{"id":13443012,"url":"https://github.com/jenkinsci/docker","last_synced_at":"2026-03-03T13:02:22.484Z","repository":{"id":18756879,"uuid":"21969270","full_name":"jenkinsci/docker","owner":"jenkinsci","description":"Docker official jenkins repo","archived":false,"fork":false,"pushed_at":"2026-01-21T09:36:44.000Z","size":2765,"stargazers_count":7347,"open_issues_count":16,"forks_count":4717,"subscribers_count":287,"default_branch":"master","last_synced_at":"2026-01-23T20:13:15.212Z","etag":null,"topics":["docker","hacktoberfest","jenkins"],"latest_commit_sha":null,"homepage":"https://hub.docker.com/r/jenkins/jenkins","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jenkinsci.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"community_bridge":"jenkins","custom":["https://www.jenkins.io/donate/#why-donate"]}},"created_at":"2014-07-18T05:51:05.000Z","updated_at":"2026-01-23T16:22:56.000Z","dependencies_parsed_at":"2023-12-25T03:20:49.861Z","dependency_job_id":"6adc99dc-6c81-403f-998e-9d3aa3ff15ee","html_url":"https://github.com/jenkinsci/docker","commit_stats":{"total_commits":1438,"total_committers":184,"mean_commits":7.815217391304348,"dds":0.8226703755215578,"last_synced_commit":"1bfe0891d7701327ca333713e138d130ae192f94"},"previous_names":["cloudbees/jenkins-ci.org-docker"],"tags_count":186,"template":false,"template_full_name":null,"purl":"pkg:github/jenkinsci/docker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jenkinsci%2Fdocker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jenkinsci%2Fdocker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jenkinsci%2Fdocker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jenkinsci%2Fdocker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jenkinsci","download_url":"https://codeload.github.com/jenkinsci/docker/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jenkinsci%2Fdocker/sbom","scorecard":{"id":476965,"data":{"date":"2025-08-11","repo":{"name":"github.com/jenkinsci/docker","commit":"0fe053a280c72871db60f794cca9065f10dd12bf"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6.6,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/release-drafter.yml:1","Warn: no topLevel permission defined: .github/workflows/sync-plugin-manager.yml:1","Warn: no topLevel permission defined: .github/workflows/updatecli.yaml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: MIT License: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Info: Possibly incomplete results: error parsing shell code: \u0026 can only immediately follow a statement: tests/upgrade-plugins/Dockerfile-windows:3","Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: windows/windowsservercore/hotspot/Dockerfile:14-20","Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: windows/windowsservercore/hotspot/Dockerfile:25-42","Info: Possibly incomplete results: error parsing shell code: a command can only contain words and redirects; encountered (: windows/windowsservercore/hotspot/Dockerfile:54-56","Info: Possibly incomplete results: error parsing shell code: not a valid arithmetic operator: C: windows/windowsservercore/hotspot/Dockerfile:106-107","Info: Possibly incomplete results: error parsing shell code: (( can only be used to open an arithmetic cmd: windows/windowsservercore/hotspot/Dockerfile:115-117","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-drafter.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/jenkinsci/docker/release-drafter.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-plugin-manager.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/jenkinsci/docker/sync-plugin-manager.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/sync-plugin-manager.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/jenkinsci/docker/sync-plugin-manager.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/sync-plugin-manager.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/jenkinsci/docker/sync-plugin-manager.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/updatecli.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/jenkinsci/docker/updatecli.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/updatecli.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/jenkinsci/docker/updatecli.yaml/master?enable=pin","Warn: containerImage not pinned by hash: alpine/hotspot/Dockerfile:3","Warn: containerImage not pinned by hash: alpine/hotspot/Dockerfile:38","Warn: containerImage not pinned by hash: debian/bookworm-slim/hotspot/Dockerfile:3","Warn: containerImage not pinned by hash: debian/bookworm-slim/hotspot/Dockerfile:39","Warn: containerImage not pinned by hash: debian/bookworm/hotspot/Dockerfile:3","Warn: containerImage not pinned by hash: debian/bookworm/hotspot/Dockerfile:39","Warn: containerImage not pinned by hash: rhel/ubi9/hotspot/Dockerfile:1","Warn: containerImage not pinned by hash: rhel/ubi9/hotspot/Dockerfile:36","Warn: containerImage not pinned by hash: tests/functions/Dockerfile:1","Warn: containerImage not pinned by hash: tests/functions/Dockerfile-windows:1","Warn: containerImage not pinned by hash: tests/plugins-cli/Dockerfile:1","Warn: containerImage not pinned by hash: tests/plugins-cli/Dockerfile-windows:1","Warn: containerImage not pinned by hash: tests/plugins-cli/custom-war/Dockerfile:1","Warn: containerImage not pinned by hash: tests/plugins-cli/custom-war/Dockerfile-windows:1","Warn: containerImage not pinned by hash: tests/plugins-cli/java-opts/Dockerfile:1","Warn: containerImage not pinned by hash: tests/plugins-cli/no-war/Dockerfile:1","Warn: containerImage not pinned by hash: tests/plugins-cli/no-war/Dockerfile-windows:1","Warn: containerImage not pinned by hash: tests/plugins-cli/pluginsfile/Dockerfile:1","Warn: containerImage not pinned by hash: tests/plugins-cli/pluginsfile/Dockerfile-windows:1","Warn: containerImage not pinned by hash: tests/plugins-cli/ref/Dockerfile:1","Warn: containerImage not pinned by hash: tests/plugins-cli/ref/Dockerfile-windows:1","Warn: containerImage not pinned by hash: tests/plugins-cli/update/Dockerfile:1","Warn: containerImage not pinned by hash: tests/plugins-cli/update/Dockerfile-windows:1","Warn: containerImage not pinned by hash: tests/upgrade-plugins/Dockerfile:1","Warn: containerImage not pinned by hash: tests/upgrade-plugins/Dockerfile-windows:1","Warn: containerImage not pinned by hash: windows/windowsservercore/hotspot/Dockerfile:8","Warn: containerImage not pinned by hash: windows/windowsservercore/hotspot/Dockerfile:45","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   4 third-party GitHubAction dependencies pinned","Info:   0 out of  27 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-19T15:34:39.449Z","repository_id":18756879,"created_at":"2025-08-19T15:34:39.449Z","updated_at":"2025-08-19T15:34:39.449Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28812367,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-27T07:41:26.337Z","status":"ssl_error","status_checked_at":"2026-01-27T07:41:08.776Z","response_time":168,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","hacktoberfest","jenkins"],"created_at":"2024-07-31T03:01:54.784Z","updated_at":"2026-01-27T11:05:00.191Z","avatar_url":"https://github.com/jenkinsci.png","language":"PowerShell","readme":"# Official Jenkins Docker image\n\n[![Docker Stars](https://img.shields.io/docker/stars/jenkins/jenkins.svg)](https://hub.docker.com/r/jenkins/jenkins/)\n[![Docker Pulls](https://img.shields.io/docker/pulls/jenkins/jenkins.svg)](https://hub.docker.com/r/jenkins/jenkins/)\n[![Join the chat at https://gitter.im/jenkinsci/docker](https://badges.gitter.im/jenkinsci/docker.svg)](https://gitter.im/jenkinsci/docker?utm_source=badge\u0026utm_medium=badge\u0026utm_campaign=pr-badge\u0026utm_content=badge)\n\nThe Jenkins Continuous Integration and Delivery server [available on Docker Hub](https://hub.docker.com/r/jenkins/jenkins).\n\nThis is a fully functional Jenkins server.\n[https://jenkins.io/](https://jenkins.io/).\n\n\u003cimg src=\"https://jenkins.io/sites/default/files/jenkins_logo.png\"/\u003e\n\n# Usage\n\n```\ndocker run -p 8080:8080 -p 50000:50000 --restart=on-failure jenkins/jenkins:lts-jdk21\n```\n\nNOTE: read the section [_Connecting agents_](#connecting-agents) below for the role of the `50000` port mapping.\nNOTE: read the section [_DNS Configuration_](#dns-configuration) in case you see the message \"This Jenkins instance appears to be offline.\" \n\nThis will store the workspace in `/var/jenkins_home`.\nAll Jenkins data lives in there - including plugins and configuration.\nYou will probably want to make that an explicit volume so you can manage it and attach to another container for upgrades :\n\n```\ndocker run -p 8080:8080 -p 50000:50000 --restart=on-failure -v jenkins_home:/var/jenkins_home jenkins/jenkins:lts-jdk21\n```\n\nThis will automatically create a 'jenkins_home' [docker volume](https://docs.docker.com/storage/volumes/) on the host machine.\nDocker volumes retain their content even when the container is stopped, started, or deleted.\n\nNOTE: Avoid using a [bind mount](https://docs.docker.com/storage/bind-mounts/) from a folder on the host machine into `/var/jenkins_home`, as this might result in file permission issues (the user used inside the container might not have rights to the folder on the host machine).\nIf you _really_ need to bind mount jenkins_home, ensure that the directory on the host is accessible by the jenkins user inside the container (jenkins user - uid 1000) or use `-u some_other_user` parameter with `docker run`.\n\n```\ndocker run -d -v jenkins_home:/var/jenkins_home -p 8080:8080 -p 50000:50000 --restart=on-failure jenkins/jenkins:lts-jdk21\n```\n\nThis will run Jenkins in detached mode with port forwarding and volume added. You can access logs with command 'docker logs CONTAINER_ID' in order to check first login token. ID of container will be returned from output of command above.\n\nOr, directly print the initial admin password using:\n\n```\ndocker exec \u003cjenkins_container_id_or_name\u003e cat /var/jenkins_home/secrets/initialAdminPassword\n```\nReplace \u003cjenkins_container_id_or_name\u003e with your actual Jenkins container id or name.\n\nTo access Jenkins and complete the initial setup, follow the instructions in the [installation guide](https://www.jenkins.io/doc/book/installing/docker/#setup-wizard).\n\n## Backing up data\n\nIf you bind mount in a volume - you can simply back up that directory\n(which is jenkins_home) at any time.\n\nUsing a bind mount is not recommended since it can lead to permission issues. Treat the jenkins_home directory as you would a database - in Docker you would generally put a database on a volume.\n\nIf your volume is inside a container - you can use `docker cp $ID:/var/jenkins_home` command to extract the data, or other options to find where the volume data is.\nNote that some symlinks on some OSes may be converted to copies (this can confuse jenkins with lastStableBuild links, etc)\n\nFor more info check Docker docs section on [Use volumes](https://docs.docker.com/storage/volumes/)\n\n## Setting the number of executors\n\nYou can define the number of executors on the Jenkins built-in node using a groovy script.\nBy default it is set to 2 executors, but you can extend the image and change it to your desired number of executors (recommended 0 executors on the built-in node) :\n\n`executors.groovy`\n\n```\nimport jenkins.model.*\nJenkins.instance.setNumExecutors(0) // Recommended to not run builds on the built-in node\n```\n\nand `Dockerfile`\n\n```\nFROM jenkins/jenkins:lts\nCOPY --chown=jenkins:jenkins executors.groovy /usr/share/jenkins/ref/init.groovy.d/executors.groovy\n```\n\n## Connecting agents\n\nYou can run builds on the controller out of the box.\nThe Jenkins project recommends that no executors be enabled on the controller.\n\nIn order to connect agents **through an inbound TCP connection**, map the port: `-p 50000:50000`.\nThat port will be used when you connect agents to the controller.\n\nIf you are only using [SSH (outbound) build agents](https://plugins.jenkins.io/ssh-slaves/), this port is not required, as connections are established from the controller.\nIf you connect agents using web sockets (since Jenkins 2.217), the TCP agent port is not used either.\n\n## Passing JVM parameters\n\nYou might need to customize the JVM running Jenkins, typically to adjust [system properties](https://www.jenkins.io/doc/book/managing/system-properties/) or tweak heap memory settings.\nUse the `JAVA_OPTS` or `JENKINS_JAVA_OPTS` environment variables for this purpose :\n\n```\ndocker run --name myjenkins -p 8080:8080 -p 50000:50000 --restart=on-failure --env JAVA_OPTS=-Dhudson.footerURL=http://mycompany.com jenkins/jenkins:lts-jdk21\n```\n\nJVM options specifically for the Jenkins controller should be set through `JENKINS_JAVA_OPTS`, as other tools might also respond to the `JAVA_OPTS` environment variable.\n\n## Configuring logging\n\nJenkins logging can be configured through a properties file and `java.util.logging.config.file` Java property.\nFor example:\n\n```\nmkdir data\ncat \u003e data/log.properties \u003c\u003cEOF\nhandlers=java.util.logging.ConsoleHandler\njenkins.level=FINEST\njava.util.logging.ConsoleHandler.level=FINEST\nEOF\ndocker run --name myjenkins -p 8080:8080 -p 50000:50000 --restart=on-failure --env JAVA_OPTS=\"-Djava.util.logging.config.file=/var/jenkins_home/log.properties\" -v `pwd`/data:/var/jenkins_home jenkins/jenkins:lts-jdk21\n```\n\n## Configuring reverse proxy\n\nIf you want to install Jenkins behind a reverse proxy with a prefix, example: mysite.com/jenkins, you need to add environment variable `JENKINS_OPTS=\"--prefix=/jenkins\"` and then follow the below procedures to configure your reverse proxy, which will depend if you have Apache or Nginx:\n\n- [Apache](https://www.jenkins.io/doc/book/system-administration/reverse-proxy-configuration-apache/)\n- [Nginx](https://www.jenkins.io/doc/book/system-administration/reverse-proxy-configuration-nginx/)\n\n## DNS configuration\n\nIf the message \"This Jenkins instance appears to be offline.\" appears on first startup, and the container logs show lines such as `java.net.UnknownHostException: updates.jenkins.io`, your container may be having issues with resolving DNS names.\n\nTo potentially solve the issue, start the container specifying a dns server (for example Cloudflare's 1.1.1.1 or Google's 8.8.8.8, or any other DNS server):\n```\ndocker run -p 8080:8080 -p 50000:50000 --restart=on-failure --dns 1.1.1.1 --dns 8.8.8.8 jenkins/jenkins:lts-jdk21\n```\n\n## Passing Jenkins launcher parameters\n\nArguments you pass to docker running the Jenkins image are passed to jenkins launcher, so for example you can run:\n\n```\ndocker run jenkins/jenkins:lts-jdk21 --version\n```\n\nThis will show the Jenkins version, the same as when you run Jenkins from an executable war.\n\nYou can also define Jenkins arguments via `JENKINS_OPTS`. This is useful for customizing arguments to the jenkins\nlauncher in a derived Jenkins image. The following sample Dockerfile uses this option\nto force use of HTTPS with a certificate included in the image.\n\n```\nFROM jenkins/jenkins:lts-jdk21\n\nCOPY --chown=jenkins:jenkins certificate.pfx /var/lib/jenkins/certificate.pfx\nCOPY --chown=jenkins:jenkins https.key /var/lib/jenkins/pk\nENV JENKINS_OPTS=\"--httpPort=-1 --httpsPort=8083 --httpsKeyStore=/var/lib/jenkins/certificate.pfx --httpsKeyStorePassword=Password12\"\nEXPOSE 8083\n```\n\nYou can also change the default agent port for Jenkins by defining `JENKINS_SLAVE_AGENT_PORT` in a sample Dockerfile.\n\n```\nFROM jenkins/jenkins:lts-jdk21\nENV JENKINS_SLAVE_AGENT_PORT=50001\n```\n\nor as a parameter to docker,\n\n```\ndocker run --name myjenkins -p 8080:8080 -p 50001:50001 --restart=on-failure --env JENKINS_SLAVE_AGENT_PORT=50001 jenkins/jenkins:lts-jdk21\n```\n\n**Note**: This environment variable will be used to set the\n[system property](https://www.jenkins.io/doc/book/managing/system-properties/) `jenkins.model.Jenkins.slaveAgentPort`.\n\n\u003e If this property is already set in **JAVA_OPTS** or **JENKINS_JAVA_OPTS**, then the value of\n\u003e `JENKINS_SLAVE_AGENT_PORT` will be ignored.\n\n# Installing more tools\n\nYou can run your container as root - and install via apt-get, install as part of build steps via jenkins tool installers, or you can create your own Dockerfile to customise, for example:\n\n```\nFROM jenkins/jenkins:lts-jdk21\n# if we want to install via apt\nUSER root\nRUN apt-get update \u0026\u0026 apt-get install -y ruby make more-thing-here\n# drop back to the regular jenkins user - good practice\nUSER jenkins\n```\n\nIn such a derived image, you can customize your jenkins instance with hook scripts or additional plugins.\nFor this purpose, use `/usr/share/jenkins/ref` as a place to define the default JENKINS_HOME content you\nwish the target installation to look like :\n\n```\nFROM jenkins/jenkins:lts-jdk21\nCOPY --chown=jenkins:jenkins custom.groovy /usr/share/jenkins/ref/init.groovy.d/custom.groovy\n```\n\nIf you need to maintain the entire init.groovy.d directory and have a persistent JENKINS_HOME you may run the docker image with `-e PRE_CLEAR_INIT_GROOVY_D=true`\n\n## Preinstalling plugins\n\n### Install plugins\n\nYou can rely on [the plugin manager CLI](https://github.com/jenkinsci/plugin-installation-manager-tool/) to pass a set of plugins to download with their dependencies. This tool will perform downloads from update centers, and internet access is required for the default update centers.\n\n### Setting update centers\n\nDuring the download, the CLI will use update centers defined by the following environment variables:\n\n- `JENKINS_UC` - Main update center.\n  This update center may offer plugin versions depending on the Jenkins LTS Core versions.\n  Default value: https://updates.jenkins.io\n- `JENKINS_UC_EXPERIMENTAL` - [Experimental Update Center](https://jenkins.io/blog/2013/09/23/experimental-plugins-update-center/).\n  This center offers Alpha and Beta versions of plugins.\n  Default value: https://updates.jenkins.io/experimental\n- `JENKINS_INCREMENTALS_REPO_MIRROR` -\n  Defines Maven mirror to be used to download plugins from the\n  [Incrementals repo](https://jenkins.io/blog/2018/05/15/incremental-deployment/).\n  Default value: https://repo.jenkins-ci.org/incrementals\n- `JENKINS_UC_DOWNLOAD` - Download url of the Update Center.\n  Default value: `$JENKINS_UC/download`\n- `JENKINS_PLUGIN_INFO` - Location of plugin information.\n  Default value: https://updates.jenkins.io/current/plugin-versions.json\n\nIt is possible to override the environment variables in images.\n\n:exclamation: Note that changing update center variables **will not** change the Update Center being used by Jenkins runtime, it concerns only the plugin manager CLI.\n\n### Installing Custom Plugins\n\nInstalling prebuilt, custom plugins can be accomplished by copying the plugin HPI file into `/usr/share/jenkins/ref/plugins/` within the `Dockerfile`:\n\n```\nCOPY --chown=jenkins:jenkins path/to/custom.hpi /usr/share/jenkins/ref/plugins/\n```\n\n### Usage\n\nYou can run the CLI manually in Dockerfile:\n\n```Dockerfile\nFROM jenkins/jenkins:lts-jdk21\nRUN jenkins-plugin-cli --plugins pipeline-model-definition github-branch-source:1.8\n```\n\nFurthermore it is possible to pass a file that contains this set of plugins (with or without line breaks).\n\n```Dockerfile\nFROM jenkins/jenkins:lts-jdk21\nCOPY --chown=jenkins:jenkins plugins.txt /usr/share/jenkins/ref/plugins.txt\nRUN jenkins-plugin-cli -f /usr/share/jenkins/ref/plugins.txt\n```\n\nWhen jenkins container starts, it will check `JENKINS_HOME` has this reference content, and copy them\nthere if required. It will not override such files, so if you upgraded some plugins from UI they won't\nbe reverted on next start.\n\nIn case you _do_ want to override, append '.override' to the name of the reference file. E.g. a file named\n`/usr/share/jenkins/ref/config.xml.override` will overwrite an existing `config.xml` file in JENKINS_HOME.\n\nAlso see [JENKINS-24986](https://issues.jenkins.io/browse/JENKINS-24986)\n\nHere is an example to get the list of plugins from an existing server:\n\n```\nJENKINS_HOST=username:password@myhost.com:port\ncurl -sSL \"http://$JENKINS_HOST/pluginManager/api/xml?depth=1\u0026xpath=/*/*/shortName|/*/*/version\u0026wrapper=plugins\" | perl -pe 's/.*?\u003cshortName\u003e([\\w-]+).*?\u003cversion\u003e([^\u003c]+)()(\u003c\\/\\w+\u003e)+/\\1 \\2\\n/g'|sed 's/ /:/'\n```\n\nExample Output:\n\n```\ncucumber-testresult-plugin:0.8.2\npam-auth:1.1\nmatrix-project:1.4.1\nscript-security:1.13\n...\n```\n\nFor 2.x-derived images, you may also want to\n\n    RUN echo 2.0 \u003e /usr/share/jenkins/ref/jenkins.install.UpgradeWizard.state\n\nto indicate that this Jenkins installation is fully configured.\nOtherwise a banner will appear prompting the user to install additional plugins,\nwhich may be inappropriate.\n\n### Access logs\n\nTo enable Jenkins user access logs from Jenkins home directory inside a docker container, set the `JENKINS_OPTS` environment variable value to `--accessLoggerClassName=winstone.accesslog.SimpleAccessLogger --simpleAccessLogger.format=combined --simpleAccessLogger.file=/var/jenkins_home/logs/access_log`\n\n### Naming convention in tags\n\nThe naming convention for the tags on Docker Hub follows the format `\u003crepository_name\u003e:\u003ctag\u003e`, where the repository name is jenkins/jenkins and where the tag specifies the image version.\nIn the case of the LTS and latest versions, the tags are `lts` and `latest`, respectively.\n\nYou can use these tags to pull the corresponding Jenkins images from Docker Hub and run them on your system.\nFor example, to pull the LTS version of the Jenkins image use this command: `docker pull jenkins/jenkins:lts`\n\n### Docker Compose with Jenkins\n\nTo use Docker Compose with Jenkins, you can define a docker-compose.yml file including a Jenkins instance and any other services it depends on.\nFor example, the following docker-compose.yml file defines a Jenkins controller and a Jenkins SSH agent:\n\n```yaml\nservices:\n  jenkins:\n    image: jenkins/jenkins:lts\n    ports:\n      - \"8080:8080\"\n    volumes:\n      - jenkins_home:/var/jenkins_home\n  ssh-agent:\n    image: jenkins/ssh-agent\nvolumes:\n  jenkins_home:\n```\n\nThis `docker-compose.yml` file creates two containers: one for Jenkins and one for the Jenkins SSH agent.\n\nThe Jenkins container is based on the `jenkins/jenkins:lts` image and exposes the Jenkins web interface on port 8080.\nThe `jenkins_home` volume is a [named volume](https://docs.docker.com/storage/volumes/) that is created and managed by Docker.\n\nIt is mounted at `/var/jenkins_home` in the Jenkins container, and it will persist the Jenkins configuration and data.\n\nThe ssh-agent container is based on the `jenkins/ssh-agent` image and runs an SSH server to execute [Jenkins SSH Build Agent](https://plugins.jenkins.io/ssh-slaves/).\n\nTo start the Jenkins instance and the other services defined in the `docker-compose.yml` file, run the `docker compose up -d`.\n\nThis will pull the necessary images from Docker Hub if they are not already present on your system, and start the services in the background.\n\nYou can then access the Jenkins web interface on `http://localhost:8080` on your host system to configure and manage your Jenkins instance (where `localhost` points to the published port by your Docker Engine).\n\nNOTE: read the section [_DNS Configuration_](#dns-configuration) in case you see the message \"This Jenkins instance appears to be offline.\" In that case add the dns configuration to the yaml:\n```yaml\nservices:\n  jenkins:\n# ... other config\n    dns:\n      - 1.1.1.1\n      - 8.8.8.8\n# ... other config\n```\n\n### Updating plugins file\n\nThe [plugin-installation-manager-tool](https://github.com/jenkinsci/plugin-installation-manager-tool) supports updating the plugin file for you.\n\nExample command:\n\n```command\nJENKINS_IMAGE=jenkins/jenkins:lts-jdk21\ndocker run -it ${JENKINS_IMAGE} bash -c \"stty -onlcr \u0026\u0026 jenkins-plugin-cli -f /usr/share/jenkins/ref/plugins.txt --available-updates --output txt\" \u003e  plugins2.txt\nmv plugins2.txt plugins.txt\n```\n\n## Upgrading\n\nAll the data needed is in the /var/jenkins_home directory - so depending on how you manage that - depends on how you upgrade.\nGenerally - you can copy it out - and then \"docker pull\" the image again - and you will have the latest LTS - you can then start up with -v pointing to that data (/var/jenkins_home) and everything will be as you left it.\n\nAs always - please ensure that you know how to drive docker - especially volume handling!\n\nIf you mount the Jenkins home directory to a [Docker named volume](https://docs.docker.com/storage/volumes/), then the upgrade consists of `docker pull` and nothing more.\n\nWe recommend using `docker compose`, especially in cases where the user is also running a parallel nginx/apache container as a reverse proxy for the Jenkins container.\n\n### Upgrading plugins\n\nBy default, plugins will be upgraded if they haven't been upgraded manually and if the version from the docker image is newer than the version in the container.\nVersions installed by the docker image are tracked through a marker file.\n\nTo force upgrades of plugins that have been manually upgraded, run the docker image with `-e PLUGINS_FORCE_UPGRADE=true`.\n\nThe default behaviour when upgrading from a docker image that didn't write marker files is to leave existing plugins in place.\nIf you want to upgrade existing plugins without marker you may run the docker image with `-e TRY_UPGRADE_IF_NO_MARKER=true`.\nThen plugins will be upgraded if the version provided by the docker image is newer.\n\n# Hacking\n\nIf you wish to contribute fixes to this repository, please refer to the [dedicated documentation](HACKING.adoc).\n\n# Security\n\nFor information related to the security of this Docker image, please refer to the [dedicated documentation](SECURITY.md).\n\n# Questions?\n\nWe're on Gitter, https://gitter.im/jenkinsci/docker\n","funding_links":["https://funding.communitybridge.org/projects/jenkins","https://www.jenkins.io/donate/#why-donate"],"categories":["Shell","Dockerfile","PowerShell","jenkins","Development","Docker"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjenkinsci%2Fdocker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjenkinsci%2Fdocker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjenkinsci%2Fdocker/lists"}