I’m considering to use jenkins via Docker, for that I’d like to create a custom docker image that has the “golden” plugins preinstalled during docker build.
This is so far all straight forward to implement, my question revolves around the final plugin location in ${JENKINS_HOME}/plugins
As this will be a persisted volume (to have all jobs and builds persisted), this volume would also store any plugin that later gets manually installed or updated via the UI. While this is not a critical flaw, I’d still like to make sure that when the container starts the predefined plugins get used.
My idea so far is the following strategy:
When building the custom image also set a custom entrypoint. This script would first wipe the whole plugins directory. Then call the real jenkins entrypoint. From my understanding jenkins then will populate the plugins directory with the desired plugin state.
Is this assumption correct?
Is this safe to do, eg is there no real stage or configs stored in this directory?
The plugins directory doesn’t contain any configuration. It is safe to delete the complete directory and copy all the jpi files to the plugins during container startup.
This means that all plugins installed manually via the UI (which doesn’t require a restart of Jenkins) are lost. The configuration is not lost. So if you install a new plugin and want to use it permanently you will need to update the image accordingly including any configuration.
In my setup we have 100% configuration as code, means even any configuration changes done via the UI are lost when I restart my docker container. That requires some displicine and you have to double maintain config changes but then you have the config changes in a git history which can also be a good thing.