✅ Embedding Build Status Badges from a Private Jenkins Instance
You wouldn't think you need TWO plugins to achieve this simple task, right?
I think that embedding a build status badge to your project’s README file is one of the first things you do after you set up your CI and get a running build for the first time. It’s such a small detail but gives so much confidence to whoever’s viewing your project, that the main branch is green, all tests and checks are passing, etc. This is even more important in open source projects.
But in case your project is closed-source and/or at least your Jenkins instance is, you’re gonna have a hard time understanding how to achieve this. Although there’s a plugin that offers the badges itself, the badges alone aren’t going to help if to view the badge image, you need to enter a username and password 😅
This article shows you how to have the badge image provided by Jenkins to become fully public, while keeping the rest of your Jenkins safe and private.
Preparing the ground
Install these plugins:
Navigate to “Manage Jenkins” → “Configure Global Security” → Set "Role-Based Strategy", if you haven’t already.
If you’re setting this up for the first time, beware that you’ll have to set up role-based permission strategy for your entire team. Until you do so, once you enable this setting, your entire team will lose access to Jenkins and only your current (admin) account will have access.
Now that you installed and enabled role-based permissions, the plugin can be configured from “Manage Jenkins” → “Manage and Assign Roles”.
Configure a new public role to view badges
Under the “Global roles” section, add a new role (e.g. “Public”) and check the "Job ViewStatus" checkbox as its only permission:
Then scroll down to the “Item roles“ and create a new role (e.g. “View Status Badge Permission“), setting the name of your Jenkins Job in the “Pattern” field, and check the “Job Read” permission:
Don’t forget to hit the “Save” button at the bottom of the page, before continuing.
Then, navigate to “Assign Roles” view in the left menu, and check both checkboxes: “Anonymous → Public” and “Anonymous → View Status Badge Permission” that you just created:
Again, don’t forget to hit the “Save” button at the bottom of the page to make sure your changes are persisted.
Getting the badge image URL
Navigate to the Job that you want to display badges for. In my case, that’s under job/protected-branches-multibranch-pipeline/job/master
, and then click on the “Embeddable Build Status” menu in the left menu:
That should take you to a page with preformatted options for your badge, e.g. in markdown, HTML, etc. Use the “unprotected” ones in your README file (or wherever you’re going to display them).
Conclusion
With the setup seen in this article, you’ll open up your build status to be seen by the public (with no authentication whatsoever), and only that. The rest of your Jenkins jobs, builds, code coverage, reports, artifacts, etc, will all remain behind user authentication.