Jenkins Made Simple: Your Step-by-Step Guide to Automating CI/CD Pipelines
Nayeem Islam
Crafting Tech Experience | Data Strategist | Telecom & Generative AI Specialist
From Installation to Deployment, Master the Art of CI/CD with Jenkins
What is CI/CD and Why You Should Care About Jenkins?
Imagine you’re working on a project with a team, and each team member is contributing code to the same repository. One person’s code doesn’t work well with the other’s, leading to bugs, headaches, and hours of fixing things. This scenario can slow down the development process and make things messy—this is where CI/CD comes into play.
CI/CD in a Nutshell
Why Jenkins?
Jenkins is like the conductor in an orchestra, making sure everything happens at the right time and in harmony. It automates your entire development process, ensuring your code is tested, integrated, and deployed without human intervention. Best of all, Jenkins is free, open-source, and packed with plugins that can integrate with practically any tool you use.
Key Takeaways:
Setting Up Jenkins – Installation Made Simple
Let’s imagine you’ve just moved into a new house. The first thing you’d want to do is set up the essentials—electricity, water, internet. Similarly, setting up Jenkins is the first step before you can start automating your CI/CD pipelines.
Prerequisites:
Before we can install Jenkins, we need one essential thing: Java. Jenkins runs on Java, so let’s get that set up first.
Step 1: Installing Java (JDK 11)
Run the following commands to install Java on your system:
sudo apt update
sudo apt install openjdk-11-jdk
Once installed, verify that Java is working:
java -version
This should display something like:
java version "1.8.0_421"
Java(TM) SE Runtime Environment (build 1.8.0_421-b09)
Java HotSpot(TM) Client VM (build 25.421-b09, mixed mode, sharing)
# Or
openjdk version "11.0.11" 2021-04-20
Step 2: Adding the Jenkins Repository and Installing Jenkins
Now that Java is ready, let’s install Jenkins. Just like you set up internet in your home by choosing a provider, here you’ll add Jenkins from its official repository.
1. Add the Jenkins Repository:
wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add -
sudo sh -c 'echo deb https://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'
2. Install Jenkins:
sudo apt update
sudo apt install jenkins
Step 3: Starting Jenkins
Let’s start Jenkins, just like turning on the lights in your new home:
sudo systemctl start jenkins
sudo systemctl enable jenkins
Step 4: Access Jenkins in Your Browser
Now that Jenkins is up and running, it’s time to access the Jenkins dashboard. Open your browser and navigate to:
https://<your-server-ip>:8080
Jenkins will ask for an administrator password, which you can find by running this command:
sudo cat /var/lib/jenkins/secrets/initialAdminPassword
Paste the password, complete the setup, and you’ll be ready to go!
Next Steps:
Once you’re in, Jenkins will ask if you want to install some plugins. Go ahead and choose the recommended plugins. They cover the most common features you’ll need to get started.
Key Takeaways:
Creating Your First Jenkins Job – Start Simple with Freestyle Projects
Now that Jenkins is up and running, imagine it like a personal assistant waiting for instructions. Your first task is to teach this assistant what you want it to do by creating a job. In Jenkins, a job is a task that automates a part of your development workflow. For this first exercise, we’ll keep things simple and create a Freestyle Job.
A Freestyle Job is like a one-off task that Jenkins can handle, such as compiling code or running a quick test. Let’s walk through how to set up your first job and see Jenkins in action!
Step 1: Creating a New Freestyle Job
Step 2: Add Source Code to the Job
In real-world scenarios, Jenkins typically works with code stored in a repository like GitHub. For now, we’ll assume you have a GitHub repository that contains a project you'd like to build.
Step 3: Define the Build Step
Once Jenkins knows where your source code lives, it needs to know what to do with it. This is where build steps come in. We’ll set up Jenkins to use Maven, a popular tool for building Java applications. You can follow the same approach for other tools.
clean package
This tells Maven to clean any previous build files and then package the project (usually into a .jar or .war file).
Step 4: Save and Build
Once you’ve added the build step, you’re ready to roll:
You’ll see a build pop up in the Build History section. Click on the build number to follow along with Jenkins as it runs your job. You can also check the Console Output to see what’s happening behind the scenes.
What Happens Under the Hood?
When you trigger the build:
Key Takeaways:
Moving to Jenkins Pipelines – Automate and Scale with Ease
Now that you’ve dipped your toes into Jenkins with a Freestyle job, it’s time to step up the game with Jenkins Pipelines. Pipelines are like giving Jenkins a well-thought-out recipe. Instead of just telling Jenkins, “Build this once,” you’re giving it a step-by-step guide to follow every time someone pushes code.
With Jenkins Pipelines, you can:
Think of it as leveling up from a simple task list to a full project plan, but for your code.
What’s a Jenkinsfile?
In Jenkins Pipelines, the instructions live in a special file called a Jenkinsfile. This file is placed in the root of your repository and tells Jenkins exactly what to do with your code—whether that’s testing, building, or deploying it.
A Jenkinsfile contains multiple steps organized into stages. It looks something like this:
pipeline {
agent any
tools {
jdk 'jdk11'
maven 'maven3'
}
stages {
stage('Checkout Code') {
steps {
git url: 'https://github.com/your-repo.git', branch: 'main'
}
}
stage('Build') {
steps {
sh 'mvn clean compile'
}
}
stage('Test') {
steps {
sh 'mvn test'
}
}
stage('Package') {
steps {
sh 'mvn package'
}
}
}
}
Breaking Down the Jenkinsfile:
Step 1: Creating a New Pipeline Job
Step 2: Configuring the Pipeline
Step 3: Save and Run Your Pipeline
Once you’ve set up the pipeline, click Save and then Build Now.
Jenkins will:
What’s Different from Freestyle Jobs?
Key Takeaways:
Securing Your Code with SonarQube and OWASP Dependency Check
You’ve got Jenkins building and testing your code now, but let’s be honest—shipping buggy, insecure code is never a good idea. You want your software to not only function but to be clean and safe from vulnerabilities. This is where tools like SonarQube and OWASP Dependency Check come in handy.
Think of it like this: when building a house, you don’t just build the walls and roof; you inspect the structure to ensure it’s strong and stable. In the world of software development, SonarQube and OWASP act like inspectors, analyzing your code for potential issues before it goes live.
Step 1: Integrating SonarQube for Code Quality and Bug Detection
SonarQube is a powerful tool for code quality analysis. It helps detect code smells, bugs, and vulnerabilities early in the development process. It’s like having a second pair of eyes on your code, checking for issues that might have slipped through your tests.
Installing SonarQube Plugin in Jenkins
Adding SonarQube to the Pipeline
Now, let's add a SonarQube analysis stage to your Jenkinsfile. Here's how you would update the Jenkinsfile to integrate SonarQube analysis:
pipeline {
agent any
tools {
jdk 'jdk11'
maven 'maven3'
}
stages {
stage('Checkout Code') {
steps {
git url: 'https://github.com/your-repo.git', branch: 'main'
}
}
stage('Build') {
steps {
sh 'mvn clean compile'
}
}
stage('SonarQube Analysis') {
steps {
script {
def scannerHome = tool 'SonarQube Scanner';
withSonarQubeEnv('SonarQube Server') {
sh "${scannerHome}/bin/sonar-scanner"
}
}
}
}
stage('Test') {
steps {
sh 'mvn test'
}
}
stage('Package') {
steps {
sh 'mvn package'
}
}
}
}
What This Does:
Step 2: Running OWASP Dependency Check for Vulnerabilities
Even if your code looks perfect, there might be issues lurking in the libraries or packages you use. This is where OWASP Dependency Check comes in. It scans your project’s dependencies to make sure you’re not using any libraries with known vulnerabilities.
Installing OWASP Dependency Check in Jenkins
Adding OWASP Dependency Check to the Pipeline
Now, add an OWASP Dependency Check stage to your Jenkinsfile:
pipeline {
agent any
tools {
jdk 'jdk11'
maven 'maven3'
}
stages {
stage('Checkout Code') {
steps {
git url: 'https://github.com/your-repo.git', branch: 'main'
}
}
stage('Build') {
steps {
sh 'mvn clean compile'
}
}
stage('SonarQube Analysis') {
steps {
script {
def scannerHome = tool 'SonarQube Scanner';
withSonarQubeEnv('SonarQube Server') {
sh "${scannerHome}/bin/sonar-scanner"
}
}
}
}
stage('Dependency Check') {
steps {
dependencyCheck additionalArguments: '--scan .'
}
}
stage('Test') {
steps {
sh 'mvn test'
}
}
stage('Package') {
steps {
sh 'mvn package'
}
}
}
}
What This Does:
Step 3: Reviewing Results and Fixing Issues
Once Jenkins runs the pipeline with both SonarQube and OWASP Dependency Check, you’ll be able to see:
By addressing these issues early, you’ll reduce the risk of deploying insecure or unstable software.
Key Takeaways:
Deploying Your Application with Docker – The Final Step
By now, Jenkins is doing the heavy lifting—automating your builds, running tests, and ensuring your code quality and security. But, there’s one more crucial piece to the puzzle: deploying your application. This is where Docker comes in.
Docker allows you to package your application, along with everything it needs, into a single container that can be deployed anywhere. Think of Docker as a portable shipping container for your app. Whether you're deploying it on a local server, the cloud, or a colleague’s machine, it will run exactly the same.
In this section, we’ll set up Jenkins to use Docker to build, push, and deploy your application in a Docker container.
Step 1: Setting Up Docker in Jenkins
First, we need to make sure that Jenkins can work with Docker.
Install Docker on Your Jenkins Server
If Docker isn’t installed on your Jenkins server yet, you can do so with the following commands:
sudo apt update
sudo apt install docker.io
sudo systemctl start docker
sudo systemctl enable docker
To allow Jenkins to use Docker commands without root permissions, add the jenkins user to the docker group:
sudo usermod -aG docker jenkins
Restart Jenkins after this change:
sudo systemctl restart jenkins
Step 2: Create a Dockerfile for Your Application
To deploy an application with Docker, we first need a Dockerfile. This file tells Docker how to build an image of your app. Here’s a simple example of a Dockerfile for a Java application:
# Use OpenJDK as the base image
FROM openjdk:11-jre-slim
# Add the JAR file to the Docker container
COPY target/myapp.jar /app.jar
# Set the command to run the app
ENTRYPOINT ["java", "-jar", "/app.jar"]
# Expose port 8080
EXPOSE 8080
What’s Happening Here?
Step 3: Build and Push the Docker Image in Jenkins
Now that you’ve got your Dockerfile, let’s update your Jenkinsfile to build the Docker image, push it to a Docker registry (like Docker Hub), and then deploy the container.
Add Docker Stages to Your Jenkinsfile
Here’s how your Jenkinsfile might look after adding Docker steps:
pipeline {
agent any
tools {
jdk 'jdk11'
maven 'maven3'
}
stages {
stage('Checkout Code') {
steps {
git url: 'https://github.com/your-repo.git', branch: 'main'
}
}
stage('Build') {
steps {
sh 'mvn clean package'
}
}
stage('Build Docker Image') {
steps {
script {
docker.build('myapp-image')
}
}
}
stage('Push Docker Image') {
steps {
script {
docker.withRegistry('https://index.docker.io/v1/', 'dockerhub-credentials') {
docker.image('myapp-image').push('latest')
}
}
}
}
stage('Deploy Docker Container') {
steps {
sh 'docker run -d -p 8080:8080 myapp-image:latest'
}
}
}
}
Breaking It Down:
Step 4: Setting Up Docker Hub Credentials in Jenkins
To push the Docker image to Docker Hub, you need to store your Docker Hub credentials in Jenkins.
This allows Jenkins to authenticate with Docker Hub and push the image.
Step 5: Trigger the Pipeline
Once your Jenkinsfile is set up and Docker is ready, you can trigger the pipeline:
You can access the app by navigating to https://<your-server-ip>:8080 in your browser.
What’s the End Result?
Key Takeaways:
Wrapping Up Your Jenkins Journey
Congratulations! You’ve just completed an entire journey through Jenkins, covering everything from basic job setup to advanced deployment strategies using Docker. By now, Jenkins is doing much more than just handling your builds. It’s working as your personal assistant—automating everything from testing and code quality checks to pushing out Docker containers for deployment.
Here’s what you’ve learned:
What’s Next?
Now that you’ve got Jenkins under your belt, where should you go from here?
1. Expand Your Pipeline:
2. Explore More Jenkins Plugins:
3. Kubernetes & Jenkins:
4. Jenkins Best Practices:
A Few Final Tips:
Thank you for following along with this Jenkins tutorial! You now have a strong foundation to build out complex, fully automated CI/CD pipelines that can scale with your projects. Keep experimenting, and don't hesitate to explore new tools and technologies to further enhance your automation workflows.
Happy automating with Jenkins!