Why Jenkins Keeps Logging You Out (OIDC + Keycloak): Finding and Fixing the Timeout Layer
When Jenkins is authenticated by Keycloak (OIDC) and sits behind NGINX, “session timeout” is not a single knob. You can […]
Jenkins, Keycloak
Jenkins
Backstage, Harbor, Jenkins
Build Backstage in Jenkins (Multi-Stage Docker) and Push to Harbor (Short SHA Tags)
This post shows how to build a Backstage app image (a single container image that runs the Backstage backend and
GitHub, Jenkins
Trigger Jenkins Builds on GitHub Push
This post shows how to trigger a Jenkins Pipeline build on every GitHub push when your Jenkinsfile is stored in
Backstage, Jenkins
Add Jenkins CI/CD to Backstage (With Keycloak SSO, No Docker)
In previous posts, I already have: Now I want Backstage to show Jenkins CI/CD status directly in the CI/CD tab
Jenkins, Kubernetes
Run Dynamic Jenkins Agents on a Bare-Metal Kubernetes HA Cluster
In a previous post, I built a 3-node HA Kubernetes cluster on bare-metal Ubuntu 24.04 with: In this guide, I’ll
Android App, HashiCorp Vault, Jenkins
Build and Publish Android App to Google Play with Jenkins + Vault + Gradle Play Publisher (Docker)
Related guides (prereqs) This post stitches the pieces into a reusable, production-safe pipeline: Jenkins builds a signed AAB in Docker,
AOSP, Gerrit, Jenkins
Automatically Build AOSP Before Merging to Integration Branch Using Jenkins and Gerrit
In large-scale Android development, it’s essential to verify each proposed change before it’s merged into the integration branch. This guide
Jenkins
How to Enable Role-Based Security in Jenkins
By default, Jenkins allows all logged-in users full access, convenient for testing, but dangerous for real teams. Even matrix-based security
Jenkins, Keycloak
Map Keycloak Client Roles to Jenkins Groups
In a previous post, we integrated Jenkins with Keycloak using OpenID Connect (OIDC). Now let’s go one step further: map
HashiCorp Vault, Jenkins
How to Use HashiCorp Vault as a Secret Store for Jenkins (via AppRole)
This guide shows how to move an SSH private key from Jenkins-managed credentials into HashiCorp Vault and pull it into