WIP: feat(jenkins): add role to deploy jenkins

README.md

@@ -4,4 +4,6 @@
 
 ## Roles
 
+- [jenkins](roles/jenkins/README.md): Deploy [jenkins](https://jenkins.io), the self-proclaimed 'leading open source automation server'.
+
 ## License

playbooks/jenkins.yml

@@ -0,0 +1,6 @@
+---
+- name: Install and configure jenkins
+  hosts: "{{ jenkins_hosts | default('jenkins', true) }}"
+  become: "{{ jenkins_become | default(true, true) }}"
+  roles:
+    - role: finallycoffee.cicd.jenkins

roles/jenkins/README.md

@@ -0,0 +1,3 @@
+# `finallycoffee.cicd.jenkins` ansible role
+
+Deploy and configure [Jenkins](https://jenkins.io) using ansible.

roles/jenkins/defaults/main/container.yml

@@ -0,0 +1,50 @@
+---
+jenkins_container_name: "jenkins"
+jenkins_container_image: >-2
+  {{
+    [
+      jenkins_container_image_repository,
+      jenkins_container_image_tag
+        | default(
+          jenkins_version + (
+            ((jenkins_container_image_flavour is string)
+              and (jenkins_container_image_flavour | length > 0))
+            | ternary(
+              '-' + jenkins_container_image_flavour | default('', true),
+              ''
+            )
+          ),
+          true
+        )
+    ] | join(':')
+  }}
+jenkins_container_image_registry: docker.io
+jenkins_container_image_namespace: jenkins
+jenkins_container_image_name: jenkins
+jenkins_container_image_repository: >-2
+  {{
+    [
+      jenkins_container_image_registry | default([], true),
+      jenkins_container_image_namespace | default([], true),
+      jenkins_container_image_name
+    ] | flatten | join('/')
+  }}
+jenkins_container_image_source: "pull"
+jenkins_container_image_force_source: >-2
+  {{ jenkins_container_image_tag | default(true, true) }}
+jenkins_container_image_tag: ~
+jenkins_container_image_flavour: "jdk17"
+
+jenkins_container_env: ~
+jenkins_container_ports: ~
+jenkins_container_state: >-2
+  {{ (jenkins_state == 'present') | ternary('started', 'absent') }}
+jenkins_container_networks: ~
+jenkins_container_etc_hosts: ~
+jenkins_container_base_volumes:
+  - "{{ jenkins_home_path }}:/var/jenkins_home"
+jenkins_container_volumes: ~
+jenkins_container_all_volumes: >-2
+  {{ jenkins_container_base_volumes | default([], true)
+     + jenkins_container_volumes | default([], true) }}
+jenkins_container_restart_policy: "on-failure"

roles/jenkins/defaults/main/main.yml

@@ -0,0 +1,12 @@
+---
+jenkins_user: "jenkins"
+jenkins_versions:
+  lts: "2.479.3"
+  weekly: "2.496"
+jenkins_version_channel: "lts"
+jenkins_version: "{{ jenkins_versions[jenkins_version_channel] }}"
+
+jenkins_state: present
+jenkins_deployment_method: docker
+
+jenkins_home_path: "/var/lib/jenkins"

roles/jenkins/tasks/check.yml

@@ -0,0 +1,23 @@
+---
+- name: Ensure 'jenkins_state' is valid
+  ansible.builtin.fail:
+    msg: >-2
+      Unsupported jenkins_state '{{ jenkins_state }}'.
+      Supported values are: {{ jenkins_states | join(',') }}
+  when: jenkins_state not in jenkins_states
+
+- name: Ensure 'jenkins_deployment_method' is valid
+  ansible.builtin.fail:
+    msg: >-2
+      Unsupported jenkins_deployment_method '{{ jenkins_deployment_method }}'.
+      Supported values are: {{ jenkins_deployment_methods | join(',') }}
+  when: jenkins_deployment_method not in jenkins_deployment_methods
+
+- name: Ensure 'jenkins_version_channel' is valid
+  ansible.builtin.fail:
+    msg: >-2
+      Unsupported jenkins_version_channel '{{ jenkins_version_channel }}'.
+      Supported values are: {{ jenkins_version_channels | join(',')  }}
+  when: jenkins_version_channel not in jenkins_version_channels
+
+

roles/jenkins/tasks/deploy-docker.yml

@@ -0,0 +1,18 @@
+---
+- name: Ensure jenkins container image '{{ jenkins_container_image }}' is {{ jenkins_state }}
+  community.docker.docker_image:
+    name: "{{ jenkins_container_image }}"
+    state: "{{ jenkins_state }}"
+    source: "{{ jenkins_container_image_source }}"
+    force_source: "{{ jenkins_container_image_force_source }}"
+
+- name: Ensure jenkins container '{{ jenkins_container_name }}' is {{ jenkins_container_state }}
+  community.docker.docker_container:
+    name: "{{ jenkins_container_name }}"
+    image: "{{ jenkins_container_image }}"
+    env: "{{ jenkins_container_env | default(omit, true) }}"
+    ports: "{{ jenkins_container_ports | default(omit, true) }}"
+    networks: "{{ jenkins_container_networks | default(omit, true) }}"
+    volumes: "{{ jenkins_container_all_volumes }}"
+    restart_policy: "{{ jenkins_container_restart_policy }}"
+    state: "{{ jenkins_container_state }}"

roles/jenkins/tasks/main.yml

@@ -0,0 +1,21 @@
+---
+- name: Ensure role arguments are valid
+  ansible.builtin.include_tasks:
+    file: "check.yml"
+
+- name: Ensure jenkins user '{{ jenkins_user }}' is {{ jenkins_state }}
+  ansible.builtin.user:
+    name: "{{ jenkins_user }}"
+    state: "{{ jenkins_state }}"
+    system: true
+  register: jenkins_user_info
+
+- name: Ensure jenkins home '{{ jenkins_home_path }}' is {{ jenkins_state }}
+  ansible.builtin.file:
+    path: "{{ jenkins_home_path }}"
+    state: "{{ (jenkins_state == 'present') | ternary('directory', 'absent') }}"
+    mode: "{{ jenkins_home_path_mode | default('0750', true) }}"
+
+- name: Ensure jenkins is deployed using {{ jenkins_deployment_method }}
+  ansible.builtin.include_tasks:
+    file: "deploy-{{ jenkins_deployment_method }}.yml"

roles/jenkins/vars/main.yml

@@ -0,0 +1,8 @@
+---
+jenkins_states:
+  - absent
+  - present
+jenkins_deployment_methods:
+  - docker
+jenkins_version_channels: >-2
+  {{ (jenkins_versions.keys()) | list }}