User Tools

Site Tools


build:jenkins

Jenkins

Jenkins is a Continuous Integration server. It's used to build and test applications that are being developed.

We chose Jenkins (despite it being Java based) over other options (Integrity, CI Joe, Travis) because it has a great community and plenty of plugins. It's very mature, but frequently updated and well maintained. We previously used Integrity, but it was difficult to extend and integrate with other systems.

Note that Jenkins was originally called Hudson, and some plugins still reference the Hudson name.

Prerequisites

sudo apt-get install -y openjdk-6-jre-headless
# NOTE: Note happy about this dependency, since it installs libasound2 libxi6 libxrender1 libxtst6, and will actually run without it
#       The dependency is actually for java2-runtime, but should be for java2-runtime-headless.
sudo apt-get install -y openjdk-6-jre 
sudo apt-get install daemon

Installation

We install Jenkins from the Debian repository that they provide. Note that their updates are quite frequent (about 2 a month).

wget -q -O - http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add -
sudo sh -c 'echo "deb http://pkg.jenkins-ci.org/debian binary/" > /etc/apt/sources.list.d/jenkins.list'
sudo apt-get update
sudo apt-get install jenkins

We configure Jenkins to run on port 8099 on the loopback interface. In our Apache configuration, we have set up a virtual host to proxy to port 8099.

JENKINS_PORT=8099
sudo sed -i /etc/default/jenkins -e "s/^HTTP_PORT=.*$/HTTP_PORT=$JENKINS_PORT/"
sudo sed -i /etc/default/jenkins -e 's|^JENKINS_ARGS=.*$|JENKINS_ARGS="--webroot=/var/cache/jenkins/war --httpListenAddress=127.0.0.1 --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT"|'
sudo /etc/init.d/jenkins restart

Configuration

Browse to http://ci.boochtek.com/configure:

  • CHECK Enable security
  • Under Security Realm, CHECK Jenkins's own user database
    • TODO: We probably want to move this to LDAP eventually
  • Under Authorization, CHECK Matrix-based security
    • TODO: Should probably move to Project-based Matrix Authorization Strategy, so we can make most stuff publicly viewable
    • Enter the name of your first user in the user/group name and hit Add
    • CHECK all the authorization boxes for the new user
    • For Anonymous, CHECK the 2 Read boxes
  • CHECK Prevent Cross Site Request Forgery exploits
    • CHECK Default Crumb Issuer
    • CHECK Enable proxy compatibility
  • Click on Save
  • Click on the log in link then the create an account link
    • Create an account for the user you just added access for
  • Manage Jenkins
    • Manage Plugins
      • Available
        • CHECK Growl Plugin
        • CHECK Ruby metrics plugin
        • CHECK Rake plugin
        • CHECK Ruby Plugin
        • CHECK Github Plugin
        • CHECK Project Statistics Plugin
        • CHECK Build Pipeline Plugin
        • CHECK Git Plugin
        • CHECK Dashboard View
        • CHECK Green Balls
        • CHECK SafeRestart Plugin
        • Click Install (way down at the bottom)
      • Installed
        • UNCHECK Maven Integration plugin
        • UNCHECK CVS Plugin
        • Click Restart Once No Jobs Are Running

TODO

  • Create a test task.
  • Document setting up a Jenkins task.
  • Document requirements for Rails projects.
    • ci_reporter
  • Consider installing and using jenkins.rb to manage Jenkins tasks.

Bugs

  • The Debian package should depend on java2-runtime-headless, not java2-runtime.
  • The daemon seems to be listening on an ephemeral TCP port on all interfaces.
    • This is in addition to the specified TCP port 8099.
  • The documentation is not very clear about what ports are open, or how to disable them.
    • UDP port 5353 is used for some "DNS multicast" feature.
    • UDP port 33848 is used for some "UDP multicast" feature.
    • The multicast feature seems to be used to discover other Jenkins servers on the network.
build/jenkins.txt · Last modified: 2012/12/10 22:41 (external edit)