book

Jenkins 2: Up and Running

by Brent Laster

May 2018

Intermediate to advanced

604 pages

13h 56m

English

O'Reilly Media, Inc.

Book available

Read now

Unlock full access

How to Use This BookConventions Used in This BookUsing Code ExamplesO’Reilly SafariHow to Contact UsAcknowledgments
What Is Jenkins 2?The JenkinsfileDeclarative PipelinesBlue Ocean InterfaceNew Job Types in Jenkins 2Reasons for the ShiftDevOps MovementAssembling PipelinesResumabilityConfigurabilitySharing WorkspacesSpecialized KnowledgeAccess to LogicPipeline Source ManagementCompetitionMeeting the ChallengesCompatibilityPipeline CompatibilityPlugin CompatibilityChecking CompatibilitySummary
Syntax: Scripted Pipelines Versus Declarative PipelinesChoosing Between Scripted and Declarative SyntaxSystems: Masters, Nodes, Agents, and ExecutorsMasterNodeAgentExecutorCreating NodesStructure: Working with the Jenkins DSLnodestagestepsSupporting Environment: Developing a Pipeline ScriptStarting a Pipeline ProjectThe EditorWorking with the Snippet GeneratorRunning a PipelineReplaySummary
Triggering JobsBuild After Other Projects Are BuiltBuild PeriodicallyGitHub Hook Trigger for GitSCM PollingPoll SCMQuiet PeriodTrigger Builds RemotelyUser InputinputParametersReturn Values from Multiple Input ParametersParameters and Declarative PipelinesFlow Control OptionstimeoutretrysleepwaitUntilDealing with ConcurrencyLocking Resources with the lock StepControlling Concurrent Builds with MilestonesRestricting Concurrency in Multibranch PipelinesRunning Tasks in ParallelConditional ExecutionPost-ProcessingScripted Pipelines Post-ProcessingDeclarative Pipelines and Post-ProcessingSummary
NotificationsEmailCollaboration ServicesReportsPublishing HTML ReportsSummary
Securing JenkinsEnabling SecurityOther Global Security SettingsCredentials in JenkinsCredential ScopesCredential DomainsCredential ProvidersCredential StoresAdministering CredentialsSelecting Credential ProvidersSelecting Credential TypesSpecifying Credential Types by ProviderCreating and Managing CredentialsContext LinksAdding a New Domain and CredentialUsing the New Domain and CredentialAdvanced Credentials: Role-Based AccessBasic UseManage RolesAssign RolesRole Strategy MacrosWorking with Credentials in the PipelineUsername and PasswordSSH KeysToken CredentialsControlling Script SecurityScript CheckingScript ApprovalGroovy SandboxingUsing Jenkins Credentials with VaultApproachSetupCreating a PolicyAuthenticationUsing Vault in JenkinsSummary
Trusted Versus Untrusted LibrariesInternal Versus External LibrariesInternal LibrariesExternal LibrariesGetting a Library from the Source RepositoryModern SCMLegacy SCMUsing Libraries in Your Pipeline ScriptAutomatic Downloading of Libraries from Source ControlLoading Libraries into Your ScriptLibrary Scope Within Jenkins ItemsLibrary StructureSample Library RoutineStructure of Shared Library CodeUsing Third-Party LibrariesLoading Code DirectlyLoading Code from an External SCMReplaying External Code and LibrariesA Closer Look at Trusted Versus Untrusted CodeSummary
MotivationNot IntuitiveGetting GroovyAdditional Assembly RequiredThe StructureBlockSectionDirectivesStepsConditionalsThe Building BlockspipelineagentenvironmenttoolsoptionstriggersparameterslibrariesstagespostDealing with Nondeclarative CodeCheck Your PluginsCreate a Shared LibraryPlace Code Outside of the Pipeline BlockThe script StatementUsing parallel in a StageScript Checking and Error ReportingDeclarative Pipelines and the Blue Ocean InterfaceSummary
Common Project OptionsGeneralSource Code ManagementBuild TriggersBuild EnvironmentBuildPost-Build ActionsTypes of ProjectsFreestyle ProjectsThe Maven Project TypeThe Pipeline Project TypeThe External Job Project TypeThe Multiconfiguration Project TypeIvy ProjectsFoldersMultibranch Pipeline ProjectsGitHub Organization ProjectsBitbucket Team/Project ProjectsSummary

Part 1: Managing Existing PipelinesThe DashboardThe Project-Specific PageThe Run PagePart 2: Working with the Blue Ocean EditorCreating a New Pipeline Without an Existing JenkinsfileWorking in the EditorEditing an Existing PipelineImporting and Editing Existing PipelinesWorking with Pipelines from Non-GitHub RepositoriesSummary
Common PreparationLogic and AccuracyProject TypeSystemsAccessGlobal ConfigurationPluginsShared LibrariesConverting a Freestyle Pipeline to a Scripted PipelineSourceCompileUnit TestsIntegration TestingMigrating the Next Parts of the PipelineConverting from a Jenkins Pipeline Project to a JenkinsfileApproachFinal StepsConverting from a Scripted Pipeline to a Declarative PipelineSample PipelineThe ConversionCompleted ConversionGeneral Guidance for ConversionsSummary
Using Shell StepsThe sh StepThe bat StepThe powershell StepWorking with Environment VariablesThe withEnv StepWorking with WorkspacesCreating a Custom WorkspaceCleaning a WorkspaceFile and Directory StepsWorking with FilesWorking with DirectoriesDoing More with Files and DirectoriesSummary
SonarQube SurveyWorking with Individual RulesQuality Gates and ProfilesThe ScannerUsing SonarQube with JenkinsGlobal ConfigurationUsing SonarQube in a Freestyle ProjectUsing SonarQube in a Pipeline ProjectLeveraging the Outcome of the SonarQube AnalysisSonarQube Integration Output with JenkinsCode Coverage: Integration with JaCoCoAbout JaCoCoIntegrating JaCoCo with the PipelineJaCoCo Output Integration with JenkinsSummary
Publishing and Retrieving ArtifactsSetup and Global ConfigurationUsing Artifactory in a Scripted PipelinePerforming Other TasksDownloading Specific Files to Specific LocationsUploading Specific Files to Specific LocationsSetting Build Retention PoliciesBuild PromotionIntegration with a Declarative PipelineArtifactory Integration with Jenkins OutputArchiving Artifacts and FingerprintingSummary
Configured as a CloudGlobal ConfigurationUsing Docker Images as AgentsUsing Cloud Images in a PipelineAgent Created on the Fly for a Declarative PipelineDocker Pipeline Global VariableGlobal VariablesDocker Application Global Variable MethodsDocker Image Global Variable MethodsDocker Container Global Variable MethodsRunning Docker via the ShellSummary
Using the Command-Line InterfaceUsing the Direct SSH InterfaceUsing the CLI ClientUsing the Jenkins REST APIFiltering ResultsInitiating BuildsUsing the Script ConsoleSummary
Diving into Pipeline StepsDealing with Serialization ErrorsContinuous Passing StyleSerializing PipelinesNotSerializableExceptionHandling Nonserializable ErrorsIdentifying the Line in Your Script that Caused an ErrorHandling Exceptions in a PipelineUsing Nondeclarative Code Within a Declarative PipelineUnapproved Code (Script and Method Approval)Unsupported OperationsSystem LogsTimestampsPipeline Durability SettingsSummary

Content preview from Jenkins 2: Up and Running

Chapter 6. Extending Your Pipeline

Like in any programming environment, in Jenkins pipelines, centralizing functions, sharing common code, and code reuse are all essential techniques for quickly and effectively doing development. These practices encourage standard ways to invoke functionality, create building blocks for more complex operations, and mask complexity. They can also be used to provide uniformity and encourage convention over configuration to simplify tasks.

One key way that Jenkins allows users to do all of this is through the use of shared pipeline libraries. Shared pipeline libraries are composed of code stored in a source code repository that is automatically downloaded by Jenkins and made available to pipelines.

In this chapter, we’ll explore the structure, implementation, and use of pipeline libraries, as well as seeing how to create our own global functions and even incorporate code that’s not written in Groovy or Java. To start building our understanding, let’s look at the different classifications of shared libraries that are available in Jenkins.

Trusted Versus Untrusted Libraries

Shared libraries in Jenkins can be in one of two forms: trusted or untrusted.

Trusted libraries are ones that can call/use any methods in Java, the Jenkins API, Jenkins plugins, the Groovy language, etc. Because trusted libraries have such wide latitude in what they can call and use, it’s important that access to add or change code in them is managed. Making updates to trusted ...