CloudBees Jenkins Certified Engineer

Jenkins-Logo

Last week I Passed my CloudBees Jenkins Certified Engineer Exam.
It was not an easy exam by any stretch. The few of the questions were very long. I took all the time to finish the exam.

While preparing for the exam, I created a Gitbook. Folks preparing for the exam will find it very useful.

https://www.gitbook.com/book/muralibala/cloudbees-certified-jenkins-engineer-2017/details

Other very useful resources:

jeanne’s experiences with the jenkins certification beta exam


https://memefected.gitbooks.io/studying-for-the-jenkins-engineer-certification/content/
https://ankiweb.net/shared/info/1993369597

Getting started with Jenkins Rest API

Jenkins-Logo

Before we can access Jenkins API, we need grab the API key associated with your account.

  • Login into your Jenkins instance.
  • Click on Manage Jenkins
  • Scroll down to find Manage Users and click on the link.
  • Under your username, click on the gear.
  • Under API token, click on the “Show API Token…”
  • Other way to get to the Configure link is using this URL : http://[Jenkins Instance]:8080/me/configure
  • Copy the API token, you would need this information while making API calls to Jenkins Rest API
  • Now your are ready to test the API and run few command.

Oh! One other thing you need to do before you could curl up. Navigate to Manage Jenkins>>Configure Global Security and uncheck the box “Prevent Cross Site Request Forgery exploits”. I don’t know why but you need to uncheck this before you could run the POST commands below. Some useful information here – http://stackoverflow.com/questions/16738441/how-to-request-for-crumb-issuer-for-jenkins

Lets open the Shell or command prompt. I am using SampleFreeStyleJob for the Jenkins Project.

Trigger a build:
curl -X POST http://[Jenkins_Instance]:8080/job/SampleFreeStyleJob/build --user [USER_NAME]:[API_TOKEN]

Retrieve a project config.xml file
curl http://[Jenkins_Instance]:8080/job/SampleFreeStyleJob/config.xml --user [USER_NAME]:[API_TOKEN]

Disable a project
curl -X POST http://[Jenkins_Instance]:8080/job/SampleFreeStyleJob/disable --user [USER_NAME]:[API_TOKEN]

Enable a project
curl -X POST http://[Jenkins_Instance]:8080/job/SampleFreeStyleJob/enable --user [USER_NAME]:[API_TOKEN]

More Examples

> curl http://[Jenkins_Instance]:8080/api/json?pretty=true --user [USER_NAME]:[API_TOKEN]
> curl -g http://[Jenkins_Instance]:8080/api/json?pretty=true&tree=jobs[name,color] --user [USER_NAME]:[API_TOKEN]
> curl -g http://[Jenkins_Instance]:8080/job/[Job Name]/config.xml -o config.xml [USER_NAME]:[API_TOKEN]

Installing SonarQube on AWS EC2 and integration with Jenkins

Sonar-qube

We are going to install SonarQube on AWS EC2 instance. If you have not already done so, please login to your AWS account and launch an EC2 instance with RHEL OS. For more information on how to launch an instance, please read this post.

Step 1: Create a new RDS database for SonarQube (you may use an existing MySQL instance)

  • Go to RDS Instances
  • Launch a new DB instance
  • Select MySQL
  • Select Dev/Test
  • Click Next
  • Select the instance class (t2.micro should be good for testing)
  • Multi-AZ Deployment – Select No
  • Enter instance name
  • Enter master username and password
  • Click Next
  • Enter Database name – sonar
  • Click on Launch Instance
  • Once the database instance is ready, connect to your instance using MySQL Workbench (or any other client for that matter) and run the following commands

    CREATE USER 'sonar' IDENTIFIED BY 'sonar';
    GRANT ALL ON sonar.* TO 'sonar'@'%' IDENTIFIED BY 'sonar';
    GRANT ALL ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY 'sonar';
    FLUSH PRIVILEGES;

    Step 2: Now launch and connect to your AWS EC2 instance.

    Update your instance. It’s always a good habit.

    sudo yum update

    Get Sonar repository

    sudo wget -O /etc/yum.repos.d/sonar.repo http://downloads.sourceforge.net/project/sonar-pkg/rpm/sonar.repo

    Install Sonar package

    sudo yum install sonar

    Step 3: Configure SonarQube properties

    sudo vi /opt/sonar/conf/sonar.properties

    Locate following lines in the file and update the username and password:

    sonar.jdbc.username=sonar
    sonar.jdbc.password=sonar

    Scroll down to the MySQL section and update the Database Endpoint.

    #----- MySQL 5.6 or greater
    # Only InnoDB storage engine is supported (not myISAM).
    # Only the bundled driver is supported. It can not be changed.
    sonar.jdbc.url=jdbc:mysql://[REPLACE_WITH_RDS_ENDPOINT]:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useC onfigs=maxPerformance

    Save the file (Esc):wq!

    Step 4: Getting Sonar up & running

    Start Sonar and make sure it starts automatically at system startup.

    sudo service sonar start
    sudo chkconfig sonar on

    Navigate to the SonarQube Url http://[SonarQube-Instance-IP]:9000 (Default port 9000) to confirm it is running.

    If you don’t see the site getting loaded check the logs.

    sudo cat /opt/sonar/logs/sonar.log

    If you don’t see lines at the end like these then you may have to dig through to find the issue.

    2017.02.01 19:48:22 INFO app[][o.s.p.m.Monitor] Process[ce] is up
    2017.02.01 19:48:22 INFO app[][o.s.application.App] SonarQube is up

    Step 5: Integrating SonarQube with Jenkins

    Create Auth Token
    You will need the Token information from SonarQube when you configure Jenkins with SonarQube. So let’s get started.

    • Connect to your SonarQube instance at http://[SonarQube-Instance-IP]:9000/users
    • Click on Create User.
    • Enter Jenkins for Login and Name.
    • Enter Password and click ok.
    • Under Groups, click on the token image. Click on All and check sonar-administrators box.
    • Under Tokens column, click on Update token. token
    • Enter token name and click on Generate.
    • Copy token. Make sure you copy it now, you won’t be able to see it again!

    Configure SonarQube Server

    • Login to your Jenkins instance with administrative user.
    • Navigate to Manage Jenkins >> Configure System
    • Under “SonarQube Servers” section, add the SonarQube Server URL and an Auth Token to access it.

    Now, the last thing we need to do is configure SonarQube Scanner

    • Navigate to Manage Jenkins >> Global Tool Configuration
    • Under “SonarQube Scanner”, click SonarQube Scanner installations
    • Enter Name
    • Check Install Automatically
    • Install from Maven Central. Pick the latest version.
    • Click Save.

    That’s it! Good luck

    Top 5 Jenkins CI Tips you should know.

    Jenkins-Logo

    1. Tell Jenkins to run a specific project on a particular slave node

    Set the “Restrict where this job can be run” check box in your job configuration and specify the name of your slave. If you add more slaves later, you can set labels for each slave and specify those in your job configs.

    2. Restart Jenkins manually

    You can use either of the following commands:

    http://(jenkins_url)/safeRestart – Allows all running jobs to complete. New jobs will remain in the queue to run after the restart is complete.

    http://(jenkins_url)/restart – Forces a restart without waiting for builds to complete.

    You can even use the SafeRestart Plugin. Super useful tool.

    Finally, via CLI:

    • sudo service jenkins start – To start the Jenkins
    • sudo service jenkins stop – To stop the Jenkins
    • sudo service jenkins restart – To restart the Jenkins
    • sudo service jenkins status – To know the status of Jenkins

    3. Locked out of Jenkins

    If you don’t have a lot of other configuration that you’d like to save, you can just delete %JENKINS_HOME%/config.xml and restart Jenkins to disable security. Otherwise, edit config.xml and set the values inside the useSecurity tags to false, then restart Jenkins.

    I had this exact issue today on my Windows Jenkins server. Just removing the XML file and restarting did not work for me. So I had to:

    • Stop the service.
    • Check Task Manager to ensure the process is gone.
    • Edit the Config.XML file and change the useSecurity false (or you could delete the config.xml file).
    • Start the service again.

    4. Default shell environment valuables
    To get the list of all the variables that are available to shell scripts:

    http://(jenkins_url)/env-vars.html

    5. Jenkins Directory Structure

    jenkins-directory_structure

    Ref: https://wiki.jenkins-ci.org/display/JENKINS/Administering+Jenkins

    Installing Jenkins on AWS EC2

    Jenkins-Logo

    Jenkins is an open source automation server software that allows continuous integration. Read more about it here.

    We are going to install Jenkins on AWS EC2 instance. If you have not already done so, please login into your AWS account and launch an EC2 instance with RHEL OS. For more information on how to launch an instance, please read this post.

    1) Install the latest stable packages, then reboot.

    sudo yum update -y

    2) Before you can install Jenkins, you need to setup a JVM.

    sudo yum install java-1.8.0-openjdk.x86_64

    3) After the installation, you can confirm it by running the following command:

    java -version

    Jenkins require Java 1.6 or more than. If Java version is less than 1.6 than we have to upgrade the Java. Follow the instruction here on installing Java

    4) Install wget

    sudo yum install wget -y

    5) Install Jenkins

    sudo wget -O /etc/yum.repos.d/jenkins.repo http://pkg.jenkins-ci.org/redhat-stable/jenkins.repo
    sudo rpm --import http://pkg.jenkins-ci.org/redhat-stable/jenkins-ci.org.key
    sudo yum install jenkins -y

    6) Start the Jenkins service and set it to run at boot time:

    sudo systemctl start jenkins.service
    sudo systemctl enable jenkins.service

    6) Install firewalld (if not already installed)

    sudo yum install firewalld -y

    8) After install unmask, enable and start the firewall with below commands

    sudo systemctl unmask firewalld
    sudo systemctl enable firewalld
    sudo systemctl start firewalld

    9) In order to allow visitors access to Jenkins, you need to allow inbound traffic on port 8080. You can either open port 8080 in AWS Console or run the following command:

    sudo firewall-cmd --zone=public --permanent --add-port=8080/tcp
    sudo firewall-cmd --reload
    sudo firewall-cmd --list-all

    10) Finally, visit the following address from your web browser to confirm your installation:

    http://[your-jenkins-server-IP:8080]

    or by running the following command

    sudo netstat -ntulp | grep 8080

    If the site does not load, please check the Jenkins log file for more information

    Linux
    By default, logs are here /var/log/jenkins/jenkins.log (unless customized in /etc/default/jenkins (for *.deb) or via /etc/sysconfig/jenkins (for */rpm)

    Windows
    By default, logs are here %JENKINS_HOME%/jenkins.out and %JENKINS_HOME%/jenkins.err (unless customized in %JENKINS_HOME%/jenkins.xml)

    More information can be found here.

    Moving forward, you will need the Jenkins Initial Password to get started:

    sudo cat /var/lib/jenkins/secrets/initialAdminPassword

    Oh! And one last thing – If you wish to change Jenkins HTTP port number from the default port 8080, you need to change the file /etc/sysconfig/jenkins

    sudo vi /etc/sysconfig/jenkins

    Good luck!