Build-Deploy-Pipeline of a springboot app using Jenkinsfile

With Jenkins 2 the concept of pipelines became one of the core features of this great tool. In combination with job and pipeline dsl, it’s getting quite easy to code your build and deployment pipeline in Groovy instead of providing static config xmls or rigid job generators. Although some people might think, separation between build team and dev team has to be established due to responsibility concerns, actually the guys that write the application (no matter of dev, build, ops or others) should know best how to get the application through the pipeline.


component version download
Ubuntu 16.04
Jenkins 2.2.19
JDK Hotspot 1.8.0_91
Maven 3.3.9

First step: the example application that is based on springboot and inspired by the official get-starting-guide of springboot that (by the way) is well documented:

├── Jenkinsfile
├── pom.xml
└── src
    ├── main
    │   ├── java
    │   │   └── eu
    │   │       └── christophburmeister
    │   │           └── playground
    │   │               └── springbootexample
    │   │                   ├──
    │   │                   └──
    │   └── resources
    │       └──
    └── test
        └── java
            └── eu
                └── christophburmeister
                    └── playground
                        └── springbootexample
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="" xmlns:xsi=""


    <description>example project for springboot</description>

            <!-- used for variable substitution in -->
            <!-- -->

                <!-- required for building executable jars -->

            <!-- used for metrics like status, health etc -->
            <!-- used for unit tests -->

package eu.christophburmeister.playground.springbootexample;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

public class Application {

    public static void main(String[] args) {, args);

package eu.christophburmeister.playground.springbootexample;

import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.RequestMapping;

public class HelloController {
    public String index() {
        return "Greetings from Spring Boot!";
package eu.christophburmeister.playground.springbootexample;

import static org.hamcrest.Matchers.equalTo;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;

import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.http.MediaType;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;

public class HelloControllerTest {

    private MockMvc mvc;

    public void getHello() throws Exception {
                .andExpect(content().string(equalTo("Greetings from Spring Boot!")));

That’s all for the base project. After building and starting the app via

mvn clean install
java -jar target/springbootexample-0.0.1-SNAPSHOT.jar

The app will respond on the following URLs:
This will return the HelloController output „Greetings from Spring Boot!“

This will return the json with values that are generated while build process (via maven filtering in

   "app": {
      "description": "example project for springboot",
      "commitid": "@commitid@",
      "name": "springbootexample",
      "version": "0.0.1-SNAPSHOT"

Note, that commitid is not set as we provide no „-Dcommitid“ parameter while maven build yet. This will be done later in Jenkins.

Invoking this adress via POST (e.g. with curl) stops the application:

curl -X POST http://localhost:10000/shutdown
{"message":"Shutting down, bye..."}

Note the corresponding parameter „endpoints.shutdown.enabled“ in

There are a lot more endpoints that are provided by the actuator module of springboot, but not relevant for this example.

Ok, this was the „dev“ part of this example. Let’s come to the „ops“ part that basically is the provision of the jenkins infrastructure. For this example I choose the latest version 2.19 with all default/suggested plugins. At a minimum you have to configure a jdk tool named „jdk1.8.0_91“ and a maven tool named „apache-maven-3.3.9“.

That’s all for the Jenkins setup. Now you have to create a bootstrap job for our example:

  1. „New item“ >> „Pipeline“ named „springbootexample“
  2. „Pipeline Definition“ >> „Pipeline script from SCM“ >> „Git“ >> add the repository url
  3. „Additional Behaviours“ >> „Clean before checkout“
  4. later you can fine-tune triggers and other settings, but that should it be for now

This job now checks out / clones the entered repository and looks by default for a file called „Jenkinsfile“ that has to contain build pipeline dsl:

import groovy.json.JsonSlurper;

    stage 'Build, Test and Package'
    env.PATH = "${tool 'apache-maven-3.3.9'}/bin:${env.PATH}"
    git url: ""
    // workaround, taken from
    def commitid = sh(returnStdout: true, script: 'git rev-parse HEAD').trim()
    def workspacePath = pwd()
    sh "echo ${commitid} > ${workspacePath}/expectedCommitid.txt"
    sh "mvn clean package -Dcommitid=${commitid}"

    stage 'Stop, Deploy and Start'
    // shutdown
    sh 'curl -X POST http://localhost:10000/shutdown || true'
    // copy file to target location
    sh 'cp target/*.jar /tmp/'
    // start the application
    sh 'nohup java -jar /tmp/*.jar &'
    // wait for application to respond
    sh 'while ! httping -qc1 http://localhost:10000 ; do sleep 1 ; done'

    stage 'Smoketest'
    def workspacePath = pwd()
    sh "curl --retry-delay 10 --retry 5 http://localhost:10000/info -o ${workspacePath}/info.json"
    if (deploymentOk()){
        return 0
    } else {
        return 1

def deploymentOk(){
    def workspacePath = pwd()
    expectedCommitid = new File("${workspacePath}/expectedCommitid.txt").text.trim()
    actualCommitid = readCommitidFromJson()
    println "expected commitid from txt: ${expectedCommitid}"
    println "actual commitid from json: ${actualCommitid}"
    return expectedCommitid == actualCommitid

def readCommitidFromJson() {
    def workspacePath = pwd()
    def slurper = new JsonSlurper()
    def json = slurper.parseText(new File("${workspacePath}/info.json").text)
    def commitid =
    return commitid

This script has thre steps:
Build, Test and Package: determination of the git commit id and running the maven build with -Dcommitid parameter (so the information is available at runtime in /info endpoint)

Stop, Deploy and Start: using the shutdown hook to stop the app, copy the artifact and start it

Smoketest: retrieve commitid from /info endpoint and compare it with the one that was used for building the artifact.

After committing this file to the repository and triggering the job, the job will pick up the file and run the pipeline. For security reasons all the groovy scripts are sandboxed and so the build will fail with sth like

org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getText
	at org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.StaticWhitelist.rejectStaticMethod(
	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor$8.reject(
	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onGetProperty(

This shall avoid damages on the Jenkins infrastructure by executing invasive operations through groovy code. Administrators can approve usage of specific method signatures under „Manage Jenkins“ >> „In-process script-aproval“ or in config xml „scriptApproval.xml“

So with this pipelines you combine the sources of the application with the complete build process in a revision-safe system and devs can individually modify or extend their build-process without any changes on jenkins itself.