Jenkins + Github + Webhook = Trigger Jenkins Build

The quick blog post will list the steps on how to trigger Jenkins build on repository changes. This method automatically triggers Jenkins build when a change is detected rather than polling on an interval, which is inefficient.

  1. Configure Jenkins to talk to GitHub. Download and install the GitHub plugin. Manage Jenkins -> Manage Plugins -> Available -> GitHub plugin
  2. There are a number of different authentication options in the ‘Security Realm’ section of Manage Jenkins -> Configure System. Depending on your setup, these steps could differ, but in essence you need to create a new user for Github
  3. In the Authorization section, choose Project-based Matrix Authorization Strategy, so that you can give project-level permissions to the Github user. You’ll probably deny access to everything for anonymous users, then grant just one permission here for Github: ‘Overall/Read’.
  4. In the configuration for the job that will be automatically triggered, tick Enable project-based security and then grant Job/Read and Job/Build to Github.
  5. Add the hooks to Github. And that’s it.
    1. git_add_hook

CloudBees Jenkins Certified Engineer


Last week I Passed my CloudBees Jenkins Certified Engineer Exam.
It was not an easy exam by any stretch. The few of the questions were very long. I took all the time to finish the exam.

While preparing for the exam, I created a Gitbook. Folks preparing for the exam will find it very useful.

Other very useful resources:

jeanne’s experiences with the jenkins certification beta exam

Getting started with Jenkins Rest API


Before we can access Jenkins API, we need grab the API key associated with your account.

  • Login into your Jenkins instance.
  • Click on Manage Jenkins
  • Scroll down to find Manage Users and click on the link.
  • Under your username, click on the gear.
  • Under API token, click on the “Show API Token…”
  • Other way to get to the Configure link is using this URL : http://[Jenkins Instance]:8080/me/configure
  • Copy the API token, you would need this information while making API calls to Jenkins Rest API
  • Now your are ready to test the API and run few command.

Oh! One other thing you need to do before you could curl up. Navigate to Manage Jenkins>>Configure Global Security and uncheck the box “Prevent Cross Site Request Forgery exploits”. I don’t know why but you need to uncheck this before you could run the POST commands below. Some useful information here –

Lets open the Shell or command prompt. I am using SampleFreeStyleJob for the Jenkins Project.

Trigger a build:
curl -X POST http://[Jenkins_Instance]:8080/job/SampleFreeStyleJob/build --user [USER_NAME]:[API_TOKEN]

Retrieve a project config.xml file
curl http://[Jenkins_Instance]:8080/job/SampleFreeStyleJob/config.xml --user [USER_NAME]:[API_TOKEN]

Disable a project
curl -X POST http://[Jenkins_Instance]:8080/job/SampleFreeStyleJob/disable --user [USER_NAME]:[API_TOKEN]

Enable a project
curl -X POST http://[Jenkins_Instance]:8080/job/SampleFreeStyleJob/enable --user [USER_NAME]:[API_TOKEN]

More Examples

> curl http://[Jenkins_Instance]:8080/api/json?pretty=true --user [USER_NAME]:[API_TOKEN]
> curl -g http://[Jenkins_Instance]:8080/api/json?pretty=true&tree=jobs[name,color] --user [USER_NAME]:[API_TOKEN]
> curl -g http://[Jenkins_Instance]:8080/job/[Job Name]/config.xml -o config.xml [USER_NAME]:[API_TOKEN]

Installing SonarQube on AWS EC2 and integration with Jenkins


We are going to install SonarQube on AWS EC2 instance. If you have not already done so, please login to your AWS account and launch an EC2 instance with RHEL OS. For more information on how to launch an instance, please read this post.

Step 1: Create a new RDS database for SonarQube (you may use an existing MySQL instance)

  • Go to RDS Instances
  • Launch a new DB instance
  • Select MySQL
  • Select Dev/Test
  • Click Next
  • Select the instance class (t2.micro should be good for testing)
  • Multi-AZ Deployment – Select No
  • Enter instance name
  • Enter master username and password
  • Click Next
  • Enter Database name – sonar
  • Click on Launch Instance
  • Once the database instance is ready, connect to your instance using MySQL Workbench (or any other client for that matter) and run the following commands

    CREATE USER 'sonar' IDENTIFIED BY 'sonar';
    GRANT ALL ON sonar.* TO 'sonar'@'%' IDENTIFIED BY 'sonar';
    GRANT ALL ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY 'sonar';

    Step 2: Now launch and connect to your AWS EC2 instance.

    Update your instance. It’s always a good habit.

    sudo yum update

    Get Sonar repository

    sudo wget -O /etc/yum.repos.d/sonar.repo

    Install Sonar package

    sudo yum install sonar

    Step 3: Configure SonarQube properties

    sudo vi /opt/sonar/conf/

    Locate following lines in the file and update the username and password:


    Scroll down to the MySQL section and update the Database Endpoint.

    #----- MySQL 5.6 or greater
    # Only InnoDB storage engine is supported (not myISAM).
    # Only the bundled driver is supported. It can not be changed.
    sonar.jdbc.url=jdbc:mysql://[REPLACE_WITH_RDS_ENDPOINT]:3306/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true&useC onfigs=maxPerformance

    Save the file (Esc):wq!

    Step 4: Getting Sonar up & running

    Start Sonar and make sure it starts automatically at system startup.

    sudo service sonar start
    sudo chkconfig sonar on

    Navigate to the SonarQube Url http://[SonarQube-Instance-IP]:9000 (Default port 9000) to confirm it is running.

    If you don’t see the site getting loaded check the logs.

    sudo cat /opt/sonar/logs/sonar.log

    If you don’t see lines at the end like these then you may have to dig through to find the issue.

    2017.02.01 19:48:22 INFO app[][o.s.p.m.Monitor] Process[ce] is up
    2017.02.01 19:48:22 INFO app[][o.s.application.App] SonarQube is up

    Step 5: Integrating SonarQube with Jenkins

    Create Auth Token
    You will need the Token information from SonarQube when you configure Jenkins with SonarQube. So let’s get started.

    • Connect to your SonarQube instance at http://[SonarQube-Instance-IP]:9000/users
    • Click on Create User.
    • Enter Jenkins for Login and Name.
    • Enter Password and click ok.
    • Under Groups, click on the token image. Click on All and check sonar-administrators box.
    • Under Tokens column, click on Update token. token
    • Enter token name and click on Generate.
    • Copy token. Make sure you copy it now, you won’t be able to see it again!

    Configure SonarQube Server

    • Login to your Jenkins instance with administrative user.
    • Navigate to Manage Jenkins >> Configure System
    • Under “SonarQube Servers” section, add the SonarQube Server URL and an Auth Token to access it.

    Now, the last thing we need to do is configure SonarQube Scanner

    • Navigate to Manage Jenkins >> Global Tool Configuration
    • Under “SonarQube Scanner”, click SonarQube Scanner installations
    • Enter Name
    • Check Install Automatically
    • Install from Maven Central. Pick the latest version.
    • Click Save.

    That’s it! Good luck

    Top 5 Jenkins CI Tips you should know.


    1. Tell Jenkins to run a specific project on a particular slave node

    Set the “Restrict where this job can be run” check box in your job configuration and specify the name of your slave. If you add more slaves later, you can set labels for each slave and specify those in your job configs.

    2. Restart Jenkins manually

    You can use either of the following commands:

    http://(jenkins_url)/safeRestart – Allows all running jobs to complete. New jobs will remain in the queue to run after the restart is complete.

    http://(jenkins_url)/restart – Forces a restart without waiting for builds to complete.

    You can even use the SafeRestart Plugin. Super useful tool.

    Finally, via CLI:

    • sudo service jenkins start – To start the Jenkins
    • sudo service jenkins stop – To stop the Jenkins
    • sudo service jenkins restart – To restart the Jenkins
    • sudo service jenkins status – To know the status of Jenkins

    3. Locked out of Jenkins

    If you don’t have a lot of other configuration that you’d like to save, you can just delete %JENKINS_HOME%/config.xml and restart Jenkins to disable security. Otherwise, edit config.xml and set the values inside the useSecurity tags to false, then restart Jenkins.

    I had this exact issue today on my Windows Jenkins server. Just removing the XML file and restarting did not work for me. So I had to:

    • Stop the service.
    • Check Task Manager to ensure the process is gone.
    • Edit the Config.XML file and change the useSecurity false (or you could delete the config.xml file).
    • Start the service again.

    4. Default shell environment valuables
    To get the list of all the variables that are available to shell scripts:


    5. Jenkins Directory Structure



    Installing Jenkins on AWS EC2


    Jenkins is an open source automation server software that allows continuous integration. Read more about it here.

    We are going to install Jenkins on AWS EC2 instance. If you have not already done so, please login into your AWS account and launch an EC2 instance with RHEL OS. For more information on how to launch an instance, please read this post.

    1) Install the latest stable packages, then reboot.

    sudo yum update -y

    2) Before you can install Jenkins, you need to setup a JVM.

    sudo yum install java-1.8.0-openjdk.x86_64

    3) After the installation, you can confirm it by running the following command:

    java -version

    Jenkins require Java 1.6 or more than. If Java version is less than 1.6 than we have to upgrade the Java. Follow the instruction here on installing Java

    4) Install wget

    sudo yum install wget -y

    5) Install Jenkins

    sudo wget -O /etc/yum.repos.d/jenkins.repo
    sudo rpm --import
    sudo yum install jenkins -y

    6) Start the Jenkins service and set it to run at boot time:

    sudo systemctl start jenkins.service
    sudo systemctl enable jenkins.service

    6) Install firewalld (if not already installed)

    sudo yum install firewalld -y

    8) After install unmask, enable and start the firewall with below commands

    sudo systemctl unmask firewalld
    sudo systemctl enable firewalld
    sudo systemctl start firewalld

    9) In order to allow visitors access to Jenkins, you need to allow inbound traffic on port 8080. You can either open port 8080 in AWS Console or run the following command:

    sudo firewall-cmd --zone=public --permanent --add-port=8080/tcp
    sudo firewall-cmd --reload
    sudo firewall-cmd --list-all

    10) Finally, visit the following address from your web browser to confirm your installation:


    or by running the following command

    sudo netstat -ntulp | grep 8080

    If the site does not load, please check the Jenkins log file for more information

    By default, logs are here /var/log/jenkins/jenkins.log (unless customized in /etc/default/jenkins (for *.deb) or via /etc/sysconfig/jenkins (for */rpm)

    By default, logs are here %JENKINS_HOME%/jenkins.out and %JENKINS_HOME%/jenkins.err (unless customized in %JENKINS_HOME%/jenkins.xml)

    More information can be found here.

    Moving forward, you will need the Jenkins Initial Password to get started:

    sudo cat /var/lib/jenkins/secrets/initialAdminPassword

    Oh! And one last thing – If you wish to change Jenkins HTTP port number from the default port 8080, you need to change the file /etc/sysconfig/jenkins

    sudo vi /etc/sysconfig/jenkins

    Good luck!