I am in the process of migrating an application that needs a running Jenkins instance on the same server.
The deployment of the application happens through Ansible. In the steps, there is a requirement for Jenkins keys and repo.
Snippet from Ansible deploy.yaml :
name: Jenkins Repo Key
apt_key:
url: "http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key"
state: present
name: Jenkins Repo
apt_repository:
repo: "deb http://pkg.jenkins-ci.org/debian binary/"
state: present
name: Install Apt packages
apt:
state: present
name: "{{ item }}"
with_items:
- mysql-server
- python-mysqldb
- build-essential
- jenkins
- git
- moreutils
Recently, the repo HTTP URLs have been moved to HTTPS URLs. To access those, we need to update our ca-certificates. The problem is, the application is really old ( running on ubuntu version 14.04 ) and it's a pain to update the certificates.
New Https URLs: https://pkg.jenkins.io/debian/jenkins.io.key https://pkg.jenkins.io/debian
Note that we are able to run the application after disabling SSL for the server, and also if the steps [Jenkins Repo Key] and [Jenkins Repo] are commented. I do not know yet the impact of this on the application.
If Jenkins is already installed on the server, are these keys necessary for the application, as per the ansible steps? Can someone please explain what these are for? I have already almost completed the migration, and do not want to move to a higher version of ubuntu only because of this reason, given the project deadlines.
