search

voxpupuli / puppet-jenkins

Puppet module for Jenkins
http://forge.puppetlabs.com/puppet/jenkins
Apache License 2.0
275 stars 565 forks source link

2.1 support #575

Closed cdenneen closed 2 years ago

cdenneen commented 8 years ago

Does not seem to work with 2.1

==> jenkins2: Error: Failed to apply catalog: Execution of '/bin/java -jar /usr/lib/jenkins/jenkins-cli.jar -s http://localhost:8080 groovy /usr/lib/jenkins/puppet_helper.groovy user_info_all' returned 255: java.io.IOException: No X-Jenkins-CLI2-Port among [X-Jenkins, null, Server, X-Content-Type-Options, X-You-Are-In-Group, X-Hudson, X-Permission-Implied-By, Date, X-Jenkins-Session, X-You-Are-Authenticated-As, X-Required-Permission, Set-Cookie, Expires, Content-Length, Content-Type]
==> jenkins2:   at hudson.cli.CLI.getCliTcpPort(CLI.java:284)
==> jenkins2:   at hudson.cli.CLI.<init>(CLI.java:128)
==> jenkins2:   at hudson.cli.CLIConnectionFactory.connect(CLIConnectionFactory.java:72)
==> jenkins2:   at hudson.cli.CLI._main(CLI.java:473)
==> jenkins2:   at hudson.cli.CLI.main(CLI.java:384)
==> jenkins2:   Suppressed: java.io.IOException: Server returned HTTP response code: 403 for URL: http://localhost:8080/cli
==> jenkins2:       at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1840)
==> jenkins2:       at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441)
==> jenkins2:       at hudson.cli.FullDuplexHttpStream.<init>(FullDuplexHttpStream.java:78)
==> jenkins2:       at hudson.cli.CLI.connectViaHttp(CLI.java:152)
==> jenkins2:       at hudson.cli.CLI.<init>(CLI.java:132)
==> jenkins2:       ... 3 more

Also the "initial admin secret available in /var/lib/jenkins/secrets/..." need a way to bypass when building via puppet.

jhoblitt commented 8 years ago

Did you get 2.1 by default from one of the managed repos?

cdenneen commented 8 years ago

Yes from the jenkins repo 2.1-1.1

jhoblitt commented 8 years ago

Which platform? It is not yet in the EL repo.

http://pkg.jenkins-ci.org/redhat-stable/

jhoblitt commented 8 years ago

Oh, I see, it is in the non-lts repo. @rtyler How would you feel about using the LTS repo by default?

cdenneen commented 8 years ago

Here's the reference: baseurl=http://pkg.jenkins-ci.org/redhat/

matthewbarr commented 8 years ago

Damn, we probably should default to the LTS one for now.

rtyler commented 8 years ago

@jhoblitt yep, I'm in favor of defaulting to LTS.

dsbaars commented 8 years ago

This only seems to be an issue with RedHat (applying the module), With Ubuntu 16.04 it installs 2.1 without problems.

jhoblitt commented 8 years ago

I merged the lts by default pr yesterday. I have not had time to look at what is needed to support 2.x.

benpriestman commented 8 years ago

In case it helps, I've been playing with a new Jenkins build using the forge version of this module (1.6.1) and allowing the latest version of jenkins to be used (2.10, at time of writing). The new 'secure-by-default' configuration blocks CLI access until a secret key has been retrieved from the file system and entered into the UI by hand. These guys have also been struggling with the same issues: https://github.com/geerlingguy/ansible-role-jenkins/issues/50. I found that adding -Djenkins.install.runSetupWizard=false to jenkins::config_hash['JENKINS_JAVA_OPTIONS']['value'] seems to work - so long as this is done before the first run of the jenkins service. (The default JENKINS_JAVA_OPTIONS in the /etc/sysconfig/jenkins on RedHat already contained -Djava.awt.headless=true, so this should maybe be included in any default settings.) [ed: Checking the provenance of this flag, it looks it originated with you guys, so you're clearly on the case!: https://issues.jenkins-ci.org/browse/JENKINS-34035)

jhoblitt commented 8 years ago

Updating the CLI options does work as long as 2.x wasn't previous started. I would like to know what state we need to blow away to make this idempotent...

jhoblitt commented 8 years ago

2.7.1 has been added to the LTS repos: http://pkg.jenkins-ci.org/redhat-stable/jenkins-2.7.1-1.1.noarch.rpm

hcguersoy commented 8 years ago

Hi folks,

using latest LTS (2.7.4) and latest version of the module I still face issues.

This is a part of my manifest:

  class { 'jenkins':
    lts           => $uselts,
    install_java  => false,
    proxy_host    => $jenkinsproxy,
    proxy_port    => $jenkinsproxyport,
    manage_user   => false,
    manage_group  => false,
    manage_datadirs => false,
    cli             => true,
    user_hash => {
     'myadmin' => { 'password' => 'xxx',
                     'email' => 'admin@localhost'}
    },  
    config_hash  => {
      'JENKINS_JAVA_OPTIONS' => {value => '-Djenkins.install.runSetupWizard=false'},
    },
  }

During the puppet run I got several errors regarding the creation of the user:

==> srv1 Notice: /Stage[main]/Jenkins::Users/Jenkins::User[myadmin]/Jenkins::Cli::Exec[create-jenkins-user-myadmin]/Exec[create-jenkins-user-myadmin]/returns: java.io.IOException: No X-Jenkins-CLI2-Port among [null, X-Required-Permission, X-Jenkins, X-You-Are-In-Group, X-Hudson, Content-Length, Expires, X-You-Are-Authenticated-As, X-Permission-Implied-By, Set-Cookie, Server, X-Content-Type-Options, Date, X-Jenkins-Session, Content-Type]
==> srv1 Notice: /Stage[main]/Jenkins::Users/Jenkins::User[myadmin]/Jenkins::Cli::Exec[create-jenkins-user-myadmin]/Exec[create-jenkins-user-myadmin]/returns:     at hudson.cli.CLI.getCliTcpPort(CLI.java:284)
==> srv1 Notice: /Stage[main]/Jenkins::Users/Jenkins::User[myadmin]/Jenkins::Cli::Exec[create-jenkins-user-myadmin]/Exec[create-jenkins-user-myadmin]/returns:     at hudson.cli.CLI.<init>(CLI.java:128)
==> srv1 Notice: /Stage[main]/Jenkins::Users/Jenkins::User[myadmin]/Jenkins::Cli::Exec[create-jenkins-user-myadmin]/Exec[create-jenkins-user-myadmin]/returns:     at hudson.cli.CLIConnectionFactory.connect(CLIConnectionFactory.java:72)
==> srv1 Notice: /Stage[main]/Jenkins::Users/Jenkins::User[myadmin]/Jenkins::Cli::Exec[create-jenkins-user-myadmin]/Exec[create-jenkins-user-myadmin]/returns:     at hudson.cli.CLI._main(CLI.java:473)
==> srv1 Notice: /Stage[main]/Jenkins::Users/Jenkins::User[myadmin]/Jenkins::Cli::Exec[create-jenkins-user-myadmin]/Exec[create-jenkins-user-myadmin]/returns:     at hudson.cli.CLI.main(CLI.java:384)
==> srv1 Notice: /Stage[main]/Jenkins::Users/Jenkins::User[myadmin]/Jenkins::Cli::Exec[create-jenkins-user-myadmin]/Exec[create-jenkins-user-myadmin]/returns:     Suppressed: java.io.IOException: Server returned HTTP response code: 403 for URL: http://127.0.0.1:8080/cli
==> srv1 Notice: /Stage[main]/Jenkins::Users/Jenkins::User[myadmin]/Jenkins::Cli::Exec[create-jenkins-user-myadmin]/Exec[create-jenkins-user-myadmin]/returns:         at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1628)
==> srv1 Notice: /Stage[main]/Jenkins::Users/Jenkins::User[myadmin]/Jenkins::Cli::Exec[create-jenkins-user-myadmin]/Exec[create-jenkins-user-myadmin]/returns:         at hudson.cli.FullDuplexHttpStream.<init>(FullDuplexHttpStream.java:78)
==> srv1 Notice: /Stage[main]/Jenkins::Users/Jenkins::User[myadmin]/Jenkins::Cli::Exec[create-jenkins-user-myadmin]/Exec[create-jenkins-user-myadmin]/returns:         at hudson.cli.CLI.connectViaHttp(CLI.java:152)
==> srv1 Notice: /Stage[main]/Jenkins::Users/Jenkins::User[myadmin]/Jenkins::Cli::Exec[create-jenkins-user-myadmin]/Exec[create-jenkins-user-myadmin]/returns:         at hudson.cli.CLI.<init>(CLI.java:132)
==> srv1 Notice: /Stage[main]/Jenkins::Users/Jenkins::User[myadmin]/Jenkins::Cli::Exec[create-jenkins-user-myadmin]/Exec[create-jenkins-user-myadmin]/returns:         ... 3 more
==> srv1 Error: /usr/bin/java -jar /usr/share/jenkins/jenkins-cli.jar -s http://127.0.0.1:8080 groovy /usr/share/jenkins/puppet_helper.groovy create_or_update_user myadmin admin@localhost 'xxx' 'Managed by Puppet' '' returned 255 instead of one of [0]
==> srv1 Error: /Stage[main]/Jenkins::Users/Jenkins::User[myadmin]/Jenkins::Cli::Exec[create-jenkins-user-myadmin]/Exec[create-jenkins-user-myadmin]/returns: change from notrun to 0 failed: /usr/bin/java -jar /usr/share/jenkins/jenkins-cli.jar -s http://127.0.0.1:8080 groovy /usr/share/jenkins/puppet_helper.groovy create_or_update_user myadmin admin@localhost 'xxx' 'Managed by Puppet' '' returned 255 instead of one of [0]
==> srv1 Notice: /Stage[main]/Jenkins::Cli::Reload/Exec[reload-jenkins]: Dependency Exec[create-jenkins-user-myadmin] has failures: true

In the log file jenkins complains about missing crumb:

WARNING: No valid crumb was included in request for /cli. Returning 403.
Sep 19, 2016 11:36:52 AM hudson.security.csrf.CrumbFilter doFilter

And browsing to the start page shows me the login page.

Any suggestions?

jhoblitt commented 8 years ago

Are you able to use the CLI jar manually?

hcguersoy commented 8 years ago

Hi Joshua,

no, I run into the same error:

# java -jar /usr/share/jenkins/jenkins-cli.jar -s http://127.0.0.1:8080 help
java.io.IOException: No X-Jenkins-CLI2-Port among [null, X-Required-Permission, X-Jenkins, X-You-Are-In-Group, X-Hudson, Content-Length, Expires, X-You-Are-Authenticated-As, X-Permission-Implied-By, Set-Cookie, Server, X-Content-Type-Options, Date, X-Jenkins-Session, Content-Type]
    at hudson.cli.CLI.getCliTcpPort(CLI.java:284)
    at hudson.cli.CLI.<init>(CLI.java:128)
    at hudson.cli.CLIConnectionFactory.connect(CLIConnectionFactory.java:72)
    at hudson.cli.CLI._main(CLI.java:473)
    at hudson.cli.CLI.main(CLI.java:384)
    Suppressed: java.io.IOException: Server returned HTTP response code: 403 for URL: http://127.0.0.1:8080/cli
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1628)
        at hudson.cli.FullDuplexHttpStream.<init>(FullDuplexHttpStream.java:78)
        at hudson.cli.CLI.connectViaHttp(CLI.java:152)
        at hudson.cli.CLI.<init>(CLI.java:132)
        ... 3 more

This is after a fresh provisioning.

But I see that during the puppet apply the jenkins service gets restarted:

==> srv1: Debug: Class[Jenkins::Config]: The container Stage[main] will propagate my refresh event
==> srv1: Debug: Service[jenkins](provider=upstart): Could not find jenkins.conf in /etc/init
==> srv1: Debug: Service[jenkins](provider=upstart): Could not find jenkins.conf in /etc/init.d
==> srv1: Debug: Service[jenkins](provider=upstart): Could not find jenkins in /etc/init
==> srv1: Debug: Executing '/etc/init.d/jenkins status'
==> srv1: Debug: Executing '/etc/init.d/jenkins status'
==> srv1: Debug: Executing '/etc/init.d/jenkins restart'
==> srv1: Notice: /Stage[main]/Jenkins::Service/Service[jenkins]: Triggered 'refresh' from 6 events
==> srv1: Debug: /Stage[main]/Jenkins::Service/Service[jenkins]: The container Class[Jenkins::Service] will propagate my refresh event
==> srv1: Debug: Class[Jenkins::Service]: The container Stage[main] will propagate my refresh event

May this is due to the restart of jenkins?