diff --git a/Dockerfile b/Dockerfile index 8cc7e54..6d826b2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,10 +2,9 @@ FROM jenkins/jenkins:2.107.3 MAINTAINER Nick Griffin, -ENV GERRIT_HOST_NAME gerrit -ENV GERRIT_PORT 8080 -ENV GERRIT_SSH_PORT 29418 -ENV GERRIT_PROFILE="ADOP Gerrit" GERRIT_JENKINS_USERNAME="" GERRIT_JENKINS_PASSWORD="" +ENV GITLAB_HOST_NAME gitlab +ENV GITLAB_PORT 80 +ENV GITLAB_SSH_PORT 22 # Copy in configuration files COPY resources/plugins.txt /usr/share/jenkins/ref/ @@ -24,13 +23,13 @@ RUN chmod +x -R /usr/share/jenkins/ref/adop_scripts/ && \ # USER jenkins # Environment variables -ENV ADOP_LDAP_ENABLED=true LDAP_IS_MODIFIABLE=true ADOP_ACL_ENABLED=true ADOP_SONAR_ENABLED=true ADOP_ANT_ENABLED=true ADOP_MAVEN_ENABLED=true ADOP_NODEJS_ENABLED=true ADOP_GERRIT_ENABLED=true +ENV ADOP_LDAP_ENABLED=true LDAP_IS_MODIFIABLE=true ADOP_ACL_ENABLED=true ADOP_SONAR_ENABLED=true ADOP_ANT_ENABLED=true ADOP_MAVEN_ENABLED=true ADOP_NODEJS_ENABLED=true ADOP_GITLAB_ENABLED=true ENV LDAP_GROUP_NAME_ADMIN="" ENV JENKINS_OPTS="--prefix=/jenkins -Djenkins.install.runSetupWizard=false" ENV PLUGGABLE_SCM_PROVIDER_PROPERTIES_PATH="/var/jenkins_home/userContent/datastore/pluggable/scm" ENV PLUGGABLE_SCM_PROVIDER_PATH="/var/jenkins_home/userContent/job_dsl_additional_classpath/" RUN xargs /usr/local/bin/install-plugins.sh < /usr/share/jenkins/ref/plugins.txt -RUN echo "KexAlgorithms diffie-hellman-group1-sha1" >> /etc/ssh/ssh_config +RUN echo "KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha256,diffie-hellman-group1-sha1" >> /etc/ssh/ssh_config ENTRYPOINT ["/entrypoint.sh"] diff --git a/README.md b/README.md index 471cf10..87b72a0 100644 --- a/README.md +++ b/README.md @@ -24,15 +24,14 @@ Runtime configuration can be provided using environment variables: * ADOP_ANT_ENABLED, allow enable/disable Jenkins-ANT integration. Default to true (enabled). * ADOP_MAVEN_ENABLED, allow enable/disable Jenkins-MAVEN integration. Default to true (enabled). * ADOP_NODEJS_ENABLED, allow enable/disable Jenkins-NODEJS integration. Default to true (enabled). -* ADOP_GERRIT_ENABLED, allow enable/disable Jenkins-GERRIT integration. Default to true (enabled). +* ADOP_GITLAB_ENABLED, allow enable/disable Jenkins-GITLAB integration. Default to true (enabled). Additional environment variables that allow fine tune Jenkins runtime configuration are: -* GERRIT_HOST_NAME, the Gerrit hostname. Default to Gerrit -* GERRIT_PORT, the port Gerrit APIs are exposed. Default to 8080 -* GERRIT_JENKINS_USERNAME, the username Jenkins will use to connect to Gerrit. Default to Gerrit. -* GERRIT_JENKINS_PASSWORD, the password Jenkins will use to connect to Gerrit. Default to gerrit. -* GERRIT_FRONT_END_URL, the URL for Gerrit frontend. +* GITLAB_HOST_NAME, the Gitlab hostname. Default to gitlab +* GITLAB_PORT, the port Gitlab APIs are exposed. Default to 80 +* GITLAB_JENKINS_USERNAME, the username Jenkins will use to connect to Gitlab. Default to Gitlab. +* GITLAB_JENKINS_PASSWORD, the password Jenkins will use to connect to Gitlab. Default to gitlab. * INITIAL_ADMIN_USER, the username for the admin user. * INITIAL_ADMIN_PASSWORD, the password for the initial admin user. * LDAP_SERVER, the LDPA URI, i.e. ldap-host:389 diff --git a/resources/entrypoint.sh b/resources/entrypoint.sh index c6e1462..638c4fe 100644 --- a/resources/entrypoint.sh +++ b/resources/entrypoint.sh @@ -1,22 +1,29 @@ #!/bin/bash -echo "Genarate JENKINS SSH KEY and add it to gerrit" -host=$GERRIT_HOST_NAME -port=$GERRIT_PORT -gerrit_provider_id="adop-gerrit" -gerrit_protocol="ssh" -username=$GERRIT_JENKINS_USERNAME -password=$GERRIT_JENKINS_PASSWORD -nohup /usr/share/jenkins/ref/adop\_scripts/generate_key.sh -c ${host} -p ${port} -u ${username} -w ${password} & - -echo "Setting up your default SCM provider - Gerrit..." +context="gitlab" +gitlab_protocol="ssh" +gitlab_protocol_2="http" +host=$GITLAB_HOST +port=$GITLAB_PORT +gitlab_provider_id="adop-gitlab" + +echo "Genarate JENKINS SSH KEY" +nohup /usr/share/jenkins/ref/adop\_scripts/generate_key.sh -c ${host} -p ${port} & + +echo "Setting up your default SCM provider - Gitlab..." mkdir -p $PLUGGABLE_SCM_PROVIDER_PROPERTIES_PATH $PLUGGABLE_SCM_PROVIDER_PATH mkdir -p ${PLUGGABLE_SCM_PROVIDER_PROPERTIES_PATH}/CartridgeLoader ${PLUGGABLE_SCM_PROVIDER_PROPERTIES_PATH}/ScmProviders -nohup /usr/share/jenkins/ref/adop\_scripts/generate_gerrit_scm.sh -i ${gerrit_provider_id} -p ${gerrit_protocol} -h ${host} & +nohup /usr/share/jenkins/ref/adop\_scripts/generate_gitlab_scm.sh -i ${gitlab_provider_id} -p ${gitlab_protocol} -p ${gitlab_protocol_2} -h ${host} -c ${context} & echo "Generate Sonar authentication token" source /usr/share/jenkins/ref/adop\_scripts/generate_sonar_auth_token.sh +echo "Generate GitLab authentication token" +. /usr/share/jenkins/ref/adop\_scripts/generate_gitlab_auth_token.sh + +echo "Copy Jenkins's public key to GitLab" +source /usr/share/jenkins/ref/adop\_scripts/put_jenkins_public_key_in_gitlab.sh + echo "skip upgrade wizard step after installation" echo "2.7.4" > /var/jenkins_home/jenkins.install.UpgradeWizard.state diff --git a/resources/init.groovy.d/adop_gerrit.groovy b/resources/init.groovy.d/adop_gerrit.groovy deleted file mode 100644 index 6a23046..0000000 --- a/resources/init.groovy.d/adop_gerrit.groovy +++ /dev/null @@ -1,67 +0,0 @@ -import hudson.model.*; -import jenkins.model.*; -import com.sonyericsson.hudson.plugins.gerrit.trigger.PluginImpl; -import com.sonyericsson.hudson.plugins.gerrit.trigger.GerritServer; -import com.sonyericsson.hudson.plugins.gerrit.trigger.config.Config; - -// Check if enabled -def env = System.getenv() -if (!env['ADOP_GERRIT_ENABLED'].toBoolean()) { - println "--> ADOP Gerrit Disabled" - return -} - -// Variables -def gerrit_host_name = env['GERRIT_HOST_NAME'] -def gerrit_front_end_url = env['GERRIT_FRONT_END_URL'] -def gerrit_ssh_port = env['GERRIT_SSH_PORT'] ?: "29418" -gerrit_ssh_port = gerrit_ssh_port.toInteger() -def gerrit_username = env['GERRIT_USERNAME'] ?: "jenkins" -def gerrit_profile = env['GERRIT_PROFILE'] ?: "ADOP Gerrit" -def gerrit_email = env['GERRIT_EMAIL'] ?: "" -def gerrit_ssh_key_file = env['GERRIT_SSH_KEY_FILE'] ?: "/var/jenkins_home/.ssh/id_rsa" -def gerrit_ssh_key_password = env['GERRIT_SSH_KEY_PASSWORD'] ?: null - -// Constants -def instance = Jenkins.getInstance() - -Thread.start { - sleep 10000 - - // Gerrit - println "--> Configuring Gerrit" - - def gerrit_trigger_plugin = PluginImpl.getInstance() - - def gerrit_server = new GerritServer(gerrit_profile) - - def gerrit_servers = gerrit_trigger_plugin.getServerNames() - def gerrit_server_exists = false - gerrit_servers.each { - server_name = (String) it - if ( server_name == gerrit_server.getName() ) { - gerrit_server_exists = true - println("Found existing installation: " + server_name) - } - } - - if (!gerrit_server_exists) { - def gerrit_server_config = new Config() - - gerrit_server_config.setGerritHostName(gerrit_host_name) - gerrit_server_config.setGerritFrontEndURL(gerrit_front_end_url) - gerrit_server_config.setGerritSshPort(gerrit_ssh_port) - gerrit_server_config.setGerritUserName(gerrit_username) - gerrit_server_config.setGerritEMail(gerrit_email) - gerrit_server_config.setGerritAuthKeyFile(new File(gerrit_ssh_key_file)) - gerrit_server_config.setGerritAuthKeyFilePassword(gerrit_ssh_key_password) - - gerrit_server.setConfig(gerrit_server_config) - gerrit_trigger_plugin.addServer(gerrit_server) - gerrit_server.start() - gerrit_server.startConnection() - } - - // Save the state - instance.save() -} \ No newline at end of file diff --git a/resources/init.groovy.d/adop_gitlab.groovy b/resources/init.groovy.d/adop_gitlab.groovy new file mode 100644 index 0000000..4a0f437 --- /dev/null +++ b/resources/init.groovy.d/adop_gitlab.groovy @@ -0,0 +1,111 @@ +import jenkins.model.*; +import com.dabsquared.gitlabjenkins.connection.*; +import hudson.model.*; +import com.cloudbees.plugins.credentials.SystemCredentialsProvider; +import com.cloudbees.plugins.credentials.CredentialsScope; +import com.cloudbees.plugins.credentials.domains.* +import com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl; +import hudson.util.Secret; + +// Check if enabled +def env = System.getenv() +if (!env['ADOP_GITLAB_ENABLED'].toBoolean()) { + println "--> ADOP Gitlab Disabled" + return +} + +// Variables +def gitlab_host_name = env['GITLAB_HOST'] +def gitlab_api_token = env['GITLAB_AUTH_TOKEN'] +def gitlab_ignore_cert_errors = env['GITLAB_IGNORE_CERTIFICATE_ERRORS'] ?: false +def gitlab_connection_timeout = env['GITLAB_CONNECTION_TIMEOUT'] ?: 10 +def gitlab_read_timeout = env['GITLAB_READ_TIMEOUT'] ?: 10 + +def gitlab_api_token_description = "Gitlab api token" +def gitlab_api_token_id = "gitlab_api_token" + +def credential_id = "gitlab_user_token" +def credential_description = "Gitlab Username Token" +def credential_username = env['GITLAB_USERNAME'] +def system_credentials_provider = SystemCredentialsProvider.getInstance() + +// Constants +def instance = Jenkins.getInstance() + +Thread.start { + sleep 10000 + + api_token = new Secret(gitlab_api_token) + + //Gitlab access token + gitlab_api_token_credentials_exist = false + system_credentials_provider.getCredentials().each { + credentials = (com.cloudbees.plugins.credentials.Credentials) it + if ( credentials.getDescription() == gitlab_api_token_description) { + gitlab_api_token_credentials_exist = true + println("Found existing credentials: " + gitlab_api_token_description) + } + } + + if(!gitlab_api_token_credentials_exist) { + domain = Domain.global() + store = Jenkins.instance.getExtensionList('com.cloudbees.plugins.credentials.SystemCredentialsProvider')[0].getStore() + gitlabToken = new GitLabApiTokenImpl( + CredentialsScope.GLOBAL, + gitlab_api_token_id, + gitlab_api_token_description, + api_token + ) + store.addCredentials(domain, gitlabToken) + } + + //Gitlab username token + gitlab_username_credentials_exist = false + system_credentials_provider.getCredentials().each { + credentials = (com.cloudbees.plugins.credentials.Credentials) it + if ( credentials.getDescription() == credential_description) { + gitlab_username_credentials_exist = true + println("Found existing credentials: " + credential_description) + } + } + + if(!gitlab_username_credentials_exist) { + domain = Domain.global() + store = Jenkins.instance.getExtensionList('com.cloudbees.plugins.credentials.SystemCredentialsProvider')[0].getStore() + gitlabUserPass = new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL,credential_id,credential_description,credential_username,gitlab_api_token) + store.addCredentials(domain, gitlabUserPass) + } + + // Gitlab + println "--> Configuring Gitlab" + def gitlab_config = instance.getDescriptor("com.dabsquared.gitlabjenkins.connection.GitLabConnectionConfig") + + def gitlab_conn = new GitLabConnection( + 'ADOP Gitlab', + gitlab_host_name, + gitlab_api_token_id, + gitlab_ignore_cert_errors, + gitlab_connection_timeout, + gitlab_read_timeout + ) + + def gitlab_connections = gitlab_config.getConnections() + + def gitlab_server_exists = false + gitlab_connections.each { + connection_name = (GitLabConnection) it + if ( gitlab_conn.name == connection_name.getName() ) { + gitlab_server_exists = true + println("Found existing installation: " + gitlab_conn.name) + } + } + + if (!gitlab_server_exists) { + gitlab_connections.add(gitlab_conn) + gitlab_config.setConnections(gitlab_connections) + gitlab_config.save() + } + + // Save the state + instance.save() +} diff --git a/resources/init.groovy.d/role_based_auth.groovy b/resources/init.groovy.d/role_based_auth.groovy index 7c03e53..766b1fe 100644 --- a/resources/init.groovy.d/role_based_auth.groovy +++ b/resources/init.groovy.d/role_based_auth.groovy @@ -49,7 +49,6 @@ Thread.start { adminPermissions.add(Permission.fromId("com.cloudbees.plugins.credentials.CredentialsProvider.ManageDomains")); adminPermissions.add(Permission.fromId("hudson.model.Computer.Create")); adminPermissions.add(Permission.fromId("hudson.model.View.Configure")); - adminPermissions.add(Permission.fromId("com.sonyericsson.hudson.plugins.gerrit.trigger.PluginImpl.Retrigger")); adminPermissions.add(Permission.fromId("hudson.model.Hudson.ConfigureUpdateCenter")); adminPermissions.add(Permission.fromId("hudson.model.Computer.Build")); adminPermissions.add(Permission.fromId("hudson.model.Item.Configure")); @@ -71,7 +70,6 @@ Thread.start { adminPermissions.add(Permission.fromId("hudson.model.Hudson.RunScripts")); adminPermissions.add(Permission.fromId("hudson.model.View.Create")); adminPermissions.add(Permission.fromId("hudson.model.Item.Delete")); - adminPermissions.add(Permission.fromId("com.sonyericsson.hudson.plugins.gerrit.trigger.PluginImpl.ManualTrigger")); adminPermissions.add(Permission.fromId("hudson.model.Computer.Configure")); adminPermissions.add(Permission.fromId("com.cloudbees.plugins.credentials.CredentialsProvider.Create")); adminPermissions.add(Permission.fromId("hudson.model.Computer.Disconnect")); diff --git a/resources/jobs/Load_Platform/config.xml b/resources/jobs/Load_Platform/config.xml index 7fd19d5..a262218 100644 --- a/resources/jobs/Load_Platform/config.xml +++ b/resources/jobs/Load_Platform/config.xml @@ -1,7 +1,7 @@ - This job is responsible for retrieving the ADOP platform management repository and pushing it to the ADOP Gerrit instance. + This job is responsible for retrieving the ADOP platform management repository. false @@ -68,31 +68,6 @@ if [ -z $GIT_URL ]; then exit 1 fi -# Create Gerrit repository -target_repo_name="platform-management" -repo_exists=0 -list_of_repos=$(ssh -n -o StrictHostKeyChecking=no -p 29418 gerrit gerrit ls-projects --type code) - -for repo in ${list_of_repos} -do - if [ ${repo} = ${target_repo_name} ]; then - echo "Found: ${repo}" - repo_exists=1 - break - fi -done - -if [ ${repo_exists} -eq 0 ]; then - ssh -n -o StrictHostKeyChecking=no -p 29418 gerrit gerrit create-project --parent "All-Projects" "${target_repo_name}" -else - echo "Repository already exists, skipping: ${target_repo_name}" -fi - -# Setup remote & populate -git remote add adop ssh://jenkins@gerrit:29418/"${target_repo_name}" -git fetch adop -git push adop +refs/remotes/origin/*:refs/heads/* - # If a version has been specified, let's switch to it if [ ! -z "${ADOP_PLATFORM_MANAGEMENT_VERSION}" ] && [[ "${ADOP_PLATFORM_MANAGEMENT_VERSION}" =~ ^[a-fA-F0-9]{8,40}$ ]] && [ "$(git cat-file -t "${ADOP_PLATFORM_MANAGEMENT_VERSION}")" = "commit" ]; then echo "INFO - Checking out specified ADOP_PLATFORM_MANAGEMENT_VERSION '${ADOP_PLATFORM_MANAGEMENT_VERSION}'" diff --git a/resources/plugins.txt b/resources/plugins.txt index c4d2e4a..bb22002 100644 --- a/resources/plugins.txt +++ b/resources/plugins.txt @@ -64,7 +64,6 @@ environment-dashboard:1.1.7 extensible-choice-parameter:1.5.0 favorite:2.3.2 gatling:1.2.2 -gerrit-trigger:2.27.5 git-client:2.7.2 git-server:1.7 git:3.9.0 @@ -73,6 +72,7 @@ github-branch-source:2.3.4 github-oauth:0.29 github-organization-folder:1.6 github:1.29.0 +gitlab-plugin:1.5.10 global-build-stats:1.5 greenballs:1.15 groovy:2.0 diff --git a/resources/scripts/generate_gerrit_scm.sh b/resources/scripts/generate_gerrit_scm.sh deleted file mode 100644 index fe6acc4..0000000 --- a/resources/scripts/generate_gerrit_scm.sh +++ /dev/null @@ -1,98 +0,0 @@ -#!/bin/bash -set -e - -# Usage -usage() { - echo "Usage:" - echo " ${0} -i -p -h " - exit 1 -} - -# Constants -SCM_TYPE="gerrit" -LOADER_PATH="${PLUGGABLE_SCM_PROVIDER_PROPERTIES_PATH}/CartridgeLoader" -SCM_PROVIDERS_PATH="${PLUGGABLE_SCM_PROVIDER_PROPERTIES_PATH}/ScmProviders" -GERRIT_SSH_USER=$GERRIT_JENKINS_USERNAME -GERRIT_PERMISSIONS_PATH='${PROJECT_NAME}/permissions' -GERRIT_URL=$(echo ${ROOT_URL} | sed "s/jenkins/${GERRIT_HOST_NAME}/g") - -while getopts "i:p:h:" opt; do - case $opt in - i) - loader_id=${OPTARG} - ;; - p) - protocol=${OPTARG} - ;; - h) - host=${OPTARG} - ;; - *) - echo "Invalid parameter(s) or option(s)." - usage - ;; - esac -done - -if [ -z "${loader_id}" ] || [ -z "${protocol}" ] || [ -z "${host}" ]; then - echo "Parameters missing" - usage -fi - -# Setup Cartridge loader properties -LOADER_FILE=$LOADER_PATH/${loader_id}.props -touch $LOADER_FILE -cat > $LOADER_FILE < $PROPS_FILE < $PROPS_FILE < /dev/null + +# 3. send curl GET request to personal access token page to get the CSRF token +echo "\n[Token generation script]: Curling the personal access token form page to get the CSRF token......." +body_header=$(curl -H "Authorization: ${gitlab_basic_auth_string}" -H 'user-agent: curl' -b cookies.txt -i "${gitlab_host}/profile/personal_access_tokens" -s) +csrf_token=$(echo $body_header | perl -ne 'print "$1\n" if /authenticity_token"[[:blank:]]value="(.+?)"/' | sed -n 1p) +echo "[Token generation script]: Extracted the CSRF token from the access token form page: $csrf_token" + +# 4. curl POST request to send the "generate personal access token form" +# the response will be a redirect, so we have to follow using `-L` +echo "[Token generation script]: Submitting the personal access token page form......." +body_header=$(curl -H "Authorization: ${gitlab_basic_auth_string}" -L -b cookies.txt "${gitlab_host}/profile/personal_access_tokens" \ + --data-urlencode "authenticity_token=${csrf_token}" \ + --data 'personal_access_token[name]='"${gitlab_user}"'&personal_access_token[expires_at]=&personal_access_token[scopes][]=api') + +# 5. Scrape the personal access token from the response HTML +echo "[Token generation script]: Getting the personal access token......." +personal_access_token=$(echo $body_header | perl -ne 'print "$1\n" if /created-personal-access-token"[[:blank:]]value="(.+?)"/' | sed -n 1p) +echo "[Token generation script]: Personal access token: ${personal_access_token}" +export GITLAB_AUTH_TOKEN=${personal_access_token} diff --git a/resources/scripts/generate_gitlab_scm.sh b/resources/scripts/generate_gitlab_scm.sh new file mode 100644 index 0000000..adeb75b --- /dev/null +++ b/resources/scripts/generate_gitlab_scm.sh @@ -0,0 +1,98 @@ +#!/usr/bin/env bash +set -e + +# Usage +usage() { + echo "Usage:" + echo " ${0} -i -p -p -h -c " + exit 1 +} + +# Constants +SCM_TYPE="gitlab" +LOADER_PATH="${PLUGGABLE_SCM_PROVIDER_PROPERTIES_PATH}/CartridgeLoader" +SCM_PROVIDERS_PATH="${PLUGGABLE_SCM_PROVIDER_PROPERTIES_PATH}/ScmProviders" +GITLAB_SSH_USER=$GITLAB_JENKINS_USERNAME +GITLAB_URL=$(echo ${ROOT_URL} | sed "s/jenkins/${GITLAB_HOST_NAME}/g") +GITLAB_SSH_URL="ssh://git@gitlab" + +protocols=() +while getopts "i:p:h:c:" opt; do + case $opt in + i) + loader_id=${OPTARG} + ;; + p) + protocols+=(${OPTARG}) + ;; + h) + host=${OPTARG} + ;; + c) + context=${OPTARG} + ;; + *) + echo "Invalid parameter(s) or option(s)." + usage + ;; + esac +done + +if [ -z "${loader_id}" ] || [ -z "${protocols}" ] || [ -z "${host}" ] || [ -z "${context}" ]; then + echo "Parameters missing" + usage +fi + +# Setup Cartridge loader properties +LOADER_FILE=$LOADER_PATH/${loader_id}.props +touch $LOADER_FILE +cat > $LOADER_FILE < $PROPS_FILE < $PROPS_FILE < -p -u -w " + echo " ${0} -c -p " exit 1 } @@ -17,9 +17,6 @@ BASE_JENKINS_SSH_PUBLIC_KEY_KEY="${BASE_JENKINS_SSH_KEY}/public_key" JENKINS_HOME="/var/jenkins_home" JENKINS_SSH_DIR="${JENKINS_HOME}/.ssh" JENKINS_USER_CONTENT_DIR="${JENKINS_HOME}/userContent/" -GERRIT_ADD_KEY_PATH="accounts/self/sshkeys" -GERRIT_REST_AUTH="jenkins:jenkins" - while getopts "c:p:u:w:" opt; do case $opt in @@ -29,12 +26,6 @@ while getopts "c:p:u:w:" opt; do p) port=${OPTARG} ;; - u) - username=${OPTARG} - ;; - w) - password=${OPTARG} - ;; *) echo "Invalid parameter(s) or option(s)." usage @@ -42,7 +33,7 @@ while getopts "c:p:u:w:" opt; do esac done -if [ -z "${host}" ] || [ -z "${port}" ] || [ -z "${username}" ] || [ -z "${password}" ]; then +if [ -z "${host}" ] || [ -z "${port}" ] ; then echo "Parameters missing" usage fi @@ -64,25 +55,4 @@ fi # public_key_val=$(cat ${JENKINS_SSH_DIR}/id_rsa.pub) # Set correct permissions on SSH Key -chown -R 1000:1000 "${JENKINS_SSH_DIR}" - -# echo "Testing Gerrit Connection" -# until curl -sL -w "\\n%{http_code}\\n" "http://${host}:${port}/gerrit" -o /dev/null | grep "200" &> /dev/null -# do -# echo "Gerrit unavailable, sleeping for ${SLEEP_TIME}" -# sleep "${SLEEP_TIME}" -# done - -# echo "Gerrit available, adding data" -# count=1 -# until [ $count -ge ${MAX_RETRY} ] -# do -# ret=$(curl -X POST --write-out "%{http_code}" --silent --output /dev/null \ -# -u "${username}:${password}" \ -# -H "Content-type: text/plain" \ -# --data "${public_key_val}" "http://${host}:${port}/gerrit/a/${GERRIT_ADD_KEY_PATH}") -# [[ ${ret} -eq 201 ]] && break -# count=$[$count+1] -# echo "Unable to add jenkins public key on gerrit, response code ${ret}, retry ... ${count}" -# sleep ${SLEEP_TIME} -# done +chown -R 1000:1000 "${JENKINS_SSH_DIR}" \ No newline at end of file diff --git a/resources/scripts/put_jenkins_public_key_in_gitlab.sh b/resources/scripts/put_jenkins_public_key_in_gitlab.sh new file mode 100644 index 0000000..86977a4 --- /dev/null +++ b/resources/scripts/put_jenkins_public_key_in_gitlab.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash + +# This script uses the GitLab API to copy over Jenkins's public key over to GitLab +# It assumes that an access token for the GitLab user Jenkins has been created +# and exported as GITLAB_JENKINS_PRIVATE_TOKEN + +PUBLIC_KEY="$(cat /var/jenkins_home/userContent/id_rsa.pub)" +PRIVATE_TOKEN=$GITLAB_AUTH_TOKEN +PUBLIC_KEY_NAME="adop-jenkins-master" + +if [ -z "$PRIVATE_TOKEN" ] +then + echo "========= [PUBLIC KEY COPYING SCRIPT] SCRIPT FAILED. The GITLAB_JENKINS_PRIVATE_TOKEN environment variable is empty =========" + exit 1 +fi + +if [ -z "$PUBLIC_KEY" ] +then + echo "========= [PUBLIC KEY COPYING SCRIPT] SCRIPT FAILED. Could not find Jenkins's public key at /var/jenkins_home/userContent/id_rsa.pub =========" +else + curl -H "Private-Token: ${PRIVATE_TOKEN}" -X POST http://gitlab/gitlab/api/v4/user/keys --data "title=$PUBLIC_KEY_NAME" --data-urlencode "key=$PUBLIC_KEY" +fi +