devops-db.com Jenkins – Passing Data Between Nodes in Jenkins Pipelines (Stash)
This article extends the discussion about passing data between nodes in Jenkins pipelines, focusing on a key mechanism: stash and unstash. While stash is commonly used in distributed pipelines, many…
Jenkins – Script Security Model: Deep Dive into the Groovy Sandbox
Jenkins pipelines allow users to execute Groovy code to automate builds, deployments, and infrastructure operations. Because this code may come from repositories or contributors who do not have administrative access…
Jenkins – Designing a Modular Jenkins Pipeline Framework for Scalable CI/CD
Introduction As CI/CD pipelines grow alongside modern microservice architectures, Jenkins pipelines often become increasingly complex. What starts as a simple Jenkinsfile quickly evolves into a large script containing build logic,…
Jenkins – Modular Jenkins Pipelines Using Include Files
This document explains how to structure and use modular Jenkins pipelines using external Groovy include files.The goal of this approach is to improve pipeline readability, maintainability, and reuse by separating…
Jenkins – Resolving Jenkins Kubernetes Agent TLS Failures After HTTPS Migration
Overview During a migration of our internal Jenkins controller from HTTP to HTTPS/TLS, several Jenkins pipelines running on Kubernetes agents began failing. These pipelines use dynamically provisioned agents created by…
Security – Configuring TLS Certificates with Step-CA for Nexus, Jenkins, GitLab and Vault
In a modern DevOps infrastructure, operating an internal Public Key Infrastructure (PKI) is essential to secure communications between services. Instead of relying on self-signed certificates or external certificate authorities, organizations…
Security – Distributing Trust for an Internal Certificate Authority in a DevOps Infrastructure
Deploying an internal certificate authority is only the first step in building a secure infrastructure.Once certificates start being issued, every system that communicates with services signed by the CA must…
Security – Building an Internal CA with Step-CA (Part 3 — Issuing TLS Certificates for Virtual Machines)
In the previous sections we demonstrated how Kubernetes services can obtain certificates automatically using cert-manager and ACME, or manually using the Step CLI. However, many infrastructure services still run outside…
Security – Building an Internal CA with Step-CA (Part 2 — Issuing TLS Certificates for Kubernetes Services)
In the previous article we deployed an internal certificate authority using Step-CA running inside Kubernetes. That CA is now capable of issuing certificates for internal infrastructure. The next step is…
Security – Building an Internal CA with Step-CA (Part 1 — Installation and Initial Configuration)
Modern infrastructure relies heavily on TLS certificates to secure communication between services. Kubernetes clusters, CI/CD pipelines, internal APIs, and development platforms all require trusted certificates to ensure encrypted and authenticated…