14 Jenkins administration and best practices

 

This chapter covers

  • Sharing common code and steps across CI/CD pipelines
  • Granting job permissions for a user
  • Using GitHub for authentication information to secure a Jenkins instance
  • Backing up and restoring Jenkins plugins and jobs
  • Using Jenkins as a scheduler for cron jobs
  • Migrating build jobs to a new Jenkins instance

Chapter 13 covered how to monitor a Jenkins cluster, and how to configure alerts and correlate Jenkins logs and metrics to identify issues and avoid downtime. In this chapter, you will learn how to enforce security on Jenkins by setting up granular access with role-based access control (RBAC) for logged-in users and how to add an extra security layer by using the GitHub authentication mechanism.

We also will discuss a few tips and tricks that you might find useful when maintaining a Jenkins instance. We will look at things like how to back up, restore, and archive build jobs or migrate them from one server to another.

14.1 Exploring Jenkins security and RBAC authorization

The current configuration of Jenkins allows not-logged users to have read access, and logged users to access almost everything. To override this default behavior, head to the Configure Global Security section from Manage Jenkins (figure 14.1).

Figure 14.1 Enabling security in Jenkins

14.1.1 Matrix authorization strategy

14.1.2 Role-based authorization strategy

14.2 Configuring GitHub OAuth for Jenkins

14.3 Keeping track of Jenkins users’ actions

14.4 Extending Jenkins with shared libraries

14.5 Backing up and restoring Jenkins

14.6 Setting up cron jobs with Jenkins

14.7 Running Jenkins locally as a Docker container

Summary

Wrapping up

sitemap