Certified Jenkins Engineer
Containerization and Deployment
Demo Build Docker Image
In this guide, we’ll walk through building a Docker image in a Jenkins CI/CD pipeline, tagging each build with the Git commit SHA for traceability.
Add the Build Docker Image Stage
Open your Jenkinsfile and, right after the SonarQube stage, insert a new stage named Build Docker Image. This stage prints all environment variables and then builds the Docker image using the current Git commit hash (GIT_COMMIT) as the tag.
stage('Build Docker Image') {
steps {
// Print all available environment variables
sh 'printenv'
// Build and tag the Docker image
sh 'docker build -t siddharth67/solar-system:$GIT_COMMIT .'
}
}
Note
GIT_COMMIT is a built-in Jenkins variable provided when you use the checkout step. It resolves to the current commit SHA, ensuring each Docker image is uniquely tagged.
Jenkinsfile Reference
For more information on pipeline syntax and environment variables, see the Jenkins Pipeline Syntax documentation.
Dockerfile Breakdown
Your repository includes this Dockerfile, which defines how to build the Node.js application image.
FROM node:18-alpine3.17
WORKDIR /usr/app
COPY package*.json /usr/app/
RUN npm install
COPY . .
# Placeholder environment variables for MongoDB credentials
ENV MONGO_URI=uriPlaceholder
ENV MONGO_USERNAME=usernamePlaceholder
ENV MONGO_PASSWORD=passwordPlaceholder
EXPOSE 3000
CMD [ "npm", "start" ]
Key steps:
- FROM: Start from the lightweight
node:18-alpine3.17base image. - WORKDIR: Set
/usr/appas the working directory. - COPY package*.json: Copy dependency manifests and install packages.
- COPY . .: Add application source code.
- ENV: Define placeholders for MongoDB connection.
- EXPOSE: Open port 3000.
- CMD: Launch the app with
npm start.
For complete details, refer to the Dockerfile reference.
.dockerignore
Optimize build context by excluding unnecessary files. Place this .dockerignore in the project root:
# Source control and metadata
.git
.github/
# Node.js dependencies
node_modules
# Configuration and reports
.*
!.README*.md
README-secret.md
solar-system.png
.nyc_output
.talismanrc
coverage
test-results.xml
reports*
zap*
dependency*
jenkins*
trivy-image*
Warning
Be cautious when excluding files. Make sure you don’t accidentally omit critical configuration, scripts, or assets required at runtime.
See the Dockerignore reference for patterns and best practices.
Jenkins Pipeline Environment Variables
Jenkins exposes numerous environment variables in multibranch pipelines. Visit Pipeline Syntax → Global variables reference to explore them all.
| Variable | Description |
|---|---|
| GIT_COMMIT | Current commit SHA (requires checkout) |
| BRANCH_NAME | Active branch in a multibranch pipeline |
| CHANGE_ID | Pull request or change request identifier |
| BUILD_NUMBER | Sequential build number |
| BUILD_ID | Unique build identifier |
| WORKSPACE | Path to the workspace on the agent |
| NODE_NAME | Name of the Jenkins agent node running the build |
Pipeline Execution
After committing and pushing the updated Jenkinsfile, Jenkins triggers a new run. Once earlier stages finish, the Build Docker Image stage will begin:
docker build -t siddharth67/solar-system:$GIT_COMMIT .
Print Environment Variables
This step logs all environment variables visible to the build stage:
+ printenv
JENKINS_HOME=/var/lib/jenkins
GIT_PREVIOUS_SUCCESSFUL_COMMIT=10f241dbfe4218e2d9acd44b9950c4144
MONGO_DB_CREDS_PSW=****
USER=jenkins
CI=true
…
GIT_COMMIT=0bb4c412562f4f1db4c2149f834e29f3
BUILD_URL=http://jenkins.example.com/job/.../28/
WORKSPACE=/var/lib/jenkins/workspace/solar-system_feature_enabling-cicd
STAGE_NAME=Build Docker Image
GIT_BRANCH=feature/enabling-cicd
BUILD_TAG=jenkins-Gitea-Organization-solar-system-feature%252Fenabling-cicd-28
Docker Build Logs
Jenkins streams the Docker build output, showing layer creation and tagging:
#1 [internal] load build definition from Dockerfile
#1 transferring dockerfile: 2828B done
…
#9 naming to docker.io/siddharth67/solar-system:9dbc4b421562f410b4dec2141938fd2a5ac0ad1 done
#9 DONE 0.0s
Verify the image tag in your registry or local Docker daemon to ensure it matches the commit SHA.
Next Steps
You’ve successfully built and tagged a Docker image via Jenkins. In the next tutorial, we’ll scan this image for vulnerabilities and push it to Docker Hub.
Links and References
Watch Video
Watch video content