Update Vagrantfiles for dogwood.3

Builds are failling because ffi.h is not installed

We're not yet sure what changed, but something between Friday morning's
patchset release and this afternoon's rc cut.

Pin things installed by devstack and fullstack

Need to point to library for custom modules

(WL-435): Add configuration variable DEFAULT_SITE_THEME for setting default site theme

update credentials ansible overrides for docker

ECOM-3180

Converts the seed job xml to groovy DSL, and incorporates changes from PR #2962

* Builds the seed job xml from groovy DSL using the job-dsl-plugin's gradle run task.
  Ref https://github.com/jenkinsci/job-dsl-plugin/wiki/User-Power-Moves
* Adds COMMON_VARS text parameter to seed job
* Uses DSL_BRANCH and SECURE_BRANCH parameter values for seed job git repos

* Builds the seed job xml from groovy DSL using the job-dsl-plugin's gradle run task.
  Ref https://github.com/jenkinsci/job-dsl-plugin/wiki/User-Power-Moves
* Adds COMMON_VARS text parameter
* Uses DSL_BRANCH and SECURE_BRANCH parameter values for seed job git repos
* Removes unnecessary jinja formatting from seedJob.groovy template

Updated DISCOVERY_OAUTH_URL_ROOT

No need to list 5000 lines of compileall

Correct a URL, and say 'Open edX'

Using EDXAPP_LMS_ROOT_URL instead of EDXAPP_LMS_ISSUER. This removes the need to define another EDXAPP_* override in our secure variables.

Updated Elasticsearch settings for discovery service

Add P3P headers to the IDAs

Secures Jenkins Analytics using Github OAuth plugin

* Configures github oauth as default jenkins auth realm (was unix system user)
* Uses the Matrix Authorization Strategy at 3 levels: anonymous, administrator,
  and job builder.
* Allows configuration of the list of users/groups and permissions granted to
  each authorization level.
* Adds ssh private key to jenkins user, to maintain CLI tool access
* Sets jenkins password only if using old unix system user realm; locks the
  jenkins system user when using github oauth.
* Adds jenkins public key to Jenkins user config.xml, and creates that user
  config.xml file if it's missing (required to bootstrap jenkins user CLI access)
* Renames the existing JENKINS_ANALYTICS_GITHUB_* credential variables to
  JENKINS_ANALYTICS_GITHUB_CREDENTIAL_* to avoid confusing them with the Github
  OAUTH variables.

* Configures github oauth as default jenkins auth realm (was unix system user)
* Uses the Matrix Authorization Strategy at 3 levels: anonymous, administrator,
  and job builder.
* Allows configuration of the list of users/groups and permissions granted to
  each authorization level.
* Adds ssh private key to jenkins user, to maintain CLI tool access
* Sets jenkins password only if using old unix system user realm; locks the
  jenkins system user when using github oauth.
* Adds jenkins public key to Jenkins user config.xml, and creates that user
  config.xml file if it's missing (required to bootstrap jenkins user CLI access)
* Renames the existing JENKINS_ANALYTICS_GITHUB_* credential variables to
  JENKINS_ANALYTICS_GITHUB_CREDENTIAL_* to avoid confusing them with the Github
  OAUTH variables.

Update Vagrantfiles for dogwood.2

Adds rebuild to the default plugins

Add documentation urls for API

make it a templated variable so that you can override it for your
installation.

Harstorage ops1372

Various fixes to allows jenkins analytics to run analytics tasks on AWS resources

* Uses JENKINS_HOME=/edx/var/jenkins.  This addresses the pyinstrument
  re-install issue seen when JENKINS_HOME is a symlink.
* Installs libffi-dev and libpq-dev packages with analytics_jenkins playbook
* Adds an SSH Credential, which is passed as the MASTER_SSH_CREDENTIAL_ID
  parameter to the seed job.
* When the seed job is run, ignore unreferenced jobs, instead of deleting them.
  This allows you to run and re-run the seed job from Jenkins to update a
  particular analytics job, and untick the jobs you don't want to update.
* Lets <ANALYTICS_TASK>_EXTRA_VARS be a @path/to/file.yml

* Uses JENKINS_HOME=/edx/var/jenkins.  This addresses the pyinstrument
  re-install issue seen when JENKINS_HOME is a symlink.
* Installs libffi-dev and libpq-dev packages with analytics_jenkins playbook
* Adds an SSH Credential, which is passed as the MASTER_SSH_CREDENTIAL_ID
  parameter to the seed job.
* When the seed job is run, ignore unreferenced jobs, instead of deleting them.
  This allows you to run and re-run the seed job from Jenkins to update a
  particular analytics job, and untick the jobs you don't want to update.
* Lets <ANALYTICS_TASK>_EXTRA_VARS be a @path/to/file.yml

Prevent invalid display courseware in IE 10+ with high privacy settings