Skip to content

Instantly share code, notes, and snippets.

@savishy

savishy/Jenkins Pipeline Tips and Troubleshooting.md

Last active August 30, 2021 21:56
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save savishy/61a8d148cc48eaceb6cf8fe2d215af93 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save savishy/61a8d148cc48eaceb6cf8fe2d215af93 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Jenkins Pipeline Tips and Troubleshooting.md

Jenkins + Docker

The exact list of plugins for enabling Docker commands within Jenkins jobs is somewhat unclear.

Looks like at least the Docker Build Step plugin is required to make this happen.

This does two things:

  1. Helps us to run docker commands within Execute Shell steps
  2. Adds the "Execute Docker Command" build step .

Important Configuration

  1. Make sure the Jenkins user is added to the docker group. eg. usermod -aG docker jenkins. If you don't do this, you might see errors like Got permission denied while trying to connect to the Docker daemon socket.

  2. Make sure to restart the machine as well as Jenkins Service for the above user change to take effect.

Polling SCM in Pipeline Jobs

**Question: ** The Jenkins Pipeline Job Type has the "Poll SCM" field. But if I use multiple SCMs, does this work, and if so how?

**Answer: **

It does work across multiple SCMs. Suppose you have the following setup:

  • App code stored in one repo
  • Deployment Ansible Playbooks stored in another repo
  • Jenkins Pipeline code which builds the app and deploys it is stored in a third repo.

In this case, "Poll SCM" will work across all 3 repos above. It will poll all the repos as per the schedule you specify. And changes to any repo will trigger the pipeline.

(This conforms to the Continuous Delivery idea that any change should trigger the pipeline.)

Troubleshooting: Mysterious Error: java.io.NotSerializableException

This error took me a day and a half to figure out.

  • A Pipeline Job is configured to pick the code from SCM.
  • There is a Jenkinsfile, which loads methods (def methodName) from a job-config.groovy file.

Everything was working well until I decided to add a stub method to invoke an ansible playbook.

def invokePlaybook() {

}

Using the Snippet Generator functionality, I generated some sample pipeline code as follows:

image

The generated code looked like this:

image

But when I copied the code, I chose to insert some newline characters.

def invokePlaybook() {

  ansiblePlaybook
    credentialsId: 'jenkins-gitlab-ssh-key',
    extras: '--extra-vars @extra_vars.json',
    installation: 'Ansible-2.3.0',
    inventory: 'inventories/sit/',
    playbook: 'playbook.yml',
    sudo: true, sudoUser: "root"

}

So what was the cause?

Either the multiple-line entry was the cause, or perhaps it was the use of the @extra_vars.json? Who knows?

What I did find, however, was that if I paste the code in the inline-groovy editor (Job Type: Pipeline Script) it throws a compilation error. So remember to do this when writing your pipeline code!

org.codehaus.groovy.control.MultipleCompilationErrorsException: startup failed:
WorkflowScript: 112: unexpected token: jenkins-gitlab-ssh-key @ line 112, column 20.
       credentialsId: 'jenkins-gitlab-ssh-key',

Interesting Plugin: Pipeline Utility Steps

This plugin installs several useful functionalities exposed via Pipeline Steps.

E.g:

readJSON: Read JSON from files in the workspace.
readMavenPom: Read a maven project pom.xml file.
Raw
Jenkins Tips and Troubleshooting.md

Jenkins Tips and Troubleshooting

Problem accessing /j_acegi_security_check. Reason: Not Found

After logging in I receive a blank screen with the error above.

reference

The best solution for this is to disable security as described below.

Help, I got locked out of my Jenkins!

When you are "locked out" of Jenkins, symptoms include

  1. Typing a password but it isn't accepted
  2. You might receive an error saying "user doesn't have Overall/Read permission".

Possible causes for locking yourself out may include:

  1. You removed Overall/Read access for your user account.
  2. You didn't set a Security Realm.

How to unlock Jenkins

  1. Open terminal
  2. cd to the Jenkins Home directory, typically /var/lib/jenkins
  3. Open config.xml in editor.
  4. You will find a line similar to <useSecurity>true</useSecurity>
  5. Replace true with false.
  6. Save and exit.
  7. Restart Jenkins.

Security is now disabled.

Jenkins Pipeline: Script Security

reference

Almost immediately after you start writing Pipeline scripts you will encounter the following error when you start to run your Pipeline:

image

Cause

This is because the script needs to be approved before it can use some Jenkins resources.

Solution

  1. Make sure Jenkins Script Security Plugin is installed.
  2. Go to Jenkins > Manage Jenkins > In-Process Script Approval.
  3. Give permission for access to the requested object. This might look like the example below:

image

Always install plugins with restart

java.lang.NoClassDefFoundError: org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox

image

I had Jenkins 2.32 and the Script Security Plugin. After I installed several (almost 20-30 plugins) without restart, Jenkins refused to load the ScriptSecurity Plugin correctly. I also upgraded to 2.46 without a restart, and Script Security plugin started to throw the above errors, and the "In-Process Script Approval" menu was absent.

Conclusion: *always install plugins with a restart.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment