The complete Jenkins tutorial

Hey buddies,

Last month I decided to create a complete Jenkins tutorial that covers the most important and useful CI/CD topics. This tutorial is published weekly on the ITNEXT.IO platform. Currently, I have planned to release about 30 articles that include the following topics:

  • Jenkins DSL language

  • Jenkins and Groovy language

  • Jenkins Pipeline essential commands and methods

  • Jenkins and Git plugin

  • Jenkins, Unit testing, and Code coverage

  • Jenkins and Docker pipelines

  • Jenkins and Kubernetes, OpenShift, Rancher

  • Jenkins and Terraform

  • Jenkins and Ansible

  • Jenkins Automation (JCasC)

  • Jenkins Notification plugins

  • Jenkins monitoring (Prometheus)

Right now, I have published five parts of this tutorial series.

If you interested in, STARize the following GitHub repo.

3 Likes

Looking over part 2, all of the snippets implement a command injection vulnerability. In this case it is exploitable only by users able to control the credentials, but it’s a small step to changing from credentials to build parameters (as soon as part 3 does something useful, it’s going to be a potential problem).

As a general rule, always make the string arguments to sh single-quoted, so variables are interpolated by the shell, not the DSL. See also Using a Jenkinsfile

I recommend you update these examples.

1 Like

Thanks for attention. The examples updated.
Proper comments added to avoid this vulnerability.

1 Like

Part 6 of the Jenkins tutorial released before your very eye.

In this part, you will learn about Jenkins Pipeline Options.

Good luck.

Part 7 of the complete Jenkins tutorial was released.

In this part, you will learn the Jenkins INPUT directive to pause the job during the build process. This directive is very useful in continuous delivery pipelines.

Good luck.

1 Like

Part 8 of the completest Jenkins tutorial is published. In this part, you will learn about Build Triggers to automate the pipeline build process.

Good luck.