Updating Jenkins CI behind corporate firewall
Our Jenkins CI server (
https://jenkins.company.com) doesn’t have access to Internet (neither directly nor through a proxy), yet we need to update both Jenkins itself as well as the Jenkins plugins.
We’ve set up another of our servers,
https://jenkins-repo.company.com, as a Jenkins mirror site, which on a regular basis runs this command in a cron job:
rsync -a -v rsync://rsync.osuosl.org/jenkins/plugins /srv/mirrors/jenkins/
/srv/mirrors/jenkins folder is hosted by Nginx.
As the rsync’ed files contain references to
https://updates.jenkins.io, Jenkins will try and contact
https://updates.jenkins.io when downloading the updated plugins, even though we’re hosting all the plugins over at
As a quick and easy workaround, I’ve simply added an entry like this to our Jenkins server’s /etc/hosts file:
188.8.131.52 is the IP address to
UPDATE: The above solution for some reason stopped working. I developed this simple script, which every night runs on our repo server:
#/bin/bash export PATH="/usr/local/bin:/usr/bin:/bin" pushd /srv/mirrors/jenkins/ logger "Removing old update-center.json file from /srv/mirrors/jenkins, and fetching a new one." rm -f update-center.json; wget https://updates.jenkins.io/current/update-center.json logger "Replacing urls in update-center.json" sed -i 's|updates.jenkins.io/download/|jenkins.company.com/|g' update-center.json