Home Admin Jenkins Setup on Os X server

Jenkins Setup on Os X server

Posted on by Olivier No Comments ↓

Jenkins Os X – 3nd install

this time no jenkins group => using munki

1 Create jenkins Home Dir & log dirs

1.1 Create the jenkins folder + the Home folder

sudo su - jenkins

mkdir -p /Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins/Home

1.2 Apply ownership

find "/Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins" \( -not -user jenkins -or -not -group munki \) -print0 | xargs -0 chown jenkins:munki

1.3 Create log folder

mkdir /var/log/jenkins
touch /var/log/jenkins/jenkins.log
touch /var/log/jenkins/jenkins_error.log
chown -R jenkins:munki /var/log/jenkins

1.4 Apply ownership

chown -R jenkins:munki /var/log/jenkins

1.5 create symlinks for some command line tools (optional)

Home dir symlink creation

Jenkins has its user dir at /Users/Shared/Jenkins. Some command line tools assumes that home dir is at /Users/jenkins. You have to make symlink:

sudo ln -s /Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins /Users/jenkins
sudo chown jenkins:jenkins /Users/jenkins

Note: finally Doing so seems to help to get correct paths.
also note I changed jenkins home jenkins.war to reflect actual path. see 5.1! I did both actions together so not sure wich one or if both did the trick.

Obviously giving the correct path seems logic to me ;)

2 Create jenkins User & Group

  • used system Prefs
  • Edit user to be in group jenkins
  • Edit user to have NFSHomedir in /Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins

3 jenkins install via brew

brew install jenkins

==> Downloading http://mirrors.jenkins-ci.org/war/1.534/jenkins.war
######################################################################## 100.0%
==> Caveats
To have launchd start jenkins at login:
ln -sfv /usr/local/opt/jenkins/*.plist ~/Library/LaunchAgents
Then to load jenkins now:
launchctl load ~/Library/LaunchAgents/homebrew.mxcl.jenkins.plist
Or, if you don't want/need launchctl, you can just run:
java -jar /usr/local/opt/jenkins/libexec/jenkins.war
==> Summary
/usr/local/Cellar/jenkins/1.534: 3 files, 60M, built in 77 seconds
3.1 Important Note ! :

Don’t run “manually”

java -jar /usr/local/opt/jenkins/libexec/jenkins.war

as stated by brew after the install.

It has messed things up for me.

I noticed than if I launched it as my current user, it creates a .jenkins folder inside the current user (the one than runs the java jar).
AND it then configure user.home varaible with the user and not jenkins.

I would not try either as logged in as jenkins user.
Tried it too, it made the .jenkins folder inside the jenkins home dir.
We don’t want that as we edited plist and .sh scripts with variables.

Note : I may be wrong as .jenkins seems to be needed anyway. and it’s been recreated in my home dir ?

3.2 Important Note bis :

Concerning the LaunchAgent from brew. Just leave it, and follow on, as other have done work before and we can use that instead as it is more suited.

4 jenkins Setting-Up Defaults

With sudo

defaults write /Library/Preferences/org.jenkins-ci war "/usr/local/opt/jenkins/libexec/jenkins.war"

defaults write /Library/Preferences/org.jenkins-ci heapSize 512m

defaults write /Library/Preferences/org.jenkins-ci httpListenAddress 127.0.0.1

defaults write /Library/Preferences/org.jenkins-ci httpPort 8080

defaults write /Library/Preferences/org.jenkins-ci permGen 256m

defaults write /Library/Preferences/org.jenkins-ci JENKINS_HOME "/Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins/Home"

Will create the plist preferences file:

/Library/Preferences/org.jenkins-ci

5 jenkins App support script

sudo cp /Volumes/DEPLOY_IMAGES/DEPLOYBUILDS_DEV/APPLICATIONS_DEV_git/jenkins_stuff/LIBRARY_APPSUP_JENKINS/jenkins-runner.sh /Library/Application\ Support/jenkins/jenkins-runner.sh

sudo chown root:wheel /Library/Application\ Support/jenkins/jenkins-runner.sh && chmod 644 /Library/Application\ Support/jenkins/jenkins-runner.sh

/Library/Application Support/jenkins/jenkins-runner.sh

5.1 Note :

On Line 15-16 Path /Applications/jenkins/jenkins.war is wrong.

change

#war=`$defaults war` || war="/Applications/jenkins/jenkins.war"

to

war=`$defaults war` || war="/usr/local/opt/jenkins/libexec/jenkins.war"

6 jenkins launchAgent

Copy the file

sudo cp /Volumes/DEPLOY_IMAGES/DEPLOYBUILDS_DEV/APPLICATIONS_DEV_git/jenkins_stuff/LIBRARY_LaunchAgent/org.jenkins-ci.plist /Library/LaunchAgents/org.jenkins-ci.plist

Apply root ownership and chmod 644

PLIST='/Library/LaunchAgents/org.jenkins-ci.plist'; chown root:wheel $PLIST && chmod 644 $PLIST

/Library/LaunchAgents/org.jenkins-ci.plist

Finally let’s launch this:

WARNING be sure to be the jenkins user at any time you need to start and stop – no being so made errors on errors after updates or with java launched by me and notjenkins ????
didn’t get why – took me hours to figure out what was braking, notwhat but why. Please note also that I don’t know shit about java at all. Well I know that I worked on the National French Launch of Java back in the days I was working in an agency ;)

launchctl load -w /Library/LaunchAgents/org.jenkins-ci.plist

Go to http://127.0.0.1:8080

Success

launchd is ok

Note : you WANT to make a backup of the full jenkins directory (or not)

I use CarbonCopyCloner: easy GUI, fast cloning.

7 Setup Security once on the homepage

Setting up Security

http://127.0.0.1:8080/configureSecurity/?

7.1 step1 Security Realm

Security Realm

Choosed to UNIX user/group db (aka system)

  • Delegate to servlet container
  • Jenkins’s own user database
  • LDAP
  • Unix user/group database

change only this then apply and test if you can login !
If ok, then we can go on and change Authorization

Later on we’ll try to add LDAP support

  • Ok Success for me I now have the log in menu.
  • logged as jenkins ok

7.1 step2 Authorization

Authorization

Choosed: Logged-in users can do anything

  • Anyone can do anything
  • Legacy mode
  • Logged-in users can do anything
  • Matrix-based security
  • Project-based Matrix Authorization Strategy

Ok Success for me I now have the log in menu

8 Configure from within the webapp

from

http://ameba.apphance.com/introduction/hello-continuous-integration/osx-server/continuous-integration-server

go there

http://127.0.0.1:8080/configure

in GLobal Properties

check Environment variables

name: OSX_KEYCHAIN_LOCATION
value: /Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins/Library/Keychains/login.keychain

name: OSX_KEYCHAIN_PASSWORD
value: jenkins

Note:
  • For now no keychain exists yet.
  • We could use the security commandline to create one, I’ll deal later with this in case we (an app) need it.

9 jenkins ssh-keygen

I want jenkins to be able to do commits with git
(not done yet)

so let’s prepare the work

  • Create .ssh dir
  • Create the file known_hosts
  • Create id_rsa (and then add the public key to your gitlab)

let’s go

sudo su - jenkins
pwd

check we’re in jenkins home

mkdir .ssh
touch .ssh/known_hosts
cd .ssh ; ls -la
ssh-keygen -t rsa -C "moc.l1597404329iamee1597404329mos@s1597404329nikne1597404329j1597404329"
Note:

I copied my own known_hosts to get things faster.

10 Start and stop jenkins

with launchctl (launchd)

Do it as jenkins user

launchctl stop org.jenkins-ci

to stop

launchctl stop org.jenkins-ci

or you might want to unload

launchctl unload -w /Library/LaunchAgents/org.jenkins-ci.plist

to start again

(if you unloaded)

launchctl load -w /Library/LaunchAgents/org.jenkins-ci.plist

or start

launchctl start org.jenkins-ci

from web interface:

http://127.0.0.1:8080/restart

http://127.0.0.1:8080/exit

Success

jenkins is ok

Note : you WANT to make a backup of the full jenkins directory (or not)

I use CarbonCopyCloner: easy GUI, fast cloning.

11 jenkins Updates

*nix/Mac Auto-Upgrade With Container
If you run Jenkins with java -jar jenkins.war, Jenkins will be able to update itself from the Manage Jenkins page. This is the simplest way to do automatic upgrades.

If you've installed via the OS X installer, the 'jenkins' running the process does not own the .war file. To get auto-upgrade working, just fix the permissions so the jenkins user can write the WAR (in /Applications/Jenkins).

Finnaly got it to work with a simple brew update jenkins !

Quick tip:

  • unload jenkins (from jenkins user!)
  • brew update
  • brew switch
  • load jenkins
  • go back to webapp, let jenkins works and restart
  • you (should be) good to go!

• we need to stop jenkins with launchctl

sudo launchctl unload -w /Library/LaunchAgents/org.jenkins-ci.plist

• do the switch (or install? or upgrade then switch)

brew switch jenkins 1.535

• reboot — no need to reboot when properly configured :)

• start jenkins again

sudo launchctl load -w /Library/LaunchAgents/org.jenkins-ci.plist

12 reimport olders jobs

I screwed my first and second setups, (and finally it was good on my third attempt, see 3.1)

sudo su - jenkins
cp -R /Volumes/DEPLOY_IMAGES/DEPLOYBUILDS_DEV/APPLICATIONS_DEV_git/jenkins_stuff/1st_setup_jobs.backup/jobs/* /Volumes/DEPLOY_IMAGES/DEPLOYMENT_STAGE/jenkins/Home/jobs/
  • go back to webapp
  • ==> Manage Jenkins ==> Reload Configuration from Disk

Tada ! All my jobs are here.

Importing old jobs is successfull.

Now let’s see if they are still working as I did not add environment variables for autopkg (will see if needed in a minute)

Had Failures as I said (permissions pb on autopkg and/or munki repo)
from my experience, Autopkg Cache and recipes must be owned by jenkins. if owned by “me” even with munki group it’s a no go.

So I add my user to the munki group. maybe will add some ACLS if needed to get reed of that annoying stuff.

a. /Library/AutoPkgs -> jenkins:munki
/Library/AutoPkgs

Permissions ok (jenkins:munki), so not that.

cp -R /Volumes/DEPLOY_IMAGES/DEPLOYBUILDS_DEV/APPLICATIONS_DEV_git/jenkins_stuff/com.github.autopkg.* /Users/jenkins/Library/Preferences/
b. munkirepo -> myaccount:munki

Check the munki repo premissions (I deleted jenkins user lots of time and changed UID sometimes too)

cd /Volumes/DEPLOY_IMAGES/DEPLOYBUILDS_DEV/
sudo chown -R localadminoem:munki MUNKI_REPO_MASTER

Failure again with jenkins User

c. autopkg from jenkinsuser

Failure from within jenkins user, success from current user (me). Seems to be Autopkg config problems .

sudo su - jenkins

Assuming you are in jenkins homedir

sudo chown -R jenkins:munki .
chmod -R g+xa .

move to Autopkg in ~homedir.

cd Library/AutoPkg

ln -s /Library/AutoPkg/Cache .
ln -s /Library/AutoPkg/RecipeRepos .
ls -l
lrwxr-xr-x  1 jenkins  staff  22 Oct 16 18:03 Cache -> /Library/AutoPkg/Cache
lrwxr-xr-x  1 jenkins  staff  28 Oct 16 18:03 RecipeRepos -> /Library/AutoPkg/RecipeRepos

OR you could just configure from jenkins user (RTFM)

defaults write com.github.

now run the “jenkins command” manually in the terminal.

macpro:Cache jenkins$ /usr/local/bin/autopkg run --search-dir=/Library/AutoPkg/RecipeRepos/com.github.autopkg.recipes/ Cyberduck.munki
Processing Cyberduck.munki...

Nothing downloaded, packaged or imported.

No errors, all is fine now.

note the result just indicate ther is no new updates

See this post for autopkg command syntax
http://oemden.com/?p=203

Next, I’ll have to get git working with gitlab.

Some usefull links

That helped me out in my quest

http://www.halyph.com/2013/03/jenkins-on-mac-os-x-tips-and-tricks.html

http://blog.laurent.etiemble.com/index.php?post/2011/10/02/How-to-upgrade-Jenkins-on-Mac-OS-X-%28daemon-mode%29

Olivier
About

Product and graphic designer turned to be a Mac SysAdmin.

Posted in Admin, Deploy, Mac Tagged with: , , , , , , , ,
0 comments on “Jenkins Setup on Os X server
1 Pings/Trackbacks for "Jenkins Setup on Os X server"
  1. autopkg on Os X Server 10.8.5 | oemden says:
    2013/10/27 at 21:21

    […] Jenkins setup on Os X server Jenkins setup on Os X server […]

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>