jenkins-script-console-scripts VS jervis

You can capture plugins and Jenkins versions using the script console to provision a second pristine Jenkins for additional testing like upgrade testing. I go deeper into this with complete immutable Jenkins infrastructure with jenkins-bootstrap-shared.

Groovy scripts for Jenkins administration

Based on other comments I recommend: - Committing your Jenkins config to a local git repo so you can see how an upgrade affects it with git diff - Capture you plugin versions with Jenkins version

You can do this by script console yourself and use the community docker image. Alternately, you can try out jenkins-bootstrap-shared project I made which pulls Jenkins into a JKD8 container (I plan to upgrade it to OpenJKD11 since Jenkins now supports that).

Delete builds for branches and tags after 120 days

If you're an admin in Jenkins, then you cam retrieve the credentials via script console. I did a talk which discusses using the script console. You can run this script which exports most common credentials in Jenkins. It will render them as plain text which you may be able to use to log into vault.

Here’s a list of properties I’ve found. https://github.com/samrocketman/jenkins-script-console-scripts/blob/main/aggressive-cloud-provisioning.groovy

Clone my jervis project which has some java-based encryption

I have some open licensed code for vault and AppRole client management you can draw inspiration from if you wanted to create your own client for devs or even directly copy (following its license/attribution/etc).

If you wanted to learn more about SBOMs the DependencyTrack website has great videos on the subject by Steve Springett. If you wanted to try DependencyTrack from your laptop I have it integrated in my open source project along with sonarqube. https://github.com/samrocketman/jervis/tree/main/dependencytrack

In my groovy project, VSCode is integrated with the source code within the same repository. A local instance of SonarQube (for code coverage and static analysis), DependencyTrack (security scanning of dependencies), and HashiCorp Vault for my Vault API client for development. It has several tasks for generating documentation, running codenarc, submitting code coverage reports, etc.

README

Hopefully my description is specific enough that others can replicate it easily. Currently, working on building out GitHub App support for cloneable so that you need only grant readonly access to all repositories to be backed up using service credentials. The backend API client I wrote is called Jervis.

My pet project named Jervis. This is an example of VSCode dev containers integrated directly with the project source code. This VSCode dev container is for Groovy/Java development. It also provisions sonarqube for static analysis and code coverage metrics. It provisions DependencyTrack for dependency vulnerability scanning. Can set breakpoints for Java debugging and Groovy Console for REPL.

Are you referring to a CI/CD environment? I built one out based on Jenkins called Jervis where it focuses on ephemeral agents, CI code in repositories, self service onboarding, and isolation. I currently run it in AWS.