Book Image

Jenkins 2.x Continuous Integration Cookbook - Third Edition

By : Mitesh Soni, Alan Mark Berg
Book Image

Jenkins 2.x Continuous Integration Cookbook - Third Edition

By: Mitesh Soni, Alan Mark Berg

Overview of this book

Jenkins 2.x is one of the most popular Continuous Integration servers in the market today. It was designed to maintain, secure, communicate, test, build, and improve the software development process. This book will begin by guiding you through steps for installing and configuring Jenkins 2.x on AWS and Azure. This is followed by steps that enable you to manage and monitor Jenkins 2.x. You will also explore the ways to enhance the overall security of Jenkins 2.x. You will then explore the steps involved in improving the code quality using SonarQube. Then, you will learn the ways to improve quality, followed by how to run performance and functional tests against a web application and web services. Finally, you will see what the available plugins are, concluding with best practices to improve quality.

Related Content you might be interested in

Current Title:

Small book image
Jenkins 2.x Continuous Integration Cookbook - Third Edition
Mitesh Soni | Alan Mark Berg
Oct, 2017 | 438 pages
No titles found
Table of Contents (11 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Free Chapter
1
Getting Started with Jenkins
Getting Started with Jenkins
Introduction
Installing Jenkins 2 on Windows
Installing Jenkins 2 on CentOS
Installing Jenkins 2 on Azure
Installing Jenkins as a Service in Windows
Installing plugins in Jenkins
Uploading plugins in Jenkins
Configuring proxy in Jenkins
Configuring global settings in Jenkins
Configuring JENKINS_HOME
Understanding JENKINS_HOME directory
Using different ports for Jenkins
Configuring JAVA_HOME in Jenkins
Configuring Git in Jenkins
Configuring ANT_HOME in Jenkins
Configuring MAVEN_HOME in Jenkins
Configuring GRADLE_HOME in Jenkins
Creating a Freestyle job for Ant Project
Creating a Maven Job for Maven Project
2
Management and Monitoring of Jenkins
Management and Monitoring of Jenkins
Understanding master/agent architecture
Managing Jenkins build jobs using Eclipse
Backing up and restoring Jenkins
Command-line options in Jenkins using Jenkins CLI
Modifying the Jenkins configuration from the command line
Managing disk usage
Shutdown Jenkins safely
Monitoring Jenkins with JavaMelody
Monitoring a Jenkins Job using a Build Monitor View
Configuring mail notifications
Signaling the need to archive
3
Managing Security
Managing Security
Introduction
Improving security with Jenkins configuration
Configuring Authorization - Matrix-based security
Configuring a Project-based Matrix Authorization Strategy
Jenkins and OpenLDAP integration
Jenkins and Active Directory integration
Jenkins and OWASP Zed Attack Proxy integration
Testing for OWASP's top 10 security issues
Finding 500 errors and XSS attacks in Jenkins through fuzzing
Avoiding sign-up bots with JCaptcha
4
Improving Code Quality
Improving Code Quality
Introduction
Integrating Jenkins with SonarQube
The updating center in SonarQube
Quality gates, quality profiles, and rules
Verifying HTML, CSS and JavaScript validity using SonarQube
Verifying Java code using SonarQube
Configuring SonarQube as a Windows service
5
Building Applications in Jenkins
Building Applications in Jenkins
Introduction
Configuring an Ant project for execution
Configuring a Maven project for execution
Configuring an Android project for execution
Manipulating environmental variables
Running Ant through Groovy in Maven
Failed Jenkins jobs based on JSP syntax errors
Remotely triggering jobs through the Jenkins API
6
Continuous Delivery
Continuous Delivery
Introduction
Archiving artifacts
Copying an artifact from another build job
Integrating Jenkins with Artifactory
Deploying a WAR file from Jenkins to Tomcat
Deploying a WAR file from Jenkins to AWS Beanstalk
Deploying a WAR file from Jenkins to Azure App Services
Promoting builds
7
Continuous Testing
Continuous Testing
Getting started with continuous testing
Creating a Selenium test case using Eclipse
Integrating Jenkins and Selenium for functional testing
Jenkins and Cucumber test reports
Creating a load test in Apache JMeter
Executing a load test from Jenkins
Reporting JMeter performance metrics
Testing with FitNesse
8
Orchestration
Orchestration
Introduction
Understanding upstream and downstream jobs
Configuring upstream and downstream jobs
Configuring a build pipeline
Creating a pipeline job
Using a sample pipeline for execution
Configuring a pipeline job for end-to-end automation
Getting started with the Blue Ocean dashboard
9
Jenkins UI Customization
Jenkins UI Customization
Introduction
Skinning Jenkins with the simple themes plugin
Skinning and provisioning Jenkins using a WAR overlay
Generating a home page
Creating HTML reports
Efficient use of views
Saving screen space with the Dashboard View plugin
Making noise with HTML5 browsers
An extreme view for reception areas
10
Processes that Improve Quality
Processes that Improve Quality
Culture and collaboration
Fail early or fail faster
Data-driven testing
Learning from history
Considering test automation as a software project
Visualize, visualize, and visualize!
Conventions are good
Test frameworks and commercial choices are increasing
Offsetting work to Jenkins nodes
Starving QA/integration servers
Reading the change log of Jenkins
Avoiding human bottlenecks
Avoiding groupthink
Training and community
Visibly rewarding successful developers
Stability and code maintenance
Resources on quality assurance
And there's always more
Final comments

Avoiding sign-up bots with JCaptcha

CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. The most commonly viewed CAPTCHAs are sequential letters and numbers displayed as graphics that you have to correctly feed into a text input.

If you let anyone sign up for an account on your Jenkins server, then the last thing you want are bots (automated scripts) creating accounts. Bots have an economy of scale, being able to scan the internet rapidly and never getting bored. CAPTCHAs are a necessary defense against these dumb attacks.

The negative purposes of bots are as follows:

  • Performing a Denial Of Service (DOS) attack on your server, for example, by automatically creating numerous heavyweight jobs
  • Distributed Denial Of Service attack (DDOS) on other servers by harvesting many Jenkins servers to fire off large numbers of requests
  • Injecting unwanted...
Previous Section
End of Chapter 3
Next Chapter