Jenkins in one of my favourite open source tools. It must also be one of the most flexible
You can set up Jenkins to monitor your Gitlab project for any changes. If Jenkins sees any commits to the master repo, Jenkins will execute a build script and run any customised scripts. Here is how to set this up.
- Set up a project in Gitlab. This will be your git repo.
- Create a your git repo using a git client on a linux box of your choice.
- Configure Jenkins job to poll the git repo and to run a build script if there are any changes.
Here is how to configure the Jenkins server to poll the git repo.
Install the gitlab plugin to Jenkins
Set up a Jenkins job and specify the following under source code management
note: The repository URL can be obtained from gitlab as shown below
Setting up build triggers
Under build triggers, select the Poll SCM and set a Schedule. The schedule is in cron format and be set as desired. Here we have set Jenkins to poll the git repo every 5 minutes for changes.
Here you will see the git polling working as shown below:
SSH keys and sudo access
We will need to set up ssh keys and sudo access for the jenkins_admin user which is used to log on to the puppet masters to sycnronise the manifests and modules. To set up the keys, run the following commands on the jenkins box.
1 – Log in as jenkins_admin@jenkins on the jenkins server
2 – Run the following command to drop into the jenkins user
sudo - s -H -u jenkins
3 – Run the following to set up the ssh key pair
$ cd ~/.ssh/ $ ssh-sopy-id -i id_rsa.pub jenkins_admin@puppet-server
note: # where puppet-server is the puppet master you need to sync the manifests on
4- Configure sudo on the puppet-master so Jenkins_admin is not prompted for the password. Note you can use a manifest to configure sudo via puppet.
on the puppet-server (as root)
sudo visudo ... jenkins_admin ALL= NOPASSWD:/usr/bin/rsync
Make sure you do this process for each puppet-server you wish to configure sudo and ssh keys for
Configure the Jenkins build job
Configure the Jenkins build job as follows:
# Specifies a AD user who has sudo rights on the puppet server to run the rsync commands without requiring a password USER=jenkins_admin # List of puppet masters that will receive manifests and modules for HOST in 'puppet-server1t' 'puppet-server2' 'puppet-server3' do # rsync command to sync changes from gitlab repo rsync -e "ssh -t -l jenkins_admin" --rsync-path='sudo rsync' -avz --stats --progress --human-readable --exclude .git --exclude README $WORKSPACE/ $USER@$HOST:/etc/puppet/ done
This completes the setup.