Blog

Image of Jenkins CICD tool login

Jenkins V Vendor Managed CICD Tools

I have to confess to being a fan of open-source software noting the passion it brings out in software developers and engineers alike. Jenkins being the godfather of CICD pipelines is a great success story in this regard. It continues to receive good community support in spite of the considerable challenges facing this popular CICD tool.

Jenkins has an appeal of its own due to its agnostic nature running as a CI server on one or more nodes/servers depending on its implementation model. It can run on windows/Linux servers on-premise or in the cloud. It has the same abstracted software configuration and implementation features making the time and effort to get up and running with Jenkins worth it. This effort is somewhat complex given Jenkins is a user-managed and not a vendor-managed tool. This means system administration skills are needed in setting up Jenkins correctly. This also means knowing what plugins are secure, and can do the job as expected along with how to configure them safely. In addition, one needs to make sure upgrades to plugins and Jenkins core are regularly maintained on your instance. Jenkins core is light noting the range of plugins can see 4+ plugin updates a week based on my testing of the tool over the last few weeks.

Also of importance is the fact that you (not the vendor) are responsible for configuring Jenkins. This includes making sure your DevOps architecture on instance implementation is complete noting key modules like Ant, Gradle and Docker are implemented in accordance with best practices. Also of note is how your pipelines run. Do you have global security configuration set up correctly to ensure you are not injecting secrets into your pipeline? Credentials stores are a real win and if configured correctly can reduce the attack surface on Jenkins if you implement key features like credentials stores, distributed builds (separate the Jenkins controller from the agent running the build) plus more.

Whilst Jenkins has come a long way in the last few rounds of releases, there are a number of competing tools out there that do CICD as well if not better. Some are also well-liked. Katalon has published an interesting article on their top 14 CICD tools for 2023, which includes Jenkins in the number 1 slot. After doing training and exploratory testing on Jenkins (including pipeline operations) from versions 2.122 to 2.387, I can see the evolution of key features, and workflow refinements including the security posture of Jenkins have greatly improved.

That said, when comparing Jenkins with vendor-managed CICD tools like Azure DevOps, AWS CodeStar, TeamCity, Circle CI plus more, I note the following:

  • Tool Configuration: Jenkins configuration and set-up is labour intensive versus the vendor-managed set-up and management configuration around CICD pipelines.
  • Tool Architecture: Jenkins is a CD tool with CI integrations via plugins making it adaptable but also architecturally less secure than a vendor-managed tool that has seamless CICD architecture. Of note is many vendor managed CICD tools are customizable from the CICD core pattern providing what Jenkins can provide in terms of parallelism, workflow management plus more.
  • Environment Support: Jenkins is environment agnostic, so a well-configured and architected DevOps solution with the right skills in maintaining Jenkins can make for a more versatile solution than the narrower-scoped vendor-managed CICD tools. Some tend to lean into Microsoft or Linux support. Some cloud-native tools can have a narrower scope where the cloud platform offers superior features and service than if you were to use it deploying resources to another cloud platform (or on-prem) incurring risks for such a deployment over the internet.
  • Source Code Management (SCM): Integration with source code repositories like GitHub is regarded as effective all around yet some vendor-managed tools have more secure options like a private repository service that is secured by them. This focus on repository management makes for a more streamlined use of code repositories when compared to user-managed accounts on Github, Bitbucket, etc. Do note those providers have paid plans for private repositories with service add-ons augmenting their offerings.
  • Software Integration Testing: This comes down to software quality assurance standards for your company and Jenkins has some good plugins to help. Its been my experience that more actively maintained plugins around integration, load and system testing lie with vendor-managed products for a fee. However, if you decide to fully support Jenkins CI features via a large amount of well-maintained plugins from its overall range, then your effort may compete very well with a vendor-provided solution. 

There is more but as you can see Jenkins can hold its own once you resource your DevOps solution to a point where acceptance of the user-managed option can provide the results you expect from your CICD tool of choice. If your needs and expectations are aligned with well-considered requirements, then the selection of your CICD tool of choice can be informed noting it will positively impact the achievement of your goals and objectives in DevOps.

Stay tuned for more on Cloud Infrastructure in this blog along with articles on other areas of interest in the Writing and DevOps arenas. To not miss out on any updates on my availability, tips on related areas, or anything of interest to all, sign up for one of my newsletters in the footer of any page on Maolte. I look forward to us becoming pen pals!

Related Articles

Image of RabbitMQ examination pass and course completion for John Mulhall on his CloudAMQP course examination page.

RabbitMQ Broker and Microservices

Image of an illuminated keyboard with a hand typing on it.

Cyber Attacks and Social Engineering

Image of city high risk towers in Seattle in Washington State USA

Security Awareness and 2023

Image of St Stephens Green in Dublin, Ireland during the Christmas season 2022

Site Reliability and Santa Claus

Image of Jenkins workflow

CICD and Jenkins