jenkins - yibinericxia/documents GitHub Wiki

Jenkins Projects & Jobs

Security

Group Jenkins projects into their dedicated folders so that the access to them can be granted to the related individuals only.

Do not grant permissions to the groups of anonymous, authenticated, authenticated users, etc. Always use individuals for user security settings via configuration.

Jenkinsfile

General Info

This file can be created through the classic UI or in the IDE/text editor. It should be in source control within its project repository.

Jenkins Shared Library

Put common Groovy scripts into a repository and add the library in Jenkins with the name and retrieval method version for each project to use.

try {
  library(
    identifier: 'jslLibraryName@version',
    retriever: modernSCM([
      $class: 'GitSCMSource',
      remote: 'url/to/library/git/repo',
      credentialsId: 'gitCredentials'
    ])
  ) _
} catch (Exception e) {
  ...
}

Pipeline

It supports two syntaxes: declarative & scripted. It could contains agent, options, environment, parameters, and stages blocks. A sample file is as follows:

pipeline {
  agent {
    label 'Docker-enabled'
  }
  options {
    timestamps()
    disableConcurrentBuilds()
  }
  environment {
    PROJECT_NAME = 'my-app'
    BRANCH_NAME = GIT_BRANCH.split('/')[-1].trim().toLowerCase()
    DOCKERFILE_PATH = 'path/to/file'
    IMAGE_TAG = "${env.APP_VERSION}"
  }
  parameters {
    string(name: 'branch', defaultValue: '${env.BRANCH}', description: 'scm branch')
    choice(name: 'DEPLOY_ENV', choices: ['dev', 'uat', 'cert', 'prod'], description: 'deploy env')
  }
  stages {
    stage('Static Analysis') {
    }
    stage('Build') {
      steps {
        script {
          sh 'make'
          envJAR_FILE = '**/target/*.jar'
        }
      }
    }
    stage('Docker') {
      when {
        expression {
          "${params.DEPLOY_ENV}" ==~ /(dev/uat/cert/prod)/
        }
      }
      steps {
        script {
          sh "docker build -t registryName/repoName/${PROJECT_NAME}:${IMAGE_TAG} -f ${DOCKERFILE_PATH} ."
          sh "docker push registryName/repoName/${PROJECT_NAME}:${IMAGE_TAG}"
        }
      }
    }
    stage('Test') {
      stages {
        stage('Unit Test') {
          agent {
            dockerfile {
              filename 'Dockerfile'
              ...
            }
          }
          steps {
            script {
              ...
            }
          }
        }
        stage('SonarQube') {
          agent {
          }
          steps {
            script {
              ...
            }
          }
        }
      }
    }
    stage('Deploy') {
      when {
        expression {
          currentBuild.result == null || currentBuild.result == 'SUCCESS'
        }
      }
      steps {
        script {
          ...
        }
      }
    }
  }
}

Plugins

Common Plugins

  • Git
  • Java JDK
  • NodeJS
  • .NET SDK
  • Python
  • Gradle
  • Docker & Kubenetes
  • Pipeline
  • Blue Ocean
  • SonarQube

Useful Plugins

  • Maven Integration
  • Jira
  • Mailer

Reference

https://jenkins.io/doc/book/pipeline/jenkinsfile/

⚠️ **GitHub.com Fallback** ⚠️