Jenkins Tricks on Hira https://www.sitedoricardo.com.br/series/jenkins101/ Recent content in Jenkins Tricks on Hira Hugo -- gohugo.io en Hira Thu, 15 Aug 2024 00:00:00 +0000 Getting started with Jenkins and Docker https://www.sitedoricardo.com.br/p/getting-started-with-jenkins-and-docker/ Thu, 15 Aug 2024 00:00:00 +0000 https://www.sitedoricardo.com.br/p/getting-started-with-jenkins-and-docker/ <img src="https://www.sitedoricardo.com.br/p/getting-started-with-jenkins-and-docker/chilli-charlie-6Lh4FyFdCxI-unsplash.jpg" alt="Featured image of post Getting started with Jenkins and Docker" /><h2 id="introduction">Introduction </h2><p><img src="https://www.sitedoricardo.com.br/p/getting-started-with-jenkins-and-docker/solution.png" width="624" height="298" srcset="https://www.sitedoricardo.com.br/p/getting-started-with-jenkins-and-docker/solution_hu6869457072c945a90133a181f55d3bfb_66565_480x0_resize_box_3.png 480w, https://www.sitedoricardo.com.br/p/getting-started-with-jenkins-and-docker/solution_hu6869457072c945a90133a181f55d3bfb_66565_1024x0_resize_box_3.png 1024w" loading="lazy" alt="Project" class="gallery-image" data-flex-grow="209" data-flex-basis="502px" ></p> <p>Jenkins is one of the most popular and powerful automation tools, widely used for integrating and deploying software projects continuously. While it&rsquo;s possible to quickly start Jenkins using a simple Docker command, this setup looks like &ldquo;Hello World&rdquo; in any programming language: useful for begginers, but insufficient for production environments.</p> <p>In this post, we go beyond the basics. The goal here is to guide you with some techniques for a (almost) robust and scalable Jenkins architecture using Docker and Docker Compose. We&rsquo;ll explore fundamental concepts like machine isolation and set up an environment near real world scenario. By the end, you&rsquo;ll have a solid structure ready to be adapted and expanded according to your needs.</p> <p>If you&rsquo;re ready to move from begginer to professional CI/CD environment, read on!</p> <div class="alert alert--warning"> <div class="alert__icon"> <svg class="icon icon--warning" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M13 14H11V9H13M13 18H11V16H13M1 21H23L12 2L1 21Z" /></svg> </div> <div class="alert__body"> &ldquo;Environment near real world scenario&rdquo; does not mean production environment. Use this post as a reference, not a production ready solution. </div> </div> <h2 id="prerequisites">Prerequisites </h2><p>Before diving into the technical details, it&rsquo;s essential to ensure that some prerequisites are met:</p> <ul> <li>Linux (In my case, I use Windows as main SO, so I need to use some virtualizer like WSL, Virtualbox, VmWare, etc.)</li> <li>Docker</li> </ul> <h2 id="key-concepts">Key Concepts </h2><p>With the prerequisites defined, we can now explore some key concepts that will guide the Jenkins setup.</p> <h3 id="isolation">Isolation </h3><p>The first best practice for using Jenkins is not to run everything on the same machine. Both for security and scalability reasons, it is recommended to use at least two machines.</p> <p>The first machine is what we usually call the <em>controller</em>. It is the main machine, primarily responsible for the interface, settings, and job execution control.</p> <p>The other machines are called <em>nodes</em>. These machines are responsible for executing all the jobs.</p> <h3 id="machine-configuration">Machine Configuration </h3><p>Both the <em>controller</em> and the <em>nodes</em> need to be configured within an operating system.</p> <p>Installing prerequisites, creating directories, and setting user permissions are some examples. Additionally, we will take this opportunity to perform some Jenkins configurations that will only take effect on startup or restart.</p> <p>We will use the <a class="link" href="https://hub.docker.com/r/jenkins/jenkins" target="_blank" rel="noopener" >Jenkins</a> images and <a class="link" href="https://docs.docker.com/compose/" target="_blank" rel="noopener" >Docker Compose</a> for this step.</p> <h3 id="jenkins-configuration">Jenkins Configuration </h3><p>With Jenkins running, we need to configure the environment to work properly:</p> <ul> <li>Access credentials</li> <li>Configuration of communication between the <em>controller</em> and the <em>node</em></li> </ul> <p>These configurations will not be done manually. We will use the <a class="link" href="https://plugins.jenkins.io/configuration-as-code/" target="_blank" rel="noopener" >Configuration as Code</a> plugin to automate this process.</p> <h2 id="basic-structure">Basic Structure </h2><p>With the concepts understood, it’s time to start defining the basic structure of the project.</p> <p>This is the basic structure. This model will be used in future posts.</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">. </span></span><span class="line"><span class="cl">└── demo/ </span></span><span class="line"><span class="cl"> ├── casc/ <span class="c1"># Jenkins configuration as code</span> </span></span><span class="line"><span class="cl"> │ └── *.yaml </span></span><span class="line"><span class="cl"> ├── plugins/ </span></span><span class="line"><span class="cl"> │ └── plugins.txt <span class="c1"># Plugin list</span> </span></span><span class="line"><span class="cl"> ├── scripts/ </span></span><span class="line"><span class="cl"> │ └── *.groovy <span class="c1"># Jenkins initialization scripts</span> </span></span><span class="line"><span class="cl"> ├── ssh <span class="c1"># Public and private keys</span> </span></span><span class="line"><span class="cl"> ├── docker-compose.yaml </span></span><span class="line"><span class="cl"> ├── Dockerfile </span></span><span class="line"><span class="cl"> ├── start.sh </span></span><span class="line"><span class="cl"> └── stop.sh</span></span></code></pre></div> <h3 id="dockerfile">Dockerfile </h3><p>Within this structure, the Dockerfile plays a central role. Let&rsquo;s examine it in detail:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-docker" data-lang="docker"><span class="line"><span class="cl"><span class="k">FROM</span><span class="s"> jenkins/jenkins:lts</span><span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">RUN</span> mkdir -p <span class="nv">$JENKINS_HOME</span>/.ssh<span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">RUN</span> chown -R jenkins:jenkins <span class="nv">$JENKINS_HOME</span>/.ssh<span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">RUN</span> touch <span class="nv">$JENKINS_HOME</span>/.ssh/known_hosts<span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">RUN</span> chmod <span class="m">600</span> <span class="nv">$JENKINS_HOME</span>/.ssh/known_hosts<span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">COPY</span> --chown<span class="o">=</span>jenkins:jenkins ./ssh/jenkins_key <span class="nv">$JENKINS_HOME</span>/.ssh/jenkins_key<span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">RUN</span> chmod <span class="m">600</span> <span class="nv">$JENKINS_HOME</span>/.ssh/jenkins_key<span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">COPY</span> --chown<span class="o">=</span>jenkins:jenkins ./scripts/ /usr/share/jenkins/ref/init.groovy.d/<span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">COPY</span> --chown<span class="o">=</span>jenkins:jenkins ./plugins/plugins.txt /usr/share/jenkins/ref/plugins.txt<span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">RUN</span> jenkins-plugin-cli -f /usr/share/jenkins/ref/plugins.txt<span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">RUN</span> mkdir -p <span class="nv">$JENKINS_HOME</span>/casc_configs<span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">RUN</span> chown -R jenkins:jenkins <span class="nv">$JENKINS_HOME</span>/casc_configs<span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">COPY</span> --chown<span class="o">=</span>jenkins:jenkins ./casc/* <span class="nv">$JENKINS_HOME</span>/casc_configs/<span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">ENV</span> <span class="nv">CASC_JENKINS_CONFIG</span><span class="o">=</span><span class="s2">&#34;</span><span class="nv">$JENKINS_HOME</span><span class="s2">/casc_configs/&#34;</span><span class="err"> </span></span></span><span class="line"><span class="cl"><span class="err"></span><span class="k">ENV</span> <span class="nv">JAVA_OPTS</span><span class="o">=</span><span class="s2">&#34;-Djenkins.install.runSetupWizard=false&#34;</span></span></span></code></pre></td></tr></table> </div> </div> <p>A summary of the Dockerfile content:</p> <ul> <li>lines <em>3</em> to <em>8</em>: Creation of the <code>.ssh</code> directory and copying of the private key stored in the project&rsquo;s <code>ssh</code> folder.</li> <li>line <em>10</em>: Copying of <code>Groovy</code> scripts stored in the project&rsquo;s <code>scripts</code> folder.</li> <li>lines <em>12</em> and <em>13</em>: Copying the plugin list and installing the plugins in the image.</li> <li>lines <em>15</em> to <em>17</em>: Creation of the <code>JCasC</code> plugin folder and copying the configuration files from the project&rsquo;s <code>casc</code> folder (<em>Configuration as Code</em>).</li> <li>line <em>20</em>: Sets the environment variable <code>CASC_JENKINS_CONFIG</code> to configure the default folder where Jenkins will retrieve these files.</li> <li>line <em>21</em>: Configures the environment variable <code>JAVA_OPTS</code> to skip the installation <em>Wizard</em>.</li> </ul> <h3 id="docker-composeyaml">docker-compose.yaml </h3><p>After configuring the Dockerfile, we need to orchestrate the services with docker-compose.yaml:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span><span class="lnt">21 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-yaml" data-lang="yaml"><span class="line"><span class="cl"><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="s1">&#39;3.7&#39;</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"></span><span class="nt">volumes</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">jenkins_data</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l">jenkins_data</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"></span><span class="nt">services</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">jenkins</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">container_name</span><span class="p">:</span><span class="w"> </span><span class="l">jenkins_master</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">build</span><span class="p">:</span><span class="w"> </span><span class="l">.</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">ports</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="m">8080</span><span class="p">:</span><span class="m">8080</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="m">50000</span><span class="p">:</span><span class="m">50000</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">volumes</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="l">jenkins_data:/var/jenkins_home/</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="l">/var/run/docker.sock:/var/run/docker.sock</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">ssh-agent</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">container_name</span><span class="p">:</span><span class="w"> </span><span class="l">jenkins_agent</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l">jenkins/ssh-agent</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">environment</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="l">JENKINS_AGENT_SSH_PUBKEY=${JENKINS_AGENT_SSH_PUB}</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">depends_on</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="l">jenkins</span></span></span></code></pre></td></tr></table> </div> </div> <p>There is no secret to <code>docker-compose</code>. The <code>jenkins</code> service runs the official Jenkins image, with the main ports mapped, and the <code>ssh-agent</code> service will be the execution <em>node</em> for the pipelines.</p> <p>In line <em>19</em>, we configure the environment variable <code>JENKINS_AGENT_SSH_PUBKEY</code> to inform the generated public key.</p> <h3 id="pluginstxt">plugins.txt </h3><p>Now that the services are configured, let&rsquo;s define the essential plugins in the plugins.txt file:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span><span class="lnt">21 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-txt" data-lang="txt"><span class="line"><span class="cl">cloudbees-folder </span></span><span class="line"><span class="cl">build-timeout </span></span><span class="line"><span class="cl">credentials </span></span><span class="line"><span class="cl">timestamper </span></span><span class="line"><span class="cl">ws-cleanup </span></span><span class="line"><span class="cl">pipeline-milestone-step </span></span><span class="line"><span class="cl">pipeline-input-step </span></span><span class="line"><span class="cl">pipeline-stage-step </span></span><span class="line"><span class="cl">pipeline-graph-analysis </span></span><span class="line"><span class="cl">pipeline-rest-api </span></span><span class="line"><span class="cl">pipeline-stage-view </span></span><span class="line"><span class="cl">pipeline-build-step </span></span><span class="line"><span class="cl">pipeline-model-api </span></span><span class="line"><span class="cl">pipeline-model-extensions </span></span><span class="line"><span class="cl">pipeline-stage-tags-metadata </span></span><span class="line"><span class="cl">pipeline-model-definition </span></span><span class="line"><span class="cl">ssh-credentials </span></span><span class="line"><span class="cl">ssh-slaves </span></span><span class="line"><span class="cl">config-file-provider </span></span><span class="line"><span class="cl">workflow-aggregator </span></span><span class="line"><span class="cl">configuration-as-code</span></span></code></pre></td></tr></table> </div> </div> <h3 id="executorsgroovy">executors.groovy </h3><p>Following the recommendations at the beginning of the article, it is necessary to adjust the Jenkins executors, which we will do in the executors.groovy script:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-groovy" data-lang="groovy"><span class="line"><span class="cl"><span class="kn">import</span> <span class="nn">jenkins.model.*</span> </span></span><span class="line"><span class="cl"><span class="n">Jenkins</span><span class="o">.</span><span class="na">instance</span><span class="o">.</span><span class="na">setNumExecutors</span><span class="o">(</span><span class="mi">0</span><span class="o">)</span> <span class="s">//</span> <span class="n">Recommended</span> <span class="n">to</span> <span class="n">not</span> <span class="n">run</span> <span class="n">builds</span> <span class="n">on</span> <span class="n">the</span> <span class="n">built</span><span class="o">-</span><span class="k">in</span> <span class="n">node</span></span></span></code></pre></td></tr></table> </div> </div> <h3 id="ssh-agentyaml">ssh-agent.yaml </h3><p>Finally, we need to configure secure communication between the <em>controller</em> and the <em>nodes</em>, using ssh-agent.yaml:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span><span class="lnt">12 </span><span class="lnt">13 </span><span class="lnt">14 </span><span class="lnt">15 </span><span class="lnt">16 </span><span class="lnt">17 </span><span class="lnt">18 </span><span class="lnt">19 </span><span class="lnt">20 </span><span class="lnt">21 </span><span class="lnt">22 </span><span class="lnt">23 </span><span class="lnt">24 </span><span class="lnt">25 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-yaml" data-lang="yaml"><span class="line"><span class="cl"><span class="nt">credentials</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">system</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">domainCredentials</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">credentials</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">basicSSHUserPrivateKey</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">scope</span><span class="p">:</span><span class="w"> </span><span class="l">SYSTEM</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">id</span><span class="p">:</span><span class="w"> </span><span class="l">ssh_agent_key</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">username</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">description</span><span class="p">:</span><span class="w"> </span><span class="s2">&#34;SSH passphrase with private key file. Private key provided&#34;</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">privateKeySource</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">directEntry</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">privateKey</span><span class="p">:</span><span class="w"> </span><span class="s2">&#34;${readFile:${JENKINS_HOME}/.ssh/jenkins_key}&#34;</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"></span><span class="nt">jenkins</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">nodes</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span>- <span class="nt">permanent</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">launcher</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">ssh</span><span class="p">:</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">credentialsId</span><span class="p">:</span><span class="w"> </span><span class="s2">&#34;ssh_agent_key&#34;</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">host</span><span class="p">:</span><span class="w"> </span><span class="s2">&#34;jenkins_agent&#34;</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">port</span><span class="p">:</span><span class="w"> </span><span class="m">22</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">sshHostKeyVerificationStrategy</span><span class="p">:</span><span class="w"> </span><span class="s2">&#34;nonVerifyingKeyVerificationStrategy&#34;</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="s2">&#34;jenkins_agent&#34;</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">numExecutors</span><span class="p">:</span><span class="w"> </span><span class="m">2</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">remoteFS</span><span class="p">:</span><span class="w"> </span><span class="s2">&#34;/tmp&#34;</span><span class="w"> </span></span></span><span class="line"><span class="cl"><span class="w"> </span><span class="nt">retentionStrategy</span><span class="p">:</span><span class="w"> </span><span class="s2">&#34;always&#34;</span></span></span></code></pre></td></tr></table> </div> </div> <p>Here, we configure Jenkins using the <a class="link" href="https://plugins.jenkins.io/configuration-as-code/" target="_blank" rel="noopener" >configuration as code</a> plugin:</p> <ul> <li>Lines <em>1</em> to <em>12</em>: Creation of a Jenkins credential of type <code>SSH Username with private key</code> with the private key.</li> <li>Lines <em>13</em> to <em>25</em>: We create the <em>node</em> configuration.</li> </ul> <h2 id="start-up">Start up </h2><p>With all the configurations in place, it’s time to put everything into practice and start the environment. We’ll use the <code>start.sh</code> script to automate the execution of docker-compose (especially useful for repeated executions):</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="cp">#!/bin/sh </span></span></span><span class="line"><span class="cl"><span class="cp"></span><span class="nv">work_path</span><span class="o">=</span><span class="k">$(</span><span class="nb">pwd</span><span class="k">)</span> </span></span><span class="line"><span class="cl"><span class="nb">echo</span> <span class="nv">$work_path</span> </span></span><span class="line"><span class="cl">sh <span class="nv">$work_path</span>/stop.sh </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl">ssh-keygen -t rsa -f <span class="nv">$work_path</span>/ssh/jenkins_key -N <span class="s2">&#34;&#34;</span> -C <span class="s2">&#34;&#34;</span> </span></span><span class="line"><span class="cl"> </span></span><span class="line"><span class="cl"><span class="nb">export</span> <span class="nv">JENKINS_AGENT_SSH_PUB</span><span class="o">=</span><span class="k">$(</span>cat <span class="nv">$work_path</span>/ssh/jenkins_key.pub<span class="k">)</span> </span></span><span class="line"><span class="cl"><span class="nb">echo</span> <span class="nv">$JENKINS_AGENT_SSH_PUB</span> </span></span><span class="line"><span class="cl">docker-compose up --build -d</span></span></code></pre></td></tr></table> </div> </div> <p>In summary, the <code>start.sh</code> script:</p> <ul> <li>Executes the <code>stop.sh</code> script to remove any existing environment.</li> <li>Generates the ssh key for secure communication between the <code>jenkins</code> and <code>ssh-agent</code> containers.</li> <li>Exports the environment variable <code>JENKINS_AGENT_SSH_PUB</code>.</li> <li>Builds and starts the environment.</li> </ul> <h2 id="conclusion">Conclusion </h2><p>In this article, we explored some essential concepts for a robust Jenkins setup and then proceeded with the actual configuration.</p> <p>Starting with the environment setup, we used the <code>Dockerfile</code> and <code>docker-compose.yaml</code> to define and orchestrate the environment&rsquo;s services. We then configured Jenkins&rsquo; essential features, such as plugins and executors, using the <code>plugins.txt</code> and <code>executors.groovy</code> files.</p> <p>Finally, we used a script (<code>start.sh</code>) to automate the execution of all these steps.</p> <p>The final project will be available in the repository <a class="link" href="repo-link" >repo-link</a>.</p> <p>In future articles, we will add more steps and configurations for Jenkins. If you&rsquo;re interested, stay tuned for updates.</p> <p>Photo by <a class="link" href="https://unsplash.com/pt-br/@elizabeth44?utm_content=creditCopyText&amp;utm_medium=referral&amp;utm_source=unsplash" target="_blank" rel="noopener" >Chilli Charlie</a> on <a class="link" href="https://unsplash.com/pt-br/fotografias/estrada-de-asfalto-preto-entre-arvores-nuas-durante-o-dia-6Lh4FyFdCxI?utm_content=creditCopyText&amp;utm_medium=referral&amp;utm_source=unsplash" target="_blank" rel="noopener" >Unsplash</a></p>