blob: cd81f29d3a8e59a8c78c2968b205c3b42eab2540 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
|
#!/bin/bash
# SPDX-license-identifier: Apache-2.0
##############################################################################
# Copyright (c) 2016 Linux Foundation and others.
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
#Monit setup script for opnfv jnlp slave connections
test_firewall() {
echo "testing that the firewall is open for us at build.opnfv.org"
test=$(echo "blah"| nc -w 4 build.opnfv.org 57387 > /dev/null 2>&1; echo $?)
if [[ $test == 0 ]]; then
echo "Firewall is open for us at build.opnfv.org"
exit 0
else
cat << EOF
LF firewall not open, please send a report to helpdesk with your gpg key attached, or better yet upload it to the key servers. (I should be able to find it with gpg --search-keys your@company.email.com
opnfv-helpdesk@rt.linuxfoundation.org
Jenkins Home: $jenkinshome
Jenkins User: $jenkinsuser
Slave Name: $slave_name
IP Address: $(curl -s http://icanhazip.com)
EOF
exit 1
fi
}
main () {
#tests
if [[ -z $jenkinsuser || -z $jenkinshome ]]; then
echo "jenkinsuser or home not defined, please edit this file to define it"
exit 1
fi
if [[ $(pwd) != "$jenkinshome" ]]; then
echo "This script needs to be run from the jenkins users home dir"
exit 1
fi
if [[ -z $slave_name || -z $slave_secret ]]; then
echo "slave name or secret not defined, please edit this file to define it"
exit 1
fi
if [[ $(whoami) != "root" && $(whoami) != "$jenkinsuser" ]]; then
echo "This script must be run as user root or jenkins user"
exit 1
fi
if [[ $(whoami) != "root" ]]; then
if sudo -l | grep "requiretty" | grep -v "\!requiretty"; then
echo "please comment out Defaults requiretty from /etc/sudoers"
exit 1
fi
fi
#make pid dir
pidfile="/var/run/$jenkinsuser/jenkins_jnlp_pid"
if ! [ -d /var/run/$jenkinsuser/ ]; then
sudo mkdir /var/run/$jenkinsuser/
sudo chown $jenkinsuser:$jenkinsuser /var/run/$jenkinsuser/
fi
if [[ $skip_monit != true ]]; then
#check for monit
if [ $(which monit) ]; then
echo "monit installed"
else
if [ -n "$(command -v yum)" ]; then
echo "please install monit; eg: yum -y install monit"
exit 1
elif [ -n "$(command -v apt-get)" ]; then
echo "please install monit; eg: apt-get install -y monit"
exit 1
else
echo "system not supported plese contact help desk"
exit 1
fi
fi
if [ -d /etc/monit/conf.d ]; then
monitconfdir="/etc/monit/conf.d/"
elif [ -d /etc/monit.d ]; then
monitconfdir="/etc/monit.d"
else
echo "Could not determine the location of the monit configuration file."
echo "Make sure monit is installed."
exit 1
fi
chown=$(type -p chown)
mkdir=$(type -p mkdir)
makemonit () {
echo "Writing the following as monit config:"
cat << EOF | tee $monitconfdir/jenkins
check directory jenkins_piddir path /var/run/$jenkinsuser
if does not exist then exec "$mkdir -p /var/run/$jenkinsuser"
if failed uid $jenkinsuser then exec "$chown $jenkinsuser /var/run/$jenkinsuser"
if failed gid $jenkinsuser then exec "$chown :$jenkinsuser /var/run/$jenkinsuser"
check process jenkins with pidfile /var/run/$jenkinsuser/jenkins_jnlp_pid
start program = "/usr/bin/sudo -u $jenkinsuser /bin/bash -c 'cd $jenkinshome; export started_monit=true; $0 $@' with timeout 60 seconds"
stop program = "/bin/bash -c '/bin/kill \$(/bin/cat /var/run/$jenkinsuser/jenkins_jnlp_pid)'"
depends on jenkins_piddir
EOF
}
if [[ -f $monitconfdir/jenkins ]]; then
#test for diff
if [[ "$(diff $monitconfdir/jenkins <(echo "\
check directory jenkins_piddir path /var/run/$jenkinsuser
if does not exist then exec \"$mkdir -p /var/run/$jenkinsuser\"
if failed uid $jenkinsuser then exec \"$chown $jenkinsuser /var/run/$jenkinsuser\"
if failed gid $jenkinsuser then exec \"$chown :$jenkinsuser /var/run/$jenkinsuser\"
check process jenkins with pidfile /var/run/$jenkinsuser/jenkins_jnlp_pid
start program = \"/usr/bin/sudo -u $jenkinsuser /bin/bash -c 'cd $jenkinshome; export started_monit=true; $0 $@' with timeout 60 seconds\"
stop program = \"/bin/bash -c '/bin/kill \$(/bin/cat /var/run/$jenkinsuser/jenkins_jnlp_pid)'\"
depends on jenkins_piddir\
") )" ]]; then
echo "Updating monit config..."
makemonit $@
fi
else
makemonit $@
fi
fi
if [[ $started_monit == "true" ]]; then
wget --timestamping https://build.opnfv.org/ci/jnlpJars/slave.jar && true
chown $jenkinsuser:$jenkinsuser slave.jar
if [[ -f /var/run/$jenkinsuser/jenkins_jnlp_pid ]]; then
echo "pid file found"
if ! kill -0 "$(/bin/cat /var/run/$jenkinsuser/jenkins_jnlp_pid)"; then
echo "no java process running cleaning up pid file"
rm -f /var/run/$jenkinsuser/jenkins_jnlp_pid;
else
echo "java connection process found and running already running quitting."
exit 1
fi
fi
if [[ $run_in_foreground == true ]]; then
$connectionstring
else
exec $connectionstring &
echo $! > /var/run/$jenkinsuser/jenkins_jnlp_pid
fi
else
echo "you are ready to start monit"
echo "eg: service monit start"
echo "example debug mode if you are having problems: /usr/bin/monit -Ivv -c /etc/monit.conf "
exit 0
fi
}
usage() {
cat << EOF
**this file must be copied to the jenkins home directory to work**
jenkins-jnlp-connect.sh configures monit to keep slave connection up
Checks for new versions of slave.jar
run as root to create pid directory and create monit config.
can be run as root additional times if you change variables and need to update monit config.
after running as root you should see "you are ready to start monit"
usage: $0 [OPTIONS]
-h show this message
-j set jenkins home
-u set jenkins user
-n set slave name
-s set secret key
-t test the connection string by connecting without monit
-f test firewall
Example: $0 -j /home/jenkins -u jenkins -n lab1 -s 727fdefoofoofoofoofoofoofof800
note: a trailing slash on -j /home/jenkins will break the script
EOF
exit 1
}
if [[ -z "$@" ]]; then
usage
fi
while getopts "j:u:n:s:htf" OPTION
do
case $OPTION in
j ) jenkinshome="$OPTARG" ;;
u ) jenkinsuser="$OPTARG" ;;
n ) slave_name="$OPTARG" ;;
s ) slave_secret="$OPTARG";;
h ) usage ;;
t ) started_monit=true
skip_monit=true
run_in_foreground=true ;;
f ) test_firewall ;;
\? ) echo "Unknown option: -$OPTARG" >&2; exit 1;;
esac
done
connectionstring="java -jar slave.jar -jnlpUrl https://build.opnfv.org/ci/computer/"$slave_name"/slave-agent.jnlp -secret "$slave_secret" -noCertificateCheck "
main "$@"
|