Home Page Jenkins : Home

Jenkins' real top page lives in jenkins.io and link to three pages in the Wiki

News

Do you blog about Jenkins? Do you have any interesting URL to share with Jenkins community? Check out our News Aggregator.

Jenkins project Confluence instance attacked
Earlier this week the Jenkins infrastructure team identified a successful attack against our deprecated Confluence service. We responded immediately by taking the affected server offline while we investigated the potential impact. At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected. Thus far in our investigation, we have learned that the Confluence CVE-2021-26084 exploit was used to install what we believe was a Monero miner in the container running the service. From there an attacker would not be able to access much of our other infrastructure. Confluence did integrate with our integrated identity system which...
Work report for the Conventional Commits Plugin for Jenkins
This blog post is part 2 of the Introducing the Conventional Commits Plugin blog. The goal of this blog is to showcase the work done during the Google Summer of Code 2021 coding phases. Please refer the part 1 of the blog for a detailed description of the plugin. Abstract The project/plugin aims to fully automate a release process. The plugin tries to achieve this goal by automatically determining the next semantic version based on commit messages. There were 2 coding phases in the GSoC 2021. I call the first phase - "Read" and the 2nd phase - "Write", let’s see why. Phase 1: Read In this phase, the...
Security Validator for Jenkins Operator for Kubernetes
Background Jenkins custom resources on a Kubernetes cluster are deployed using declarative YAML configuration files; hence some of the plugins declared in these files may contain security warnings. So there is no way for the user to know other than manually checking for each on the site. This project aims to add an extra step of validation before creating/updating a new Jenkins Custom Resource. Deliverables This project aims to add a validating admission webhook to the Jenkins Operator for Kubernetes to detect potential security vulnerabilities in the plugins before the object is created. Dependencies Webhooks communicate to the API server over HTTPS and use TLS. Thus, Jetstack/cert-manager...
Git Credentials Binding for sh, bat, powershell
Abstract This project implemented two new credential bindings to perform authenticated operations using command line git in Jenkins pipeline and freestyle jobs. The two credential bindings are gitSshPrivateKey and gitUsernamePassword. Implementation Type Feature Location The gitUsernamePassword binding is implemented in Jenkins git plugin v4.8.0. The gitSshPrivateKey binding is implemented in a pull request to the Jenkins git plugin Dependencies Credentials Binding Plugin- It is used to bind Git specific environment variables with shell scripts/commands which perform git authentication on behalf of the user, without their interaction with the command-line. Bouncy Castle API Plugin- Provides an API to do common tasks like PEM/PKCS#8 Encoding/Decoding and ensuring its stability among Bouncy Castle API versions. SSH Server...
Docker images use Java 11 by default
The Jenkins project provides Docker images for controllers, inbound agents, outbound agents, and more. Beginning with Jenkins 2.307 released August 17, 2021 and Jenkins 2.303.1 released August 25, 2021, the Docker images provided by the Jenkins project will use Java 11 instead of Java 8. Controllers use Java 11 by default If you are running one of the Jenkins Docker controller images that does not include a JDK version in its label, the Java runtime will switch from Java 8 to Java 11 with the upgrade. For example: Jenkins 2.306 running as jenkins/jenkins:latest uses Java 8. When Jenkins 2.307 or later is run with jenkins/jenkins:latest, it...