Branch: refs/heads/ci-518
Home: https://github.com/jenkins-infra/jenkins-infra
Commit: 4dc0ea42bdb6a40e5358e3dbb4edd241db4ac25c
https://github.com/jenkins-infra/jenkins-infra/commit/4dc0ea42bdb6a40e5358e3dbb4edd241db4ac25c
Author: R. Tyler Croy <[email protected]>
Date: 2016-04-18 (Mon, 18 Apr 2016)
Changed paths:
M dist/profile/manifests/jenkinsgroovy.pp
M dist/profile/manifests/jenkinsplugin.pp
Log Message:
-----------
Properly retry and sleep our CLI commands
Commit: 5b672b21ab1bec60ed71d3ce6e6ca486bac8f69b
https://github.com/jenkins-infra/jenkins-infra/commit/5b672b21ab1bec60ed71d3ce6e6ca486bac8f69b
Author: R. Tyler Croy <[email protected]>
Date: 2016-04-18 (Mon, 18 Apr 2016)
Changed paths:
M dist/profile/manifests/buildmaster.pp
M dist/profile/manifests/jenkinsgroovy.pp
Log Message:
-----------
Haphazard attempt to get jenkins::credentials to work
I'm committing this for posterity, but plan on reverting it with the next
commit.
Basically Jenkins's security cannot be modeled in an idempotent fashion. Since
we cannot pre-share any public keys with it, we have to go through this process:
* Stand up Jenkins unsecured (but obviously walled off)
* Set up authentication, authorization, leaving CLI access for anonymous
* Create a role account and give it our SSH public key
* Remove CLI access for anonymous and grant it for our role account
This is a lot of gnarly work and needs to be made better in Jenkins itself. A
temporary workaround is to allow CLI access for anonymous, but only from the
lo0 interface on the system
Commit: fd8f3ac66a3223707e23a56e9472fa0d75dc0cf5
https://github.com/jenkins-infra/jenkins-infra/commit/fd8f3ac66a3223707e23a56e9472fa0d75dc0cf5
Author: R. Tyler Croy <[email protected]>
Date: 2016-04-18 (Mon, 18 Apr 2016)
Changed paths:
M dist/profile/manifests/buildmaster.pp
M dist/profile/manifests/jenkinsgroovy.pp
Log Message:
-----------
Revert "Haphazard attempt to get jenkins::credentials to work"
This reverts commit 5b672b21ab1bec60ed71d3ce6e6ca486bac8f69b.
Commit: b0a34b7cb90429675c5435ef1fd4ead27204edf3
https://github.com/jenkins-infra/jenkins-infra/commit/b0a34b7cb90429675c5435ef1fd4ead27204edf3
Author: R. Tyler Croy <[email protected]>
Date: 2016-04-18 (Mon, 18 Apr 2016)
Changed paths:
M dist/profile/manifests/buildmaster.pp
R dist/profile/manifests/jenkinsgroovy.pp
A dist/profile/templates/buildmaster/policy_compliance_job.xml.erb
M hieradata/clients/trusted-ci.yaml
M hieradata/common.yaml
Log Message:
-----------
mashing a jenkins::job for policy enforcement
This doesn't help either, since subsequent puppet runs will fail with the
lack of permissions, bollocks!~
Commit: a8d3817c09e742044bdceb63e401886c14071833
https://github.com/jenkins-infra/jenkins-infra/commit/a8d3817c09e742044bdceb63e401886c14071833
Author: R. Tyler Croy <[email protected]>
Date: 2016-04-18 (Mon, 18 Apr 2016)
Changed paths:
M dist/profile/manifests/buildmaster.pp
A dist/profile/manifests/jenkinsgroovy.pp
R dist/profile/templates/buildmaster/policy_compliance_job.xml.erb
M hieradata/clients/trusted-ci.yaml
M hieradata/common.yaml
Log Message:
-----------
Revert "mashing a jenkins::job for policy enforcement"
This reverts commit b0a34b7cb90429675c5435ef1fd4ead27204edf3.
Commit: 47af94685f63e364865baca14457abd40a7f4724
https://github.com/jenkins-infra/jenkins-infra/commit/47af94685f63e364865baca14457abd40a7f4724
Author: R. Tyler Croy <[email protected]>
Date: 2016-04-18 (Mon, 18 Apr 2016)
Changed paths:
A dist/profile/files/buildmaster/idempotent-cli
M dist/profile/manifests/buildmaster.pp
M dist/profile/manifests/jenkinsgroovy.pp
M dist/profile/manifests/jenkinsplugin.pp
A dist/profile/templates/buildmaster/jenkins.config.xml.erb
Log Message:
-----------
Try a different approach by hacking a user with SSH in place for puppet
This uses no SSH key the first time any CLI commands are run, but after security
is set up, it should use it moving forward
Compare:
https://github.com/jenkins-infra/jenkins-infra/compare/468c4907d75a...47af94685f63
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
