From b3fdc7a72b689064a231eb198a40597f01b54b58 Mon Sep 17 00:00:00 2001 From: David Roble Date: Fri, 9 Feb 2018 15:08:03 -0500 Subject: [PATCH] Added ability to copy the update_center_certificate from a remote source. --- cinch/roles/jenkins_master/defaults/main.yml | 10 ++++++++++ cinch/roles/jenkins_master/tasks/plugins.yml | 1 + 2 files changed, 11 insertions(+) diff --git a/cinch/roles/jenkins_master/defaults/main.yml b/cinch/roles/jenkins_master/defaults/main.yml index 52dd2a0..2c6f7a3 100644 --- a/cinch/roles/jenkins_master/defaults/main.yml +++ b/cinch/roles/jenkins_master/defaults/main.yml @@ -13,6 +13,16 @@ update_centers: - id: default url: "https://updates.jenkins-ci.org/{{ jenkins_uc_version }}/update-center.json" +# If necessary, you may upload an update center certificate file by defining +# a local filesystem path to the certificate on the the system running Ansible. +# This is not necessary for the upstream Jenkins update center, but may be +# useful for deployments where custom downstream update centers are in use. +#update_center_certificate: /tmp/plugin-data/redhat-update-center.crt +# If update_center_certificate is defined, you may wish to override the default +# behavior of uploading the certificate from the local system running Ansible +# and instead copy the file from a location on the remote Jenkins master to the +# proper destination in JENKINS_HOME by setting this variable to true: +update_center_certificate_remote_src: false # If set to true, Jenkins will be run over HTTPS. If you set this value to true, # you can override jenkins_ssl_cert and jenkins_ssl_key if you want to use custom # SSL certificate, otherwise a self signed certificate will be used. diff --git a/cinch/roles/jenkins_master/tasks/plugins.yml b/cinch/roles/jenkins_master/tasks/plugins.yml index 47ca973..6a92756 100644 --- a/cinch/roles/jenkins_master/tasks/plugins.yml +++ b/cinch/roles/jenkins_master/tasks/plugins.yml @@ -21,6 +21,7 @@ copy: src: "{{ update_center_certificate }}" dest: "{{ jenkins_home }}/update-center-rootCAs/update-center.crt" + remote_src: "{{ update_center_certificate_remote_src }}" owner: jenkins group: jenkins notify: restart Jenkins