├── .gitignore ├── logos ├── beekeeper.png ├── buttler_stay_safe.png └── buttler_jenkins_is_the_way.png ├── .github ├── release-drafter.yml ├── dependabot.yml └── workflows │ └── release-drafter.yml ├── updatecli ├── values.yaml ├── scripts │ └── generate-pr-body.sh └── updatecli.d │ └── jenkins-core-and-plugins.yaml ├── Jenkinsfile_k8s ├── Dockerfile ├── cst.yml ├── Jenkinsfile_updatecli ├── README.md ├── contributing.md └── plugins.txt /.gitignore: -------------------------------------------------------------------------------- 1 | hadolint.json 2 | *.tar 3 | -------------------------------------------------------------------------------- /logos/beekeeper.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jenkins-infra/docker-jenkins-weeklyci/main/logos/beekeeper.png -------------------------------------------------------------------------------- /logos/buttler_stay_safe.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jenkins-infra/docker-jenkins-weeklyci/main/logos/buttler_stay_safe.png -------------------------------------------------------------------------------- /.github/release-drafter.yml: -------------------------------------------------------------------------------- 1 | _extends: .github 2 | 3 | name-template: '$RESOLVED_VERSION' 4 | tag-template: '$RESOLVED_VERSION' 5 | -------------------------------------------------------------------------------- /logos/buttler_jenkins_is_the_way.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jenkins-infra/docker-jenkins-weeklyci/main/logos/buttler_jenkins_is_the_way.png -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | --- 2 | version: 2 3 | updates: 4 | - package-ecosystem: "github-actions" 5 | directory: "/" 6 | schedule: 7 | interval: "daily" 8 | -------------------------------------------------------------------------------- /updatecli/values.yaml: -------------------------------------------------------------------------------- 1 | github: 2 | user: Jenkins Infra Bot (updatecli) 3 | email: 60776566+jenkins-infra-bot@users.noreply.github.com 4 | token: UPDATECLI_GITHUB_TOKEN 5 | branch: main 6 | owner: jenkins-infra 7 | repository: docker-jenkins-weeklyci 8 | -------------------------------------------------------------------------------- /Jenkinsfile_k8s: -------------------------------------------------------------------------------- 1 | buildDockerAndPublishImage('jenkins-weeklyci', [ 2 | publishToPrivateAzureRegistry: true, 3 | targetplatforms: 'linux/arm64', 4 | nextVersionCommand: 'echo "$(jx-release-version -next-version=semantic:strip-prerelease)-$(grep "FROM jenkins" Dockerfile | cut -d: -f2 | cut -d- -f1)"', 5 | ]) 6 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM jenkins/jenkins:2.543-jdk21 2 | COPY logos /usr/share/jenkins/ref/userContent/logos 3 | COPY ./plugins.txt /usr/share/jenkins/ref/plugins.txt 4 | RUN jenkins-plugin-cli \ 5 | --jenkins-update-center='https://azure.updates.jenkins.io/update-center.json' \ 6 | --jenkins-plugin-info='https://azure.updates.jenkins.io/plugin-versions.json' \ 7 | --plugin-file /usr/share/jenkins/ref/plugins.txt \ 8 | --verbose 9 | -------------------------------------------------------------------------------- /cst.yml: -------------------------------------------------------------------------------- 1 | --- 2 | schemaVersion: 2.0.0 3 | fileExistenceTests: 4 | - name: 'plugins.txt' 5 | path: '/usr/share/jenkins/ref/plugins.txt' 6 | shouldExist: true 7 | - name: 'default plugin - workflow-aggregator' 8 | path: '/usr/share/jenkins/ref/plugins/workflow-aggregator.jpi' 9 | shouldExist: true 10 | - name: 'default plugin - git' 11 | path: '/usr/share/jenkins/ref/plugins/git.jpi' 12 | shouldExist: true 13 | - name: 'default plugin - configuration-as-code' 14 | path: '/usr/share/jenkins/ref/plugins/configuration-as-code.jpi' 15 | shouldExist: true 16 | -------------------------------------------------------------------------------- /Jenkinsfile_updatecli: -------------------------------------------------------------------------------- 1 | final String cronExpr = env.BRANCH_IS_PRIMARY ? '@daily' : '' 2 | 3 | properties([ 4 | buildDiscarder(logRotator(numToKeepStr: '10')), 5 | disableConcurrentBuilds(abortPrevious: true), 6 | pipelineTriggers([cron(cronExpr)]), 7 | ]) 8 | 9 | node('linux-arm64-docker') { 10 | timeout(time: 10, unit: 'MINUTES') { 11 | final String updatecliAction = env.BRANCH_IS_PRIMARY ? 'apply' : 'diff' 12 | stage("Run updatecli action: ${updatecliAction}") { 13 | updatecli( 14 | action: updatecliAction, 15 | runInCurrentAgent: true, 16 | ) 17 | } 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /.github/workflows/release-drafter.yml: -------------------------------------------------------------------------------- 1 | name: Release Drafter 2 | on: 3 | push: 4 | workflow_dispatch: 5 | release: 6 | # Only allow 1 release-drafter build at a time to avoid creating multiple "next" releases 7 | concurrency: "release-drafter" 8 | jobs: 9 | deploy: 10 | runs-on: ubuntu-latest 11 | steps: 12 | - name: Check out 13 | uses: actions/checkout@v6 14 | with: 15 | fetch-depth: 0 16 | - name: Release Drafter 17 | uses: release-drafter/release-drafter@b1476f6e6eb133afa41ed8589daba6dc69b4d3f5 # v6.1.0 18 | with: 19 | name: next 20 | tag: next 21 | version: next 22 | env: 23 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 24 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # docker-jenkins-weeklyci 2 | 3 | [![](https://img.shields.io/docker/pulls/jenkinsciinfra/ldap?label=jenkinsciinfra%2Fjenkins-weeklyci&logo=docker&logoColor=white)](https://hub.docker.com/r/jenkinsciinfra/jenkins-weeklyci/tags) 4 | 5 | A docker image for the service weekly.ci.jenkins.io. 6 | 7 | ## Updating Plugins 8 | 9 | ```shell 10 | bash ./bin/update-plugins.sh 11 | ``` 12 | 13 | This script uses the [Jenkins Plugin Manager Tool command line](https://github.com/jenkinsci/plugin-installation-manager-tool) under the hood to update the plugins. 14 | 15 | ## Update Jenkins Version 16 | 17 | ```shell 18 | VERSION=$(jv get --version-identifier latest) 19 | SUFFIX=jdk21 20 | FULL_VERSION=jenkins/jenkins:${VERSION}-${SUFFIX} 21 | sed -i 's|FROM .*|FROM '"${FULL_VERSION}"'|' Dockerfile 22 | ``` 23 | -------------------------------------------------------------------------------- /updatecli/scripts/generate-pr-body.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eux -o pipefail 4 | 5 | new_plugins_file="${1}" 6 | orig_plugins_file="${2}" 7 | diff_file="$(mktemp)" 8 | 9 | # Store comparison between original and updated 10 | diff --unified=0 "${orig_plugins_file}" "${new_plugins_file}" > "${diff_file}" || true 11 | if [ -s "${diff_file}" ] 12 | then 13 | pluginsdiff="$(tail --lines +3 "${diff_file}" | grep -v '@')" 14 | newlines=$(echo "${pluginsdiff}" | grep '+') 15 | links='' 23 | 24 | echo "${links}" 25 | fi 26 | -------------------------------------------------------------------------------- /contributing.md: -------------------------------------------------------------------------------- 1 | # Contributing Guidelines 2 | 3 | This document outlines the process to update the docker images. 4 | 5 | ## Scheduling 6 | 7 | ### For Plugin Update without Core Update 8 | 9 | It can happen at anytime, but avoid merging during a security advisory or LTS Core release period. 10 | 11 | ### For a Core Update (With or without Plugins Update) 12 | 13 | - Default: Every Wednesday on mornings (Paris time) 14 | - Caused by the weekly core release happening on Tuesdays 15 | 16 | - Delayed on Wednesday evenings (Paris time) or even Thursday when there is a LTS Core release / security advisory 17 | 18 | ## Common Process 19 | 20 | For each plugin proposed for update we need to: 21 | 22 | - Get the direct link to the changelog from the [plugins.jenkins.io website](https://plugins.jenkins.io): search for the plugin to get to the a top "Release" tab, locate the version and retrieve the permalink (usually a GitHub release) 23 | - For instance with the plugin [`Matrix Authorization Strategy`](https://plugins.jenkins.io/matrix-auth/), with version 3.2, you get the following link: 24 | 25 | - If this plugin version changelog has a breaking or "💥 Major Changes 💥" change, add this link with a message mentioning the breaking change as a PR comment 26 | 27 | Example of a PR approval comment: 28 | 29 | ```text 30 | - 💥 Breaking changes on https://github.com/jenkinsci/kubernetes-client-api-plugin/releases/tag/6.8.1-224.vd388fca_4db_3b_: 31 | 32 | > Kubernetes-client 6.8.1 comes with a number of breaking changes that downstream plugins must adapt to. As Jenkins users, please don't upgrade to this new version until all plugin consumers have released a new version claiming compatibility. The list of compatible plugins will be posted below when available. 33 | 34 | - ⚠️💥 Major Changes 💥 on https://github.com/jenkinsci/matrix-auth-plugin/releases/tag/matrix-auth-3.2: 35 | 36 | > This release changes the syntax for configuring permissions with [Configuration as Code](https://plugins.jenkins.io/configuration-as-code/), [Job DSL](https://plugins.jenkins.io/job-dsl/), and [Pipeline](https://plugins.jenkins.io/workflow-aggregator/) plugins (https://github.com/jenkinsci/matrix-auth-plugin/pull/145, https://github.com/jenkinsci/matrix-auth-plugin/pull/144) 37 | > 38 | > Warning 39 | > This is a breaking change for anyone currently configuring matrix authorization using these plugins. 40 | > 41 | > In all three cases, the permissions list has been replaced with the entries list and a more elaborate element > syntax decoupled from the serialized XML configuration format. See examples below for the new syntax. 42 | ``` 43 | -------------------------------------------------------------------------------- /updatecli/updatecli.d/jenkins-core-and-plugins.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bump Jenkins Core and/or Plugins 3 | 4 | scms: 5 | default: 6 | kind: github 7 | spec: 8 | user: "{{ .github.user }}" 9 | email: "{{ .github.email }}" 10 | owner: "{{ .github.owner }}" 11 | repository: "{{ .github.repository }}" 12 | token: "{{ requiredEnv .github.token }}" 13 | username: "{{ .github.username }}" 14 | branch: "{{ .github.branch }}" 15 | 16 | sources: 17 | getCurrentDockerTagSuffix: 18 | name: Get current Jenkins base image 19 | kind: file 20 | spec: 21 | file: ./Dockerfile 22 | transformers: 23 | - findsubmatch: 24 | pattern: "FROM jenkins/jenkins:(.*)-(.*)" 25 | captureindex: 2 26 | getLatestJenkinsVersion: 27 | kind: jenkins 28 | name: Get the latest weekly Jenkins version 29 | spec: 30 | release: weekly 31 | transformers: 32 | - addsuffix: '-{{ source "getCurrentDockerTagSuffix" }}' 33 | getLatestPluginsToTempFile: 34 | name: Update Jenkins plugins 35 | kind: shell 36 | spec: 37 | command: | 38 | temp_file="$(mktemp)" 39 | docker container run --rm --volume=$(pwd):/data:ro --entrypoint=bash jenkins/jenkins:{{ source "getLatestJenkinsVersion" }} \ 40 | -c 'jenkins-plugin-cli --plugin-file /data/plugins.txt --available-updates --output txt' > "${temp_file}" 41 | echo "${temp_file}" 42 | getprbody: 43 | name: Generate PR Body to ease maintainers life (used by action github/pullrequest) 44 | kind: shell 45 | spec: 46 | command: bash ./updatecli/scripts/generate-pr-body.sh '{{ source "getLatestPluginsToTempFile" }}' ./plugins.txt 47 | getLatestPlugins: 48 | name: Get list of latest plugins 49 | kind: file 50 | spec: 51 | file: '{{ source "getLatestPluginsToTempFile" }}' 52 | 53 | conditions: 54 | testDockerImageExists: 55 | name: Does the Docker Image exist on the Docker Hub? 56 | kind: dockerimage 57 | sourceid: getLatestJenkinsVersion 58 | spec: 59 | image: jenkins/jenkins 60 | architectures: 61 | - amd64 62 | - arm64 63 | 64 | targets: 65 | updateDockerfile: 66 | name: Update the Dockerfile with the new version 67 | kind: dockerfile 68 | sourceid: getLatestJenkinsVersion 69 | spec: 70 | file: Dockerfile 71 | instruction: 72 | keyword: FROM 73 | matcher: jenkins/jenkins 74 | scmid: default 75 | updatePlugins: 76 | name: Update Jenkins plugins 77 | sourceid: getLatestPlugins 78 | kind: file 79 | spec: 80 | file: ./plugins.txt 81 | scmid: default 82 | 83 | actions: 84 | default: 85 | kind: github/pullrequest 86 | scmid: default 87 | title: Bump Jenkins Core and/or Plugins 88 | spec: 89 | description: | 90 |

Link(s):

91 |
92 | {{ source `getprbody` }} 93 |
94 | labels: 95 | - dependencies 96 | - jenkins-core 97 | - jenkins-plugins 98 | -------------------------------------------------------------------------------- /plugins.txt: -------------------------------------------------------------------------------- 1 | analysis-model-api:13.18.0-935.v784ca_107400a_ 2 | ansicolor:1.0.6 3 | antisamy-markup-formatter:173.v680e3a_b_69ff3 4 | apache-httpcomponents-client-4-api:4.5.14-269.vfa_2321039a_83 5 | authentication-tokens:1.144.v5ff4a_5ec5c33 6 | basic-branch-build-strategies:275.vde2351b_4a_58b_ 7 | bootstrap5-api:5.3.8-895.v4d0d8e47fea_d 8 | bouncycastle-api:2.30.1.82-277.v70ca_0b_877184 9 | branch-api:2.1268.v044a_87612da_8 10 | buildtriggerbadge:325.vdcd8a_826e87a_ 11 | caffeine-api:3.2.3-194.v31a_b_f7a_b_5a_81 12 | catppuccin-theme:3.v903b_635ffa_b_4 13 | checks-api:373.vfe7645102093 14 | chocolate-theme:7.v6a_8b_000467c6 15 | cloud-stats:377.vd8a_6c953e98e 16 | cloudbees-bitbucket-branch-source:937.2.2 17 | cloudbees-folder:6.1073.va_7888eb_dd514 18 | cloudbees-jenkins-advisor:392.v6ca_b_ff4e12fa_ 19 | coverage:2.3060.v035a_5557cdb_c 20 | command-launcher:123.v37cfdc92ef67 21 | commons-lang3-api:3.20.0-109.ve43756e2d2b_4 22 | commons-text-api:1.15.0-210.v7480a_da_70b_9e 23 | config-file-provider:1006.vc7366c201f57 24 | configuration-as-code:2006.v001a_2ca_6b_574 25 | copyartifact:770.va_6c69e063442 26 | credentials:1453.v9b_a_29777a_b_fd 27 | credentials-binding:702.vfe613e537e88 28 | customizable-header:257.v1c5c2d5c0594 29 | dark-theme:574.va_19f05d54df5 30 | data-tables-api:2.3.5-1497.v38449eb_7d5a_1 31 | design-library:417.vce0571393f5b_ 32 | display-url-api:2.217.va_6b_de84cc74b_ 33 | docker-commons:457.v0f62a_94f11a_3 34 | durable-task:639.vefb_3d8372f6d 35 | echarts-api:6.0.0-1165.vd1283a_3e37d4 36 | extended-read-permission:68.vd270568a_7520 37 | favorite:2.253.v9b_413168133b_ 38 | font-awesome-api:7.1.0-882.v1dfb_771e3278 39 | forensics-api:3.1772.v99ca_3d83b_9fa_ 40 | git:5.8.1 41 | git-client:6.4.3 42 | git-forensics:3.2138.vf25ea_d549e33 43 | github:1.45.0 44 | github-api:1.330-492.v3941a_032db_2a_ 45 | github-branch-source:1925.v62fb_7ffb_08ce 46 | github-checks:634.v371dc6d978a_3 47 | github-label-filter:1.0.0 48 | groovy:497.v7b_061a_a_de65d 49 | handy-uri-templates-2-api:2.1.8-38.vcea_5d521d5f3 50 | inline-pipeline:1.0.32.vf433f2d57630 51 | instance-identity:203.v15e81a_1b_7a_38 52 | ionicons-api:94.vcc3065403257 53 | jackson2-api:2.20.1-423.v13951f6b_6532 54 | jakarta-activation-api:2.1.4-1 55 | jakarta-mail-api:2.1.5-1 56 | javax-activation-api:1.2.0-8 57 | javax-mail-api:1.6.2-11 58 | jaxb:2.3.9-133.vb_ec76a_73f706 59 | jdk-tool:83.v417146707a_3d 60 | jersey2-api:2.47-165.ve7809a_3e87e0 61 | jjwt-api:0.11.5-120.v0268cf544b_89 62 | jnr-posix-api:3.1.21-186.vb_7ec9b_23ce83 63 | job-dsl:1.93 64 | jsch:0.2.16-95.v3eecb_55fa_b_78 65 | junit:1380.v491ff054cd35 66 | ldap:793.v754d6b_41b_ea_4 67 | mailer:525.v2458b_d8a_1a_71 68 | matrix-auth:3.2.9 69 | matrix-project:870.v9db_fcfc2f45b_ 70 | metrics:4.2.37-489.vb_6db_69b_ce753 71 | node-iterator-api:72.vc90e81737df1 72 | nord-theme:1.1 73 | pipeline-build-step:571.v08a_fffd4b_0ce 74 | pipeline-github:2.8-162.382498405fdc 75 | pipeline-graph-analysis:245.v88f03631a_b_21 76 | pipeline-graph-view:730.v433816a_b_7a_73 77 | pipeline-groovy-lib:787.ve2fef0efdca_6 78 | pipeline-input-step:540.v14b_100d754dd 79 | pipeline-milestone-step:138.v78ca_76831a_43 80 | pipeline-model-api:2.2277.v00573e73ddf1 81 | pipeline-model-definition:2.2277.v00573e73ddf1 82 | pipeline-model-extensions:2.2277.v00573e73ddf1 83 | pipeline-rest-api:2.38 84 | pipeline-stage-step:322.vecffa_99f371c 85 | pipeline-stage-tags-metadata:2.2277.v00573e73ddf1 86 | plain-credentials:199.v9f8e1f741799 87 | plugin-util-api:6.1192.v30fe6e2837ff 88 | prism-api:1.30.0-630.va_e19d17f83b_0 89 | pubsub-light:1.19 90 | scm-api:724.v7d839074eb_5c 91 | scm-filter-branch-pr:222.v72301ecb_a_ee7 92 | script-security:1385.v7d2d9ec4d909 93 | snakeyaml-api:2.5-143.v93b_c004f89de 94 | solarized-theme:28.vfe25223f14fe 95 | sse-gateway:1.28 96 | ssh-agent:386.v36cc0c7582f0 97 | ssh-credentials:361.vb_f6760818e8c 98 | sshd:3.374.v19b_d59ce6610 99 | structs:362.va_b_695ef4fdf9 100 | support-core:1763.ve4ce0d10a_3f0 101 | theme-manager:327.v780d7096ec29 102 | timestamper:1.30 103 | token-macro:477.vd4f0dc3cb_cf1 104 | trilead-api:2.284.v1974ea_324382 105 | variant:70.va_d9f17f859e0 106 | warnings-ng:12.9936.vda_5743ded29a_ 107 | workflow-aggregator:608.v67378e9d3db_1 108 | workflow-api:1398.v67030756d3fb_ 109 | workflow-basic-steps:1098.v808b_fd7f8cf4 110 | workflow-cps:4238.va_6fb_65c1f699 111 | workflow-durable-task-step:1464.v2d3f5c68f84c 112 | workflow-job:1559.va_a_533730b_ea_d 113 | workflow-multibranch:821.vc3b_4ea_780798 114 | workflow-scm-step:466.va_d69e602552b_ 115 | workflow-step-api:710.v3e456cc85233 116 | workflow-support:1010.vb_b_39488a_9841 117 | --------------------------------------------------------------------------------