GitHub puppet-jenkins

Puppet module for Jenkins

Pull Request (PR) description

When updating credentials or using the puppet debug flag credentials leak to the puppet log.
This PR is an attempt to avoid this without requiring the user to apply the Sensitive data type to all parameters.

This is incomplete, see the last commit message for details. Sharing here in case anyone has time to dig into it.

This PR adds support for OpenId Connect Authentication https://plugins.jenkins.io/oic-auth/ securityRealm.

I am not very happy with the use of the "Boolean:" construct that i added for boolean parameters.
This was necessary because one of the parameters for the OicSecurityRealm constructor is a classed Boolean opposed to all others being primitive booleans. I am not very fluent in Java so i did not know how to solve this a different way. If anyone can provide a more elegant way around this issue i would love to change it.

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

Breaking change for existing instances.
This PR is designed to refactor the "master" and "slave" terminology used by the puppet-jenkins module to be more inclusive, more appropriate and as per the newer stance on this terminology by Jenkins. Replacing these terms with the Jenkins preferred "controller" and "agent" terminology as noted by Marky Jackson in 2020 - https://www.jenkins.io/blog/2020/06/18/terminology-update/

This is a fantastic module and it is a real shame it still uses this terminology (master / slave), whilst valid for describing the technical relationship between the components and has historically been used across a wide array of software and technology, it doesn't provide a great outcome for the people side of IT and development, and some individuals may be offended or feel strongly against this as it isn't a favorable term based on it's history. As a member of a progressive university, I believe it is my social responsibility to enact change where I am able to, a few of my colleagues also raised similar issues with the naming convention hence why I've spent the time to refactor the code.

The change is a significant change to the module from a naming perspective, however it should be possible to refactor the references in one's code base to then move / recreate the appropriate directory to use this new version. All internal Jenkins calls to ie sshslaves have been left in tact as changes cannot be made to these elements without breaking the module.

PS C:\devel\puppet-jenkins> bundle exec rake validate
ruby -c lib/facter/jenkins.rb
Syntax OK
ruby -c lib/puppet/jenkins/plugins.rb
Syntax OK
ruby -c lib/puppet/jenkins.rb
Syntax OK
ruby -c lib/puppet/parser/functions/jenkinsport.rb
Syntax OK
ruby -c lib/puppet/parser/functions/jenkinsprefix.rb
Syntax OK
ruby -c lib/puppet/provider/jenkinsagentport/cli.rb
Syntax OK
ruby -c lib/puppet/provider/jenkinsauthorizationstrategy/cli.rb
Syntax OK
ruby -c lib/puppet/provider/jenkinscredentials/cli.rb
Syntax OK
ruby -c lib/puppet/provider/jenkinsjob/cli.rb
Syntax OK
ruby -c lib/puppet/provider/jenkinsnumexecutors/cli.rb
Syntax OK
ruby -c lib/puppet/provider/jenkinssecurityrealm/cli.rb
Syntax OK
ruby -c lib/puppet/provider/jenkinsuser/cli.rb
Syntax OK
ruby -c lib/puppet/type/jenkinsagentport.rb
Syntax OK
ruby -c lib/puppet/type/jenkinsauthorizationstrategy.rb
Syntax OK
ruby -c lib/puppet/type/jenkinscredentials.rb
Syntax OK
ruby -c lib/puppet/type/jenkinsjob.rb
Syntax OK
ruby -c lib/puppet/type/jenkinsnumexecutors.rb
Syntax OK
ruby -c lib/puppet/type/jenkinssecurityrealm.rb
Syntax OK
ruby -c lib/puppet/type/jenkinsuser.rb
Syntax OK
ruby -c lib/puppet/x/jenkins/config.rb
ruby -c lib/puppet/x/jenkins/provider/cli.rb
Syntax OK
ruby -c lib/puppet/x/jenkins/provider.rb
Syntax OK
ruby -c lib/puppet/x/jenkins/type/cli.rb
Syntax OK
ruby -c lib/puppet/x/jenkins/type.rb
Syntax OK
ruby -c lib/puppet/x/jenkins/util.rb
Syntax OK
ruby -c lib/puppet/x/jenkins.rb
Syntax OK
---> syntax:manifests
---> syntax:templates
---> syntax:hiera:yaml
PS C:\devel\puppet-jenkins> bundle exec rake rubocop
Running RuboCop...
Inspecting 86 files
......................................................................................

86 files inspected, no offenses detected

Thanks heaps for taking the time to review this module and any issues or concerns, please reach out and I'd be happy to update them asap! If there are any internal references that need to remain, please fix them or tell me to fix them :)

This Pull Request (PR) fixes the following issues

N/A - No fixes, "master" and "slave" terminology refactored to "controller" and "agent"

modulesync 5.3.0

includes: #1092

…t runs

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

Passes credentials to jenkins-cli as environement variables by default so passwords aren't visible in the output of ps during puppet agent runs.

This Pull Request (PR) fixes the following issues

Not sure if this has an associated issue

Compatibility with plugin cloudbees-folder'

Pull Request (PR) description

This PR provides the ability to manage elements of type/plugin 'cloudbees-folder'. In this case the name of the job could include slashes for subfolders. So the slashes in the job name have to be replaced by underscore for the temporary created file used for the jenkins api. Also the slashes have to replaced by '/jobs/' for the config.xml of a job while deleting the job via the jenkins api.

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

Fixing problem of xml header. Restarting Jenkins service is adding this header.

Pull Request (PR) description

There is no possible to achieve the desired state by Puppet because the content of proxy.xml file is missing the XML header.
After restarting the Jenkins service the header is added automatically. So, there is a fight between the proxy template and Jenkins service.

diff
Notice: /Stage[main]/Jenkins::Proxy/File[/var/lib/jenkins/proxy.xml]/content:
--- /var/lib/jenkins/proxy.xml 2023-10-10 09:34:29.396190879 +0200
+++ /tmp/puppet-file20231010-27492-128ipzr 2023-10-10 09:36:37.746168509 +0200
@@ -1,5 +1,4 @@
-<?xml version='1.1' encoding='UTF-8'?>
<proxy>
<name>company.com</name>
<port>9443</port>
-</proxy>
\ No newline at end of file
+</proxy>


Pull Request (PR) description
This PR changes the jenkins_plugins fact from a simple string value to a structured fact to avoid the error about a fact value being too long.

This Pull Request (PR) fixes the following issues
Fixes https://github.com/voxpupuli/puppet-jenkins/issues/1048

Maybe this gives too much information as the Hash contains much more than the name and version number that was in the 'old' fact.

It could easily be reduced to only some keys.


"jenkins_plugins": {
"blueocean-dashboard": {
"manifest_version": "1.0",
"archiver_version": "Plexus Archiver",
"created_by": "Apache Maven",
"built_by": "olamy",
"build_jdk": "11.0.13",
"extension_name": "blueocean-dashboard",
"specification_title": "The Jenkins Plugins Parent POM Project",
"implementation_title": "blueocean-dashboard",
"implementation_version": "1.25.2",
"group_id": "io.jenkins.blueocean",
"short_name": "blueocean-dashboard",
"long_name": "Dashboard for Blue Ocean",
"url": "https://github.com/jenkinsci/blueocean-plugin/blob/master/blueoce",
"minimum_java_version": "1.8",
"plugin_version": "1.25.2",
"hudson_version": "2.277.4",
"jenkins_version": "2.277.4",
"plugin_dependencies": "blueocean-web:1.25.2",
"plugin_developers": "Thorsten Iberian Sumurai:scherler:,Cliff Meyers:cli",
"support_dynamic_loading": "true",
"plugin_license_name": "MIT License",
"plugin_license_url": "https://opensource.org/licenses/MIT",
"plugin_scmurl": "https://github.com/jenkinsci/blueocean-plugin/blueocean"
},
"blueocean-autofavorite": {
"manifest_version": "1.0",
"archiver_version": "Plexus Archiver",
"created_by": "Apache Maven",
"built_by": "gmogan",
"build_jdk": "1.8.0_192",
"extension_name": "blueocean-autofavorite",
"specification_title": "Automatically favorites multibranch pipeline jobs",
"implementation_title": "blueocean-autofavorite",
"implementation_version": "1.2.4",
"group_id": "org.jenkins-ci.plugins",
"short_name": "blueocean-autofavorite",
"long_name": "Autofavorite for Blue Ocean",
"url": "https://wiki.jenkins-ci.org/display/JENKINS/Blue+Ocean+Autofavori",
"minimum_java_version": "1.8",
"plugin_version": "1.2.4",
"hudson_version": "2.121.1",
"jenkins_version": "2.121.1",
"plugin_dependencies": "workflow-job:2.32,branch-api:2.0.11,git-client:2.",
"plugin_developers": "James Dumay:jdumay:jdumay@cloudbees.com"
},
"blueocean": {
"manifest_version": "1.0",
"archiver_version": "Plexus Archiver",
"created_by": "Apache Maven",
...
...


<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

<!--
Replace this comment with a description of your pull request.
-->

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->

Pull Request (PR) description

The jenkins::service class is not included when $jenkins::manage_service is false. We should not try to restart it in the proxy class if we're not managing it.

https://forge.puppet.com/modules/puppetlabs/firewall/readme#migration-path-to-v700

The action attribute within the firewall type has been removed as it was merely a restricted version of the jump attribute, both of them managing the same function, this being reasoned as a way to enforce the use of generic parameters. From this point the parameters formerly unique to action should now be passed to jump.

<!--
Thank you for contributing to this project!

• This project has a Contributor Code of Conduct: https://voxpupuli.org/coc/
• Please check that here is no existing issue or PR that addresses your problem.
• Our vulnerabilities reporting process is at https://voxpupuli.org/security/

-->

Pull Request (PR) description

<!--
Replace this comment with a description of your pull request.
-->

This Pull Request (PR) fixes the following issues

<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->