Jenkins Pipeline Checklist for Docker Private Registry
Step-by-step walkthrough with a complete Jenkinsfile example for building, pushing, and deploying Docker containers to a private registry.
Introduction
This guide uses test/dummy values to demonstrate a Jenkins pipeline for Docker deployments to a Sonatype Nexus registry. We’ll explain prerequisites, credential setup, and pipeline configuration for a secure CI/CD workflow.
Prerequisites
Before configuring the Jenkinsfile:
Nexus Repository Setup
A running Sonatype Nexus instance (e.g.,
https://your-nexus-registry.local).Create a Docker-hosted repository in Nexus for storing images.
Jenkins Preparation
Install Jenkins plugins:
Docker Pipeline
Credentials Binding
Ensure Docker is installed on the Jenkins agent/worker node.
Credential Setup
Create a Jenkins credential of type Username with Password for Nexus registry access.
Name the credential ID
nexus-docker-credentials(used later in the pipeline).
Step 1: Configure Nexus Credentials in Jenkins
What is nexus-credentials?
A Jenkins-stored secret to authenticate with your Nexus Docker registry.
Contains a username/password (e.g., a Nexus user with
docker:pushpermissions).
How to Create It:
In Jenkins, go to Dashboard > Manage Jenkins > Credentials > System > Global Credentials.
Click Add Credentials:
Kind: Username and Password
Username:
nexus-service-account(example)Password: Your Nexus user’s password
ID:
nexus-docker-credentials(reference this ID in the pipeline)
Step 2: Jenkinsfile Configuration (Test/Dummy Values)
Below is a pipeline with generic placeholders for testing:
pipeline {
agent any
environment {
// Example Nexus registry URL (replace with your test URL)
DOCKER_REGISTRY = 'https://your-nexus-registry.local'
// Example image name (use a test repository path)
DOCKER_IMAGE = 'your-nexus-registry.local/test-app:latest'
// Example container name
DOCKER_CONTAINER = 'test-container'
// Example port
PORT = 8080
}
stages {
stage('Clone Repository') {
steps { checkout scm }
}
stage('Build Docker Image') {
steps {
sh '''
docker rmi $DOCKER_IMAGE || true
docker build -t $DOCKER_IMAGE .
'''
}
}
stage('Push Docker Image to Nexus') {
steps {
// Use the credential ID created earlier
withDockerRegistry([
credentialsId: 'nexus-docker-credentials',
url: DOCKER_REGISTRY
]) {
sh 'docker push $DOCKER_IMAGE'
}
}
}
stage('Deploy Container') {
steps {
sh '''
docker stop $DOCKER_CONTAINER || true
docker rm $DOCKER_CONTAINER || true
docker run -d --name $DOCKER_CONTAINER -p $PORT:$PORT $DOCKER_IMAGE
'''
}
}
stage('CleanUp') {
steps {
sh '''
docker builder prune -f || true
'''
}
}
}
}
Key Explanations
1. Environment Variables
DOCKER_REGISTRY: Replaceyour-nexus-registry.localwith your Nexus Docker registry URL.DOCKER_IMAGE: Follow the format:<nexus-registry>/<repository>/<image-name>:<tag>.
2. Credential Binding
credentialsId: 'nexus-docker-credentials'references the credential you created in Jenkins.Jenkins injects the username/password during runtime to authenticate with Nexus.
3. Pipeline Stages
Push Stage: The
withDockerRegistryblock handles login/logout to Nexus automatically.Deploy Stage: Uses
|| trueto avoid pipeline failures if the container doesn’t exist.
Final Notes
Test Your Setup:
Run the pipeline and verify the image appears in your Nexus repository.
Check container logs with
docker logs test-container.
Security Tips:
Restrict Nexus user permissions to
docker:pushonly.Use HTTPS for registry communication.
Troubleshooting:
Ensure Jenkins has Docker socket access (or Docker client installed).
Validate credentials with a manual
docker logintest.
This configuration ensures a secure, repeatable deployment process to Nexus. 🛠️