In this tutorial, we’ll use Ansible to automate the installation of Jenkins CI on a fresh Ubuntu 14.04 LTS and integrate it with the GitHub OAuth. Ansible will also assign the matrix based permission on the Jenkins like which github user or group(s) have what rights on the Jenkins. Beside that, it will also install the Apache which serves as frontend for all the Jenkins requests.
In short, in this tutorial we’ll do the following tasks using Ansible:
- Install the JAVA 7
- Install the mentioned version of Jenkins(in this case it will be 1.658)
- Install the desired plugins
- Install the Apache and configure it as frontend for Jenkins
- Install the SSL certificate for Apache Virtual Host that act as frontend for Jenkins
- Integrate the Jenkins with GitHub using OAuth for Authenication
- Configure the matrix based security using the github username or group
Without going into the further details let’s start, first we’ll create the GitHub OAuth credential for integration and for this using the below link(just replace your github Organization name):
In my case the organization name is “tendo-org“, so the name will be:
At the top of the page, under Organization applications, click Register new application.
- Under Application name, type the name that you would like to appear
- Under Homepage URL, type the URL of your Jenkins (either http or https)
- Under Authorization callback URL, type the URL of your Jenkins followed by /securityRealm/finishLogin
- Click Register application
Note the “Client ID” and “Client Secret” values that appear (we will need them later). Save in secure place and never share with anyone.
After creating the “Client ID” and “Client Secret” values, download this Repository from the GitHub:
git clone https://github.com/arbabnazar/ansible-jenkins.git
Open jenkins/defaults/main.yml and set the values for these variables:
GITHUB_ORG: Name of your GitHub Organization
GITHUB_CLINT_ID: OAuth Client ID that we have created above
GITHUB_SECRET_ID: OAuth Secret ID that we have created above
GITHUB_OAUTH_SCOPES: Scope of OAuth application
JENKINS_ADMIN_GROUP: GitHub group that can administrate the Jenkins
JENKINS_DEVELOPER_GROUP: GitHub group that is allowed to use this Jenkins(all job or one based on permission)
Then open apache/defaults/main.yml and set the values of these variables:
Once you are all set with the variables, then run this command:
ansible-playbook -i "jenkins.rbgeek.com," jenkins.yml -u arbabnazar
Note: Please don’t forget to change arbabnazar with your username and jenkins.rbgeek.com with your hostname
After successful completion of these tasks:
Open your Jenkins url in browser(in my case it is jenkins.rbgeek.com) and click on Log in, it will redirect you to the GitHub:
Enter your github username and password:
It will ask for Authorization:
Once you done, it will take you back to the Jenkins:
Hope this will help you!
Please Remember me in your prayers!