Jenkins Evaluation happened in January 2021 and I believe that Jenkins is still improving. This post is supposed to be part of the bigger series with a unified structure.

Jenkins features overview:

– Pipeline definition completely lives in GIT together with code ~> Jenkinsfile
– Support for jenkinsfile via graddle DSL
– You can chain the pipelines
– Single pipeline triggered on various branches ~> Multi-branch pipelines (tutorial)
– Parallel pipeline stages
– Access to build meta-data (e.g.  build-number, commit hash, …)
– Jenkins as a code plugin
– Managing secrets via secrets plugin
– Audit trail plugin
– Try notifier
– Better UI with Blue Ocean
– Tooling – Jenkins Job Builder (Job builder tutorial)
– Pull-request Jenkins pipeline
– Deployment topology – master x slave/agent
– Jenkins Helm deployment – seems has autoscaling agents – based on Configuration as a code plugin
– Manual approvals – seems as not so straightforward via input option
– Jenkins on Google Kubernetes Engine

Security model:

– Default has no roles – all has single view -> plugins
– GitHub OAuth and here
– Role base authorisation plugin –  (strategy plugin – role) – that probably doesn’t work together with gitHub OAuth, but can work with Matrix access

Resources:

– Jenkins for beginners

Summary:

Jenkins – one of the most popular open-source CI/CD systems. Necessary to be self-hosted. But even the Kubernetes plugin seems to have agent autoscaling capabilities which should be cost-effective. Seems that the whole Jenkins configuration can be bootstrapped from code. 

The security model has various options not sure how all fits together e.g. GitHub OAuth + Roles and Securities but there are multiple ways e.g. control matrix. 

Has the concept of pipelines and jobs. Pipelines are next generation where they live completely in code-base ~> LTS should be ok. Seems that have some basic manual approvals stages, question how that goes together with auth. Has the concept of multi-branch jobs/pipelines = single definition for the whole bunch of branches where the definition is dynamically taken from the source. 

CD capabilities are somewhat simplistic – no advanced release strategies. Like rollback, monitoring etc. That would need to be scripted probably.