Mastering Jenkins : Choosing the Right Plugins for a Stable CI/CD Pipeline

Hi Amigos! In this blog, we are going to see how to choose the right Tier 3 or community plugin on Jenkins

Jenkins is a CI/CD tool that helps us automate our application development process more efficiently. Jenkins is like the heart of DevOps, where we integrate all other tools

However, Jenkins functionality is based on the plugins installed on the controller. Jenkins is essentially a collection of plugins. Plugins add functionality, but at the same time, they can also cause issues. Therefore, it is important to choose the right plugins. We will explore the ways to install the plugins

There are 3 types of Tiers in Plugins

Tier 1 ( Verified/Proprietary ) :

These plugins are considered the most reliable and carry the lowest risk of causing instability. They fall into two categories

Verified : Officially tested and endorsed by Jenkins, ensuring compatibility and stability

Proprietary : Developed and supported by a specific vendor (e.g., CloudBees) for their commercial offerings

Tier 2 ( Compatible )

These plugins typically have a good reputation for quality, but it’s essential to note that

They haven’t undergone the same level of rigorous testing as Tier 1, which may result in a slightly higher risk of introducing minor issues

Tier 3 ( Community-maintained )

These plugins are lack official Jenkins or major vendor endorsement, community-supported. Vary in quality, with some being valuable and others potentially unreliable or outdated. Performance impact is variable, it’s crucial to assess each plugin individually for potential concerns.

So, we can trust and install Tier 1 plugins on our controller since they are already verified. The same applies to Tier 2 as well

( but yes, they might have some vulnerabilities, resource consumption, and compatibility issues )

However, while installing Tier 3 plugins, we have to make sure whether they might affect our controller, and it is good to install those plugins

So, we will see general measures to install Tier 3 Plugins on our Jenkins controller

Step 1 :

To begin, we are taking the JFrog plugin as an example. First, visit the official page and verify the tier of the plugin https://docs.cloudbees.com/plugins/ci

Now, we can see that this plugin is Tier 3 Community plugin

Step 2 :

Next, go to https://plugins.jenkins.io/jfrog/releases/ page to gather more information about the plugin

Check whether the plugin is properly managed and updated frequently, ideally within a maximum 6–12 month span

Here, we can see that this plugin has been actively managed, as the last version was released very recently

Step 3 :

Check whether the plugin was actively managed by verifying if it has any maintainers or warnings related to deprecation.

For this plugin, we couldn’t see any warnings about deprecation. Also, it is officially managed by the JFrog community.

Step 4 :

Go to the Issues section and verify whether the particular version of the plugin has any potential issues. If yes, then don’t install it until the issues are resolved.

Additionally, verify whether the Health Score is more than 90%. If it is, then proceed to install it. Also, if it is actively installed, then it’s good to go

Result : Our JFrog plugin passes all tests. So, it is perfect to install

That’s a wrap! Thanks for reading. Loads of love to you and your family ❤️