Just a place for links to getting Jenkins working for CICD for my projects.
That gets you started.
Plugins
Probably overkill and more than you need but I tried to cover most of the
stuff I have in github. You may want to add others as well.
ace-editor
ant
antisamy-markup-formatter
apache-httpcomponents-client-4-api
authorize-project
bootstrap4-api
bootstrap5-api
bouncycastle-api
branch-api
build-timeout
caffeine-api
checks-api
cloudbees-credentials
cloudbees-folder
command-launcher
credentials
credentials-binding
deploy
display-url-api
durable-task
ec2-deployment-dashboard
echarts-api
email-ext
font-awesome-api
git
git-client
github
github-api
github-branch-source
git-server
gradle
handlebars
jackson2-api
jdk-tool
jjwt-api
jquery3-api
jsch
junit
ldap
lockable-resources
mailer
matrix-auth
matrix-project
momentjs
okhttp-api
pam-auth
pipeline-build-step
pipeline-github-lib
pipeline-graph-analysis
pipeline-input-step
pipeline-milestone-step
pipeline-model-api
pipeline-model-definition
pipeline-model-extensions
pipeline-rest-api
pipeline-stage-step
pipeline-stage-tags-metadata
pipeline-stage-view
plain-credentials
plugin-util-api
popper2-api
popper-api
resource-disposer
scm-api
script-security
snakeyaml-api
ssh-credentials
sshd
ssh-slaves
structs
timestamper
token-macro
trilead-api
windows-slaves
workflow-aggregator
workflow-api
workflow-basic-steps
workflow-cps
workflow-cps-global-lib
workflow-durable-task-step
workflow-job
workflow-multibranch
workflow-scm-step
workflow-step-api
workflow-support
ws-cleanup
Users
You can jump past the Docker setup if you already did the above by scrolling down to Fork and clone the sample repository. Also ignore docker stuff in project setup.
Sorting Issues
I can't seem to login to Jenkins after restart.
Lots of posts say to do something like
sed -i 's/<useSecurity>true<\/useSecurity>/<useSecurity>false<\/useSecurity>/g' /var/lib/jenkins/config.xml
but that assumes you set up with a local DB instead of the linux users. If you make the change and are using the local auth Jenkins will not even start. Worse yet, it fails quietly wasting even more time digging uselessly to try and find an error to solve. Here is the rub. In order to use the local auth system the user Jenkins runs at needs to be able to read /etc/shadow which means running root or hacking perms. So despite using the local users making the most sense logistically, it makes little sense security wise so you want to switch to something else but first you need to get in. The way that works is to set the password for the user you are running Jenkins as.
Now you can login with that user and password and change the Security Realm in Configure Global Security to something else. Jenkins’ own user database makes the most sense for me.
|
Jenkins Configure Global Security page |
Info on options can be found
here.
To be closer to my work setup I made it a bit fancier.
|
Project-based Matrix Authorization Strategy example |
If you do the above project based auth you will also want to config Access Control for Builds
To make life somewhat simpler though I'm defaulting to running builds as the jenkins user. To sort perms then I needed to run
chown jenkins.jenkins -R /var/lib/jenkins/workspace/
I hit this because I added a project and built it before restarting so everything was owned by and restricted to root.
No comments:
Post a Comment