{"id":13416548,"url":"https://github.com/jenkinsci/docker-plugin","last_synced_at":"2026-02-28T12:14:57.333Z","repository":{"id":13117730,"uuid":"15799524","full_name":"jenkinsci/docker-plugin","owner":"jenkinsci","description":"Jenkins cloud plugin that uses Docker","archived":false,"fork":false,"pushed_at":"2026-01-16T13:00:38.000Z","size":2726,"stargazers_count":497,"open_issues_count":75,"forks_count":324,"subscribers_count":43,"default_branch":"master","last_synced_at":"2026-01-31T17:13:34.384Z","etag":null,"topics":["cloud","docker","java","jenkins","jenkins-plugin","plugin"],"latest_commit_sha":null,"homepage":"https://plugins.jenkins.io/docker-plugin/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jenkinsci.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"community_bridge":"jenkins","custom":["https://www.jenkins.io/donate/#why-donate"]}},"created_at":"2014-01-10T14:05:42.000Z","updated_at":"2026-01-16T13:00:44.000Z","dependencies_parsed_at":"2023-11-17T21:29:20.011Z","dependency_job_id":"7b39b5e4-0acd-4b28-84bb-aaaad4bb7491","html_url":"https://github.com/jenkinsci/docker-plugin","commit_stats":{"total_commits":1060,"total_committers":127,"mean_commits":8.346456692913385,"dds":0.8066037735849056,"last_synced_commit":"d7ff624ce5b52f84c1f805281abc1abfa2d119f0"},"previous_names":[],"tags_count":86,"template":false,"template_full_name":null,"purl":"pkg:github/jenkinsci/docker-plugin","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jenkinsci%2Fdocker-plugin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jenkinsci%2Fdocker-plugin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jenkinsci%2Fdocker-plugin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jenkinsci%2Fdocker-plugin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jenkinsci","download_url":"https://codeload.github.com/jenkinsci/docker-plugin/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jenkinsci%2Fdocker-plugin/sbom","scorecard":{"id":514968,"data":{"date":"2025-08-11","repo":{"name":"github.com/jenkinsci/docker-plugin","commit":"2b67d25eaa0e429119144bce014e9bb252721329"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6.5,"checks":[{"name":"Code-Review","score":3,"reason":"Found 2/6 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/cd.yaml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/jenkinsci/docker-plugin/cd.yaml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/jenkins-security-scan.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/jenkinsci/docker-plugin/jenkins-security-scan.yml/master?enable=pin","Info:   0 out of   2 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Maintained","score":10,"reason":"14 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: topLevel 'checks' permission set to 'read': .github/workflows/cd.yaml:29","Warn: topLevel 'contents' permission set to 'write': .github/workflows/cd.yaml:30","Warn: topLevel 'security-events' permission set to 'write': .github/workflows/jenkins-security-scan.yml:15","Info: topLevel 'contents' permission set to 'read': .github/workflows/jenkins-security-scan.yml:16","Info: topLevel 'actions' permission set to 'read': .github/workflows/jenkins-security-scan.yml:17","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: github.com/jenkinsci/.github/SECURITY.md:1","Info: Found linked content: github.com/jenkinsci/.github/SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/jenkinsci/.github/SECURITY.md:1","Info: Found text in security policy: github.com/jenkinsci/.github/SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: all commits (29) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-20T01:34:46.293Z","repository_id":13117730,"created_at":"2025-08-20T01:34:46.293Z","updated_at":"2025-08-20T01:34:46.293Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29933282,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-28T09:58:13.507Z","status":"ssl_error","status_checked_at":"2026-02-28T09:57:57.047Z","response_time":90,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloud","docker","java","jenkins","jenkins-plugin","plugin"],"created_at":"2024-07-30T21:01:00.581Z","updated_at":"2026-02-28T12:14:57.316Z","avatar_url":"https://github.com/jenkinsci.png","language":"Java","readme":"# Docker plugin for Jenkins\n\nThis plugin allows containers to be dynamically provisioned as Jenkins agents using Docker.\nIt is a Jenkins Cloud plugin for Docker.\n\nThis plugin allows a [Docker](https://docs.docker.com/) host to dynamically provision a container as a Jenkins agent node,\nlets that run a single build,\nthen removes that node,\nwithout the build process or Jenkins job definition\nrequiring any awareness of Docker.\n\nThe Jenkins administrator configures Jenkins with\nDocker hosts,\none or more \"templates\"\nthat describe\nthe labels/tags provided by the template,\nthe Docker image,\nand Jenkins creates agents on-demand using those Docker containers.\n\n## See also\n* [Changelog](https://plugins.jenkins.io/docker-plugin/releases/) and [archive](https://github.com/jenkinsci/docker-plugin/blob/docker-plugin-1.3.0/CHANGELOG.md)\n* Support and [contribution guide](CONTRIBUTING.md)\n\n----\n\n**Note:** There is _more than one Docker plugin_ for Jenkins.\nWhile this can be confusing for end-users, it's even more confusing when end users report bugs in the wrong place.\nFor example, if you are using Jenkins\n[Pipeline](https://jenkins.io/doc/book/pipeline/docker/)\nbuilds with code including steps like\n`docker.withDockerRegistry`\nor\n`docker.image`\nthen you're using the\n[`docker-workflow`](https://plugins.jenkins.io/docker-workflow)\nplugin and should go to its repository instead of this one.\n\n----\n\n**Note:** This plugin uses [docker-java](https://github.com/docker-java/docker-java) rather than relying on a commmand line docker client.\nYou do not need to install a Docker client on Jenkins or on your agents to use this plugin.\n\n----\n\n**Note:** This plugin does not _provide_ a Docker daemon; it allows Jenkins to _use_ a Docker daemon.\ni.e. Once you've installed Docker somewhere, this plugin will allow Jenkins to make use of it.\n\n----\n\n## Setup\n\nA quick setup is :\n\n1. get a Docker environment running\n1. follow the instructions for creating a Docker image that can be used\nas a Jenkins Agent\n_or_ use one of the pre-built images\nlike the [jenkins/inbound-agent](https://hub.docker.com/r/jenkins/inbound-agent/)\n\n### Docker Environment\n\nFollow the installation steps on [the Docker website](https://docs.docker.com/).\n\nIf your Jenkins instance is not on the same OS as the Docker install,\nyou will need to open the Docker TCP port so that Jenkins can communicate with the Docker daemon.\nThis can be achieved by editing the Docker config file and setting (for example)\n\n```sh\nDOCKER_OPTS=\"-H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock\"\n```\n\nThe Docker configuration file location will depend your system, but it\nis likely to be\n`/etc/init/docker.conf`\n,\n`/etc/default/docker`\nor\n`/etc/default/docker.io`.\n\n### Multiple Docker Hosts\n\nIf you want to use more than just one physical node to run containers, you can define multiple Docker clouds.\nThe [Docker engine swarm mode API](https://docs.docker.com/engine/swarm/) is not supported.\nEnhancement contributions would be welcomed.\n\n### Jenkins Configuration\n\nDocker plugin is a \"Cloud\" implementation.\nYou'll need to edit Jenkins system configuration\n(Jenkins -\u003e Manage -\u003e System configuration)\nand add a new Cloud of type \"Docker\".\n\n![](docs/images/add-new-docker-cloud.png)\n\nConfigure Docker API URL with required credentials.\nThe test button lets you check the connection.\n\nThen configure Agent templates,\nassigning them labels that you can use so your jobs select the appropriate template,\nand set the Docker container to be run with whatever container settings you require.\n\n### Running self-made local Docker images\n\nBy default the Jenkins Docker plugin will download ('pull') the latest version of the image.\nThis will fail with custom images that are not on Docker Hub.\nYou will see logs like:\n\n\u003e com.nirima.jenkins.plugins.docker.DockerTemplate pullImage\n\u003e Pulling image '..'. This may take awhile...\n\n\u003e com.github.dockerjava.api.exception.NotFoundException: Status 404: {\"message\":\"pull access denied for .., repository does not exist or may require 'docker login': denied: requested access to the resource is denied\"}\n\nOn the _Docker Agent template_ set the **Pull strategy** to **Never pull**, Name, Docker Image, Remote File System Root, and checkbox Enabled.\n\nIf you have Docker only on your local Jenkins machine, configure the  **Docker Host URI** to `unix:///var/run/docker.sock`.\n\n### Creating a Docker image\n\nYou need a Docker image that can be used to run Jenkins agent.\nDepending on the launch method you select, there are some prerequisites\nfor the Docker image to be used:\n\n## Launch via SSH\n\n-   [sshd](https://linux.die.net/man/8/sshd) server and a JDK installed.\n    You can use\n    [jenkins/ssh-agent](https://hub.docker.com/r/jenkins/ssh-agent/)\n    as a basis for a custom image.\n-   an SSH key (based on the unique Jenkins instance identity) can be\n    injected in container on startup, you don't need any credential set\n    as long as you use standard openssl sshd.\n    ![](docs/images/connect-with-ssh.png)\n    When using the `jenkins/ssh-agent` Docker image, ensure that the user\n    is set to `jenkins`.\n    For backward compatibility *or* non-standard sshd packaged in your\n    Docker image, you also have option to provide manually configured\n    ssh credentials\n-   **Note:** If the Docker container's host SSH key is not trusted by\n    Jenkins (usually the case) then you'll need to set the SSH host key\n    verification method to \"non-verifying\".\n\n## Launch via JNLP\n\n-   a JDK installed.\n    You can use\n    [jenkins/inbound-agent](https://hub.docker.com/r/jenkins/inbound-agent/)\n    as a basis for a custom image.\n-   Jenkins controller URL has to be reachable from container.\n-   container will be configured automatically with agent's name and\n    secret, so you don't need any special configuration of the container.\n\n## Launch attached\n\n-   a JDK installed.\n    You can use\n    [jenkins/agent](https://hub.docker.com/r/jenkins/agent/)\n    as a basis for a custom image.\n\nTo create a custom image and bundle your favorite tools,\ncreate a `Dockerfile` with the `FROM` to point to one of the\njenkins/\\*-agent\nreference images,\nand install everything needed for your own usage, e.g.\n\n```\nFROM jenkins/inbound-agent\nRUN apt-get update \u0026\u0026 apt-get install XXX\nCOPY your-favorite-tool-here\n```\n\n## Note on ENTRYPOINT\n\nAvoid overriding the Docker command, as the SSH Launcher relies on it.\n\nYou _can_ use an Entrypoint to run some side service inside your build agent container before the agent runtime starts and establish a connection\n... but you MUST ensure your entrypoint eventually runs the passed command:\n\n    exec \"$@\"\n\n## Further information\n\nMore information can be obtained from the online help built into the Jenkins web UI.\nMost configurable fields have explanatory text.\nThis, combined with knowledge of [Docker itself](https://docs.docker.com/), should answer most questions.\n\n## Configuration as code\n\nJenkins and the Docker plugin can be configured as code  using the [configuration as code plugin](https://plugins.jenkins.io/configuration-as-code/).\nIt can also be configured from a Groovy script\n\nIf you're unsure which method to use, use the [configuration as code plugin](https://plugins.jenkins.io/configuration-as-code/).\n\nMany configuration as code settings are available for the plugin.\nThey can be reviewed from a [configuration as code export](https://github.com/jenkinsci/configuration-as-code-plugin/blob/master/docs/features/configExport.md).\nUse the cloud configuration page in your Jenkins controller to configure the cloud, then export the configuration as code settings and save them in your configuration as code definition.\n\n### Configuration as Code example\n\nInstall the [configuration-as-code plugin](https://plugins.jenkins.io/configuration-as-code/) and follow [its example](https://github.com/jenkinsci/configuration-as-code-plugin/tree/master/demos/docker).\n\nAs another alternative, a Docker daemon can listen to requests from remote hosts by following the [Docker documentation](https://docs.docker.com/engine/daemon/remote-access/).\nThe following configuration as code example creates a cloud named \"my-docker-cloud\" that uses the docker daemon at port 2375 on dockerhost.example.com to run up to 3 containerized agents at a time.\nAgents run the [Jenkins Alpine inbound agent container image](https://hub.docker.com/r/jenkins/inbound-agent) with Java 21.\nThey use an inbound connection and run as the user ID 1000 with the home directory \"/home/jenkins/agent\".\n\n```yaml\njenkins:\n  clouds:\n  - docker:\n      containerCap: 3\n      dockerApi:\n        dockerHost:\n          uri: \"tcp://dockerhost.example.com:2375\"\n      name: \"my-docker-cloud\"\n      templates:\n      - connector:\n          jnlp:\n            jenkinsUrl: \"https://jenkins.example.com/\"\n            user: \"1000\"\n        dockerTemplateBase:\n          image: \"jenkins/inbound-agent:latest-alpine-jdk21\"\n        labelString: \"alpine jdk21 alpine-jdk21\"\n        mode: EXCLUSIVE\n        name: \"alpine-jdk21\"\n        pullTimeout: 171\n        remoteFs: \"/home/jenkins/agent\"\n```\n\n### Groovy script\n\nFor example, this\n[configuration script](docs/attachments/docker-plugin-configuration-script.groovy)\ncould be run automatically during\n[Jenkins post-initialization](https://www.jenkins.io/doc/book/managing/groovy-hook-scripts/)\nor through the\n[Jenkins script console](https://www.jenkins.io/doc/book/managing/script-console/).\nThis script configures the plugin to look for a Docker daemon running within the same OS as the Jenkins controller\n(connecting to Docker service through `unix:///var/run/docker.sock`)\nand with the containers connecting to Jenkins using the \"attach\" method.\n","funding_links":["https://funding.communitybridge.org/projects/jenkins","https://www.jenkins.io/donate/#why-donate"],"categories":["Development with Docker","Java"],"sub_categories":["CI/CD"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjenkinsci%2Fdocker-plugin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjenkinsci%2Fdocker-plugin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjenkinsci%2Fdocker-plugin/lists"}