diff --git a/Jenkinsfile b/Jenkinsfile index 3d0410a..a475627 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -3,111 +3,3 @@ script { // Define Ports for Dev environment def backendPort = "3001" - def frontendPort = "3002" - def backendContainer = "backend" - def frontendContainer = "frontend" - def network = "devsecops-net" - def remote = "ssh -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa_deploy ${DEPLOY_USER}@${DEPLOY_HOST}" - withCredentials([string(credentialsId: 'do-registry-token', variable: 'DO_TOKEN')]) { - // 1. Remote Login - sh "${remote} 'echo ${DO_TOKEN} | docker login registry.digitalocean.com -u token --password-stdin'" - // 2. Create network if not exists - sh "${remote} 'docker network inspect ${network} >/dev/null 2>&1 || docker network create ${network}'" - // 3. Pull images - sh "${remote} 'docker pull ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG}'" - sh "${remote} 'docker pull ${REGISTRY_URL}/${REPO_NAME}:${FRONTEND_TAG}'" - // 4. Remove old containers - sh "${remote} 'docker stop ${backendContainer} || true'" - sh "${remote} 'docker rm ${backendContainer} || true'" - sh "${remote} 'docker stop ${frontendContainer} || true'" - sh "${remote} 'docker rm ${frontendContainer} || true'" - // 5. Run backend - sh "${remote} 'docker run -d --name ${backendContainer} --network ${network} --restart always -p ${backendPort}:3001 ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG}'" - // 6. Run frontend - sh "${remote} 'docker run -d --name ${frontendContainer} --network ${network} --restart always -p ${frontendPort}:80 ${REGISTRY_URL}/${REPO_NAME}:${FRONTEND_TAG}'" - echo "SUCCESS: Backend at http://${DEPLOY_HOST}:${backendPort}, Frontend at http://${DEPLOY_HOST}:${frontendPort}" - } - } - } - } - sh "docker build -t ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG} ./backend" - sh "docker build -t ${REGISTRY_URL}/${REPO_NAME}:${FRONTEND_TAG} ./frontend" - } - } - } - - stage('Push to Registry') { - steps { - // We MUST inject the token here, or the push will fail with "Unauthorized" - withCredentials([string(credentialsId: 'do-registry-token', variable: 'DO_TOKEN')]) { - script { - echo "Logging into Registry..." - // 1. Clean previous state - sh 'rm -f ~/.docker/config.json' - - // 2. Login using Token as Password - sh 'echo $DO_TOKEN | docker login registry.digitalocean.com -u token --password-stdin' - - echo "Pushing images..." - sh "docker push ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG}" - sh "docker push ${REGISTRY_URL}/${REPO_NAME}:${FRONTEND_TAG}" - - // 3. Logout - sh 'docker logout registry.digitalocean.com' - } - } - } - } - - // --- REMOTE DEPLOYMENT (AGENT -> GITEA SERVER) --- - stage('Deploy') { - steps { - script { - // Define Ports based on Branch - def appPort = "3000" - if (env.BRANCH_NAME == 'Dev') { appPort = "3001" } - else if (env.BRANCH_NAME == 'Release') { appPort = "3002" } - else if (env.BRANCH_NAME == 'main') { appPort = "3003" } - - def containerName = "backend-${env.BRANCH_NAME}" - - // Define SSH Command using the specific deploy key we created - def remote = "ssh -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa_deploy ${DEPLOY_USER}@${DEPLOY_HOST}" - - echo "Deploying to ${DEPLOY_HOST} on Port ${appPort}..." - - // We need the token again to PULL the image on the remote server - withCredentials([string(credentialsId: 'do-registry-token', variable: 'DO_TOKEN')]) { - - // 1. Remote Login - sh "${remote} 'echo ${DO_TOKEN} | docker login registry.digitalocean.com -u token --password-stdin'" - - // 2. Remote Pull - sh "${remote} 'docker pull ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG}'" - - // 3. Remote Restart (Stop -> Remove -> Run) - sh "${remote} 'docker stop ${containerName} || true'" - sh "${remote} 'docker rm ${containerName} || true'" - - sh """ - ${remote} 'docker run -d \ - --name ${containerName} \ - --restart always \ - -p ${appPort}:3000 \ - ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG}' - """ - - echo "SUCCESS: App is live at http://${DEPLOY_HOST}:${appPort}" - } - } - } - } - } - - post { - always { - // Save disk space on the Agent - sh 'docker system prune -f' - } - } -} \ No newline at end of file