Help us understand the problem. What is going on with this article?

Ansible2.2でjenkins_pluginモジュールを動かしてみた

More than 1 year has passed since last update.

はじめに

Ansible2.2でjenkins_pluginモジュールが追加され、Jenkinsのプラグインの管理が楽になりました。

with_dependencies を使うことで 依存関係のあるプラグインも入れてくれる のがいいですね!

使い方

というわけで使ってみます。以下のようなコードを書いてみました。

## vars
jenkins_plugins:
  - { name: 'ansicolor', version: '0.4.1'}
  - { name: 'build-flow-plugin', version: '0.18'}
  - { name: 'buildgraph-view', version: '1.1.1'}
  - { name: 'copyartifact', version: '1.35.2'}

jenkins_params:
  url_username: 'admin'
  url_password: 'admin'

## task
- name: download jenkins plugins
  jenkins_plugin: name={{ item.name }} version={{ item.version }} params={{ jenkins_params }} state=present with_dependencies=yes validate_certs=False
  with_items: "{{ jenkins_plugins }}"
  notify:
    - restart jenkins

しかし…このバージョンではバグがあり、この修正 をしないと以下のようなバグが出てしまいます。

failed: [192.168.10.20] (item={u'version': u'0.18', u'name': u'build-flow-plugin'}) => {"failed": true, "item": {"name": "build-flow-plugin", "version": "0.18"}, "module_stderr": "", "module_stdout": "Traceback (most recent call last):\r\n  File \"/tmp/ansible_18Rf6L/ansible_module_jenkins_plugin.py\", line 829, in <module>\r\n    main()\r\n  File \"/tmp/ansible_18Rf6L/ansible_module_jenkins_plugin.py\", line 812, in main\r\n    changed = jp.install()\r\n  File \"/tmp/ansible_18Rf6L/ansible_module_jenkins_plugin.py\", line 481, in install\r\n    self._write_file(plugin_file, r)\r\n  File \"/tmp/ansible_18Rf6L/ansible_module_jenkins_plugin.py\", line 646, in _write_file\r\n    fd = open(tmp_f, 'wb')\r\nTypeError: coercing to Unicode: need string or buffer, tuple found\r\n", "msg": "MODULE FAILURE"}

というわけで、上記の修正を以下のファイルに施してみます。

[root@controller ~]# rpm -ql ansible | grep jenkins
/usr/lib/python2.6/site-packages/ansible/modules/extras/web_infrastructure/jenkins_job.py
/usr/lib/python2.6/site-packages/ansible/modules/extras/web_infrastructure/jenkins_job.pyc
/usr/lib/python2.6/site-packages/ansible/modules/extras/web_infrastructure/jenkins_job.pyo
/usr/lib/python2.6/site-packages/ansible/modules/extras/web_infrastructure/jenkins_plugin.py <- このファイルを修正
/usr/lib/python2.6/site-packages/ansible/modules/extras/web_infrastructure/jenkins_plugin.pyc
/usr/lib/python2.6/site-packages/ansible/modules/extras/web_infrastructure/jenkins_plugin.pyo

実行してみます。

TASK [role-jenkins : download jenkins plugins] *********************************
changed: [192.168.10.20] => (item={u'version': u'0.4.1', u'name': u'ansicolor'})
changed: [192.168.10.20] => (item={u'version': u'0.18', u'name': u'build-flow-plugin'})
changed: [192.168.10.20] => (item={u'version': u'1.1.1', u'name': u'buildgraph-view'})
changed: [192.168.10.20] => (item={u'version': u'1.35.2', u'name': u'copyartifact'})

というわけで、ワークアラウンド的な対処にはなってしまいますが、無事実行できました。
この修正が入るのは Ansible2.3 からとのことなので、今すぐ動かしたい方はこのような対処を行なってください。

その他のエラー

実は上記に至るまで、他のエラーにも直面しました。
以下のエラーに対する対処法は、私のやり方なので、環境によってはできなかったり、やらない方が状況もあると思うので、参考程度にしてください。

エラー1

failed: [192.168.10.20] (item={u'version': u'1.13', u'name': u'junit'}) => {"failed": true, "item": {"name": "junit", "version": "1.13"}, "msg": "Failed to validate the SSL certificate for updates.jenkins-ci.org:443. Make sure your managed systems have a valid CA certificate installed. If the website serving the url uses SNI you need python >= 2.7.9 on your managed machine or you can install the `urllib3`, `pyopenssl`, `ndg-httpsclient`, and `pyasn1` python modules to perform SNI verification in python >= 2.6. You can use validate_certs=False if you do not need to confirm the servers identity but this is unsafe and not recommended. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible"}

urllib3pyopensslndg-httpsclientpyasn1モジュールをインストールし、 validate_certs=False をつけることで解決。

エラー2

failed: [192.168.10.20] (item={u'version': u'1.7.1', u'name': u'timestamper'}) => {"details": "HTTP Error 403: Forbidden", "failed": true, "item": {"name": "timestamper", "version": "1.7.1"}, "msg": "Cannot get CSRF"}

Jenkinsにログインするための ユーザ名/パスワードをパラメータとして渡してやることで解消できます。

Why do not you register as a user and use Qiita more conveniently?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Comments
Sign up for free and join this conversation.
If you already have a Qiita account
Why do not you register as a user and use Qiita more conveniently?
You need to log in to use this function. Qiita can be used more conveniently after logging in.
You seem to be reading articles frequently this month. Qiita can be used more conveniently after logging in.
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away