Updating Jenkins CI behind corporate firewall

Updating Jenkins CI behind corporate firewall

Our Jenkins CI server (https://jenkins.company.com) doesn’t have access to Internet (neither directly nor through a proxy), yet we need to update both Jenkins itself as well as the Jenkins plugins.

We’ve set up another of our servers, https://jenkins-repo.company.com, as a Jenkins mirror site, which on a regular basis runs this command in a cron job:

rsync -a -v rsync://rsync.osuosl.org/jenkins/plugins /srv/mirrors/jenkins/

The /srv/mirrors/jenkins folder is hosted by Nginx.

As the rsync’ed files contain references to https://updates.jenkins.io, Jenkins will try and contact https://updates.jenkins.io when downloading the updated plugins, even though we’re hosting all the plugins over at https://jenkins-repo.company.com ourselves.

As a quick and easy workaround, I’ve simply added an entry like this to our Jenkins server’s /etc/hosts file:

1.2.3.4 updates.jenkins-ci.org

…where 1.2.3.4 is the IP address to https://jenkins-repo.company.com.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: