Switch jenkins.openstack.org to a snakeoil cert

The SSL cert for jenkins.openstack.org was obtained in 2013 when
this interface was more heavily used by our developer community.
Since then we've rolled out 7 additional Jenkins masters and so this
is no longer a useful primary reference. The only real need for
authenticated connections to its WebUI at this point is systems
administrators performing maintenance and minimal local
configuration, for which ToFU of a self-signed cert is sufficient.

Change-Id: Ibf95983a2ac76c2e9e39bcfc99643e3cac401245
This commit is contained in:
Jeremy Stanley 2015-07-16 19:54:21 +00:00
parent 1faaa18139
commit cddd9e6265
2 changed files with 3 additions and 4 deletions

View File

@ -134,9 +134,9 @@ node 'jenkins.openstack.org' {
project_config_repo => 'https://git.openstack.org/openstack-infra/project-config', project_config_repo => 'https://git.openstack.org/openstack-infra/project-config',
jenkins_jobs_password => hiera('jenkins_jobs_password', 'XXX'), jenkins_jobs_password => hiera('jenkins_jobs_password', 'XXX'),
jenkins_ssh_private_key => hiera('jenkins_ssh_private_key_contents', 'XXX'), jenkins_ssh_private_key => hiera('jenkins_ssh_private_key_contents', 'XXX'),
ssl_cert_file_contents => hiera('jenkins_ssl_cert_file_contents', 'XXX'), ssl_cert_file => '/etc/ssl/certs/ssl-cert-snakeoil.pem',
ssl_key_file_contents => hiera('jenkins_ssl_key_file_contents', 'XXX'), ssl_key_file => '/etc/ssl/private/ssl-cert-snakeoil.key',
ssl_chain_file_contents => hiera('jenkins_ssl_chain_file_contents', 'XXX'), ssl_chain_file => '',
} }
} }

View File

@ -3,7 +3,6 @@ etherpad.openstack.org 443
git.openstack.org 443 git.openstack.org 443
groups.openstack.org 443 groups.openstack.org 443
groups-dev.openstack.org 443 groups-dev.openstack.org 443
jenkins.openstack.org 443
openstackid.org 443 openstackid.org 443
openstackid-dev.openstack.org 443 openstackid-dev.openstack.org 443
review.openstack.org 443 review.openstack.org 443