Please note that this documentation is taken from our research project diagnoseIT that uses the same development process and integration process. You can have a detailed look at: https://diagnoseit.atlassian.net/wiki/display/DEV/Automatic+Jenkins+Updates

To prevent us from dealing with an outdated Jenkins and corresponding plugins, we use a dedicated Jenkins Job that is responsibile for updating Jenkins and its plugins once per month. Use the following shell scripts to realize that job.

Jenkins WAR Update

Jenkins WAR update

# prepare info file
INFO_FILE_DIR=$( pwd );
INFO_FILE=jenkins.update.info
rm -f $INFO_FILE
# get current version of cli JAR
cd /home/ubuntu/scripts
rm -f jenkins-cli.jar
wget http://127.0.0.1:8080/jnlpJars/jenkins-cli.jar
OLD_WAR_VERSION=$( java -jar jenkins-cli.jar -i ~/.ssh/hudson/id_dsa -s http://127.0.0.1:8080/ version);
# back up old Jenkins WAR and config 
cd /home/ubuntu/jenkins-backup
rm -f jenkins.war.backup
cp /home/ubuntu/apache-tomcat-8.0.23/webapps/ROOT.war /home/ubuntu/jenkins-backup/jenkins.war.backup
rm -rf config
cp -r /home/ubuntu/.jenkins /home/ubuntu/jenkins-backup/config
# get new Jenkins WAR and copy to Tomcat
rm -f jenkins.war
wget http://mirrors.jenkins-ci.org/war/latest/jenkins.war
rm -rf META-INF
jar xvf jenkins.war META-INF/MANIFEST
NEW_WAR_VERSION=$( cat META-INF/MANIFEST.MF | grep Jenkins-Version | cut -f 2 -d ' ' | tr -d "\r");
cd "$INFO_FILE_DIR"
echo '<h2>Jenkins Framework Update Report</h2>' >> $INFO_FILE
if [ $OLD_WAR_VERSION = $NEW_WAR_VERSION ]; then
echo '<p><b>No updates</b> were available for the Jenkins WAR file!</p>'>> $INFO_FILE
else
echo '<p>The Jenkins framework has been updated from version <b>'$OLD_WAR_VERSION'</b> to version <b>'$NEW_WAR_VERSION'</b>!</p>'>> $INFO_FILE
fi
nohup /home/ubuntu/scripts/copyJenkinsWar.sh > /home/ubuntu/jenkins-backup/copyJenkinsWar.out 2>&1 &

The INFO_FILE is used to store the result of the updating process to create a corresponding email notification.
jenkins-cli.jar is used to access Jenkins from command line, this Jar file needs to be downloaded from the corresponding Jenkins installation to have it alwas up-to-date
OLD_WAR_VERSION stores the old version of the Jenkins War file
NEW_WAR_VERSION is extracted from the downloaded WAR file
old WAR file is backed up as well as the .jenkins folder containing the entire configuration
the latest WAR file is downloaded
nohup ... script copies the WAR file to the tomcat webapps directory (an external script is used to guarantee that the copy process is finished before tomcat starts redeploying the WAR file)

Jenkins Plug-ins Updates

Update Jenkins Plug-ins

# prepare info file
INFO_FILE_DIR=$( pwd );
INFO_FILE=plugins.update.info
rm -f $INFO_FILE
# get current version of cli JAR
cd /home/ubuntu/scripts
rm -f jenkins-cli.jar
wget http://127.0.0.1:8080/jnlpJars/jenkins-cli.jar
# update plugins
rm -f ./tmp
rm -f ./tmp2
java -jar jenkins-cli.jar -i ~/.ssh/hudson/id_dsa -s http://127.0.0.1:8080/ list-plugins | grep ')$' >> ./tmp
cat tmp | sed s/'  '/'\t'/g >> ./tmp2
UPDATE_LIST=$( java -jar jenkins-cli.jar -i ~/.ssh/hudson/id_dsa -s http://127.0.0.1:8080/ list-plugins | grep ')$' | cut -f 1 -d ' ' | sed ':a;N;$!ba;s/\n/ /g' );
if [ ! -z "${UPDATE_LIST}" ]; then
    java -jar jenkins-cli.jar -i ~/.ssh/hudson/id_dsa -s http://127.0.0.1:8080/ install-plugin ${UPDATE_LIST};
    java -jar jenkins-cli.jar -i ~/.ssh/hudson/id_dsa -s http://127.0.0.1:8080/ safe-restart;
	cd "$INFO_FILE_DIR"
    echo '<h2>Jenkins Plug-ins Update Report</h2>' >> $INFO_FILE
    echo 'The following plug-in updates have been conducted:' >> $INFO_FILE
	echo '<table>' >> $INFO_FILE
    echo '<tr><th align=\"left\" style=\"padding-right:20px\">Plug-in ID</th><th align=\"left\" style=\"padding-right:20px\">Plug-in name</th><th align=\"left\" style=\"padding-right:20px\">Old Version</th><th align=\"left\" style=\"padding-right:20px\">New Version</th><tr>' >> $INFO_FILE
    awk 'BEGIN { FS = "[()\t]+" } ;{print "<tr><td  align=\"left\" style=\"padding-right:20px\">"$1"</td><td  align=\"left\" style=\"padding-right:20px\">"$2"</td><td align=\"left\" style=\"padding-right:20px\">"$3"</td><td align=\"left\" style=\"padding-right:20px\">"$4"</td></tr>"}' /home/ubuntu/scripts/tmp2 >> $INFO_FILE
	echo '</table>' >> $INFO_FILE
else
	cd "$INFO_FILE_DIR"
	echo '<h2>Jenkins Plug-ins Update Report</h2>' >> $INFO_FILE
	echo '<p><b>No updates</b> for installed plug-ins were available!</p>'>> $INFO_FILE
fi

use jenkins-cli to retrieve the list of plugins for which an update is available
use private key of the hudson user for communication with Jenkins (-i ~/.ssh/hudson/id_dsa)
update all plugins
do a safe restart of Jenkins to allow the updates to take effect

Use Report in e-mail notification

The Jenkins extended email plugin allows to use a HTML file as content of an email. Therefore, use the following command in the body of the email: ${FILE,path="<PATH_TO_FILE>"}