Requirements
Jenkins works on all released versions of the Liberty profile, however it works best with the latest version (at the time of writing that was the copy shipped as a part of WebSphere Application Server v8.5.5.) and these instructions are based on 8.5.5.
Installation
There are two ways to deploy Jenkins to the Liberty profile.
Dropins
To install Jenkins on Liberty profile, simply copy jenkins.war
to ${server.config.dir}/dropins
, then access http://yourhost:9080/jenkins
.
Configured
To install Jenkins on Liberty profile copy jenkins.war
to ${server.config.dir}/apps
. Edit the server.xml to add
<webApplication location="jenkins.war" />
then access http://youhost:9080/jenkins
.
Upgrade
Simply overwrite your jenkins.war
with the new version. Liberty profile should automatically redeploy the application.
Setting JVM options
Before starting Liberty profile create a ${server.config.dir}/jvm.options
file and add the following line:
-DJENKINS_HOME=/path/to/jenkins_home/
Additionally, add the following lines to ensure HTTP requests without Content-Type header are decoded correctly (JENKINS-62987):
-Dfile.encoding=UTF-8 -Dclient.encoding.override=UTF-8
This file can also be used to increase the heap size. On a new line add:
-Xmx512m
Securing Jenkins on Liberty profile
To configure the user/group to role mappings in Liberty profile you need to deploy it via the server.xml. Users and groups can be picked up from LDAP, or can be stored in the server.xml.
Configure security by enabling the
appSecurity-2.0
feature. This is done by editing the server.xml to add:<featureManager> <feature>appSecurity-2.0</feature> </featureManager>
Configure the role mapping for the Jenkins application:
<webApplication location="jenkins.war"> <application-bnd> <security-role name="admin"> <user name="jenkins-admin"/> <group name="jenkins-admins"/> </security-role> </application-bnd> </webApplication>
Optional: Configure user in server.xml
<basicRegistry realm="jenkins"> <user name="jenkins-admin" password="secret"/> <group name="jenkins-admins"> <member name="jenkins-admin"> </group> </basicRegistry>
The securityUtility script in the bin folder can be used to generate a hashed password for this file. This can be done by running
$ ${wlp.install.dir}/bin/securityUtility encode --encoding=hash secret
Copy the printed hashed password into the
password
attribute in the server.xml. Ifsecret
is not passed in on the command line you will be prompted for it.Related reads
- Visit WASdev for up-to-date information, download and get help with Liberty Profile
- The infocenter for Liberty profile.
- Download Liberty profile.