Over a million developers have joined DZone.

End-to-End Tutorial for Continuous Integration and Delivery by Dockerizing a Jenkins Pipeline

DZone's Guide to

End-to-End Tutorial for Continuous Integration and Delivery by Dockerizing a Jenkins Pipeline

Learn how to implement container technologies with your Jenkins CI/CD workflows to make them easier to manage in this tutorial.

· DevOps Zone ·
Free Resource

Discover how quick and easy it is to secure secrets, so you can get back to doing what you love. Try Conjur, a free open source security service for developers.

Continuous integration and continuous delivery are highly fundamental topics in the software industry, especially with cloud and container technologies. Container technologies such as Docker, Kubernetes, and OpenShift and automation servers like Jenkins make it easier to manage our project workflows.

The repository I have created answers the question of how to automatically manage the process of building, testing with the highest coverage, and deploying phases.

Our goal is to ensure our pipeline works well after each code being pushed. The processes we want to auto-manage:

  • Code checkout

  • Run tests

  • Compile the code

  • Run Sonarqube analysis on the code

  • Create Docker image

  • Push the image to Docker Hub

  • Pull and run the image

1) Running the Services

Since one of the goals is to obtain the Sonarqube report of our project, we should be able to access Sonarqube from the Jenkins service. Docker composeis the best choice to run services working together. We configure our application services in a yaml file, as below.


version: '3.2'
      context: sonarqube/
      - 9000:9000
      - 9092:9092
    container_name: sonarqube
      context: jenkins/
    privileged: true
    user: root
      - 8080:8080
      - 50000:50000
    container_name: jenkins
      - /tmp/jenkins:/var/jenkins_home #Remember that, the tmp directory is designed to be wiped on system reboot.
      - /var/run/docker.sock:/var/run/docker.sock
      - sonarqube

The paths of Docker files of the containers are specified at context attribute in the docker-compose file. The content of these files as follows:


FROM sonarqube:6.7-alpine


FROM jenkins:2.60.3

If we run the following command in the same directory as the docker-compose.yml file, the Sonarqube and Jenkins containers will spin up and run.

docker-compose -f docker-compose.yml up --build
docker ps
CONTAINER ID        IMAGE                COMMAND                  CREATED              STATUS              PORTS                                              NAMES
87105432d655        pipeline_jenkins     "/bin/tini -- /usr..."   About a minute ago   Up About a minute>8080/tcp,>50000/tcp   jenkins
f5bed5ba3266        pipeline_sonarqube   "./bin/run.sh"           About a minute ago   Up About a minute>9000/tcp,>9092/tcp     sonarqube

GitHub Configuration

We’ll define a service on GitHub to call the Jenkins Github webhook because we want to trigger the pipeline. To do this, go to Settings -> Integrations & services. The Jenkins Github plugin should be shown on the list of available services, as below.

Image title

After this, we should add a new service by typing the URL of the dockerized Jenkins container along with the /github-webhook/ path.

Image title

The next step is to create an SSH key for a Jenkins user and define it as Deploy keys on our GitHub repository.

Image title

If everything goes well, the following connection request should return with a success.

ssh git@github.com
PTY allocation request failed on channel 0
Hi <your github username>/<repository name>! You've successfully authenticated, but GitHub does not provide shell access.
Connection to github.com closed.

Jenkins Configuration

We have configured Jenkins in the docker compose file to run on port 8080 therefore if we visit http://localhost:8080 we will be greeted with a screen like this.

Image title

We need the admin password to proceed to installation. It’s stored in the /var/jenkins_home/secrets/initialAdminPassword directory and also it’s written as output on the console when Jenkins starts.

jenkins      | *************************************************************
jenkins      |
jenkins      | Jenkins initial setup is required. An admin user has been created and a password generated.
jenkins      | Please use the following password to proceed to installation:
jenkins      |
jenkins      | 45638c79cecd4f43962da2933980197e
jenkins      |
jenkins      | This may also be found at: /var/jenkins_home/secrets/initialAdminPassword
jenkins      |
jenkins      | *************************************************************

To access the password from the container.

docker exec -it jenkins sh
/ $ cat /var/jenkins_home/secrets/initialAdminPassword

After entering the password, we will download recommended plugins and define anadmin user.

Image title

Image title

Image title

After clicking Save and Finish and Start using Jenkins buttons, we should be seeing the Jenkins homepage. One of the seven goals listed above is that we must have the ability to build an image in the Jenkins being dockerized. Take a look at the volume definitions of the Jenkins service in the compose file.

- /var/run/docker.sock:/var/run/docker.sock

The purpose is to communicate between the Docker Daemon and the Docker Client (we will install it on Jenkins) over the socket. Like the docker client, we also need Maven to compile the application. For the installation of these tools, we need to perform the Maven and Docker Client configurations under Manage Jenkins -> Global Tool Configuration menu.

Image title

We have added the Maven and Docker installers and have checked theInstall automatically checkbox. These tools are installed by Jenkins when our script (Jenkins file) first runs. We give myMaven and myDocker names to the tools. We will access these tools with this names in the script file.

Since we will perform some operations such as checkout codebase and pushing an image to Docker Hub, we need to define the Docker Hub Credentials. Keep in mind that if we are using a private repo, we must define Github credentials. These definitions are performed under Jenkins Home Page -> Credentials -> Global credentials (unrestricted) -> Add Credentials menu.

Image title

We use the value we entered in the ID field to Docker Login in the script file. Now, we define pipeline under Jenkins Home Page -> New Item menu.

Image title

In this step, we select GitHub hook trigger for GITScm pooling options for an automatic run of the pipeline by Github hookcall.

Image title

Also in the Pipeline section, we select the Pipeline script from SCM as Definition, define the GitHub repository and the branch name, and specify the script location (Jenkins file).

Image title

After that, when a push is done to the remote repository or when you manually trigger the pipeline by Build Now option, the steps described in the Jenkins file will be executed.

Image title

Reviewing Important Points of the Jenkins File

    def dockerHome = tool 'myDocker'
    def mavenHome  = tool 'myMaven'
    env.PATH = "${dockerHome}/bin:${mavenHome}/bin:${env.PATH}"

The Maven and Docker client tools we have defined in Jenkins under Global Tool Configuration menu are added to the PATH environment variable for using these tools with a sh command.

stage('Push to Docker Registry'){
    withCredentials([usernamePassword(credentialsId: 'dockerHubAccount', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) {

withCredentials provided by Jenkins Credentials Binding Plugin and bind credentials to variables. We passed dockerHubAccount value with credentialsId parameter. Remember that, dockerHubAccount value is Docker Hub credentials ID we have defined it under Jenkins Home Page -> Credentials -> Global credentials (unrestricted) -> Add Credentials menu. In this way, we access to the username and password information of the account for login.

Sonarqube Configuration

For Sonarqube, we have made the following definitions in the pom.xml file of the project.


In the docker compose file, we gave the name of the Sonarqube service which is sonarqube, this is why in the pom.xml file, the sonar URL was defined as http://sonarqube:9000.

In this article, I have tried to share an end-to-end tutorial, I hope this could help your needs.

Conjur is a free open source security service built by DevOps engineers. With integrations with all your favorite tools and an easy way to secure secrets, it's a no brainer. Come check it out!

docker ,jenkins ,ci/cd ,continuous integration ,continuous delivery ,devops

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}