Jenkins for Beginners: A Simple Guide to Get Started
Prerequisites
To start with Jenkins, you’ll need an EC2 instance with the following minimum configuration:
Storage: 20GB
CPU: 2 vCPUs
RAM: 8GB
It’s always a good idea to refer to the Jenkins documentation for more details.
Installing Java and Jenkins
Before installing Jenkins on your VM, you need to have Java installed. Here's how you can do it:
Update the system:
sudo apt update -y2. Install Java:
sudo apt install fontconfig openjdk-17-jreAfter installing Java, you can follow the official Jenkins documentation to install Jenkins.
Getting Started with Jenkins
When you first log in to Jenkins, you’ll be prompted to provide a username and password. You'll need the initialAdminPassword stored at the following location:
bashCopyEdit/var/lib/jenkins/secrets/initialAdminPasswordThis will be your admin login credentials for Jenkins.
Main Jenkins Dashboard
On the main page of Jenkins, you can start creating jobs.
Manage Jenkins
In Jenkins, the Manage Jenkins section allows you to configure Jenkins' global settings:
System Configuration: Set global settings for Jenkins.
Tools: Install required tools like JDK, Maven, etc.
Plugins: Install recommended plugins for Jenkins jobs.
Nodes
In Jenkins, a Node is a machine (or VM) where your jobs run. You can configure nodes by going to Manage Jenkins > Manage Nodes.
Security Configuration
Global Security: This is used to manage security settings for Jenkins. Initially, you don't need to change anything here.
Credentials: Store usernames and passwords required for Jenkins jobs here.
Manage Users: Create and manage Jenkins users here.
Creating Jenkins Jobs
Before creating a job, you need to configure a Node (slave).
Setting Up a Node (Slave) VM
Create an EC2 instance (Slave) with the configuration you prefer, e.g., t2.medium.
Install OpenJDK on the slave VM:
bashCopyEditsudo apt update sudo apt install openjdk-17-jdk -ySet up the slave directory:
bashCopyEditsudo su mkdir jenkins-slave chmod 755 jenkins-slave cd jenkins-slaveGenerate an SSH key pair:
bashCopyEditssh-keygenCopy the private key to Jenkins: Go to Jenkins > Manage Jenkins > Credentials and paste the private key there.
Add the public key to the slave VM's
authorized_keysfile:bashCopyEditvi ~/.ssh/authorized_keysBring the node back online in Jenkins under Manage Jenkins > Manage Nodes.
Now your node is ready to execute jobs!
Setting Up Jenkins Pipeline
Installing Plugins
Go to Manage Jenkins > Manage Plugins > Available.
Install the following plugins:
JDK: Eclipse Temurin installer version.
Docker.
OWASP Dependency Check for security.
Configuring Tools
Go to Manage Jenkins > Configure System, and scroll down to configure tools like:
JDK: Name it
jdk17, and set it to install automatically.Maven: Do the same as JDK.
Docker: Install automatically and apply the configuration.
Creating a Jenkins Job
Creating a Freestyle Project
In Jenkins, click New Item, choose Freestyle Project, and name your job.
In the General section, enable Discard Old Builds and set it to 2 (best practice for backup).
In the Source Code Management section:
Select Git.
Add your Git credentials (username/password).
Add the Git repository URL (e.g.,
https://github.com/shajaazsainu/Ekart.git).Set the branch (e.g.,
main).
In the Build Steps section:
Add a build step: Select Invoke top-level Maven targets.
Under Goals, enter
clean package -DskipTests=trueto skip tests during build.
Click Build Now to trigger the pipeline.
If the build fails due to tests, update the Maven environment to clean package -DskipTests=true.
Setting Up a Pipeline Project
Creating a Pipeline Project
Click New Item and select Pipeline.
Enable Discard Old Builds and set it to 2.
In the Pipeline Script section, you can create your pipeline script manually or use the Pipeline Syntax button to generate it automatically.
Here’s a basic script for a Hello World pipeline:
groovyCopyEditpipeline {
agent any
stages {
stage('Build') {
steps {
sh 'echo "Hello World"'
}
}
}
}
Adding Build Steps
You can add stages like Compile, SonarQube Scan, and OWASP Scan:
Compile:
mvn clean compile -DskipTests=trueSonarQube: Configure SonarQube for static code analysis.
OWASP Scan: Add a stage to check for vulnerabilities using the OWASP Dependency Check plugin.
Here’s a sample script for integrating OWASP:
groovyCopyEditstage('OWASPScan') {
steps {
dependencyCheck additionalArguments: '--scan ./ --format HTML', odcInstallation: 'DP'
dependencyCheckPublisher pattern: '**/dependency-check-report.xml'
}
}
Running the Pipeline
Once everything is configured, click Build Now to run your pipeline. The pipeline will run, and you’ll see the output of each stage in Jenkins.
Docker Setup
Installing Docker
Follow these commands to install Docker on your machine:
bashCopyEditsudo apt update
sudo apt install apt-transport-https ca-certificates curl software-properties-common -y
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt update
sudo apt install docker-ce -y
sudo systemctl start docker
sudo systemctl enable docker
sudo docker --version
sudo docker run hello-world
Running SonarQube in Docker
To run SonarQube in Docker:
bashCopyEditdocker run -d --name sonar -p 9000:9000 sonarqube:lts-community
You can access SonarQube on http://<your_vm_ip>:9000.
Creating a Jenkins Pipeline: A Beginner's Guide
If you're starting with Jenkins, follow these simple steps to create a pipeline and make the most of your build processes.
Step 1: Create a Pipeline Job
In Jenkins, click on New Item.
Enter a name for your job and select Pipeline.
Check the box for Discard old builds and set the maximum number of builds (I recommend setting it to 2).
Step 2: Adding the Pipeline Script
Since you're a beginner, I suggest you start with the Hello World sample script.
In the Pipeline Script section, Jenkins will provide a default script that you can edit.
If you find it difficult to edit, you can use the Pipeline Syntax button. This tool will help you generate the correct pipeline script for your use case.
Once you have the script ready, copy and paste it into the pipeline script box.
Step 3: Add Build Stages
Stage 1: Git Checkout
- Make sure the
GitCheckoutstage is properly configured.
- Make sure the
Stage 2: Compile
Add the following command to compile the project:
bashCopyEditsh "mvn clean compile -DskipTests=true"You might get an error here because we haven't defined the environment yet. To fix this, add the following at the top of your script:
groovyCopyEditjdk 'jdk17' maven 'maven3'
Now your pipeline should be running successfully!
Step 4: Install OWASP Dependency Check
OWASP is a tool used to check for vulnerabilities in your source code. Here’s how to add it to your pipeline:
Go to Manage Jenkins > Manage Plugins.
Install the OWASP Dependency Check Plugin.
Once installed, go to your pipeline configuration and add a new stage for OWASP scan:
groovyCopyEditstage('OWASPScan') { steps { dependencyCheck additionalArguments: '--scan ./ --format HTML', odcInstallation: 'DP' dependencyCheckPublisher pattern: '**/dependency-check-report.xml' } }
Step 5: Install Docker
Next, let's install Docker on your machine to manage containers.
Update and upgrade your system:
bashCopyEditsudo apt update && sudo apt upgrade -yInstall required dependencies:
bashCopyEditsudo apt install apt-transport-https ca-certificates curl software-properties-common -yAdd Docker's official GPG key:
bashCopyEditcurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpgAdd the Docker repository:
bashCopyEditecho "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/nullInstall Docker:
bashCopyEditsudo apt update sudo apt install docker-ce -y sudo systemctl start docker sudo systemctl enable dockerVerify Docker installation:
bashCopyEditsudo docker --version sudo docker run hello-world
Step 6: Create a Docker Container for SonarQube
Run the SonarQube container:
bashCopyEditdocker run -d --name sonar -p 9000:9000 sonarqube:lts-communityTo access SonarQube, use your VM's IP address followed by port 9000 in your browser:
hCopyEdithttp://<your-vm-ip>:9000If it doesn’t load, make sure you’ve opened port 9000 in your security group.
Once SonarQube is running, go to Administration > Security in SonarQube, and generate a token.
In Jenkins, go to Manage Jenkins > Credentials, and add the token you generated as a Secret Text.
Step 7: Configure SonarQube in Jenkins
Go to Manage Jenkins > Configure System, and check for the SonarQube installation.
Edit the SonarQube script in your pipeline:
groovyCopyEditstage('SonarQube') { steps { withSonarQubeEnv('sonar-server') { sh ''' $SCANNER_HOME/bin/sonar-scanner -Dsonar.projectName=Ekart \ -Dsonar.java.binaries=. \ -Dsonar.projectKey=Ekart ''' } } }
Step 8: Finalizing OWASP Scan
Your OWASP pipeline is almost done. Here’s the final configuration for the OWASP scan:
groovyCopyEditstage('OWASPScan') {
steps {
dependencyCheck additionalArguments: '--scan ./', odcInstallation: 'DP'
dependencyCheckPublisher pattern: '**/dependency-check-report.xml'
}
}
Conclusion
You’ve now set up a Jenkins pipeline with SonarQube and OWASP scanning. From here, you can create more complex pipelines for continuous integration and deployment, automating your entire build and testing process.
Happy Jenkins-ing! 😊