Manage Jenkins

How do I use "Manage Jenkins" page? 

Here I'm with all of the screenshots of each section of the Manage Jenkins page. this might contain "Monitors" that alert you when a new version of the Jenkins software or a security update is available. Each monitor includes links to the changelog that describes the new update as well as instructions to download and install the update. The Manage Jenkins page displays a series of tiles for common task areas, arranged in logical groupings: 

System Configuration — This section is designed for general system configuration, managing nodes and clouds, global tool configuration, and plugin management.

Security —  This section is designed to configure global security (authentication, authorization, and global settings that protect your Jenkins instance from intrusions) and screens to manage the credentials that provide secure access third-party sites and applications that interact with Jenkins.

Status Information —  This section is that display system information, information about disk usage, the Jenkins system log, "about Jenkins" information, and load statistics for the instance.

Troubleshooting —  This section is for Jenkins Administrators to help you resolve configuration issues.

Tools and Actions —  This section is designed for common management tasks (reloading the configuration from disk, preparing for shutdown) and management tools that enable you to administer Jenkins from the command line (Jenkins CLI and the Script Console a

Uncategorized — Screens for monitoring the Jenkins controller and agents and for launching build agents as Docker containers.

Additional tiles may be added by plugins that you install.

Significant changes are being made to Jenkins to improve the user interface and to address technical debt that has accumulated. Differences that directly affect administration include:

Configuration screens now use HTML div tags rather than HTML table tags. This provides a more attractive user interface for all users and a much better experience for users on narrow devices such as tablets and phones.

The tiles displayed on the Manage Jenkins page are now grouped logically rather than as the long list of tasks in somewhat random order that characterizes earlier Jenkins releases.

Some configuration fields have been moved or added in the latest versions.

Jenkins Seed Job using DSL Script to Generate Job

 Hey Guys!! How are you? In this learning post I would like to share with you awesome Jenkins feature experiment -  Infrastructure as a Code (IaC). The entire Jenkins Job or Project can be configured manually step-by-step in the regular fashion, when you click on the "new item" on the Jenkins Dashboard to create a project. But here story is different - with DSL script you could do the same thing that is dynamically creating a Job with a single flexible scalable durable way with Groovy script. 

Jenkins DSL Groovy script generating dynamic Job

Groovy is more like Shell scripting but totally executable on Java Virtual Machine. Those who know Java it will be easy to understand the Groovy syntax and its blocks. If you don't then no worries we will be coming up with easy to use DSL script in the following sections.

Prerequisite for DSL Job creation

• Jenkins master-slave installed up and running. SCM installed/github Up and running
• Jenkins must have plugins installed such as Copy to Archive, Archive Artifacts etc
• Jenkins "Global Tool Configuration" should have "Maven" , "JDK" specially needed for Java Build process

On the Docker Play with Docker (PWD) you can run the following commands

docker run --name jenkinsmaster -u root \
--rm -d -p 8081:8080 \
-v jenkins-data:/var/jenkins_home \
 jenkins/jenkins

You can check the docket hosting machine port open for Jenkins containers:

netstat -tupln|grep 8081
#To get the password from the logs 
docker logs jenkinsmaster

What Jenkins plugin need to be installed? Job DSL plugin

We need to install the 'Job DSL' plugin. This will enable you to write Groovy scripts. As regular plugin installation procedure - Navigate to Manage Jenkins -> Manage Plugins ->Go to the  availability tab search for "Job DSL'. Once found select it and click on the 'Install without Restart' Button. 

How to write a Jenkins DSL groovy script? 

This is very simple! Go to your Jenkins Dashboard and select "New Item" select "Free Style Project".  In the Build section - select  “Process Job DSL” as Build step this will be visible only when you install the Job DSL plugin.

Developing a Seed Job Logic : 

Parameters in DSL

The following is the example where you can use the parameterised project in DSL, we can use the following snippet in 'Build' step Groovy script can be used as following 'Job DSL'

  job('parameterized_dsl_job'){
	description("This project is seeded with parameters")
	
	parameters{
		stringParam('user_name',defaultValue = 'Vybhava", description = 'Please enter user_name')
	}
		
	setps {
		shell("echo Hello $user_name")
	}
}
  

1. To use the Job DSL plugin, you first need to create a seed job. The seed job is a Jenkins job which runs newly created a DSL scripts, and then generates a new job name as "Maven-Project-DSL". 
2. In that job we can have a "Source Code Management" section with a git repo URL as given in the DSL script scm block.
3. This dynamically created job can be chosen to trigger every 2 mins this can be modified as per your Project needs. This block is like in the Build Trigger section having Poll SCM
4. In Build Step/section we use to select "Invoke Top level Maven Targets" option similar to it we can use steps block and mention it "clean package" targets and also provide where is your pom.xml that will create a war file. Note: look into the pom.xml file packaging line according use the artifact option
5. Like our Post Build action  here in the DSL script we can have a publisher block that calls archiveArtifacts with a parameter, here I've choose for **/*.war because same will be used in the deployment in the Tomcat server.

job('Maven-Project-DSL') {
    description("Maven job generated by the DSL on ${new Date()}, the project is a small Maven project hosted on github")
    // Source Code Management section equivalent block
    scm {
        git("https://github.com/Bhavanishekhar/Jenkins_integrations.git", 'master')
    }
    
    // Build Trigger section equivalent
    triggers {
        scm('H/2 * * * *') // every 2 minutes SCM Polling is scheduled here
    }
    // Like Build having Invoke top-level Maven targets
    steps {
        maven('clean package', 'maven-samples/single-module/pom.xml')
    }
    
    publishers {
        //archive the jar/war/ear file generated
        archiveArtifacts '**/*.war'
    }
}

Here the publishers is like 'Post Build Actions' on the Jenkins configuration page.

6. Save the Seed Job and click on the "Build Now" and then Job will be in Failed state. Check the Console Output. 

Jenkins Seed Job FAILURE - script not set approval

7. Go to the Manage Jenkins and select the "In-process Script Approval" this will allows us to review proposed DSL script inside the Jenkins process and generate a new Job. In the "ScriptApproval" page you could see choice as shown:

Jenkins Seed Job ScriptApproval action

8. You need to click on the "Approve", and then go back to the Seed Job and build again.
9. After seed job execution completes you will be getting a new Job with name "Maven-Project-DSL"

Thanks for your time if you like this post please share it with your friends and colleagues.

Reference: 

1. Job DSL
2. DSL Help on groovy syntax

Jenkins Continuous Delivery

👋 Warm Welcome 🤗 to my dear DevOps DevSecOps /SRE engineers here in this post we will exploring about Jenkins configured to run a full fledged CI/CD flow.

Preparation for CI/CD

The full length end-to-end automation can be done with the Jenkins Jobs. We need to identify how the dependencies forms the Job chain, what job become upstream and what all jobs can be downstream to which job also you need to plan as per your project needs. Here I'm taking the scenario where Java based web application package and deployment to different environments such as QA, Staging and for Production with approval to run the Build.

The sequence of steps involved in this process are:

• Install Tomcat server 
• Using Jenkins CICD job deploy 

Install Tomcat Server on a VM/Cloud instance

Here the VM/Cloud instance assuming as Ubuntu Linux machine. d

Step 1: Install JRE/Java

To install Tomcat on any Platform there should be JRE available. To have JRE we do install JDK which is suitable to the Tomcat. As an example I'm installing JDK8 with the following command.

sudo apt-get install openjdk8 -y; java -version

Step 2: Installing the latest version of Tomcat

The following are not exact commands you need to visit Tomcat Office site to download mirror link.
 

sudo apt install -y unzip wget
wget mirrorlink to download the latest version of tomcat.zip file 
sudo mkdir -p /opt/tomcat 
sudo unzip -d /opt/tomcat tomcat.zip 
ls -l /opt/tomcat  #confirm the extraction

Step 3: Change Tomcat server port, if your Tomcat is installed on the same machine where Jenkins runs. This is to avoid port conflict. Port value change by searching 'Connector' inside the /opt/tomcat/conf/server.xml file. 

Step 4: Change file permission of scripts in the 'bin' folder, that is

cd /opt/tomcat/bin 
sudo chmod +x *

Step 5: start tomcat server from the bin directory run the following

./startup.sh
less -f ../logs/catalina.out # output show Tomcat server started log message.

 Jenkins Setup for Continuous Deployment(CD)

Jenkins automations makes lord of windows in DevOps world. If you want to enjoy that automations in your project please follow this post, here we are going to have the objective as Jenkins continuous integration and continuous deployment to a target environment. The target environment could be built based on the Tomcat server.  Usually the environment can be for development, QA staging and production. if the automation flow begin from the development  environment test success to QA and then staging we can do job chain or a pipeline automatic deployment stages including steps usage in a DSL file that is Jenkinsfile.

Install Jenkins plugins

On the Jenkins console in the dashboard navigate to the Manage Jenkins, then Manage plugins, go to the availability tab and search for the following plugins install them without restart 

 1. Copy Artifact 

 2. Deploy to Containers 

Create Jenkins Jobs

In the first phase of this experiment you will Create Job to produce a Tomcat Deployable Artifacts. Meaning a servlet or JSP containing Java Web applications inside the deployable file. And it's extension can be w a r (web archive) file.

In the view page click on the plus + and  Create a list View and name it as "QA Deploy".

 1. Project name: package_app (Maven build)

a. Please enter in the Description :  Generate artifacts to deploy on Java tomcat server 

 b. Under SCM  section enter your own git URL : https://github.com/BhavaniShekhar/Jenkins_Integrations.git

c. Build Environment section - Please Check "Delete workspace before build starts" and "Add timestamps to the Console Output".

 d. Build section - select "Invoke top-level Maven targets" from the dropdown options.

 Choose Maven Version value as you configured it earlier in the Global tool configure name (in my example maven3 used)

 Goals value can be choosen as - clean package

 If pom.xml is not in the project start directory then go for "Advanced" option then provide the POM value as file path : java-tomcat-sample/pom.xml 

e.  In the Post-Build actions Add "Archive the artifacts"

 Files to archive  **/*.war

Now all the settings are done for the package_app job so now Save it, and run it by using "Build Now". Go to the Console Output which shows the full log build execution after confirming that "Build Successful". 

Navigate to last build number for me it is first build so Build #1 there we can see the "Build Artifacts" shows the war file downloadable link.

Automated Deployment

2. Create Deploy application job in the same "QA deploy" view.

Select a Freestyle project.

Project Name: deploy_app

Description: This job will be used to deploy the artifact to QA Tomcat server.

Build logs settings to Max as : 3 

Build Environment section 

Check the "Delete workspace before build starts" and "Add timestamps to the Console Output".

Build Section

Select from the dropdown of Add build Step as "Copy Artifacts from another project"

a. Project Name: Package_app

b. Which build : Latest successful build and also select "Stable build only 

c. Artifacts to copy : **/*war 

Post build Actions section 

Select "Deploy war/ear to a container" from the "Add post-build action.

a. WAR/EAR Files: 

b. context path: /

c. Add container: Tomcat 10 [if that is not available you can use Tomcat 9.x also fine]

  i. Add Jenkins credentials: tomcat/tomcat_password which was configured on Tomcat server.

  ii. Tomcat URL: http://PUBLICIP:8080 

Now everything configured for this job. Save the "deploy_app" project configuration. 

Now you can go to the dashboard and see the "QA Deploy" view where we added two Jobs that is package_app, deploy_app.

Trigger the "Build Now" for each Job for now do it for "deploy_app" job to test it to confirm it is working as expected.

Setup for Continuous Deployment

We can create upstream and downstream when they have dependency. 

Go to the package_app project and 

1. Poll SCM in the Build Trigger 

Schedule : * * * * *

in the Post-build Actions section Add post-build action as "Build other projects"

a. Projects to build "Deploy_app" 

b. Tick the choice - Trigger only if build is stable 

You can observe the Downstream job to the "package_app" as "deploy_app" job.

Developer code push simulation - Do some line change in the GitHub repo then Continuous Integration and Continuous deployment will happen automatically. This is the complete solution we can provide to a Java based web application project.

Troubleshoot points

When you run the 'deploy_app' job you can observe that there are some issues where Tomcat don't allow you to deploy the application with strange error messages. Read the Error messages first understand there could be tomcat server text help link. Do the changes as suggested in that text link.

1. Tomcat user file access denied 

cd TOMCAT_HOME/conf; vi tomcat-users.xml 

change mange-gui if it is admin-gui.

after configuration changes you need to restart tomcat (stop and start).

2. text based tomcat error

Inside the TOMCAT_HOME/webapps/manger/META-INF/ there is a file context.xml comment out the 2 lines which have manger value.

 After this action, restart the Tomcat (sudo /opt/tomcat/bin/shutdown.sh; sleep 3; sudo /opt/tomcat/bin/startup.sh)

Jenkins installation on Windows

 Hello DevOps Guys, We will install the Jenkins Controller on the Windows machine. 

How to install Jenkins on Windows machine?

Here in this post we will explore Step-by-Step installation instructions for Jenkins on Windows platform.

Jenkins installation on Windows

Step 1: Install and set Java

Please visit the Oracle Java SE download page:  http://www.oracle.com/technetwork/java/javase/downloads/index.html .

Oracle providing the new option on the download page, that is "JDK Script Friendly URLs" page. Choose the JDK for your operating system (Windows 10 or 11) 64bit to download. Double click downloaded file launches installer wizard, proceed with the agree and set up the installation location as per your disk/drive availability.

Verification of Java installation 

Open a CMD prompt run "java -version" if Java installed correctly in the PATH you will get the installed version as output. if not set the PATH from the type ENVIRONMENT VARAIABLES search ->EDIT ENVIRONMENT VARAIABLES in the USER VARIABLES section add new variable as JAVA_HOME -> C:\Program Files\Java. and then set PATH with %JAVA_HOME%\bin;%PATH% and launch a fresh CMD prompt and re-test.

java -version

Setting JAVA_HOME path manually on your CMD

SET JAVA_HOME="C:\Program Files\Java\jdk-11.0.14"
SET PATH= %JAVA_HOME%\bin;%PATH%
java -version

should return Java version as jdk-11.0.14.

Checking Java version on Windows Command Prompt

Once Java all set then next we are good to go for Jenkins download.

Step 2: Download and install Jenkins

I believe that a Picture tells 1000 words of worth!  visit jenkins download page link, you may be on Windows 10 or 11(At the time of this blog post Windows versions). 

Jenkins download for Windows

2.1 Welcome Screen

 

2.2 Provide the destination folder where Jenkins need to install

2.3 Choose the user credentials option

2.4 Choose a port for Jenkins service to run and click on "Test Port" will check the availability for the port

2.5. Select the Java installed path [JDK 1.8 or 11 supported choose accordingly]

Note: Please choose JDK 11, This step leads me to run into errors which I've explained in the troubleshoot section. 

2.6 Custom Setup, Next

2.7 Ready to install Jenkins 2.x.x. Click on Install button.

2.8 Completed Jenkins setup, Click on Finish button.

Jenkins completed setup 

Step 3: How to run Jenkins server on Windows?

To start the Jenkins using jankins.war file you have to navigate to the Jenkins installed path then run the following

cd "C:\Program Files\Jenkins"
java -jar jenkins.war

usually in Windows defender will pop-up the security concern. You can select "Allow access".

Jenkins start using java jar command defender firewall protection

If you wish to use different port for your Jenkins server

java -jar jenkins.war --httpPort=9090

Step 4: Launch the Jenkins Controller on Browser

To access on the browser this Jenkins Master console on the Windows machine you can use the URL as either localhost:8080 or 127.0.0.1:8080 or YOURCOMPUTERNAME:8080

Jenkins console access on Windows machine

Please enter the file content as shown the path for initialAdminPassword and click on the continue button,  which will prompt for plugin installation screen then proceed for Admin User setting. Ser the user and password and remember credentials.

Jenkins Active choices parameter - Dynamic input

Hello DevOps team!! Today I've revisited the experiment with the Jenkins ACTIVE CHOICE Parameter  to get the Dynamic parameters effect on the Build Job parameters.

Installation Active Choice parameter - Groovy Script

Prerequisite:

Jenkins installed Up and running on your target master machine.

Jenkins URL accessible  

Step 1: Install Active Choice plugin

On the Jenkins Dashboard, select the Manage Jenkins, Plugin- Manager, In the Available tab search for word 'Active', where you can see Active Choice plugin and choose installation option, and this will enables three different parameters in the "Add Paramters" list. They are :
1. Active choice parameter
2. Active Choice Reactive parameter
3. Active choice Reactive Reference parameter

Here In my example I will use two of them, Firstly Active Choice Parameter for "environment".
Create new item Name: active_project select a freestyle project click OK button.
In the General tab, select the checkbox for 'This project is parameterized'.

Step 2: Add Parameter - Active Choice Parameter

Please enter the following as per your project needs. Offcourse here we are starting Groovy code snippets which doesn't required any expert level coding.

Name: environment 

Script: Groovy Script

Add the following groovy code:

return[
'Live',
'QA',
'Dev'
]

Screen shot: 

Adding Active Choice parameter adding Groovy list

Step 3: Add Parameter - Active Choice Reactive Parameter

Let's define the "Active Choice Reactive Parameter" as sub_env, Here 'sub_env' parameter is depends on the 'environment' parameter which is defined in the previous step.

 
Name: sub_env
Script: Select Grovy script:
Add the following groovy code:

if (environment.equals("Live")){
	return ["Prod","DR"]
}
else if (environment.equals("QA")){
	return ["FT","UAT","Stage"]
}
else if (environment.equals("Dev")){
	return ["Dev-Feature","Dev-Release"]
}
else{
	return ["Please select environment"]
}

On the same parameter block "Single select" from the dropdown
Groovy fall back code:

return ["Select proper environment"]

Now enter the environment as value for the 'Reference parameter'.

Adding Active choice reactive parameter

 

Step 4: Add Parameter list - Active Choice Reactive Reference parameter

Select Active Choice Reactive Parameter Enter the following values
Name: datacenter 

Script: Select Groovy script:
Add the following groovy code:

if(sub_env.equals("Prod")){
	return ["Prod environment at HYD region"]
	}
else if(sub_env.equals("DR")){
	return["DR environment at GG region"]
	}
else if(sub_env.equals("FT")){
	return ["FT environment at HYD region"]
	}
else if(sub_env.equals("UAT")){
	return["UAT environment at GG region"]
	}
else if(sub_env.equals("Stage")){
	return["Stage environment at GG region"]
	}
else if(sub_env.equals("Dev-Feature")){
	return["Dev-Feature environment at GG region"]
	}
else if(sub_env.equals("Dev-Release")){
	return["Dev-Release environment at GG region"]
	}	
else{
	return ["dont miss sub-env"]
}	

Groovy fall back code: return ["Select proper sub-env"]
Reference parameter: sub_env
Finally save the configuration of the project.

Final step

Verify saved script in Jenkins UI by clicking “Build with Parameters”.

Document References https://plugins.jenkins.io/uno-choice/

Jenkins integration with SonarQube Scanner

Hello Guys, DevSecOps team members, In this post I would like to integrate Jenkins with SonarQube.  SonarQube is an open-source product for continuous inspection of code quality.  

The main objective of SonarQube to check Code Quality and provide the Code Security.

SonarQube empowers and ensure all developers to write cleaner and safer code. 

In this experiment we will be running the SonarQube on a Docker Engine.

Prerequisites

We must have following pre-requisites to do this experiment

1. SonarQube Server installed, up and running state
2. Jenkins installed and Master is up and running
3. Sonar Scanner installed on same machine(container) where Jenkins build job executes

Important URLs 

The following links are very helpful while dealing with the SonarQube and its integration with Jenkins.

• Docker play-ground: 
• Sonar Scanner Link 
• SonarQube on DockerHub  

 Step 1: Preparing SonarQube on the Docker

You could installed Docker and it is Up and running,  then run the following docker run command to bring up the SonarQube server.
 

docker run -d --name sonarqube \
-e SONAR_ES_BOOTSTRAP_CHECKS_DISABLE=true \
-p 9000:9000 sonarqube:latest

Open the 9000 port if it is not open automatically.

SonarQube Login

Please enter the default username as admin and the password as admin on the SonarQube login page.

Then immediately it will prompt for "Update your password". Here you can use the old password and new password, confirm password as per you company strong password rules.

Reset the password for SonarQube

after reset password for the SonarQube server, the web UI as shown:

SonarQube Web UI console

On the top right "Add project" or else in the middle of the work area "Create new project" button to start a project. which will be used to show up the analyzed report after SonarQube scan

Create User in SonarQube

In the SonarQube UI we will create User as "ci-admin" that can be used in the Jenkins.

In the "Administration" tab on the right side you can click on "Create User" button for creating individual user and manage.

Please enter the following fields

Login - Mandatory field the user which we can use in Jenkins

Name - Mandatory field to identify this user

Email - optional 

Password - Mandatory where this value should be strong password

SCM Account - Multiple values can be entered here using "Add" button below given to enter more GIT URLs.

SonarQube Administration tab select Security Create user

Click on the "Create" button on the right buttom side. 

After User creation you can see the updates as shown in the SonarQube Administration console select the tab Security and in the newly created User click on the Update Token

SonarQube user token generation

Enter the required fields as expected. 

a. Enter Token Name: Jenkins CI admin

b. Generate

c. Copy the token value that can be used in the Jenkins Global credential creation scope as "secret text"

SonarQube User Token Generation

After Token Generation completes click on the "Done".

Running Jenkins on Docker

This step is optional step, you can have a individually Jenkins installed on your VM.

docker run --name jenkins-master -u root --rm \
 -d -p 8081:8080  -p 50001:50000 \
 -v jenkins-data:/var/jenkins_home \
 -v /var/run/docker.sock:/var/run/docker.sock \
 jenkinsci/blueocean

On the PWD automatically opens 8081 if not manually you can open that port, To view log files of Jenkins container you can run the following:

  docker logs jenkins-master
  

On the Jenkins Dashboard Sample credentials : SonarQube : admin/welcome1 Jenkins: ci-admin/welcome123

Jenkins Integration Setup for SonarQube

Step 1. Install plugin - SonarQube Scanner

Navigate to Manage Jenkins > Manage Plugin > Available > on the search for the word 'sonarqube'  select SonarQube Scanner to "Install without resart".

SonarQube Scanner plugin installation

Configure System for SonarQube

 

Step 2: Configure SonarQube Server on the Jenkins 

Manage Jenkins > Configure System > SonarQube Server 

a. Select the check box - Environment variables Enable injection of SonarQube server configuration as build environment variables 

Here you can give any name which is easy to represent that SonarQube Server. And enter the SonarQube Server URL and Save this confiburation.

Configure System on Jenkins for SonarQube Server

b. click on the 'Add SonarQube' under section SonarQube installations SonarQube URL [ You can enter your SonarQube running URL here]

http://ip172-18-0-13-c1ja09je75e000b5n1m0-9000.direct.labs.play-with-docker.com/projects 

c. Please enter the server authentication token clicks on the 'Add' button to SonarQube authentication token. 

Select the 'Secret Text' option. 

Keep in Global scope. Mandatory when anonymous access is disabled. [Remember this Token which you have generated and saved on the SonarQube console]

d. Save this SonarQube 'Configure System'.

Sonar scanner installation on Jenkins Container 

Enter into the Jenkins-master container and then do the following steps

1. Download Sonar scanner zip file

2. unzip it to /opt path rename the folder with sonar-scanner instead of having lengthy version attached.

3. modify the sonar-runner.properties file by adding following line 

Assuming you are using Docker Jenkins container so entering into the container

$ docker exec -it jenkins-master bash 
cd /tmp
wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.0.2311-linux.zip
unzip sonar-scanner-cli-4.6.0.2311-linux.zip -d /opt
cd /opt
mv sonar-scanner-4.6.0.2311-linux sonar-scanner
ls # confirm

modify the properties file present in the conf folder

 vi /opt/sonar-scanner/conf/sonar-scanner.properties  

Now update the line as follows:

#----- Default SonarQube server
#sonar.host.url=http://localhost:9000
sonar.host.url=http://192.168.0.28:9000
  

update only the Default SonarQube server url line as shown above. 

Reference link : https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.0.2311-linux.zip

Global Tool Configuration

On the Global tool configuration page search for the "SonarQube Scanner" section under SonarQube Scanner Installation, Click on the   "Add SonarQube Scanner" button

 a. SonarQube Scanner Name: sonarqube-scanner 

 b. Deselect the 'Install Automatically' option. Enter the path for SONARQUBE_RUNNER_HOME /opt/sonar-scanner, make sure that correct path you have used here. 

 c. 'Apply and Save' the Global Tool configuration

Now all set to run the Jenkins Job!    

Create Jenkins FreeStyle project 

1. Create Job - Name it as 'SonarCodeAnalysisJob' 

2. Source Code management: Git Url where code resides to scan.

Example I've used:  https://github.com/BhavaniShekhar/my-app.git

 a. Please enter the Git repo URL : https://samsonawane@bitbucket.org/websym12/sampleweb.git 

 b. Add Credentials -> use Jenkins Credential provider on the pop-up window to enter the username and password for your git URL to access. then back select the newly created credentials. \

Jenkins Credentials Provider for Jenkins

Select the GitHub credentials [optional if GIT repo is Public not required]

Git as SCM on Jenkins

3. Go to the Build section

"Execute SonarQube Scanner" Task to run JDK to be used for the sonar analysis path to project properties Analysis properties

Jenkins Build select Execute SonarQube Scanner

        #Required props as metadata
        sonar.projectKey=Vybhava
        sonar.projectName=Robotics
        sonar.projectVersion=1.0

        #Path to source code 
        sonar.sources=/var/jenkins_home/workspace/$JOB_NAME/src         
    

Additional arguments JVM Options Save the job Click on 'Build Now'.

It should trigger SonarQube Server Report

Sidebar Links in Jenkins Job

Hello Everyone! Here I will give some real use cases where the Jenkins integration with Sidebar Links requirement for a Jenkins Project. 

Case 1: Your project might have a complete build strategy defined and it is shared on a Confluence page or common documentation platform. This document need to be linked to the Jenkins Job.

Case 2: Your QA team want to have all the jobs which they want to access on a single page. Even though you have placed all the QA-related jobs into a View. The solution is using Sidebar Link to the View from the Job.

Case 3: A QA team working on two different Product testings where you have the two separate Jobs, but in the Organization the jobs are grown where a listing of all jobs will make difficult to search for the second job. instead of searching for the second job if we have the second job on the first job page then QA team life will be easy. 

How to use Sidebar Links in a Jenkins Job?

Sidebar link can be used for linking following:

1. Documentation or External URLs
2. Jenkins Views
3. Jenkins Jobs

 Add links in the sidebar of the Jenkins main page, view tabs and project pages. 

This simple plugin adds an Additional Sidebar Links section in the main Jenkins configuration page, with settings for link URLs, texts, and icons. 

Step 1 Install the Sidebar Link plugin

Login to Jenkins console, Select Manage Jenkins> Manage Plugins

Click on 'Available Plugins', Filter by searching 'Sidebar' word. Select the check box against it and the 'Install Plugin without restart' button.

Jenkins Plugin manager install plugin - Sidebar Link

Step 2: Goto your target project(new item or existing project) where you need the Sidebar link. in the 'General' tab you can see that 'Sidebar Link'. 

Setting Sidebar Links with detailed steps

Select the appropriate icon for your sidebar link, On your $JENKINS_HOME you can find in 'images/24x24' directory that contains many icon files for example you use help.gif, document.gif refresh.gif. Else you can also for a custom icon placed in the JENKINS_HOME/userContent directory.

Sidebar Link - icon setup options

Finally, you will see the sidebar link with the selective icons. When I've clicked on 'DevOps Hunter' Sidebar Links surprise it opened this post Wow!! Wonderful!! this post enables you 'Continous Learning' of Jenkins CI one more interesting step in learners path..

Jenkins Manage Assign Roles - Role based Strategy

Here I am finding a solution for the users who belong to QA must have access only to the QA-related jobs. In this post, 

Situation

IT Organizations includes multiple teams such as: QA, Release, Developer and DBA or Middleware Engineers 

Jenkins Master - Container-based

Default all users have the same authorization.

I would like to share how to launch the Jenkins Master on a Docker Container. login with docker playground. As you have provision to Add Node from the left side click it. You will get a terminal to use for 4 hours to play with the Docker engine.

 

To run the Jenkins inside docker container

1. name: Jenkins-master
2. run in detached mode -d
3. Port forwarding from container port 8080 to host 8081 and 50000 to 50001
4. Allocate disk space to run the Jenkins workspace use -v
5. Docker image from Blue Ocean

Let's launch the Jenkins container using below command:

docker run --name jenkins-master -u root --rm \
 -d -p 8081:8080  -p 50001:50000 \
 -v jenkins-data:/var/jenkins_home \
 -v /var/run/docker.sock:/var/run/docker.sock \
 jenkinsci/blueocean 

check Jenkins master logs from the container Jenkins-master

docker logs jenkins-master 

Copy the encrypted InitalAdminPassword to start working on Jenkins

After complete regular steps execution on the Jenkins console installation of Suggested Plugins completed 

Once your Jenkins setup is completed you will see on the browser: Jenkins is ready! Start using Jenkins

to create the default Admin user which we will use for administrating users and managing roles assignment.

Jenkins Crate First Admin User

Click "save and Continue".

How to create a User in Jenkins?

These users can log into Jenkins. This will be maintained by Jenkins Master 'own user database'.

Let's crate User now, ensure you have login with 'administrator' user 

Navigation steps:

1. Goto to 'Manage Jenkins'
2. Select 'Manage Users' 
3. Select 'Create User'
1. Enter Username
2. Enter Password and Confirm Password same
3. Enter Full name  which will display the name on the top when you log in with this user
4. In the organizations multi-user Jenkins, to track we must enter the email id

Create User on Jenkins

Jenkins allows us to create multiple users but they are all set to the global role that means "Anyone can do Anything"  which is not good when you have a lot of users and a lot of projects run in the same Jenkins Security Realm. When the project grows on a large scale we must use 'Role' specific assignment to the users.

How to install 'Role-based Authorization Strategy' plugin?

There is a Jenkins Plugin 'Role Base Strategy' which will allow us to enable the different roles assigned to different team members (users). hence we need to install that plugin. 

Jenkins > Manage Jenkins > Manage Plugin > Available tab filter 'role'.

Select the 'Role-based Authorization Strategy

Enable user authorization using a Role-based strategy. Roles can be defined globally or for particular jobs or nodes selected by regular expressions.

How to configure Global Security for Role-based?

To secure Jenkins we can define who is allowed to access or use the Jenkins Master Configuration from the 'Configure Global Security.  To enable the Role-based Authorization do the following steps:

• Manage Jenkins 
• Under the Security section, Select Configure Global Security
• 'Role-based Autoriaztion' select the radio button 
• Save the Configuration

Authorization - Role-based Strategy

How to add Global Role in Jenkins?

Navigate to 'Manage Jenkins' then select 'Manage and Assign Roles' from the right pane. 

On the 'Manage Roles's page top, you will see Global roles section, where you will see the admin role as default available with Full access to anything on the Jenkins.Now add the new global role as "devopsAdmin'.

Manage Global Roles

Full Global Role picture

Jenkins Manage Global Roles

Now in the Global roles table under 'Overall' choices  'Read' permission. which will enable user to access the Jenkins dashboard. 

On the Global roles table for 'DevopsAdmin' role choose 'View all options.

At the bottom click on 'Apply' button to save and continue.

How to setup Project roles?

On the same page of 'Manage Roles' we can add project-specific roles. Here for test purpose, we are using three roles: 

1. DBA TEAM - dba
2. DEVELOPER TEAM - developer
3. TESTING TEAM - qa

Manage roles for Project item

Once all set in the Manage Roles page, go to the 'Assign Roles' option from the 'Manage and Assign Roles' under the Security section.

Assign Global roles for each user

Add the Jenkins users, which were created earlier in our example srini, rajashekhar, melvin are created.

Select the global role which you have created in the Global roles on the 'Manage Roles' page.

After you assign users 'Srini, Melvin, Rajshekhar' the in place of  global roles they automatically turn to dev, dba, qa : 

Similarly, we can assign 'users' - 'Srini, Melvin, Rajsekhar' then the roles for Item (Project-based) as shown below

User adding to Project roles in Jenkins

Finally, we have succeeded in implementing a role-based authorization for the Jenkins system.

Jenkins limited access to developer role

Please write your experience with the steps.

.