DEV Community

Cover image for 100 Days of DevOps: Day 79
Wycliffe A. Onyango
Wycliffe A. Onyango

Posted on

100 Days of DevOps: Day 79

#devops #jenkins #cicd #ci

Automated CI/CD for Nautilus Application

Overview

This article confirms the successful implementation of a robust Continuous Deployment (CD) pipeline using Jenkins. The solution ensures that any code push to the Git repository's master branch instantly triggers a build, deploying the complete application contents to the Storage Server (ststor01) under the required ownership of user sarah.

I. Infrastructure Setup Commands (Prerequisites)

These commands ensure the necessary passwordless access and user accounts are in place before deployment. They must be executed on the respective servers using administrative privileges (e.g., as jenkins or natasha via sudo).

A. Jenkins Server Setup (to enable passwordless SSH)

The jenkins user's public key must be generated and transferred to the remote natasha account.

Command (Run on Jenkins Server as jenkins) Purpose
ssh-keygen Generates the private (id_ed25519) and public (id_ed25519.pub) key pair.
ssh-copy-id -i /var/lib/jenkins/.ssh/id_ed25519.pub natasha@ststor01.stratos.xfusioncorp.com Transfers the public key to the Storage Server for passwordless login as natasha.

B. Storage Server Setup (ststor01)

These steps are crucial for automation (Natasha's sudo rights) and the final file ownership/verification (Sarah's account).

Command (Run on Storage Server as natasha via sudo) Purpose
sudo visudo (and add line below) Configures passwordless sudo for natasha to allow the script to run chown and tar without prompts.
natasha ALL=(ALL) NOPASSWD: ALL The line added to /etc/sudoers file.
sudo useradd sarah Creates the user sarah (required for file ownership and Task 3).
sudo passwd sarah Sets the login password for sarah (required for Task 3 SSH).

II. Jenkins Job Configuration & Execution

A. Build Trigger Setup (Webhook)

The job nautilus-app-deployment was configured to use the Generic Webhook Trigger.

Action Value/URL Used
Jenkins URL Endpoint http://172.16.238.19:8080/generic-webhook-trigger/invoke?token=<SECRET_TOKEN>
Gitea Webhook Target The Jenkins URL above was pasted into the Git repository's webhook settings.
Gitea Trigger Set to trigger on Push Events to the master branch.

B. Execution Shell Script (deployment_script.sh)

The following script was placed in the Jenkins job's Execute shell step. It uses tar piped over ssh to efficiently transfer the files, as rsync was not available on the Jenkins host.

#!/bin/bash

# ==============================================================================
# Jenkins Deployment Script for Storage Server (ststor01)
# ==============================================================================

# Target Server details
STORAGE_SERVER_USER="natasha" # Assuming we use the listed user to SSH into the server
STORAGE_SERVER_HOST="ststor01.stratos.xfusioncorp.com"
DEPLOY_PATH="/var/www/html"

# SSH Options for non-interactive execution:
# 1. StrictHostKeyChecking=no: Avoids the "Host key verification failed" error on first connect.
# 2. UserKnownHostsFile=/dev/null: Ensures the keys are not written to the known_hosts file.
SSH_OPTS="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"

echo "Starting deployment process to $STORAGE_SERVER_HOST:$DEPLOY_PATH"

# 1. SSH into the Storage Server and set ownership to 'sarah'.
# This ensures that the subsequent file operations performed by 'natasha' on the directory
# will not affect the final deployed files' required ownership.
echo "1. Changing ownership of $DEPLOY_PATH to user 'sarah' on the Storage Server..."
ssh ${SSH_OPTS} ${STORAGE_SERVER_USER}@${STORAGE_SERVER_HOST} "sudo chown -R sarah:sarah ${DEPLOY_PATH}"

if [ $? -eq 0 ]; then
    echo "Ownership change successful."
else
    echo "ERROR: Failed to change ownership on the remote server. Check SSH keys, sudo rights."
    exit 1
fi

# 2. Deploy the new code using 'tar' piped over SSH.
echo "2. Deploying content from Jenkins workspace (${WORKSPACE}) to $DEPLOY_PATH using tar over SSH..."

# A. Execute 'tar' locally to create a compressed archive of the workspace, excluding .git.
# B. Pipe the output (-) directly to the remote 'ssh' connection.
# C. On the remote server:
#    i. Use 'sudo' to remove all existing files in the deployment path for a clean slate.
#    ii. Pipe the incoming compressed data to 'sudo tar -xzf -' to extract it into the path.
tar -czf - --exclude '.git' -C "${WORKSPACE}" . | \
    ssh ${SSH_OPTS} ${STORAGE_SERVER_USER}@${STORAGE_SERVER_HOST} "
        # Use sudo for file deletion and extraction
        sudo rm -rf ${DEPLOY_PATH}/* && sudo tar -xzf - -C ${DEPLOY_PATH}
    "

if [ $? -eq 0 ]; then
    echo "Deployment successful on $STORAGE_SERVER_HOST."
else
    echo "ERROR: Deployment failed during file transfer (tar/ssh pipe). Check permissions/connectivity."
    exit 1
fi

echo "Deployment finished successfully."
Enter fullscreen mode Exit fullscreen mode

III. Final Verification

These commands are used to push the code and trigger the fully automated pipeline.

Command (Run on Storage Server as sarah) Purpose
ssh sarah@ststor01.stratos.xfusioncorp.com Log in to the Storage Server as the user sarah.
cd web Navigate to the cloned repository.
echo "Welcome to the xFusionCorp Industries" > index.html Modify the content of the index file as required.
git add index.html Stage the modified file.
git commit -m "Updated homepage content for deployment" Commit the change locally.
git push origin master Triggers the webhook and starts the Jenkins job, completing the CD cycle.

Top comments (0)