diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..5509140 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*.DS_Store diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..5f234e9 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,15 @@ +# Contributing to reuse + +### Issues + +Feel free to submit bugs or feature requests as issues. + +### Pull Requests + +These rules must be followed for any contributions to be merged into master. + +1. Fork this repo +1. Make any desired changes +1. Validate you changes meet your desired use case +1. Ensure documentation has been updated +1. Open a pull-request diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..36becce --- /dev/null +++ b/Dockerfile @@ -0,0 +1,25 @@ +ARG JENKINS_VER=2.60.3 +ARG JENKINS_REL=1 + +FROM jenkins/jenkins:${JENKINS_VER} + +USER root + +COPY files/jenkins_wrapper.sh /usr/local/bin/jenkins_wrapper.sh + +RUN echo -n ${JENKINS_VER} > /usr/share/jenkins/ref/jenkins.install.UpgradeWizard.state && \ +echo -n ${JENKINS_VER} > /usr/share/jenkins/ref/jenkins.install.InstallUtil.lastExecVersion && \ +# allow slave to master control - https://wiki.jenkins.io/display/JENKINS/Slave+To+Master+Access+Control +mkdir -p /usr/share/jenkins/ref/secrets/ && echo false > /usr/share/jenkins/ref/secrets/slave-to-master-security-kill-switch && \ +# Create file for plugin versioning +echo ${JENKINS_VER}-${JENKINS_VER} > /usr/share/jenkins/ref/jenkins.docker.image.version && \ +sed -i -e "s/##JENKINS_VER##/${JENKINS_VER}/g; s/##JENKINS_REL##/${JENKINS_REL}/g" /usr/local/bin/jenkins_wrapper.sh && \ +chmod 0755 /usr/local/bin/jenkins_wrapper.sh + +ENTRYPOINT ["/bin/tini", "--", "/usr/local/bin/jenkins_wrapper.sh"] + +USER jenkins + +# Install plugins that are predefined in the base-plugins.txt file +COPY files/base-plugins.txt /usr/share/jenkins/base-plugins.txt +RUN cat /usr/share/jenkins/base-plugins.txt | xargs /usr/local/bin/install-plugins.sh diff --git a/Dockerfile.debug b/Dockerfile.debug new file mode 100644 index 0000000..8f4dfe0 --- /dev/null +++ b/Dockerfile.debug @@ -0,0 +1,6 @@ +ARG JENKINS_VER=2.60.3 +ARG JENKINS_REL=1 + +FROM target/jenkins-docker-master:${JENKINS_VER}-${JENKINS_REL} +COPY files/debug_logs.groovy /usr/share/jenkins/ref/init.groovy.d/debug_logs.groovy +COPY files/debug_logging.properties /usr/share/jenkins/debug_logging.properties diff --git a/LICENSE.txt b/LICENSE.txt new file mode 100644 index 0000000..cf5d205 --- /dev/null +++ b/LICENSE.txt @@ -0,0 +1,13 @@ +Copyright (C) 2017 Target Brands, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/README.md b/README.md new file mode 100644 index 0000000..ef3800c --- /dev/null +++ b/README.md @@ -0,0 +1,27 @@ +# jenkins-docker-master + +## About this repo +This is the Git repo of the Jenkins Dockerfile used in the Jenkins at Your Service (JAYS) architecture. + +JAYS is a platform for providing multiple Jenkins instances in a Docker Swarm cluster. + +More information about JAYS coming soon. + +## Usage + +This image extends the official [Jenkins LTS images](https://hub.docker.com/r/jenkins/jenkins) +and as such, many of the options prescribed there apply to this image as well. + +The base image is intended to be extended by using groovy scripts to setup ACLs using the `github-oauth` plugin. We have provided example groovy scripts in the `examples` directory of this Github repo. + +The following environment variables can be used to set up Jenkins: + +| Variable | Description | Example | +| --------------------------------- | ----------- | ------- | +| JENKINS_SLAVE_AGENT_PORT | Specify the TCP port for the slave agent to use. Must be unique to the cluster | `5001` | +| JAVA_OPTS | Specify any additional java options for running. | `-Djava.util.logging.config.file=/var/jenkins_home/log.properties` | + +## Supported tags and respective `Dockerfile` links + + * `latest`, `2.60.3-1` + * `debug-latest`, `debug-2.60.3-1` diff --git a/examples/Dockerfile b/examples/Dockerfile new file mode 100644 index 0000000..b55366b --- /dev/null +++ b/examples/Dockerfile @@ -0,0 +1,15 @@ +ARG JENKINS_VER=2.60.3 +ARG JENKINS_REL=1 + +FROM target/jenkins-docker-master:${JENKINS_VER}-${JENKINS_REL} +USER root + +RUN curl -L https://github.com/logzio/jmx2graphite/releases/download/v1.1.0/jmx2graphite-1.1.0-javaagent.jar > /usr/share/jenkins/jmx2graphite.jar + +USER jenkins + +COPY base-plugins.txt /usr/share/jenkins/base-plugins.txt +RUN cat /usr/share/jenkins/base-plugins.txt | xargs /usr/local/bin/install-plugins.sh + +COPY setup_security.groovy /usr/share/jenkins/ref/init.groovy.d/setup.groovy.override +COPY setup_reporting.groovy /usr/share/jenkins/ref/init.groovy.d/setup_reporting.groovy.override diff --git a/examples/README.md b/examples/README.md new file mode 100644 index 0000000..5f242bf --- /dev/null +++ b/examples/README.md @@ -0,0 +1,85 @@ +## setup_security +The `setup_security.groovy` script does the following: + + * Set [executors](https://support.cloudbees.com/hc/en-us/articles/216456477-What-is-a-Jenkins-Executor-and-how-can-I-best-utilize-my-executors) to 0 + * Set [quiet period](https://jenkins.io/blog/2010/08/11/quiet-period-feature/) to 5 + * Set [slave agent port](http://javadoc.jenkins-ci.org/jenkins/model/Jenkins.html#setSlaveAgentPort-int-) to a user provided environment variable + * Set [jenkins url](http://javadoc.jenkins-ci.org/jenkins/model/JenkinsLocationConfiguration.html#setUrl-java.lang.String-) to a user provided environment variable + * Create a admin user + * Sets email address to user provided environment variable + * Sets ssh keypair to user provided environment variable + * Setup new GithubSecurityRealm for [github-oauth](https://plugins.jenkins.io/github-oauth) + * Setup new RoleBasedAuthorizationStrategy for [role-strategy](https://plugins.jenkins.io/role-strategy) + * Define admin, developer, authenticated, and anonymous user roles and permissions + +### Usage + +1. Extend the base image and include the script + + ``` + FROM target/jenkins-docker-master:latest + + COPY setup_security.groovy /usr/share/jenkins/ref/init.groovy.d/setup_security.groovy.override + ``` + + **Note**: The security script requires that the [git](https://plugins.jenkins.io/git), [github](https://plugins.jenkins.io/github), [github-oauth](https://plugins.jenkins.io/github-oauth), [matrix-auth](https://plugins.jenkins.io/matrix-auth), and [role-strategy](https://plugins.jenkins.io/role-strategy) plugins are installed + +1. Create a GitHub OAuth App by following the instructions on [GitHub](https://developer.github.com/enterprise/2.10/v3/oauth/) + * Example homepage url - `https://accounting.jenkins.company.com` + * Example Authorization callback URL - `https://accounting.jenkins.company.com/securityRealm/finishLogin` + * Take note of the Client ID and Client secret as they will be used later + +1. Define company specific environment variables + +| Variable | Description | Example | +| --------------------------------- | ----------- | ------- | +| GHE_KEY | TheGitHub OAuth Key | `abcdef0123456789abcd` | +| GHE_SECRET | TheGitHub OAuth Secret | `h5qosu6bmrgrl8dgwynfps4e1z2jnio4hid2u3gp` | +| JENKINS_ACL_MEMBERS_admin | A GitHub Org*Team to be admins of this instance | `target*Admins` | +| JENKINS_ACL_MEMBERS_developer | A GitHub Org*Team to be developers on this instance (optional) | `jenkins*Contributors` | +| ADMIN_SSH_PUBKEY | An ssh public key for the admin team to manage this instance | `ssh-rsa AAAAB3N....9CUz` | +| JENKINS_URL | Specify the public URL used to access this instance | `https://accoutning.jenkins.company.com/` | +| JENKINS_ADMIN_EMAIL | Specify the email address associated with the owners of this instance | `owners@company.com` | +| GHE_ADMIN | The default GitHub Org*Team to be admins of this instance | `Jenkins*Admins` + +## setup_reporting +The `setup_reporting.groovy` script does the following: + + * Sets up Graphite Metrics Reporting + +### Usage + +1. Extend the base image by including the reporting script and installing the [jmx2graphite jar](https://github.com/logzio/jmx2graphite) + + ``` + FROM target/jenkins-docker-master:latest + + COPY setup_reporting.groovy /usr/share/jenkins/ref/init.groovy.d/setup_reporting.groovy.override + + RUN curl -L https://github.com/logzio/jmx2graphite/releases/download/v1.1.0/jmx2graphite-1.1.0-javaagent.jar > /usr/share/jenkins/jmx2graphite.jar + ``` + + **Note**: The reporting script requires that the [metrics](https://plugins.jenkins.io/metrics) and [metrics-graphite](https://plugins.jenkins.io/metrics-graphite) plugins are installed + +1. Define company specific environment variables + +| Variable | Description | Example | +| --------------------------------- | ----------- | ------- | +| GRAPHITE_HOST | Specify the URL or IP address where to send graphite metrics | `graphite.company.com` | +| NAME | Name of the Jenkins master | `accounting` | +| TEAM | Team using the Jenkins master | `stores` | + + +## Installing plugins +Installing additional plugins is as simple as creating a text file with the list of plugins and extending the base image to include it. + +The examples/base-plugins.txt file is a list of our favorite plugins to install + +### Usage + + ``` + FROM target/jenkins-docker-master:latest + + COPY base-plugins.txt /usr/share/jenkins/base-plugins.txt + RUN cat /usr/share/jenkins/base-plugins.txt | xargs /usr/local/bin/install-plugins.sh + ``` diff --git a/examples/base-plugins.txt b/examples/base-plugins.txt new file mode 100644 index 0000000..d02d644 --- /dev/null +++ b/examples/base-plugins.txt @@ -0,0 +1,39 @@ +artifactory +build-token-root +cloudbees-folder +copyartifact +credentials +credentials-binding +envinject +git +github +github-oauth +ghprb +greenballs +groovy +job-dsl +kubernetes +mailer +matrix-auth +metrics +metrics-graphite +parameterized-trigger +plain-credentials +pipeline-model-definition +pipeline-stage-view +role-strategy +script-security +ssh-credentials +ssh-slaves +subversion +urltrigger +workflow-api +workflow-aggregator +workflow-cps +workflow-multibranch +workflow-job:2.11 +workflow-scm-step +workflow-step-api +workflow-support +github-branch-source +ws-cleanup diff --git a/examples/jenkins_wrapper.sh b/examples/jenkins_wrapper.sh new file mode 100644 index 0000000..0276704 --- /dev/null +++ b/examples/jenkins_wrapper.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +# This enables you to directly tie versions of plugins to a specific version of Jenkins +# The base dockerfile installs plugins, but it won't override plugins that are pinned, +# so we will copy the plugin directory on each new version of Jenkins +# More information - https://wiki.jenkins.io/display/JENKINS/Pinned+Plugins +if [ "$(cat /var/jenkins_home/jenkins.docker.image.version)" != "##JENKINS_VER##-##JENKINS_REL##" ] ; then + echo "Updating plugins..." + cp -var /usr/share/jenkins/ref/plugins/* /var/jenkins_home/plugins + echo "##JENKINS_VER##-##JENKINS_REL##" > /var/jenkins_home/jenkins.docker.image.version +fi + +# setup java options +JAVA_OPTS="${JAVA_OPTS} -server -XX:+UseG1GC -XX:+ExplicitGCInvokesConcurrent -XX:+ParallelRefProcEnabled -XX:+UseStringDeduplication -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:G1HeapRegionSize=8m -XX:MetaspaceSize=500M -Djava.awt.headless=true -Djenkins.model.Jenkins.logStartupPerformance=true -Dhudson.InitReactorRunner.concurrency=64 -Dhudson.slaves.NodeProvisioner.MARGIN=50 -Dhudson.slaves.NodeProvisioner.MARGIN0=0.85" +export JAVA_OPTS + +# https://github.com/jenkinsci/docker/blob/master/jenkins.sh +exec /usr/local/bin/jenkins.sh "$@" diff --git a/examples/setup_reporting.groovy b/examples/setup_reporting.groovy new file mode 100644 index 0000000..95ebd4d --- /dev/null +++ b/examples/setup_reporting.groovy @@ -0,0 +1,24 @@ +import jenkins.model.* + +import java.util.* +import java.lang.reflect.* +import net.sf.json.* +import net.sf.json.groovy.* +import java.util.logging.ConsoleHandler +import java.util.logging.LogManager + +import jenkins.metrics.api.MetricsAccessKey +import jenkins.metrics.impl.graphite.GraphiteServer + +def env = System.getenv() +def logger = LogManager.getLogManager().getLogger("hudson.WebAppMain") + +def instance = Jenkins.getInstance() + +logger.info("Setting up Graphite Metrics Reporting") + +graphite = new jenkins.metrics.impl.graphite.GraphiteServer(env['GRAPHITE_HOST'],2003,env['TEAM']+"."+env['NAME']) +List graphiteServers = new ArrayList() +graphiteServers.add(graphite) +GraphiteServer.DescriptorImpl graphiteImpl = new GraphiteServer.DescriptorImpl() +graphiteImpl.setServers(graphiteServers) diff --git a/examples/setup_security.groovy b/examples/setup_security.groovy new file mode 100644 index 0000000..e15dffe --- /dev/null +++ b/examples/setup_security.groovy @@ -0,0 +1,202 @@ +import jenkins.model.* +import hudson.security.* +import org.jenkinsci.plugins.* +import org.jenkinsci.plugins.GithubSecurityRealm +import java.util.* +import com.michelin.cio.hudson.plugins.rolestrategy.* +import java.lang.reflect.* +import net.sf.json.* +import net.sf.json.groovy.* +import java.util.logging.ConsoleHandler +import java.util.logging.LogManager + +import hudson.model.Hudson.CloudList; +import hudson.slaves.Cloud; + +import com.cloudbees.plugins.credentials.CredentialsScope +import com.cloudbees.plugins.credentials.Credentials +import com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl +import com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey +import com.cloudbees.jenkins.plugins.sshcredentials.impl.BasicSSHUserPrivateKey.FileOnMasterPrivateKeySource +import com.cloudbees.plugins.credentials.SystemCredentialsProvider +import com.cloudbees.plugins.credentials.domains.Domain + + +def env = System.getenv() +def logger = LogManager.getLogManager().getLogger("hudson.WebAppMain") + +//logger.addHandler (new ConsoleHandler()) + +def instance = Jenkins.getInstance() + +// Set executors to 0 +instance.setNumExecutors(0) + +// Set quiet period - https://jenkins.io/blog/2010/08/11/quiet-period-feature/ +instance.setQuietPeriod(5) + +// Set slave agent port - http://javadoc.jenkins-ci.org/jenkins/model/Jenkins.html#setSlaveAgentPort-int- +int port = env['JENKINS_SLAVE_AGENT_PORT'].toInteger() +instance.setSlaveAgentPort(port) + +// Set URL location - http://javadoc.jenkins-ci.org/jenkins/model/JenkinsLocationConfiguration.html#setUrl-java.lang.String- +loc = JenkinsLocationConfiguration.get() +loc.setUrl(env['JENKINS_URL']) + +// Create admin user - http://javadoc.jenkins-ci.org/hudson/model/User.html +jknadm = hudson.model.User.get('jenkins-admin') +jknadm.setFullName('Jenkins Admin User') +jknadm.setDescription('This account is used by the Jenkins management team to administer this instance. Please do not delete it.') + +String emailAddress = env['JENKINS_ADMIN_EMAIL'] + +email = jknadm.getProperty(hudson.tasks.Mailer.UserProperty) +if (email == null) { + logger.info("Adding email to admin user") + email = new hudson.tasks.Mailer.UserProperty(emailAddress) + jknadm.addProperty(email) +} else { + if (!email. getAddress().equals(emailAddress)) { + logger.warning("Resetting email to admin user") + email = new hudson.tasks.Mailer.UserProperty(emailAddress) + jknadm.addProperty(email) + } +} + +// https://github.com/jenkinsci/ssh-cli-auth-module/blob/master/src/main/java/org/jenkinsci/main/modules/cli/auth/ssh/UserPropertyImpl.java +keys = jknadm.getProperty(org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl) +if (keys == null) { + logger.info("Adding new admin ssh key") + keys = new org.jenkinsci.main.modules.cli.auth.ssh.UserPropertyImpl(env['ADMIN_SSH_PUBKEY']) + jknadm.addProperty(keys) +} + +jknadm.save() + +logger.info("Setting up GHE Auth") + +String gheKey = env['GHE_KEY'] +String gheSecret = env['GHE_SECRET'] +String gheUrl = env['GHE_URL'] +String gheApiUrl = env['GHE_API_URL'] + +def githubRealm = new GithubSecurityRealm( + gheUrl, + gheApiUrl, + gheKey, + gheSecret, + "read:org,user:email" +) +instance.setSecurityRealm(githubRealm) +instance.save() + +def authz +def authStrategy = instance.getAuthorizationStrategy() + +if(authStrategy instanceof RoleBasedAuthorizationStrategy){ + logger.info("Reusing Role Based Authorization Strategy") + authz = (RoleBasedAuthorizationStrategy) authStrategy + +} else { + logger.info("Setting Role Based Authorization Strategy") + authz = new RoleBasedAuthorizationStrategy() + instance.setAuthorizationStrategy(authz) + instance.save() +} + +// Define base roles +logger.info("Defining base roles") + +// Make constructors available +Constructor[] constrs = Role.class.getConstructors(); +for (Constructor c : constrs) { + c.setAccessible(true); +} + +// Make the method assignRole accessible +Method assignRoleMethod = RoleBasedAuthorizationStrategy.class.getDeclaredMethod("assignRole", String.class, Role.class, String.class); +assignRoleMethod.setAccessible(true); + +Method getRoleMapMethod = RoleBasedAuthorizationStrategy.class.getDeclaredMethod("getRoleMap", String.class); +getRoleMapMethod.setAccessible(true); + +roleMap = authz.getRoleMap(RoleBasedAuthorizationStrategy.GLOBAL) + +String gheAdmin = env['GHE_ADMIN'] + +// First: Define a datastructure that represents the roles+permissions we want to have at *install* time +// Members defined in this list here will *always* get added back during a restart/upgrade +permissionMap = [ + admin:[ + members: ["jenkins-admin",gheAdmin], + permissions: ["hudson.model.Hudson.Administer"] + ], + developer:[ + members: [], + permissions: ["hudson.model.View.Delete", + "hudson.model.Item.Workspace", + "hudson.model.Item.Configure", + "hudson.model.View.Create", + "hudson.model.View.Read", + "hudson.model.Run.Delete", + "hudson.model.Item.Discover", + "hudson.model.Hudson.Read", + "hudson.model.Item.Delete", + "hudson.model.View.Configure", + "hudson.model.Item.ViewStatus", + "hudson.model.Item.Move", + "hudson.model.Item.Read", + "hudson.model.Item.Build", + "hudson.model.Item.Create", + "hudson.model.Item.Cancel", + "hudson.model.Run.Update"] + ], + authenticated: [ + members: ["authenticated"], + permissions: ["hudson.model.Item.Workspace", + "hudson.model.View.Read", + "hudson.model.Item.Discover", + "hudson.model.Hudson.Read", + "hudson.model.Item.ViewStatus", + "hudson.model.Item.Read"] + ], + anonymous: [ + members: ["anonymous"], + permissions: ["hudson.model.Item.Discover"] + ] +] + +logger.info("Assigning default permissions") + +// Loop through the permisisons we just defined +permissionMap.each { roleName,rset -> + Set permissions = new HashSet() + rset.permissions.each { p -> + permission = Permission.fromId(p) + // If the permission we defined as a string does not exist (ie- its from + // a plugin we didnt install) then just skip it + if (permission != null) { + permissions.add(permission) + } + } + // Create a *new* Role object with the desired name and permissions + Role role = new Role(roleName,permissions) + // This will only add the role if the role is not already added. So local modifications will trump + // this line. See https://github.com/jenkinsci/role-strategy-plugin/blob/master/src/main/java/com/michelin/cio/hudson/plugins/rolestrategy/RoleMap.java#L155-L159 + authz.addRole(RoleBasedAuthorizationStrategy.GLOBAL,role) + // Loop through the members, adding them to the role. This will happen every time, so you cannot remove the + // members defined here + rset.members.each { member -> + authz.assignRole(RoleBasedAuthorizationStrategy.GLOBAL,role,member) + } + + // Inject additonal members based on environment variables. This happens every time, but the env's might change + // from run to run + if (env['JENKINS_ACL_MEMBERS_'+roleName] != null) { + env['JENKINS_ACL_MEMBERS_'+roleName].tokenize(',').each { member -> + authz.assignRole(RoleBasedAuthorizationStrategy.GLOBAL,role,member) + } + } +} + +instance.save() diff --git a/files/base-plugins.txt b/files/base-plugins.txt new file mode 100644 index 0000000..9ec5c17 --- /dev/null +++ b/files/base-plugins.txt @@ -0,0 +1,5 @@ +git +github +github-oauth +matrix-auth +role-strategy diff --git a/files/debug_logging.properties b/files/debug_logging.properties new file mode 100644 index 0000000..11a743a --- /dev/null +++ b/files/debug_logging.properties @@ -0,0 +1,3 @@ +handlers=java.util.logging.ConsoleHandler +jenkins.level=FINEST +java.util.logging.ConsoleHandler.level=FINEST diff --git a/files/debug_logs.groovy b/files/debug_logs.groovy new file mode 100644 index 0000000..1a09877 --- /dev/null +++ b/files/debug_logs.groovy @@ -0,0 +1,17 @@ +import java.util.logging.ConsoleHandler +import java.util.logging.FileHandler +import java.util.logging.SimpleFormatter +import java.util.logging.LogManager +import jenkins.model.Jenkins + +// Log into the console +def WebAppMainLogger = LogManager.getLogManager().getLogger("hudson.WebAppMain") +WebAppMainLogger.addHandler (new ConsoleHandler()) + +// Log into a file +def RunLogger = LogManager.getLogManager().getLogger("hudson.model.Run") +def logsDir = new File(Jenkins.instance.rootDir, "logs") +if(!logsDir.exists()){logsDir.mkdirs()} +FileHandler handler = new FileHandler(logsDir.absolutePath+"/hudson.model.Run-%g.log", 1024 * 1024, 10, true); +handler.setFormatter(new SimpleFormatter()); +RunLogger.addHandler(handler) diff --git a/files/jenkins_wrapper.sh b/files/jenkins_wrapper.sh new file mode 100755 index 0000000..f9c981c --- /dev/null +++ b/files/jenkins_wrapper.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +# This enables you to directly tie versions of plugins to a specific version of Jenkins +# The base dockerfile installs plugins, but it won't override plugins that are pinned, +# so we will copy the plugin directory on each new version of Jenkins +# More information - https://wiki.jenkins.io/display/JENKINS/Pinned+Plugins +if [ "$(cat /var/jenkins_home/jenkins.docker.image.version)" != "##JENKINS_VER##-##JENKINS_REL##" ] ; then + echo "Updating plugins..." + cp -var /usr/share/jenkins/ref/plugins/* /var/jenkins_home/plugins + echo "##JENKINS_VER##-##JENKINS_REL##" > /var/jenkins_home/jenkins.docker.image.version +fi + +# https://github.com/jenkinsci/docker/blob/master/jenkins.sh +exec /usr/local/bin/jenkins.sh "$@" diff --git a/update.sh b/update.sh new file mode 100755 index 0000000..1b8186d --- /dev/null +++ b/update.sh @@ -0,0 +1,12 @@ +#!/bin/bash +# This is a simple script to update the version of jenkins being used +# +# Update the variables below for the current version to build + +JENKINS_VER=2.60.3 +JENKINS_REL=1 + +sed -i '' -E "s/\`(debug-)?latest\`, \`(debug-)?[0-9]{1,2}\.[0-9]{1,3}\.[0-9]{1,2}-[0-9]{1,2}\`/\`\1latest\`, \`\1${JENKINS_VER}-${JENKINS_REL}\`/g" README.md +sed -i '' -E "s/JENKINS_VER=(.*)/JENKINS_VER=${JENKINS_VER}/g; s/JENKINS_REL=(.*)/JENKINS_REL=${JENKINS_REL}/g" Dockerfile +sed -i '' -E "s/JENKINS_VER=(.*)/JENKINS_VER=${JENKINS_VER}/g; s/JENKINS_REL=(.*)/JENKINS_REL=${JENKINS_REL}/g" Dockerfile.debug +sed -i '' -E "s/JENKINS_VER=(.*)/JENKINS_VER=${JENKINS_VER}/g; s/JENKINS_REL=(.*)/JENKINS_REL=${JENKINS_REL}/g" examples/Dockerfile