Programster's Blog

Tutorials focusing on Linux, programming, and open-source

Jenkins Cheatsheet

Comments

/* this
   is a
   multi-line comment */

// this is a single line comment

Credentials

node {
  withCredentials([string(credentialsId: 'mytoken', variable: 'TOKEN')]) {
    sh '''
      set +x
      curl -H "Token: $TOKEN" https://some.api/
    '''
  }
}
node {
  withCredentials([usernameColonPassword(credentialsId: 'mylogin', variable: 'USERPASS')]) {
    sh '''
      set +x
      curl -u "$USERPASS" https://private.server/ > output
    '''
  }
}
node {
  ws {
    withCredentials([file(credentialsId: 'secret', variable: 'FILE')]) {
      sh 'use $FILE'
    }
  }
}

Parameters per Branch (master, staging, production)

We need for the ability for the HOST to ssh into, and the other details to change according to what branch we are on. E.g. when we pushed to staging, we want to deploy to the staging server, not the production one.

Install the config file provider plugin.

Docker Build

pipeline {
    agent {
        docker { image 'docker:dind' }
    }

    stages {

        stage("build") {

            steps {

                echo "building docker image..."

                script {
                    def registry = "docker-registry.mydomain.com:5000"
                    def imageName = "test-image"
                    def fullImageName = "${registry}/${imageName}"
                    def version = "${env.BUILD_ID}"
                    def image = docker.build("${fullImageName}:${version}")
                }
            }
        }
}

Docker Build Custom Dockerfile Path

The previous example works if your Dockerfile is at the top level. However, if your Dockerfile is within a subfolder called docker, but you want to keep the top level as your build context, you would need to use this instead:

def image = docker.build("${fullImageName}:${version}", "-f ./docker/Dockerfile .")

The last . is the path to the build context, and the -f ./docker/Dockerfile is specifying the path to where the Dockerfile is.

Docker Login and Push (Self-hosted Registry)

To push your image, you are going to need to log into your docker registry with a set of username/password credentials. The snippet below shows you how.

pipeline {

    stage('Build and push') {
        /* Build your image using example code above here. */


        /* Push image using withRegistry. */
        docker.withRegistry('<your docker registry>', 'docker-private-credentials') {
            def version = "${env.BUILD_ID}"
            image.push("${version}")
            image.push("latest")
        }
    }
}

Push To AWS Elestic Container Registry (ECR)

Unfortunately, the steps are a little different if you wish to push to an ECR. You would think that one would simply just change the credentials type to type AWS Credentials and put your IAM ID/secret in there and it would all work but no.

Instead you need to change the previous example to use the following:

docker.withRegistry(REGISTRY_URL, 'ecr:' + AWS_REGION + ':' + CREDENTIALS_NAME) {

e.g.

docker.withRegistry('https://073642263927.dkr.ecr.eu-west-2.amazonaws.com/my-project', 'ecr:eu-west-2:id-of-credentials-in-jenkins') {

Different Docker Agents For Different Stages

You can specify a specific docker container to use for a stage like as follows:

pipeline {
    agent none
    stages {
        stage('Back-end') {
            agent {
                docker { image 'maven:3.8.1-adoptopenjdk-11' }
            }
            steps {
                sh 'mvn --version'
            }
        }
        stage('Front-end') {
            agent {
                docker { image 'node:14-alpine' }
            }
            steps {
                sh 'node --version'
            }
        }
    }
}

References

Last updated: 1st July 2021
First published: 16th June 2021