Jenkinsfile Runner is an experiment to package Jenkins pipeline execution as a command line tool. The intended use cases include:
- Assist editing and testing Jenkinsfile locally
- Use Jenkins in Function-as-a-Service context
- Integration test shared libraries
Please report issues on Jira
Jenkinsfile Runner is a command line tool you can invoke from any project directory containing a Jenkinsfile. It's a standalone executable but requires java in your PATH so it can run a Jenkins headless master.
Jenkinsfile Runner will:
- download latest Jenkins LTS
- setup a temporary JENKINS_HOME directory to run a headless jenkins for your Pipeline
- install plugins as defined by a
plugins.txtfile in project directory. If none are set, it will install the latestworkflow-aggregator - optionally create a
.secretdirectory with secrets from asecrets.gpgGPG-encrypted file. Read more in sensitive data - run Jenkins master headlessly with a custom plugin installed to immediately run a single job based on local Jenkinsfile, then shutdown on completion.
For your convenience you can use the jenkins/jenkinsfile-runner docker image:
$ docker run -it -v $(pwd):/workspace jenkins/jenkinsfile-runnerTo avoid repeated downloads we suggest you define volumes for the download caches:
$ docker run -it -v $(pwd):/workspace \
-v jenkinsfile-runner-cache:/var/jenkinsfile-runner-cache \
jenkins/jenkinsfile-runnerWe recommend that you make the transient JENKINS_HOME a temporary volume so that you don't consume all disk space with repeated builds:
$ docker run -it -v $(pwd):/workspace \
--tmpfs /var/jenkinsfile-runner \
-v jenkinsfile-runner-cache:/var/jenkinsfile-runner-cache \
jenkins/jenkinsfile-runnerAlternatively you might want to reuse this folder between runs. This can be useful to collect build output and diagnose jenkinsfile-runner issues:
$ docker run -it -v $(pwd):/workspace \
-v $(pwd)/jenkinsfile-runner:/var/jenkinsfile-runner \
-v jenkinsfile-runner-cache:/var/jenkinsfile-runner-cache \
jenkins/jenkinsfile-runnersee sample here
Currently there's no released distribution, so you must first build the code by yourself. You need Maven and Go SDK installed. We also use dep for golang dependencies and vendor folder management.
You can either build with Dockerfile:
docker build -t jenkins/jenkinsfile-runner . or if you have adequate tools installed:
mvn install
dep ensure
go install Assuming you have $GOBIN well set and declared in your PATH, you now have command line jenkinsfile-runner available to run from any directory containing a Jenkinsfile.
You can choose the version of jenkins to run by passing a -version argument. Default value latest is an alias for "latest LTS release" which is checked once a day. The requested jenkins.war is downloaded to download cache before jenkins is started from local .jenkinsfile-runner JENKINS_HOME
You can include a plugins.txt file with plugins required to run your pipeline. Jenkinsfile-runner will download those plugins and dependencies into download cache and setup .jenkinsfile-runner JENKINS_HOME accordingly.
plugins.txt file is a plain text format with a plugin per line, as <shortname>:<version>
If you use a custom update site to host your own plugins, you can suffix plugins with optional @updatesiteId and pass -site argument using id=url format to Jenkinsfile-runner.
Note: once JENKINS-34002 is implemented we will also pick required dependencies from Jenkinsfile.
As Jenkinsfile-runner downloads jenkins.war and plugins on-demand, it relies on a download cache.
Default location is $HOME/.jenkinsfile-runner but you can override using the -cache option.
For non-trivial pipelines you'll need some way to configure Jenkins master, for example to declare some credentials referred by ID in your Jenkinsfile. Jenkinsfile-runner relies on Configuration-as-Code for this purpose. You only need to provide a jenkins.yaml file alongside your Jenkinsfile to have the transient jenkins master configured accordingly.
Your pipeline might require some sensitive data that you don't want to store in plain text in your SCM.
For this purpose you can define them in a secrets file in java properties format, and encrypt it with GPG allowing your teammates to decrypt this file:
gpg --encrypt --recipient bob@acme.org --recipient alice@acme.org (...) secretsThis will produce an encrypted secrets.gpg file you can safely commit to SCM. Never commit the initial secrets file (once encrypted, you can delete it). We highly recommend you add it to your .gitignore to avoid mistakes.
We suggest you manage teammates' gpg public keys in your SCM as a keyring to ensure everybody in the team knows each other GPG identity.
When such a secrets.gpg file exists alongside your Jenkinsfile (or is set by -secrets option), Jenkinsfile-runner will create a .secrets directory in .jenkinsfile-runner JENKINS_HOME following the Docker secrets layout, fully compatible with Configuration-as-Code so you can define your configuration with secret replacements:
jenkins:
somethingSecret: ${NEVER_STORED_IN_PLAIN_TEXT}To enforce security, this folder is deleted when Jenkinsfile-runner completes.
Jenkinsfile Runner is not a re-implementation of the Pipeline execution library used by Jenkins. This would be a huge effort, and anyway all the power of Pipeline comes from various Jenkins plugins to provide DSL keywords. Jenkinsfile-runner is actually booting a (headless) Jenkins master, create a one-shot job to run once the Jenkinsfile script in your local directory, sending build log to stdout.
Jenkinsfile Runner is a go program to setup a transient, headless Jenkins master. It automatically install the set of plugins defined in a plugins.txt file stored aside your Jenkinsfile. It also will apply a jenkins.yaml Configuration-as-Code file if present, which you can rely on to define the expected Jenkins configuration required for your pipeline script.
Within this transient jenkins master, a dedicated plugin is injected and will automatically create a job to run your Jenkinsfile from local filesystem. This plugin also hacks Jenkins to redirect the build log to stdout, and shut down master when job is completed.