jenkins.yml

---
- hosts: jenkins
  vars_files:
    - "group_vars/all.yml"
    - "group_vars/java.yml"
    - "group_vars/jenkins.yml"

  pre_tasks:
    - name: system update
      ansible.builtin.dnf:
        name: '*'
        state: latest
    - name: Install dependencies
      package:
        name:
          - git
          - virtualenv
          - python3
          - rsync
      become: true
      when: ansible_os_family == 'Debian'
    - name: Install dependencies
      package:
        name:
          - git
          - python3-virtualenv
          - python3
          - rsync
        state: present
      become: true
      when: ansible_os_family == 'RedHat' and ansible_distribution_major_version | int == 8
    - name: Install dependencies
      package:
        name:
          - git
          - libcurl-devel
          - python-devel
          - rsync
          - java-17-openjdk
          - python3.9
        state: present
      become: true
      when: ansible_os_family == 'RedHat' and ansible_distribution_major_version | int == 9
    - name: Set default version of Python
      ansible.builtin.alternatives:
        name: python
        path: /usr/bin/python3
        link: /usr/bin/python
    - name: Get Java version name
      ansible.builtin.find:
        path: /usr/lib/jvm
        recurse: false
        pattern: 'java-17-openjdk-17*'
      register: java17
    - name: Create a symbolic link for Java for Jenkins
      ansible.builtin.file:
        src: "{{ java17.files[0].path }}"
        dest: /usr/lib/jvm/java-17-openjdk
        owner: root
        group: root
        state: link
    - name: Ensure SELinux is set to enforcing mode
      ansible.builtin.lineinfile:
        path: /etc/selinux/config
        regexp: '^SELINUX='
        line: SELINUX=enforcing

  post_tasks:
    - name: Set default version of Java
      ansible.builtin.alternatives:
        name: java
        link: /usr/bin/java
        path: /usr/lib/jvm/java-17-openjdk/bin/java

    - name: Download packer
      ansible.builtin.command: yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo

    - name: Extract packer
      ansible.builtin.yum:
        name: packer

    - name: Adding existing user centos to group kvm
      ansible.builtin.user:
        name: centos
        groups: kvm
        append: yes

    - name: Set authorized key taken from var
      ansible.posix.authorized_key:
        user: centos
        state: present
        key: "{{ jenkins_public_ssh_key }}"
    - name: DNF Autoremove
      ansible.builtin.dnf:
        autoremove: yes
        enablerepo: "*"
      when: ansible_os_family == 'RedHat'

  roles:
    - role: usegalaxy_eu.handy.os_setup
      vars:
        enable_powertools: true
        enable_install_software: true
        enable_grub: true
        enable_kernel_5: true

    - geerlingguy.repo-epel # Install EPEL
    - usegalaxy-eu.autoupdates  # keep all of our packages up to date
    - usegalaxy-eu.dynmotd
    - geerlingguy.java
    - geerlingguy.docker
    - influxdata.chrony
    - usegalaxy-eu.telegraf
    - galaxyproject.miniconda