Jenkins CI/CD Pipeline Stack
Jenkins with build agents, SonarQube for code quality, and Nexus for artifact management
Overview
Jenkins is the world's leading open-source automation server, originally developed by Kohsuke Kawaguchi in 2004 as Hudson before becoming Jenkins in 2011. With over 1800+ plugins and a massive community, Jenkins enables organizations to implement sophisticated CI/CD pipelines that automate building, testing, and deploying applications across diverse technology stacks. Its extensible architecture and Pipeline as Code capabilities make it the backbone of DevOps automation for millions of projects worldwide.
This comprehensive CI/CD stack combines Jenkins with essential enterprise tooling to create a complete software delivery pipeline. Jenkins orchestrates the automation workflows, while distributed Jenkins agents handle the actual build execution to scale processing power. SonarQube performs deep static code analysis to catch bugs, security vulnerabilities, and code smells before they reach production. Nexus Repository serves as the central artifact management hub, storing and distributing build outputs, dependencies, and container images. PostgreSQL provides enterprise-grade data persistence for SonarQube's analysis results and historical metrics.
This stack is ideal for medium to large development teams who need professional-grade CI/CD infrastructure with code quality gates and artifact management. Organizations adopting DevOps practices, migrating from legacy build systems, or requiring compliance with code quality standards will benefit from this integrated approach. The combination provides the foundation for implementing GitOps workflows, automated testing pipelines, security scanning, and release management across multiple projects and teams.
Key Features
- Jenkins Pipeline as Code with Jenkinsfile support for version-controlled build definitions
- Distributed build execution using Jenkins inbound agents for scalable processing power
- SonarQube static code analysis covering 30+ programming languages with security vulnerability detection
- Nexus Repository for Maven, npm, Docker, and custom artifact storage with repository proxying
- Quality gates integration between Jenkins and SonarQube to block deployments on code quality failures
- Blue Ocean modern UI for visual pipeline creation and monitoring
- PostgreSQL-backed SonarQube data persistence with advanced query capabilities for reporting
- Jenkins credential management system for secure API keys, passwords, and certificates
Common Use Cases
- 1Enterprise software delivery pipelines with multiple development teams and complex deployment requirements
- 2Legacy system modernization where existing Jenkins infrastructure needs integration with quality tools
- 3Compliance-driven development environments requiring code quality metrics and audit trails
- 4Multi-language development shops needing centralized artifact management across Java, JavaScript, Python, and .NET projects
- 5Organizations implementing shift-left security practices with automated vulnerability scanning in CI/CD
- 6DevOps transformation initiatives requiring observable, measurable build and deployment processes
- 7Container-based application delivery with Docker image scanning and registry management
Prerequisites
- Docker host with minimum 8GB RAM (Jenkins 2GB + SonarQube 4GB + Nexus 1GB + PostgreSQL 1GB)
- Available ports 8080 (Jenkins), 9000 (SonarQube), 8081 (Nexus), and 50000 (Jenkins agent communication)
- Basic understanding of CI/CD concepts, build pipelines, and version control systems
- Familiarity with Jenkins Pipeline syntax (Groovy-based) for creating Jenkinsfile build scripts
- Knowledge of static code analysis principles and quality gate configuration
- Experience with artifact repository concepts and dependency management tools like Maven or npm
For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms
docker-compose.yml
docker-compose.yml
1services: 2 jenkins: 3 image: jenkins/jenkins:lts-jdk174 container_name: jenkins5 restart: unless-stopped6 ports: 7 - "${JENKINS_PORT:-8080}:8080"8 - "50000:50000"9 volumes: 10 - jenkins_home:/var/jenkins_home11 - /var/run/docker.sock:/var/run/docker.sock12 environment: 13 - JAVA_OPTS=-Djenkins.install.runSetupWizard=false14 user: root1516 jenkins-agent: 17 image: jenkins/inbound-agent:latest18 container_name: jenkins-agent19 restart: unless-stopped20 environment: 21 - JENKINS_URL=http://jenkins:808022 - JENKINS_AGENT_NAME=agent-123 - JENKINS_SECRET=${AGENT_SECRET}24 - JENKINS_AGENT_WORKDIR=/home/jenkins/agent25 volumes: 26 - /var/run/docker.sock:/var/run/docker.sock27 - agent_workspace:/home/jenkins/agent28 depends_on: 29 - jenkins3031 sonarqube: 32 image: sonarqube:lts-community33 container_name: sonarqube34 restart: unless-stopped35 ports: 36 - "${SONAR_PORT:-9000}:9000"37 environment: 38 - SONAR_JDBC_URL=jdbc:postgresql://sonar-db:5432/sonar39 - SONAR_JDBC_USERNAME=${SONAR_DB_USER:-sonar}40 - SONAR_JDBC_PASSWORD=${SONAR_DB_PASSWORD:-sonar}41 volumes: 42 - sonarqube_data:/opt/sonarqube/data43 - sonarqube_extensions:/opt/sonarqube/extensions44 depends_on: 45 - sonar-db4647 sonar-db: 48 image: postgres:15-alpine49 container_name: sonar-db50 restart: unless-stopped51 environment: 52 - POSTGRES_USER=${SONAR_DB_USER:-sonar}53 - POSTGRES_PASSWORD=${SONAR_DB_PASSWORD:-sonar}54 - POSTGRES_DB=sonar55 volumes: 56 - sonar_db_data:/var/lib/postgresql/data5758 nexus: 59 image: sonatype/nexus3:latest60 container_name: nexus61 restart: unless-stopped62 ports: 63 - "${NEXUS_PORT:-8081}:8081"64 volumes: 65 - nexus_data:/nexus-data6667volumes: 68 jenkins_home: 69 agent_workspace: 70 sonarqube_data: 71 sonarqube_extensions: 72 sonar_db_data: 73 nexus_data: .env Template
.env
1# Jenkins CI/CD Pipeline Stack2JENKINS_PORT=80803SONAR_PORT=90004NEXUS_PORT=808156# Jenkins Agent (get from Jenkins UI after setup)7AGENT_SECRET=your-agent-secret89# SonarQube Database10SONAR_DB_USER=sonar11SONAR_DB_PASSWORD=sonarUsage Notes
- 1Jenkins at http://localhost:8080
- 2Initial Jenkins password: docker exec jenkins cat /var/jenkins_home/secrets/initialAdminPassword
- 3SonarQube at http://localhost:9000 (admin/admin)
- 4Nexus at http://localhost:8081 (admin password in logs)
- 5Configure Jenkins to use SonarQube and Nexus
- 6Install Docker Pipeline and SonarQube Scanner plugins in Jenkins
Individual Services(5 services)
Copy individual services to mix and match with your existing compose files.
jenkins
jenkins:
image: jenkins/jenkins:lts-jdk17
container_name: jenkins
restart: unless-stopped
ports:
- ${JENKINS_PORT:-8080}:8080
- "50000:50000"
volumes:
- jenkins_home:/var/jenkins_home
- /var/run/docker.sock:/var/run/docker.sock
environment:
- JAVA_OPTS=-Djenkins.install.runSetupWizard=false
user: root
jenkins-agent
jenkins-agent:
image: jenkins/inbound-agent:latest
container_name: jenkins-agent
restart: unless-stopped
environment:
- JENKINS_URL=http://jenkins:8080
- JENKINS_AGENT_NAME=agent-1
- JENKINS_SECRET=${AGENT_SECRET}
- JENKINS_AGENT_WORKDIR=/home/jenkins/agent
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- agent_workspace:/home/jenkins/agent
depends_on:
- jenkins
sonarqube
sonarqube:
image: sonarqube:lts-community
container_name: sonarqube
restart: unless-stopped
ports:
- ${SONAR_PORT:-9000}:9000
environment:
- SONAR_JDBC_URL=jdbc:postgresql://sonar-db:5432/sonar
- SONAR_JDBC_USERNAME=${SONAR_DB_USER:-sonar}
- SONAR_JDBC_PASSWORD=${SONAR_DB_PASSWORD:-sonar}
volumes:
- sonarqube_data:/opt/sonarqube/data
- sonarqube_extensions:/opt/sonarqube/extensions
depends_on:
- sonar-db
sonar-db
sonar-db:
image: postgres:15-alpine
container_name: sonar-db
restart: unless-stopped
environment:
- POSTGRES_USER=${SONAR_DB_USER:-sonar}
- POSTGRES_PASSWORD=${SONAR_DB_PASSWORD:-sonar}
- POSTGRES_DB=sonar
volumes:
- sonar_db_data:/var/lib/postgresql/data
nexus
nexus:
image: sonatype/nexus3:latest
container_name: nexus
restart: unless-stopped
ports:
- ${NEXUS_PORT:-8081}:8081
volumes:
- nexus_data:/nexus-data
Quick Start
terminal
1# 1. Create the compose file2cat > docker-compose.yml << 'EOF'3services:4 jenkins:5 image: jenkins/jenkins:lts-jdk176 container_name: jenkins7 restart: unless-stopped8 ports:9 - "${JENKINS_PORT:-8080}:8080"10 - "50000:50000"11 volumes:12 - jenkins_home:/var/jenkins_home13 - /var/run/docker.sock:/var/run/docker.sock14 environment:15 - JAVA_OPTS=-Djenkins.install.runSetupWizard=false16 user: root1718 jenkins-agent:19 image: jenkins/inbound-agent:latest20 container_name: jenkins-agent21 restart: unless-stopped22 environment:23 - JENKINS_URL=http://jenkins:808024 - JENKINS_AGENT_NAME=agent-125 - JENKINS_SECRET=${AGENT_SECRET}26 - JENKINS_AGENT_WORKDIR=/home/jenkins/agent27 volumes:28 - /var/run/docker.sock:/var/run/docker.sock29 - agent_workspace:/home/jenkins/agent30 depends_on:31 - jenkins3233 sonarqube:34 image: sonarqube:lts-community35 container_name: sonarqube36 restart: unless-stopped37 ports:38 - "${SONAR_PORT:-9000}:9000"39 environment:40 - SONAR_JDBC_URL=jdbc:postgresql://sonar-db:5432/sonar41 - SONAR_JDBC_USERNAME=${SONAR_DB_USER:-sonar}42 - SONAR_JDBC_PASSWORD=${SONAR_DB_PASSWORD:-sonar}43 volumes:44 - sonarqube_data:/opt/sonarqube/data45 - sonarqube_extensions:/opt/sonarqube/extensions46 depends_on:47 - sonar-db4849 sonar-db:50 image: postgres:15-alpine51 container_name: sonar-db52 restart: unless-stopped53 environment:54 - POSTGRES_USER=${SONAR_DB_USER:-sonar}55 - POSTGRES_PASSWORD=${SONAR_DB_PASSWORD:-sonar}56 - POSTGRES_DB=sonar57 volumes:58 - sonar_db_data:/var/lib/postgresql/data5960 nexus:61 image: sonatype/nexus3:latest62 container_name: nexus63 restart: unless-stopped64 ports:65 - "${NEXUS_PORT:-8081}:8081"66 volumes:67 - nexus_data:/nexus-data6869volumes:70 jenkins_home:71 agent_workspace:72 sonarqube_data:73 sonarqube_extensions:74 sonar_db_data:75 nexus_data:76EOF7778# 2. Create the .env file79cat > .env << 'EOF'80# Jenkins CI/CD Pipeline Stack81JENKINS_PORT=808082SONAR_PORT=900083NEXUS_PORT=80818485# Jenkins Agent (get from Jenkins UI after setup)86AGENT_SECRET=your-agent-secret8788# SonarQube Database89SONAR_DB_USER=sonar90SONAR_DB_PASSWORD=sonar91EOF9293# 3. Start the services94docker compose up -d9596# 4. View logs97docker compose logs -fOne-Liner
Run this command to download and set up the recipe in one step:
terminal
1curl -fsSL https://docker.recipes/api/recipes/jenkins-cicd-pipeline/run | bashTroubleshooting
- Jenkins shows 'Reverse proxy setup is broken' warning: Configure JENKINS_OPTS with proper URL or disable the check with -Dhudson.diagnosis.ReverseProxySetupMonitor.enabled=false
- SonarQube fails to start with 'max virtual memory areas too low': Increase vm.max_map_count on Docker host with 'sysctl -w vm.max_map_count=524288'
- Jenkins agent fails to connect with 'Connection refused': Verify JENKINS_SECRET environment variable matches the agent secret from Jenkins master configuration
- Nexus shows 'Unable to write to nexus-data directory': Fix volume permissions with 'chown -R 200:200 nexus_data' on the Docker host
- SonarQube database connection errors: Ensure PostgreSQL is fully initialized before SonarQube starts by adding health checks or startup delays
- Jenkins Pipeline fails with Docker permission denied: Add Jenkins user to docker group or run Jenkins container with proper Docker socket permissions
Community Notes
Loading...
Loading notes...
Download Recipe Kit
Get all files in a ready-to-deploy package
Includes docker-compose.yml, .env template, README, and license
Components
jenkinsjenkins-agentsonarqubenexuspostgres
Tags
#jenkins#ci-cd#sonarqube#nexus#devops#build
Category
DevOps & CI/CDAd Space
Shortcuts: C CopyF FavoriteD Download