This repo contains source code to create a jenkins image which can be deployed as a docker container
~~ Java 11 installation will be taken care by the download_install_open_jdk shell script. we will be passing the open jdk java version as an argument to Dockerfile which is later passsed as an argument to shell script at the runtime ~~
Java 11 installation will be taken care by the dnf package manger. we install open jdk 11 version
- openjdk and amazon correto manual installations was giving some issues while running jenkins along with it. so changed to default jdk11 provided by dnf package manager.
- make sure docker and docker-compose are present on your machine
- clone the repo
- add your variables to .env file
- cd to the repo directory
- execute the docker-compose command as shown below
docker-compose --env-file .env up -d or docker build -t yourimagename
- download_install_amazon_correto.sh --> download amazon jdk 11
- download_install_open_jdk.sh --> download open jdk 11
- get_java_version.sh --> get available java jdk versions from oel package manager
-
plugins.yaml --> the list of plugins installed in java once booted by default. its file name should be either plugins.yaml or plugins.txt
-
config-as-code.yaml --> The jenkins/jenkins image allows you to enable or disable the setup wizard by passing in a system property named jenkins.install.runSetupWizard via the JAVA_OPTS environment variable. Users of the image can pass in the JAVA_OPTS environment variable at runtime using the --env flag to docker run. However, this approach would put the onus of disabling the setup wizard on the user of the image. Instead, you should disable the setup wizard at build time, so that the setup wizard is disabled by default.
-
To use JCasC, you need to install the Configuration as Code plugin. configuration-as-code
-
examples of how to use config as code plugin jenkinsci/configuration-as-code-plugin
version: '3.8'
services:
jenkins:
build:
context: .
dockerfile: Dockerfile
restart: always
ports:
- 8080:8080
container_name: ${CONTAINER_NAME}
environment:
- JENKINS_ADMIN=${JENKINS_ADMIN}
- JENKINS_ADMIN_PASSWORD=${JENKINS_ADMIN_PASSWORD}
- JAVA_OPTS="-Djenkins.install.runSetupWizard=false"
volumes:
- jenkins-data:/var/jenkins_home
networks:
- jenkins
volumes:
jenkins-data:
driver: local
networks:
jenkins:
- version - version of docker-compose ure using
- services - declaring services
- jenkins - service jenkins
- build - declaring dockerfile context for build and custom dockerfile name
- restart - restart policy
- ports - exposing ports
- container_name - the name the container will get
- environment - passing variables to fill config-as-code.yaml config
- volumes - mapping volumes to local fs
- networks - creating jenkins net (for example for adding runner-containers in future)
docker pull command : docker pull dockerofkrishnadhas/oraclelinux-jenkins-docker-image:latest
Image scanning is done by trivy which is an open-source tool that can be used to scan Docker images for vulnerabilities.
command used : docker run -v /var/run/docker.sock:/var/run/docker.sock aquasec/trivy image ${{ inputs.image_name }}:${{ inputs.tag }}