkins listening port(s) are configur
• jenkins::cli::config: This class provides configuration values to override defaults and fact data for PuppetX::Jenkins::Provider::Clihelper based providers. Defau
• jenkins::cli_helper: A helper script for creating resources via the Jenkins cli
• jenkins::master: Install a master
• jenkins::security: Jenkins security configuration
• jenkins::slave: === Examples class { 'jenkins::slave': masterurl => 'http://jenkins-master1.example.com:8080', ui_user => 'adminuser', ui_pass =>

Private Classes

• jenkins::cli: Allow Jenkins commands to be issued from the command line
• jenkins::cli::reload: Command Jenkins to reload config.xml via the CLI.
• jenkins::config: Wire up the configuration
• jenkins::direct_download: Support for directly downloading a package file - for when no repository is available
• jenkins::firewall: Integrate with the puppetlabs-firewall module for opening the port to Jenkins automatically
• jenkins::jobs: Create Jenkins Jobs
• jenkins::package: Installation of the Jenkins native package.
• jenkins::params: Default parameters
• jenkins::plugins: Install Jenkins plugins
• jenkins::proxy: Configure the proxy part
• jenkins::repo: Pull in the platform specific repo classes
• jenkins::repo::debian: Set up the apt repo on Debian-based distros
• jenkins::repo::el: Set up the yum repo on Red Hat-based distros
• jenkins::repo::suse: Set up the Zypper repo on SUSE-based distros
• jenkins::service: Manage the Jenkins service
• jenkins::user_setup: Optionally create the jenkins user and make sure all directories have proper permissions setup.
• jenkins::users: Create Jenkins users

Defined types

Public Defined types

• jenkins::augeas: Change config files using augeas
• jenkins::cli::exec: Executing custom helper script commands via the Jenkins CLI.
• jenkins::credentials: Jenkins credentials via the CloudBees Credentials plugin
• jenkins::job: Manage Jenkins jobs given a name and config xml
• jenkins::plugin: Manage the state of an installed plugin
• jenkins::user: Manage Jenkins user accounts

Private Defined types

• jenkins::job::absent: Removes a jenkins build job
• jenkins::job::present: Creates or updates a jenkins build job

Functions

• jenkins_port: Return the configurad Jenkins port value (corresponds to /etc/defaults/jenkins -> JENKINS_PORT Example: $port = jenkins_port()
• jenkins_prefix: Return the configured Jenkins prefix value (corresponds to /etc/defaults/jenkins -> PREFIX) Example: $prefix = jenkins_prefix()

Data types

• Jenkins::Tunnel: A custom data type for a jenkins tunnel verification

Classes

jenkins

This class manages the Jenkins CI/CD service.

Note that if different jenkins listening port(s) are configured via jenkins::port and jenkins::config_hash resource, "bad things" are likely to happen. This is a known implementation problem with this module that can not be fixed without breaking backwards compatibility.

Examples

Bulk sysconf

class{ 'jenkins':
  config_hash => {
    'JENKINS_PORT' => { 'value' => '9090' },
  }
}

Bulk plugin installation (code)

class{ 'jenkins::plugins':
  plugin_hash => {
    'git' => { version => '1.1.1' },
    'parameterized-trigger' => {},
    'multiple-scms' => {},
    'git-client' => {},
    'token-macro' => {},
  }
}

Bulk plugin installation (hiera)

jenkins::plugin_hash:
   git:
      version: '1.1.1'
   parameterized-trigger: {}
   multiple-scms: {}
   git-client: {}
   token-macro: {}

Bulk user creation (code)

class{ 'jenkins':
  user_hash => {
    'user1' => {
      'password' => 'pass1',
       'email'   => 'user1@example.com',
    }
  }
}

Bulk user creation (hiera)

jenkins::user_hash:
  user:
    password: 'pass1'
    email: 'user1@example.com'

Manage version of credentials plugin (hiera)

jenkins::default_plugins: []
jenkins::plugin_hash:
  credentials:
    version: 2.1.5
    digest_string: 7db002e7b053f863e2ce96fb58abb98a9c01b09c
    digest_type: sha1

Explicitly manage all plugins (hiera)

jenkins::default_plugins: []
jenkins::purge_plugins: true
jenkins::plugin_hash:
  credentials:
    version: '2.1.10'
  support-core:
    version: '2.38'
  # support-core deps
  metrics:
    version: '3.1.2.9'
  jackson2-api:
    version: '2.7.3'
  bouncycastle-api:
    version: '2.16.0'
  # /support-core deps

Parameters

The following parameters are available in the jenkins class:

• version
• lts
• repo
• package_name
• direct_download
• package_cache_dir
• package_provider
• manage_service
• service_enable
• service_ensure
• service_override
• service_provider
• config_hash
• plugin_hash
• job_hash
• user_hash
• configure_firewall
• install_java
• repo_proxy
• proxy_host
• proxy_port
• no_proxy_list
• cli
• cli_ssh_keyfile
• cli_username
• cli_password
• cli_password_file
• cli_tries
• cli_try_sleep
• port
• libdir
• manage_datadirs
• localstatedir
• executors
• slaveagentport
• manage_user
• user
• manage_group
• group
• default_plugins
• default_plugins_host
• purge_plugins

version

Data type: String

package to install

• installed (Default) do NOT update jenkins to the most recent version.
• latest automatically update the version of jenkins to the current version available via your package manager.

Default value: 'installed'

lts

Data type: Boolean

use the upstream jenkins "Long Term Support" repos

• false Use the most up to date version of jenkins
• true (Default) Use LTS version of jenkins

Default value: true

repo

Data type: Boolean

configure upstream jenkins package repos

false means do NOT configure the upstream jenkins package repo. This means you'll manage a repo manually outside this module. This can also be your distribution's repo.

Default value: $jenkins::params::repo

package_name

Data type: String

Optionally override the package name

Default value: 'jenkins'

direct_download

Data type: Optional[String]

URL to jenkins package

Ignore repository based package installation and download the package directly. Leave as undef (the default) to download using your OS package manager

Default value: undef

package_cache_dir

Data type: Stdlib::Absolutepath

Directory in which to store a direct_download package

Default value: '/var/cache/jenkins_pkgs'

package_provider

Data type: Optional[String]

Override the package resource provider

This only has effect when using direct_download.

Default value: $jenkins::params::package_provider

manage_service

Data type: Boolean

Enable management of Service[jenkins] resource

When setting to false please ensure something else defines Service[jenkins] in order for some module functionality (e.g. jenkins::cli) to work properly

Default value: true

service_enable

Data type: Boolean

Enable (or not) the jenkins service

Default value: true

service_ensure

Data type: Enum['running', 'stopped']

Status of the jenkins service

• running (default)
• stopped

Default value: 'running'

service_override

Data type: Hash[String[1], String]

Override the jenkins service configuration

Default value: {}

service_provider

Data type: Optional[String]

Override Service[jenkins] resource provider

Setting this to undef on platforms with systemd will force the usage of package provider sysv init scripts.

Default value: undef

config_hash

Data type: Hash

options to set in sysconfig/jenkins defaults/jenkins

(see jenkins::sysconf)

Default value: {}

plugin_hash

Data type: Hash

plugins to install

(see jenkins::plugin)

Default value: {}

job_hash

Data type: Hash

jobs to install

(see jenkins::job)

Default value: {}

user_hash

Data type: Hash

jenkins users to create

Default value: {}

configure_firewall

Data type: Boolean

For folks that want to manage the puppetlabs firewall module.

• If it's not present in the catalog, nothing happens.
• If it is, you need to explicitly set this true / false.
  • We didn't want you to have a service opened automatically, or unreachable inexplicably.
• This default changed in v1.0 to be undef.

Default value: false

install_java

Data type: Boolean

use the puppetlabs-java module to install a JDK

Jenkins requires a JRE. Setting this to false means that you are response for managing a JDK outside of this module.

Default value: true

repo_proxy

Data type: Optional[String]

proxy to download packages

This parameter is only relevant for yum repos managed by this module.

Default value: undef

proxy_host

Data type: Optional[String]

proxy hostname for plugin installation via this module and the UpdateCenter

Default value: undef

proxy_port

Data type: Optional[Integer]

proxy port for plugin installation via this module and the UpdateCenter

Default value: undef

no_proxy_list

Data type: Optional[Array]

List of hostname patterns to skip using the proxy.

• Only effective if "proxy_host" and "proxy_port" are set.
• Only applies to plugins installed via the UpdateCenter

Default value: undef

cli

Data type: Boolean

install jenkins-cli.jar CLI utility

• force installation of the jenkins CLI jar to $libdir/jenkins-cli.jar
• the cli is automatically installed when needed by components that use it, such as the user and credentials types, and the security class

Default value: true

cli_ssh_keyfile

Data type: Optional[Stdlib::Absolutepath]

Provides the location of an ssh private key file to make authenticated connections to the Jenkins CLI.

Default value: undef

cli_username

Data type: Optional[String]

Provides the username for authenticating to Jenkins via username and password.

Default value: undef

cli_password

Data type: Optional[String]

Provides the password for authenticating to Jenkins via username and password. Needed if cli_username is specified.

Default value: undef

cli_password_file

Data type: Optional[String]

Provides the password file for authenticating to Jenkins via username and password. Needed if cli_username is specified and cli_password is undefined.

Default value: undef

cli_tries

Data type: Integer

Retries until giving up talking to jenkins API

Default value: 10

cli_try_sleep

Data type: Integer

Seconds between tries to contact jenkins API

Default value: 10

port

Data type: Integer

Jenkins listening HTTP port

Note that this value is used for CLI communication and firewall configuration. It does not configure the port on which the jenkins service listens. (see config_hash)

Default value: 8080

libdir

Data type: Stdlib::Absolutepath

Path to jenkins core files

Default value: '/usr/share/java'

manage_datadirs

Data type: Boolean

manage the local state dir, plugins dir and jobs dir

Default value: true

localstatedir

Data type: Stdlib::Absolutepath

base path, in the autoconf sense, for jenkins local data including jobs and plugins

Default value: '/var/lib/jenkins'

executors

Data type: Optional[Integer]

number of executors on the Jenkins master

Default value: undef

slaveagentport

Data type: Optional[Integer]

jenkins slave agent

Default value: undef

manage_user

Data type: Boolean

manage the system jenkins user

Default value: true

user

Data type: String

system user that owns the jenkins master's files

Default value: 'jenkins'

manage_group

Data type: Boolean

manage the system jenkins group

Default value: true

group

Data type: String

system group that owns the jenkins master's files

Default value: 'jenkins'

default_plugins

Data type: Array

List of default plugins installed by this module

The the credentials plugin is required for this module to properly function. No version is specified. Set to [] if you want to explicitly manage all plugins version

Default value: $jenkins::params::default_plugins

default_plugins_host

Data type: String

Provide a way to override plugins host for all plugins

Default value: 'https://updates.jenkins.io'

purge_plugins

Data type: Boolean

Purge all plugins not explicitly managed by this module

This will result in plugins manually installed via the UpdateCenter being removed. Only enable this option if you want to manage all plugins (and plugin dependencies) explicitly.

Default value: false

jenkins::cli::config

This class provides configuration values to override defaults and fact data for PuppetX::Jenkins::Provider::Clihelper based providers.

Default and fact data is managed internal to the PuppetX::Jenkins::Provider::Clihelper class for compatiblity with the puppet resource face. No defaults should be set in this classes definition.

Parameters

The following parameters are available in the jenkins::cli::config class:

• cli_jar
• url
• ssh_private_key
• puppet_helper
• cli_tries
• cli_try_sleep
• cli_username
• cli_password
• cli_password_file
• cli_password_file_exists
• ssh_private_key_content

cli_jar

Data type: Optional[Stdlib::Absolutepath]

Default value: undef

url

Data type: Optional[String]

Default value: undef

ssh_private_key

Data type: Optional[Stdlib::Absolutepath]

Default value: undef

puppet_helper

Data type: Optional[Stdlib::Absolutepath]

Default value: undef

cli_tries

Data type: Optional[Integer]

Default value: undef

cli_try_sleep

Data type: Optional[Numeric]

Default value: undef

cli_username

Data type: Optional[String]

Default value: undef

cli_password

Data type: Optional[String]

Default value: undef

cli_password_file

Data type: String

Default value: '/tmp/jenkins_credentials_for_puppet'

cli_password_file_exists

Data type: Boolean

Default value: false

ssh_private_key_content

Data type: Optional[String]

Default value: undef

jenkins::cli_helper

A helper script for creating resources via the Jenkins cli

jenkins::master

Install a master

Parameters

The following parameters are available in the jenkins::master class:

• version

version

Data type: String

Version of the swarm plugin

Default value: $jenkins::params::swarm_version

jenkins::security

Copyright 2014 RetailMeNot, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Parameters

The following parameters are available in the jenkins::security class:

• security_model

security_model

Data type: String

jenkins::slave

=== Examples

class { 'jenkins::slave': masterurl => 'http://jenkins-master1.example.com:8080', ui_user => 'adminuser', ui_pass => 'adminpass' }

=== Authors

Matthew Barr mbarr@mbarr.net

=== Copyright

Copyright 2013 Matthew Barr , but can be used for anything by anyone..

Parameters

The following parameters are available in the jenkins::slave class:

• slave_name
• description
• masterurl
• autodiscoveryaddress
• ui_user
• ui_pass
• tool_locations
• source
• proxy_server
• tunnel
• version
• executors
• manage_slave_user
• slave_user
• slave_groups
• slave_uid
• slave_home
• slave_mode
• disable_ssl_verification
• disable_clients_unique_id
• labels
• install_java
• manage_client_jar
• ensure
• enable
• java_args
• swarm_client_args
• delete_existing_clients
• java_cmd

slave_name

Data type: Optional[String]

Default value: undef

description

Data type: Optional[String]

Default value: undef

masterurl

Data type: Optional[String]

Default value: undef

autodiscoveryaddress

Data type: Optional[String]

Default value: undef

ui_user

Data type: Optional[String]

Default value: undef

ui_pass

Data type: Optional[String]

Default value: undef

tool_locations

Data type: Optional[String]

Default value: undef

source

Data type: Optional[String]

Default value: undef

proxy_server

Data type: Optional[String]

Default value: undef

tunnel

Data type: Optional[Jenkins::Tunnel]

Default value: undef

version

Data type: String

Default value: $jenkins::params::swarm_version

executors

Data type: Integer

Default value: 2

manage_slave_user

Data type: Boolean

Default value: true

slave_user

Data type: String

Default value: 'jenkins-slave'

slave_groups

Data type: Optional[String]

Default value: undef

slave_uid

Data type: Optional[Integer]

Default value: undef

slave_home

Data type: Stdlib::Absolutepath

Default value: '/home/jenkins-slave'

slave_mode

Data type: Enum['normal', 'exclusive']

Default value: 'normal'

disable_ssl_verification

Data type: Boolean

Default value: false

disable_clients_unique_id

Data type: Boolean

Default value: false

labels

Data type: Array[String[1]]

Default value: []

install_java

Data type: Any

Default value: true

manage_client_jar

Data type: Boolean

Default value: true

ensure

Data type: Enum['running', 'stopped']

Default value: 'running'

enable

Data type: Boolean

Default value: true

java_args

Data type: Array[String[1]]

Default value: []

swarm_client_args

Data type: Array[String[1]]

Default value: []

delete_existing_clients

Data type: Boolean

Default value: false

java_cmd

Data type: Any

Default value: '/usr/bin/java'

Defined types

jenkins::augeas

Change config files using augeas

Examples

Configure the git plugin

jenkins::augeas { 'git':
  plugin          => true,
  config_filename => 'hudson.plugins.git.GitSCM.xml',
  context         => '/hudson.plugins.git.GitSCM_-DescriptorImpl',
  changes         => [
    'set globalConfigName/#text "Bob the Builder"',
    'set globalConfigEmail/#text "bob@example.com",
  ],
}

Parameters

The following parameters are available in the jenkins::augeas defined type:

• config_filename
• changes
• onlyif
• plugin
• plugin_version
• context
• restart
• show_diff

config_filename

Data type: String

Filename of the configuration file to work on relative to the jenkins localstatedir.

changes

Data type: Variant[Array[String], String]

String or array with augeas changes to perform.

onlyif

Data type: Optional[Variant[Array[String], String]]

Optional augeas command and comparisons to control the execution of this type.

Default value: undef

plugin

Data type: Variant[Boolean,String]

Optionally jenkins::augeas can also install the plugin. If this is set to true, we use the name of the resource as plugin name. If it's a string, that is used as plugin name.

Default value: false

plugin_version

Data type: Optional[String]

Optional plugin version to pass through to jenkins::plugin

Default value: undef

context

Data type: String

Optional context to ease your change rules.

Default value: '/'

restart

Data type: Boolean

If set to true, will trigger a jenkins (safe-)restart in stead of reloading the configuration.

Default value: false

show_diff

Data type: Boolean

Whether to display differences when the file changes, defaulting to true.

Default value: true

jenkins::cli::exec

Executing custom helper script commands via the Jenkins CLI.

Parameters

The following parameters are available in the jenkins::cli::exec defined type:

• unless
• command

unless

Data type: Optional[String]

The unless parameter passed to the exec resource

Default value: undef

command

Data type: Variant[String, Array]

The command or commands to run

Default value: $title

jenkins::credentials

Copyright 2014 RetailMeNot, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Parameters

The following parameters are available in the jenkins::credentials defined type:

• password
• description
• private_key_or_path
• ensure
• uuid

password

Data type: String

description

Data type: String

Default value: 'Managed by Puppet'

private_key_or_path

Data type: String

Default value: ''

ensure

Data type: Enum['present', 'absent']

Default value: 'present'

uuid

Data type: String

Default value: ''

jenkins::job

Manage Jenkins jobs given a name and config xml

Parameters

The following parameters are available in the jenkins::job defined type:

• config
• source
• template
• jobname
• ensure
• difftool
• replace

config

Data type: String

The content of the jenkins job config file (required)

source

Data type: Optional[String]

Path to a puppet file() resource containing the Jenkins XML job description. Will override 'config' if set

Default value: undef

template

Data type: Optional[String[1]]

Path to a puppet template() resource containing the Jenkins XML job description. Will override 'config' if set

Default value: undef

jobname

Data type: String

the name of the jenkins job

Default value: $title

ensure

Data type: Enum['present', 'absent']

choose 'absent' to ensure the job is removed

Default value: 'present'

difftool

Data type: String

Provide a command to execute to compare Jenkins job files

Default value: '/usr/bin/diff -b -q'

replace

Data type: Boolean

Whether or not to replace the job if it already exists.

Default value: true

jenkins::plugin

This can be used to manage the state of individual plugins. Note that it does no dependency management and that's all up to the user. This is particularly important to remember when also purging plugins.

Parameters

The following parameters are available in the jenkins::plugin defined type:

• version
• config_filename
• config_content
• update_url
• source
• extension
• digest_string
• digest_type
• enabled
• pin
• download_options

version

Data type: Optional[String]

The version to ensure

Default value: undef

config_filename

Data type: Optional[String]

Name of the config file for this plugin. Note config_content must also be set.

Default value: undef

config_content

Data type: Optional[String]

Content of the config file for this plugin. It is up to the caller to create this content from a template or any other mean. config_filename must also be set.

Default value: undef

update_url

Data type: Optional[String]

Default value: undef

source

Data type: Optional[String]

Direct URL from which to download plugin without modification. This is particularly useful for development and testing of plugins which may not be hosted in the typical Jenkins' plugin directory structure. E.g.,

https://example.org/myplugin.hpi

Default value: undef

extension

Data type: Enum['hpi', 'jpi']

When no source is given, this extension is used

Default value: 'hpi'

digest_string

Data type: Optional[String]

An optional digest string to verify integrity. The digest_type parameter describes content of this string. It's passed to puppet-archive to verify the downloaded plugin.

Default value: undef

digest_type

Data type: String

This parameter describes the content of digest_string. It's passed to puppet-archive to verify the downloaded plugin.

Default value: 'sha1'

enabled

Data type: Boolean

Ensure whether the plugin is enabled or not. Disabled plugins are still installed.

Default value: true

pin

Data type: Boolean

Pin the plugin to a specific version. This prevents the updater from updating it.

Default value: false

download_options

Data type: Array[String[1]]

Add options to Archive's curl

Default value: ['--http1.1']

jenkins::user

Copyright 2014 RetailMeNot, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Parameters

The following parameters are available in the jenkins::user defined type:

• email
• password
• full_name
• public_key
• ensure

email

Data type: Pattern[/^[^@]+@[^@]+$/]

password

Data type: String

full_name

Data type: String

Default value: 'Managed by Puppet'

public_key

Data type: String

Default value: ''

ensure

Data type: Enum['present', 'absent']

Default value: 'present'

Functions

jenkins_port

Type: Ruby 3.x API

Return the configurad Jenkins port value (corresponds to /etc/defaults/jenkins -> JENKINS_PORT

Example:

$port = jenkins_port()

jenkins_port()

Return the configurad Jenkins port value (corresponds to /etc/defaults/jenkins -> JENKINS_PORT

Example:

$port = jenkins_port()

Returns: Any

jenkins_prefix

Type: Ruby 3.x API

Return the configured Jenkins prefix value (corresponds to /etc/defaults/jenkins -> PREFIX)

Example:

$prefix = jenkins_prefix()

jenkins_prefix()

Return the configured Jenkins prefix value (corresponds to /etc/defaults/jenkins -> PREFIX)

Example:

$prefix = jenkins_prefix()

Returns: Any

Data types

Jenkins::Tunnel

A custom data type for a jenkins tunnel verification

Alias of Variant[Pattern[/.+:$/], Pattern[/.+:[0-9]+/], Pattern[/^:[0-9]+/]]

Changelog

All notable changes to this project will be documented in this file. Each new release typically also includes the latest modulesync defaults. These should not affect the functionality of the module.

v6.0.0 (2025-01-07)

Full Changelog

Breaking changes:

• Drop support for Ubuntu 20.04 #1119 (evgeni)
• Drop EoL EL7 support #1112 (bastelfreak)

Implemented enhancements:

• Add support for Ubuntu 24.04 #1118 (evgeni)
• Add support for Debian 12 #1117 (evgeni)
• Support puppetlabs/apt 10.x; require >= 9.2 #1116 (evgeni)
• puppet/systemd: allow 8.x #1113 (jay7x)

Merged pull requests:

• Install Java 17 JDK in acceptance tests #1115 (evgeni)

v5.0.0 (2024-05-07)

Full Changelog

Breaking changes:

• CentOS: Drop EoL 7/8 support #1106 (bastelfreak)
• Use native Puppet instead of the retries Gem in the CLI provider, replacing try_sleep parameter by exponential backoff #904 (ekohl)

Implemented enhancements:

• update puppet-systemd upper bound to 8.0.0 #1102 (TheMeier)
• Add support for Puppet 8 #1095 (evgeni)
• Add support for puppetlabs/java 11.x #1094 (evgeni)
• replace deprecated merge function with native puppet #1092 (zilchms)
• Remove legacy top-scope syntax #1084 (smortex)
• Add download option to jenkins module #1073 (ekohl)

v4.0.0 (2023-09-29)

Full Changelog

Breaking changes:

• Drop Ubuntu 18.04, add 20.04 and 22.04 support #1080 (evgeni)
• Drop Puppet 6 support #1074 (bastelfreak)

Implemented enhancements:

• Add support for EL9, document Alma/Oracle/Rocky support #1081 (evgeni)
• Allow puppetlabs/stdlib 9.x, puppetlabs/java 10.x, puppet/archive 7.x, puppet/zypprepo 5.x, puppet/systemd 6.x #1076 (bastelfreak)

v3.3.0 (2023-04-19)

Full Changelog

Implemented enhancements:

• Update repository key for 2023 #1069 (flichtenheld)

Merged pull requests:

• Fix GitLabApiTokenImpl & BrowserStackCredentials tests #1071 (ekohl)

v3.2.1 (2023-04-11)

Full Changelog

Fixed bugs:

• Allow puppetlabs/java 9 #1068 (ekohl)

v3.2.0 (2023-04-11)

Full Changelog

Implemented enhancements:

• Mark compatible with puppetlabs/apt 9 & puppetlabs/java 8 #1066 (ekohl)

v3.1.0 (2023-04-07)

Full Changelog

Implemented enhancements:

• el repo enabled toggle added #1064 (wimkorevaar)
• bump puppet/systemd to \< 5.0.0 #1063 (jhoblitt)

Merged pull requests:

• Fix broken Apache-2 license #1062 (bastelfreak)

v3.0.0 (2022-09-16)

Full Changelog

Breaking changes:

• remove deprecated param $ssh_keyfile from jenkins::cli_helper #866
• Change slave on mac to use plist and use EPP #1057 (ekohl)
• Remove deprecated hiera_array usage #1055 (ekohl)
• Drop Ubuntu 16.04 support #1039 (ekohl)
• Drop sysvinit support in jenkins::slave #1038 (ekohl)
• Rewrite to native systemd #1035 (ekohl)
• Change supported Puppet versions to 6 & 7 #1003 (genebean)
• Remove deprecated enabled parameter on job #991 (ekohl)
• Remove params from jenkins::plugin and make it lint clean #985 (ekohl)
• Drop code old CLI remoting support #984 (ekohl)

Implemented enhancements:

• Add a way to set the open files limit in systemd service #1009
• function hiera_array is deprecated #983
• Support for Ubuntu 16.04 (systemd) #666
• Add support for a custom JAVA_HOME #217
• Should we include the puppet-jenkinstracking code? #110
• The module should support FreeBSD 10 and pkgng #105
• Install Java 11 JDK on Red Hat OSes #1054 (ekohl)
• Install Java 11 on Red Hat OSes #1053 (ekohl)
• Drop-in file systemd configuration #1044 (jan-win1993)
• Allow up-to-date dependencies #1019 (smortex)
• puppet/archive: allow 5.x #1010 (bastelfreak)
• Implement ConduitCredentialsImpl in groovy_helper #986 (ekohl)
• Bugfix/custom localdir with user: Fixes #462 #484 (vStone)

Fixed bugs:

• Update references to rtyler/jenkins in README #934
• template path is required to be absolute #768
• Jenkins no longer supports java 7 #638
• Create jenkins user before installing the package with manage_user #462
• Error in plugin version check algo? #192
• Allow template to be a string #1059 (ekohl)
• Fix a reference to jenkins::service #950 (ekohl)
• Use variables for tries and try_sleep everywhere instead of hardcoding #919 (jhooyberghs)

Closed issues:

• Support for Jenkins \< 2.332 #1042
• Does no longer work with jenkins 2.332.1 or 2.335 onwards #1031
• Jenkins is no longer forking (--daemon has been removed) #1024
• Error #1012
• Error #1011
• Plugin download / installation not idempotent #1002
• jenkins-cli.jar has been renamed in the jenkins rpm. #998
• Jenkins Redhat repo certificate has expired #989
• Puppet enterprise error line 425 Could not find class ::java #988
• Jenkins not installing on Centos 7 due to gpg key #979
• The Jenkins Debian package key needs to be updated #971
• Step /Jenkins::Cli/Exec[jenkins-cli] Fails on install #970
• Jenkins-CLI cli.pp #944
• Installed Credentials + Structs plugins are not pinned to a specific version #941
• jenkins-slave-run script fails when JAVA_ARGS is set with multiple settings #939
• CSP Support #927
• Code ordering issue on Ubuntu 18.04 and Puppet6 #920
• remoting-cli setting removed in 2.165 #918
• repo parameter does not work #906
• File jenkins-slave created with wrong owner under Darwin. #892
• Release new version? #891
• semi-regular triage/use case discussions? #857
• new Forge release checklist #855
• revert new CLI interface #854
• Acceptance tests related to plugin installations (or that require a plugin installation) are not failing/succeeding consistenly. #839
• legacy CLI.jar remoting is broken #814
• Deprecated cli access, unable to set initial admin account #808
• Add a docker based acceptance test for Arch Linux #797
• use get-job to ensure that exists, before create it #787
• apt-get update not run after jenkins repo added #785
• RSpec Testing when overriding default plugins #784
• Puppetserver workaround still works? #693
• 1.7.1 release? #678
• Service[jenkins-slave] not idempotent #639
• Could not unmask jenkins-slave #578
• 2.1 support #575
• travis lint warnings #520
• Create ci.jenkins-ci.org job for this project #510
• JAVA_ARGS escaping issue #448

Merged pull requests:

• Remove unused plugins_from_updatecenter #1056 (ekohl)
• Remove old RHEL 5 example #1052 (ekohl)
• Remove PIDFile workaround and deprecated code #1045 (ekohl)
• Fix acceptance tests #1041 (ekohl)
• Move static params to the top level #1037 (ekohl)
• More puppet-strings conversion #1036 (ekohl)
• Fix unit tests with kwarg expectations #1034 (ekohl)
• Don't put unparseable JSON in output #1028 (jvdmr)
• Remove Optional[] where the param has a default #1027 (ekohl)
• Drop EL6 tests #1026 (ekohl)
• add version fact and daemon param for systemd unit file #1025 (fe80)
• puppet-lint: fix top_scope_facts warnings #1020 (bastelfreak)
• switch from camptocamp/systemd to voxpupuli/systemd #1018 (bastelfreak)
• camptocamp/systemd: Allow 3.x #1017 (bastelfreak)
• puppet/zypprepo: Allow 3.x & 4.x #1016 (bastelfreak)
• puppetlabs/apt: allow 8.x #1015 (bastelfreak)
• puppetlabs/stdlib: allow 7.x #1014 (bastelfreak)
• Fix slave run with additional swarm arguments provided #1013 (vStone)
• update dependency puppetlabs-java to support \< 8.0.0 #1008 (saz)
• Lint clean and add more puppet-strings docs #995 (ekohl)
• allow puppetlabs/java \< 7.0.0 #994 (saz)
• Drop GoogleRobotPrivateKeyCredentials implementation #987 (ekohl)
• Rewrite function tests to modern rspec-puppet #982 (ekohl)
• Fix the plugin acceptance tests #981 (ekohl)
• Fix BasicSSHUserPrivateKey acceptance test #978 (ekohl)
• Update debian GPG key #972 (igalic)
• Feature/cli auth fix #965 (TomRitserveldt)
• Use voxpupuli-acceptance #963 (ekohl)
• Fix incorrect syntax in acceptance tests #958 (ekohl)
• Drop okjson #956 (ekohl)
• Respect manage_service with Jenkins::Systemd[Jenkins] #955 (ekohl)
• Avoid global variables in acceptance tests #954 (ekohl)
• Remove unused file #953 (ekohl)
• Drop Puppet 3.x code #952 (ekohl)
• Use more expressive rspec syntax #951 (ekohl)
• Reference jenkins_plugins via $facts #949 (ekohl)
• Remove redundant code #948 (ekohl)
• Simplify the fact definition #947 (ekohl)
• Switch to open source UUID generator #938 (aarreedd)
• Update references to rtyler/jenkins #935 (gguillotte)
• Clean up acceptance spec helper #931 (ekohl)
• Rely more on stdlib and apt modules #917 (ekohl)
• Refactor repository handling #882 (ekohl)

v2.0.0 (2019-06-04)

Full Changelog

Breaking changes:

• modulesync 2.7.0 and drop puppet 4 #908 (bastelfreak)
• modulesync 2.4.0 + drop Ubuntu 14.04 #879 (bastelfreak)

Implemented enhancements:

• Allow slave defaults management to be optional #619
• Update jenkins::slave::java_args to be an array. #573
• resurrect PR #467: Support FileCredentialsImpl in jenkins_credentials native type #529
• Default to running beaker tests on EC2 #401
• Including group parameter for jenkins slave #361
• Initscripts shouldn't call su/runuser as login shell #287
• Add puppet-doc-lint #178
• Darwin/osx support #112
• Add browserstack credentials support #897 (vStone)
• Add support for GoogleRobotPrivateKeyCredentials #861 (thaiphv)
• Run apt_update when defining debian repos #821 (beezly)
• Feature/job replace parameter #759 (vStone)
• Fix https://github.com/jenkinsci/puppet-jenkins/issues/744 by setting mode explicitly #745 (elconas)
• Add support for conduit credentials #737 (oc243)
• Provide a way to override default_plugins_host for all plugins at one time #727 (egouraud-claranet)
• really, really fix slave auth #719 (jhoblitt)
• restart jenkins master after purging plugins #706 (jhoblitt)
• add purge_plugins param to jenkins class #704 (jhoblitt)
• add jenkins::default_plugins param #697 (jhoblitt)
• systemd jenkins master support on RedHat #694 (jhoblitt)
• fix slave systemd support #692 (jhoblitt)
• add swarm client systemd support #691 (jhoblitt)
• add jenkins::sysconfdir parameter #689 (jhoblitt)
• disable plugin pinning by default #688 (jhoblitt)
• add firewall module dependency info #676 (vinhut)
• Add support for gitlab api token credential - #664 #667 (ripclawffb)
• Add support for disabling management of Service[jenkins] #661 (rtyler)
• Add swarm client args string to support multiple arguments #655 (rtyler)
• Disable swarm unique id on slave #650 (mterzo)
• Allow groups to be set for the jenkins-slave user #629 (br0ch0n)
• Removing 'enable' statement on job.pp and job/present.pp #584 (zonArt)
• Dynamic job configuration #583 (zonArt)

Fixed bugs:

• archive type not failing on HTTP 404s #783
• slave password authentication broken #714
• Credentials plugin hard coded #665
• puppet_helper.groovy throws java.lang.ClassNotFoundException: hudson.tasks.Mailer.UserProperty #633
• puppet_helper.groovy throwing error.. No such property: cred for class: Actions #624
• Won't install alongside puppetlabs-mysql #623
• uninitialized constant json when using Jenkins_credentials provider #617
• jenkins_user experimental password setting is broken #499
• Ensure $jenkins::localstatedir to Directory Breaks Filesystem's With Symlinked Mounts #403
• repo::debian.pp does not work with apt module >= 2.0.0 #402
• Jenkins Plugin manifest are now readable since it has got some invalid byte sequence in US-ASCII #265
• Default INFO logging makes jenkins cli output messages that are then … #907 (jhooyberghs)
• Avoid getting plainText from null passphrase #760 (vStone)
• Fix all require statements for files in puppet_x #755 (vStone)
• fix multiple slave labels #721 (jhoblitt)
• workaround voxpupuli/puppet-archive#242 #699 (jhoblitt)
• fix security setting idempotentance #698 (jhoblitt)
• require JSON module -- rebase of #565 #696 (jhoblitt)
• Fix a typo in README - Jennkins #670 (roidelapluie)
• Newer versions of parallel_tests require Ruby 2.0 or newer #662 (rtyler)
• Fix get_running issue for jenkins slave #660 (gtorka)
• Fix syntax for class load of hudson.tasks.Mailer$UserProperty #636 (alan-schwarzenberger)
• Fix for groovy.lang.MissingPropertyException #628 (dangerfield)
• Plugins fail to install due to search false positives #626 (m3brown)

Closed issues:

• jenkins cli broken with latest LTS 2.164.1 ? #905
• Recent Jenkins version may have broken the CLI #896
• Duplicated declaration #880
• New tag? #876
• disable anonymous read when jenkins_authorization_strategy { 'hudson.security.FullControlOnceLoggedInAuthorizationStrategy': #867
• "Triage Meeting" on Monday 2018-02-19 @ 1600UTC #850
• Passwords aren't quoted properly in jenkins-run.erb #836
• Transfer to Vox Pupuli? #828
• Error: Invalid or corrupt jarfile /usr/lib/jenkins/jenkins-cli.jar #827
• A Catalog type is required. at /etc/puppetlabs/code/modules/jenkins/manifests/cli.pp:46:37 #826
• Release a new version in Puppet Forge #825
• Private key passing issue with Groovy through jenkins pipeline #817
• Missing dependency for Exec['reload-jenkins'] #813
• jenkins service restart on each puppet run under Redhat 7 #807
• Module puppetlabs/transition required for Debian/Ubuntu nodes #799
• Replace darin/zypprepo with puppet/zypprepo #798
• Remove puppetlabs/apt from hard dependencies #786
• code deploy fails when we add mod 'rtyler-jenkins', '0.3.1' to puppetfile #777
• Release the software in accordance with semantic versioning #770
• Ensure Jenkins::slave failed. #769
• Prevents upgrade of puppetlabs-java module to 2.0.0 #767
• plugins should not reinstall themselves if they are already installed #766
• Commit breaks tests #753
• puppet_helper.groovy uses deprecated remoting mode #749
• Plugin gets reinstalled and restarts Jenkins on Puppet daemon run but NOT manual run #748
• When running with "umask 027" /usr/lib/jenkins/jenkins-cli.jar will be unusable by others #744
• allow jenkins::repo to run in another stage #741
• Swarm 3.3 download URL doesn't exist #739
• The SSL certificate has expired for https://updates.jenkins-ci.org #726
• jenkins-slave exposes password as command argument #700
• Issue with puppetlabs-apt 2.3.0 #686
• The job xml is stored in /tmp #683
• Keeps want to recreate users on every run #682
• Successful installation/setup, unsuccessful login #681
• Duplicate declaration: Jenkins::Plugin[credentials] is already declared #680
• setting security is not idempotent #673
• 'digest_type' default of 'sha1' is causing all plugins to install repeatedly #668
• puppet_helper.groovy throws an error with unsupported credentials #664
• $jenkins::libdir is undef in jenkins::cli class #654
• Unsuccessful Installation #647
• jenkins::plugins doesn't work properly with puppet 4.6.2 #637
• Allow virtual jenkins host #630
• Ability to send in swarm flags (i.e. deleteExistingClients) to jenkins::slave #616
• Authentication failed. No private key accepted. #602
• Experimental Resource Types not working on Java Puppetmaster (jRuby) #597
• no ordering in config_hash #443
• using jenkins::job with jenkins::cli_helper ends up in dependency loop #258

Merged pull requests:

• add output of facter command to know value of custom fact #916 (Dan33l)
• Allow puppetlabs/stdlib 6.x, puppetlabs/java 4.x and puppet/archive 4.x #914 (alexjfisher)
• Update metadata for Vox Pupuli release #912 (pillarsdotnet)
• Allow puppetlabs/apt 7.x #911 (dhoppe)
• Replace merge function with + #909 (alexjfisher)
• split examples about error and idempotency as much as possible #900 (Dan33l)
• fix unreferenced variables; add puppet5/6 support #898 (bastelfreak)
• Add show_diff parameter to pass to augeas resource #895 (zipkid)
• Replace is_array with Puppet 4 native comparision #894 (baurmatt)
• Adding SLES to supported platforms #893 (msurato)
• fix puppet_helper.groovy exception when listing users on recent jenkins versions #889 (jhoblitt)
• Pass java_cmd to start_slave.sh (OS X) #887 (hlaf)
• allow puppetlabs/stdlib 5.x #886 (bastelfreak)
• Allow custom location for slave JAVA command #883 (esalberg)
• Fix small typo in jenkins-slave-defaults.erb #881 (danedf)
• partial modulesync 1.9.2 #874 (bastelfreak)
• partial modulesync 1.9.2 #873 (bastelfreak)
• puppet-lint: autofix #872 (bastelfreak)
• notify service containing class instead of service resource #871 (jhoblitt)
• fix native type idempotency with github-oauth plugin #870 (jhoblitt)
• drop EOL OSs; fix puppet version range #869 (bastelfreak)
• bump lower puppet version to 4.10.0 #864 (bastelfreak)
• allow camptocamp/systemd 2.X #859 (bastelfreak)
• 4 more rubocop fixes #852 (alexjfisher)
• RFC: Remove dead JPM code #849 (alexjfisher)
• More rubocop fixes #848 (alexjfisher)
• Fix all remaining auto-fixable rubocop violations #847 (alexjfisher)
• Disable rubocop for okjson.rb and resync from upstream. Fix Rubocop Style/RegexpLiteral #845 (alexjfisher)
• More Rubocop fixes #843 (alexjfisher)
• add pending to AWSCredentialsImpl and GitLabApiTokenImpl #842 (TomRitserveldt)
• Feature/slave tunnel #840 (jhooyberghs)
• Bugfix/dependency 813 #838 (jhooyberghs)
• [828] Change badge url after transferring the repo to voxpopuli #837 (v1v)
• Fixes password quoting for jenkins.run template #835 (tthayer)
• Cleanup the .travis.yml for a modulesync #834 (bastelfreak)
• drop legacy puppet version from testmatrix #832 (bastelfreak)
• Fixes for 21 different rubocop cop violations #831 (alexjfisher)
• VoxPupuli Migration: Fix puppet-lint, rspec-puppet example groups and start rubocop migration #830 (alexjfisher)
• bump dependency on camptocamp/systemd #822 (costela)
• Add missing dependency to the gitlab plugin (credentials) test #820 (vStone)
• GitLab, AWS, and File credentials #815 (danzilio)
• change namespace from PuppetX::Jenkins -> Puppet::X::Jenkins #806 (jhoblitt)
• change zypprepo dependency to voxpupuli #805 (jhoblitt)
• Remove dependencies section from README. #804 (jhoblitt)
• allow newer puppet-archive versions #803 (mmoll)
• allow newer puppetlabs-apt versions #802 (mmoll)
• allow newer puppetlabs-java version #801 (mmoll)
• fix archive type not failing on HTTP 404s #795 (jhoblitt)
• Switch repositories to HTTPs to take advantage of end-to-end TLS #794 (jhoblitt)
• Replace legacy validate_* calls with puppet4 datatypes #793 (jhoblitt)
• remove jenkins plugin dir before upgrade #792 (jhoblitt)
• update travis matrix #790 (jhoblitt)
• bump stdlib min version to 4.18.0 #789 (jhoblitt)
• add rake shellcheck target #788 (jhoblitt)
• Support null passphrase when fetching credential_info #778 (anne23)
• Fix '-remoting' flag tests #775 (alvin-huang)
• Add archlinux support #773 (kBite)
• Restore archive require #763 (madAndroid)
• (documentation) [ci skip]: minor typo affecting markdown rendering of jenkins_job #762 (crayfishx)
• travis matrix update #758 (jhoblitt)
• Correct all arrow alignments using puppet-lint #756 (vStone)
• add support for new CLI interface (remoting is deprecated) #752 (elconas)
• Added legacy functionality when using the -s flag in the jenkins cli #751 (darioatbashton)
• Remove doc string for unused java_version param #735 (christek91)
• update update-center base URL #728 (jhoblitt)
• lint #722 (PascalBourdier)
• gem updates - leftovers from #713 #717 (jhoblitt)
• fix slave auth broken by #710 #715 (jhoblitt)
• assorted gem updates, cleanups, and/or removals #713 (jhoblitt)
• change apt module >= 2.1.0 #711 (jhoblitt)
• do not expose slave password in process table #710 (jhoblitt)
• initial puppet strings doc format conversion #709 (jhoblitt)
• fix acceptance tests on Debian #707 (jhoblitt)
• tidy up beaker nodesets #695 (jhoblitt)
• swarm update #690 (jhoblitt)
• fix exclusion of puppet 3.x / ruby 2.2 #687 (jhoblitt)
• update travis test matrix #685 (jhoblitt)
• allow newline before start of private key #657 (rtyler)
• Improve credentials definition idempotency #656 (rtyler)
• Avoid "Undefined variable 'proxy_server'" warnings. #648 (jgreen210)
• bump travis puppet version matrix #645 (jhoblitt)
• resolve incompatible beaker related gem versions #644 (jhoblitt)
• Fixes apt module deprecation warnings #458 (vStone)

v1.7.0 (2016-08-18)

Full Changelog

Implemented enhancements:

• Update jenkins::slave::labels to be an array. #572
• jenkins_job unable to pretech jobs contained in folders #541
• Missing proxy support for jenkins::slave #442
• puppet module conflict with camptocamp/archive #427
• validate all DSL class/define params #392
• Credential types #373
• Jenkins::Slave wget needs proxy configuration #248
• Update plugin if it already installed #11
• jenkins 2.x support #611 (jhoblitt)
• -- #573: Convert jenkins::slave::java_args to support both strings and arrays. #604 (madelaney)
• Escape +'s when grepping through jenkins plugin version numbers #599 (cliff-svt)
• -- #572: Converted the jenkins slave labels param to accept a string … #591 (madelaney)
• rubocop #552 (jhoblitt)
• allow master + swarm client to coexist on the same node #545 (jhoblitt)
• multiple jenkins_job type improvements #544 (jhoblitt)
• make jenkins_job type cloudbees-folder aware #540 (jhoblitt)
• add StringCredentialsImpl support to jenkins_credentials #531 (jhoblitt)
• bump swarm plugin/client versions to 2.0 #528 (jhoblitt)
• use puppet/archive for all file downloads #516 (jhoblitt)
• add rspec runtime profiling and .travis.yml linting #515 (jhoblitt)
• Adds Beaker docker testing to .travis.yml #503 (petems)
• Use Active Directory realm as type #495 (danielpalstra)
• Add support for prefix configuration in the CLI config class. #494 (danielpalstra)
• add ability to set java_args on slaves #485 (adamcstephens)
• An augeas helper define to deal with configs #480 (vStone)
• Add ensure=>file to pinning file #475 (alexjfisher)
• validate all class/define params #473 (jhoblitt)
• Support FileCredentialsImpl in jenkins_credentials native type #467 (matez)
• Allow the user to manage the localstatedir themselves. #407 (jniesen)
• Add manage_client_jar option #307 (bigon)

Fixed bugs:

• jenkins-slave don't stop correctly #557
• jenkins_job broken by org.jenkinsci.plugins.workflow.job.WorkflowJob jobs #551
• Parameter jenkins::slave::ui_pass not enclosed in quotes. #542
• jenkins::slave should not depend on jenkins #533
• slow unit test causing travis failures #517
• jenkins:plugin can incorrectly believe a plugin is installed (when it isn't) #513
• jenkins::plugin ignores version changes #512
• swarm client installation broken by bad TLS certificate #507
• Jenkins::Slave/Exec[get_swarm_client] is not idempotent #505
• Experimental types do not have support for Puppet enterprise #498
• Bug when it tries puppet-jenkins tries to create a user #476
• plugins_dir and job_dir don't default correctly #474
• Core plugins won't upgrade #465
• Systemd causes puppet idempotency issues #447
• Error: Could not find a suitable provider for jenkins_authorization_strategy #434
• port parameter ignored #214
• jenkins::proxy host options need to be documented #108
• Fix tool_locations bash via doublequotes #614 (br0ch0n)
• travis performance and acceptance test reliability improvements #613 (jhoblitt)
• add 'proxy_server' param to jenkins::slave class #612 (jhoblitt)
• 5th parameter is server list for ActiveDirectory #564 (cdenneen)
• Fix path LOCK_FILE #562 (caiohasouza)
• test if job class responds to #isDisabled in job_list_json #554 (jhoblitt)
• attempt to determine the correct gem provider #530 (jhoblitt)
• Dependency correction when manage_slave_user is false #523 (james-powis)
• cleanup existing plugin archive if extension changes #519 (jhoblitt)
• Plugins from updatecenter performance fixes #518 (petems)
• fix plugin install logic matching #514 (jhoblitt)
• Revert the parts of 00a90d4d that make no sense (fixes #474) (2nd attempt) #483 (vStone)
• Fix for the jenkins.rb facter error #471 (jhoblitt)
• Updated for RedHat systemd systems to use redhat provider until PUP-5353 is fixed #470 (cdenneen)

Closed issues:

• Archive module doesn't have parameter source #620
• support jenkins 2.x #603
• jenkins::credentials is not working with credentials plugin > version 1.24 #601
• Forge release cycle #594
• Beaker tests failing, is it a plan to fix them ? #588
• Can't create jobs/creds/plugins after LDAP auth #581
• Facter 3.1 no longer has osfamily, operatingsystemrelease, operatingsystemmajrelease #571
• Dependency issues #563
• jenkins-cli puppet_helper not working with FullControlOnceLoggedInAuthorizationStrategy #561
• Installing plugins fails jenkins-bootstrap-start #558
• Sauce labs Credentials #538
• Credit #525
• update swarm plugin + client jar to 2.0 #522
• Remove 1.9.3 tests #509
• The homedir is different on CentOS7 #493
• The metadata.json does not contain java as dependency #492
• PR #467 broke puppet_cli_helper #477
• jenkins::plugin incorrectly assumes port 80 on puppet apply #457
• rtyler-jenkins fails to respect install_java => false #455
• How does one insert private key contents directly into private_key_or_path in jenkins::credentials? #452
• Module is missing the Jenkins configuation part #451
• "No checksum for this archive" when installing plugins #450
• Installation fail on Ubuntu Wily #449
• Plugins specified by version number are not updated #445
• Passing an array to jenkins::plugin #429
• Unable to persist firewall rules: Execution of '/usr/libexec/iptables/iptables.init save' returned 1: #424
• $jenkins::port does not properly manage listening port #416
• Using Plugin Hash Exec Test for plugin Fails #410
• jenkins::job::present issue #409
• Using Direct URL for plug-ins restarts jenkins with every puppet run #408
• Missleading documentation regarding HTTP_PORT #263

Merged pull requests:

• Update metadata.json for the 1.7.0 release #625 (rtyler)
• Pin the loose dependency (from hiera) on json_pure to something less than 2.0.2 #622 (rtyler)
• Use a up-to-date swarm client URL #621 (rtyler)
• attempt to debug travis beaker failures #615 (jhoblitt)
• rubocop update #607 (jhoblitt)
• fix rubocop conf path syntax warning #586 (jhoblitt)
• remove README reference to nanliu/staging #585 (jhoblitt)
• Updating documentation to reflect the modification of puppet-archive module #582 (zonArt)
• Kludge around jenkins 2.x landing in the 'latest' repos #576 (jhoblitt)
• use single quotes for ruby string literals #553 (jhoblitt)
• replace centos-7-docker fakesystemd with classic flavor #550 (jhoblitt)
• travis puppet versions #549 (jhoblitt)
• fix beaker acceptance tests on Ubuntu #548 (jhoblitt)
• simplify jenkins::slave ordering logic #547 (jhoblitt)
• skip pending beaker tests #546 (jhoblitt)
• minor puppet_helper.groovy cleanup #543 (jhoblitt)
• Improve spec speed #537 (petems)
• make centos-6-docker acceptance tests required #527 (jhoblitt)
• Add folder support to puppet_helper #496 (danielpalstra)
• enable install of cli_helper when jenkins::cli => true #488 (jhoblitt)
• autorequire cli_jar from all PX::J::Type::Cli based types #486 (jhoblitt)
• Revert "Support FileCredentialsImpl in jenkins_credentials native type" #478 (jhoblitt)
• Rtyler 417 cleanup cli helper #469 (jhoblitt)
• Clarify documention for cli_ssh_keyfile param. #446 (BobVincentatNCRdotcom)
• travis does not need the :system_tests group #438 (jhoblitt)
• Minor clean up of difftool patch #430 (rtyler)
• Suppress notice messages when using archive::download #428 (queeno)
• Add a simple rspec-puppet test to verify changing jenkins::plugin's timeout #421 (rtyler)
• Fix Plugin Download Timeout #419 (mooreandrew)
• Unify the ssh_keyfile #417 (chizou)
• Check if the retries gem is not already declared #411 (boyand)
• Undefine create_user in plugins #406 (jonbca)
• fix job_dir variable reference to jenkins class #400 (shieldwed)

v1.6.1 (2015-10-14)

Full Changelog

Closed issues:

• Preparing a release for PuppetConf #384

v1.6.0

(Kato release)

• #219 - Plugins are installed each time and restarting service
• #314 - Update jenkins-slave.RedHat init.d script work bash < 4.0
• #362 - Error on updating existing job
• #365 - jenkins user and jenkins_home directory not configurable
• #367 - [puppet-jenkins#366] Replace -toolLocations with --toolLocation
• #371 - slave: INFO: Failure authenticating with BASIC 'Jenkins' 401
• #372 - Slave: swarm-client requires a cashe directory /home/jenkins-slave/.jenkins/
• #374 - add single quotes for credentials
• #376 - Add template in the jenkins::job
• #377 - Making the management of the daemon package optional
• #378 - fix rspec-puppet raise_error warning
• #382 - (RFC) native types and providers
• #383 - fix acceptance test path prefix for jenkins-cli.jar
• #385 - WIP: completely rework the way imports work for the native types
• #386 - set_security() does not save jenkins state
• #387 - Avoid referring to class objects directly in the Groovy helper
• #388 - Fix relationship for pinned files
• #389 - remove seperate resources for handling plugin extension
• #390 - Adds Examples for various platforms for Jenkins
• #391 - use ensure_packages() to manage the daemon package
• #395 - Fix username quoting
• #396 - add user/group mgt. + localstatedir params to jenkins class
• #398 - client_url is hardcoded in slave.pp
• #399 - document types and providers puppetserver known issues

v1.5.0

(Jennings release)

• #227 - Add parameter to set user uuid in jenkins::credentials define
• #288 - add source parameter to jenkins::plugin define
• #289 - set user on exec resources in jenkins::plugin define
• #290 - Support getting external .xml job descriptions
• #292 - Feature/puppet helper util
• #295 - Use jenkins::cli::exec in security.pp
• #296 - should be jenkins::cli::exec
• #297 - Add jenkins::users class to declare all users
• #298 - Maint/fix resource relationships
• #301 - Apt upgrade
• #302 - Package name no longer hardcoded
• #303 - Puppet helper slaveagentport
• #319 - Adding optional description to slave
• #320 - Forge Project URL link broken
• #323 - Upgraded apt module dependency to support v2
• #325 - add puppet ~> 3.8 & ~> 4.1 to travis matrix
• #326 - Fixed project_page in metadata.json
• #328 - Support configuring a yum proxy server
• #331 - Set retries in job configuration to global parameters
• #335 - Fix jenkins::plugin with create_user false
• #336 - Features/9618 stronger plugin verification
• #347 - Fix require paths
• #351 - add darwin/osx support to slave class
• #352 - Adding cli_ssh_keyfile parameter to specify the location of a private key
• #353 - Class cannot find exec in jenkins::cli::reload.
• #357 - CLI classes unaware of Jenkins' --prefix
• #358 - Added jenkins_prefix function to retrieve configured prefix

v1.4.0

(Smithers release)

• #222 - Add retry to credentials execs
• #229 - Jenkins slave defaults bugfix
• #233 - fixes timeouts on restart
• #235 - Make creation of user optional
• #236 - Cleanup metadata.json for better mechanical score
• #237 - Update the README with a few puppet-lint things and puppet highlighting.
• #238 - Fix Bracket issue
• #239 - Refactor acceptance tests to use beaker-rspec
• #244 - Add instructions for acceptance tests
• #245 - Added support for the 'toolLocations' parameter.
• #256 - Direct package
• #260 - Feature/puppet helper num executors
• #261 - Escape job names for shell commands
• #262 - Change apt key to full fingerprint
• #264 - Broken link on puppetlabs.com page
• #266 - pin puppetlabs-apt fixtures version to 1.8.0
• #268 - Improvements on job import via cli
• #270 - remove rspec gem ~> 2.99.0 constraint
• #271 - fix rspec > 3 compatiblity
• #272 - use mainline puppetlabs_spec_helper gem
• #273 - update spec_helper_acceptance boiler plate
• #274 - remove puppet module versions constraints from beaker setup
• #275 - add .bundle to .gitignore
• #276 - add log/ to .gitignore
• #277 - add puppet 3.7.0 to travis matrix
• #278 - remove unnecessary whitespace from $jenkins::cli_helper::helper_cmd
• #279 - add metadata-json-lint to Gemfile & enable rake validate target
• #280 - change puppetlabs/stdlib version dep to >= 4.6.0
• #282 - Feature/puppet 4
• #285 - convert raw execs of puppet_helper.groovy to jenkins::cli::exec define

v1.3.0

(Barnard release)

• #134 - Added in ability for user to redefine update center plugin URL
• #139 - document additional class params
• #169 - Allow build jobs to be configured and managed by puppet. Includes #163 a...
• #174 - setting configure_firewall true returns error, port is undefined
• #177 - switch to metadata.json
• #188 - Fix installation of core plugins
• #189 - Fix test.
• #191 - set default port for firewall
• #195 - Bump up swarm version to 1.17
• #198 - Relationship error when testing Jenkins::jobs
• #199 - missing include causes issuse #198
• #202 - Proxy work
• #203 - Fix typo in job/present.pp
• #204 - Fix for #174 allows setting $jenkins::port
• #206 - Refactor some of the firewall port configuration
• #207 - Introduce the jenkins_port function

v1.2.0

(Nestor release)

• #117 - Add feature to disable SSL verification on Swarm clients
• #131 - Support updates for core jenkins modules
• #135 - cli option broken w/ jenkins 1.563 on ubuntu precise
• #137 - repos should be enabled if repo=true on RedHat
• #140 - Packaging Cruft in 1.1.0
• #144 - Update init.pp - correct plugins example syntax
• #149 - Do not ensure plugin_parent_dir to be a directory (#148)
• #150 - Add ensure parameter to jenkins::slave
• #151 - Unsupported OSFamily RedHat on node
• #152 - Jenkins-slave on Centos: killproc and checkpid commands not found
• #153 - Fixes to Jenkins slave init and class
• #154 - slave_mode doesn't apply on debian distros.
• #155 - Add defined check for plugin_parent_dir resource
• #157 - Add missing slave mode to Debian defaults file
• #160 - User and credentials creation, simple security management
• #166 - Error loading fact /var/lib/puppet/lib/facter/jenkins.rb no such file to load -- json
• #171 - A bit of RedHat and Debian slave initd script merging
• #176 - no such file to load -- json
• #180 - Replace use of unzip with jar for unpacking jenkins CLI
• #182 - Include the apt module when installing an apt repository
• #183 - Rely on the jar command instead of unzip to unpack the cli.jar
• #185 - Allow setting the slave name, default to the fqdn at runtime
• #186 - Puppet Forge module
• #187 - Jenkins slave on RedHat - jenkins-slave.erb

v1.1.0

(Duckworth release)

Features

• #86, #122 - Add support for disabling SSL verification on slaves
• #116 - Add support for setting the -fsroot option for slaves
• init script for Debian-family slaves added
• Initial code for a jpm based Package provider merged

Bug fixes

• #107 - Private/internal classes made truly private
• #109 - Fix for dependency issue between repo and package installation.
• $jenkins_plugins fact refactored and RSpec tests added
• #121 - daemon package installed to make Debian slave installs functional
• #126 - Facter exception bug fixed

* This Changelog was automatically generated by github_changelog_generator