search

ansible-collections / community.general

Ansible Community General Collection
https://galaxy.ansible.com/ui/repo/published/community/general/
GNU General Public License v3.0
820 stars 1.5k forks source link

jenkins_plugin Call to pin plugin has been ignored #5001

Open antonpatsev opened 2 years ago

antonpatsev commented 2 years ago

Summary

Hello! I try install jenkins plugin by ansible.

inventory

all:
  children:
    jenkins:
      hosts:
        "jenkins":
          ansible_host: "IP"
  vars:
    jenkins_prefer_lts: true
    jenkins_external_url: "https://jenkins.IP.sslip.io"
    ansible_user:  ubuntu
    ansible_ssh_private_key_file: ~/.ssh/id_rsa

    jenkins_admin_password: password
    jenkins_hostname: "jenkins.IP.sslip.io"

    letsencrypt_opts_extra: "--register-unsafely-without-email"
    letsencrypt_cert:
      name: jenkins.IP.sslip.io
      domains:
        - jenkins.IP.sslip.io
      challenge: http
      http_auth: standalone
      reuse_key: True

    nginx_remove_default_vhost: true
    nginx_vhosts:
      - listen: "80"
        server_name: "jenkins.IP.sslip.io"
        return: "301 https://jenkins.IP.sslip.io$request_uri"
        filename: "jenkins.IP.sslip.io.80.conf"
      - listen: "443 ssl"
        server_name: jenkins.IP.sslip.io
        state: "present"
        extra_parameters: |
          location / {
            proxy_set_header        Host $host:$server_port;
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header        X-Forwarded-Proto $scheme;

            # Fix the "It appears that your reverse proxy set up is broken" error.
            proxy_pass          http://127.0.0.1:8080;
            proxy_read_timeout  90;

          }
          ssl_certificate     /etc/letsencrypt/live/jenkins.IP.sslip.io/cert.pem;
          ssl_certificate_key /etc/letsencrypt/live/jenkins.IP.sslip.io/privkey.pem;

Issue Type

Bug Report

Component Name

jenkins_plugin module

Ansible Version

$ ansible --version
ansible [core 2.13.2]
  config file = /home/apatsev/github/infrastructure-as-a-code-example/jenkins-geerlingguy-jenkins/ansible.cfg
  configured module search path = ['/home/apatsev/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /home/apatsev/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.10.4 (main, Jun 29 2022, 12:14:53) [GCC 11.2.0]
  jinja version = 3.1.2
  libyaml = True

Community.general Version

$ ansible-galaxy collection list community.general
community.general 5.3.0

Configuration

$ ansible-config dump --only-changed
CALLBACKS_ENABLED(/home/apatsev/github/infrastructure-as-a-code-example/jenkins-geerlingguy-jenkins/ansible.cfg) = ['profile_tasks']
DEFAULT_GATHERING(/home/apatsev/github/infrastructure-as-a-code-example/jenkins-geerlingguy-jenkins/ansible.cfg) = smart
DEFAULT_STDOUT_CALLBACK(/home/apatsev/github/infrastructure-as-a-code-example/jenkins-geerlingguy-jenkins/ansible.cfg) = yaml
INTERPRETER_PYTHON(/home/apatsev/github/infrastructure-as-a-code-example/jenkins-geerlingguy-jenkins/ansible.cfg) = /usr/bin/python3

OS / Environment

Ubuntu 22.04

Steps to Reproduce

- name: "Deploy java, jenkins, letsencrypt, nginx"
  hosts: jenkins
  become: true
  roles:
    - role: robertdebock.java
    - role: geerlingguy.jenkins
    - role: systemli.letsencrypt
    - role: geerlingguy.nginx
  post_tasks:
    - name: Create directory /var/lib/jenkins/jcasc
      ansible.builtin.file:
        path: /var/lib/jenkins/jcasc
        state: directory
        owner: jenkins
        group: jenkins

    - name: Copy jcasc.yaml with owner and permissions
      ansible.builtin.copy:
        src: jcasc.yaml
        dest: /var/lib/jenkins/jcasc/jcasc.yaml
        owner: jenkins
        group: jenkins
        mode: '0644'

    - name: Create directory /etc/systemd/system/jenkins.service.d
      ansible.builtin.file:
        path: /etc/systemd/system/jenkins.service.d
        state: directory
        owner: jenkins
        group: jenkins

    - name: Copy env-jenkins.conf with owner and permissions
      ansible.builtin.copy:
        src: env-jenkins.conf
        dest: /etc/systemd/system/jenkins.service.d/env-jenkins.conf
        owner: jenkins
        group: jenkins
        mode: '0644'
      register: env_jenkins_conf

    # - name: Install jenkins plugin configuration-as-code
    #   community.general.jenkins_plugin:
    #     name: "{{ item }}"
    #     url_username: "admin"
    #     url_password: "{{jenkins_admin_password}}"
    #   with_items:  
    #     - configuration-as-code
    #   register: jenkins_plugin

    - name: Restart service jenkins, also issue daemon-reload to pick up config changes
      ansible.builtin.systemd:
        state: restarted
        daemon_reload: yes
        name: jenkins
      when: env_jenkins_conf.changed

    - name: Print ansible_host var
      debug:
        var: ansible_host

    - name: install pip3
      apt: name=python3-pip state=present
    - name: Install multi python packages with version specifiers
      pip:
        name:
          - jenkins-job-builder

#
# Example of a Play which handles Jenkins restarts during the state changes
#
- name: Jenkins Master play
  hosts: jenkins
  become: true
  vars:
    my_jenkins_plugins:
      javax-activation-api:
        version: "1.2.0-4"
        pinned: yes
        enabled: yes
      javax-mail-api:
        version: "1.6.2-7"
        pinned: yes
        enabled: yes
      cloudbees-folder:
        version: "6.729.v2b_9d1a_74d673"
        pinned: yes
        enabled: yes
      mina-sshd-api-common:
        version: "2.8.0-30.vf9df64641cb_d"
        pinned: yes
        enabled: yes
      mina-sshd-api-core:
        version: "2.8.0-30.vf9df64641cb_d"
        pinned: yes
        enabled: yes
  tasks:
    - name: Install plugins without a specific version
      community.general.jenkins_plugin:
        name: "{{ item.key }}"
        url_username: "admin"
        url_password: "{{jenkins_admin_password}}"
      register: my_jenkins_plugin_unversioned
      when: >
        'version' not in item.value
      with_dict: "{{ my_jenkins_plugins }}"

    - name: Install plugins with a specific version
      community.general.jenkins_plugin:
        name: "{{ item.key }}"
        version: "{{ item.value['version'] }}"
        url_username: "admin"
        url_password: "{{jenkins_admin_password}}"
      register: my_jenkins_plugin_versioned
      when: >
        'version' in item.value
      with_dict: "{{ my_jenkins_plugins }}"

    - name: Initiate the fact
      ansible.builtin.set_fact:
        jenkins_restart_required: no

    - name: Check if restart is required by any of the versioned plugins
      ansible.builtin.set_fact:
        jenkins_restart_required: yes
      when: item.changed
      with_items: "{{ my_jenkins_plugin_versioned.results }}"

    - name: Check if restart is required by any of the unversioned plugins
      ansible.builtin.set_fact:
        jenkins_restart_required: yes
      when: item.changed
      with_items: "{{ my_jenkins_plugin_unversioned.results }}"

    - name: Restart Jenkins if required
      ansible.builtin.service:
        name: jenkins
        state: restarted
      when: jenkins_restart_required

    - name: Wait for Jenkins to start up
      ansible.builtin.uri:
        url: http://localhost:8080
        status_code: 200,403
        timeout: 5
      register: jenkins_service_status
      # Keep trying for 5 mins in 5 sec intervals
      retries: 60
      delay: 5
      until: >
          (jenkins_service_status.status == 403 or jenkins_service_status.status == 200) and 
          ('status' in jenkins_service_status)
      when: jenkins_restart_required

    - name: Reset the fact
      ansible.builtin.set_fact:
        jenkins_restart_required: no
      when: jenkins_restart_required

    - name: Plugin pinning
      community.general.jenkins_plugin:
        name: "{{ item.key }}"
        state: "{{ 'pinned' if item.value['pinned'] else 'unpinned'}}"
        url_username: "admin"
        url_password: "{{jenkins_admin_password}}"
      when: >
        'pinned' in item.value
      with_dict: "{{ my_jenkins_plugins }}"

    - name: Plugin enabling
      community.general.jenkins_plugin:
        name: "{{ item.key }}"
        state: "{{ 'enabled' if item.value['enabled'] else 'disabled'}}"
        url_username: "admin"
        url_password: "{{jenkins_admin_password}}"
      when: >
        'enabled' in item.value
      with_dict: "{{ my_jenkins_plugins }}"

Expected Results

pin plugin

Actual Results

journalctl -u jenkins.service -f
hudson.PluginWrapper#doPin: Call to pin plugin has been ignored. Plugin name: javax-activation-api
hudson.PluginWrapper#doPin: Call to pin plugin has been ignored. Plugin name: javax-mail-api
hudson.PluginWrapper#doPin: Call to pin plugin has been ignored. Plugin name: cloudbees-folder
hudson.PluginWrapper#doPin: Call to pin plugin has been ignored. Plugin name: mina-sshd-api-common

Code of Conduct

ansibullbot commented 2 years ago

Files identified in the description: None

If these files are incorrect, please update the component name section of the description or use the !component bot command.

click here for bot help

antonpatsev commented 2 years ago

cc @jtyr

felixfontein commented 2 years ago

!component =plugins/modules/web_infrastructure/jenkins_plugin.py

ansibullbot commented 2 years ago

Files identified in the description:

If these files are incorrect, please update the component name section of the description or use the !component bot command.

click here for bot help