From eb85e581f31ed80917f5ee94b3c111a1f1ea42bb Mon Sep 17 00:00:00 2001 From: dev-1 Date: Sun, 30 Nov 2025 16:01:58 +0530 Subject: [PATCH] =?UTF-8?q?Dev:=20Update=20Jenkinsfile=20=E2=80=94=20use?= =?UTF-8?q?=20core=20repo=20in=20registry,=20secure=20login/logout,=20clea?= =?UTF-8?q?nup=20in=20post?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Jenkinsfile | 64 +++++++++++++++++++++++++++++++++++------------------ 1 file changed, 43 insertions(+), 21 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 5172a5b..57a6922 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,14 +1,16 @@ pipeline { + // Run on your specific Agent Droplet agent { label 'jenkins-agent' } environment { - REGISTRY_URL = 'registry.digitalocean.com/kongseng' + // 1. Your ACTUAL Registry Name (Verified) + REGISTRY_URL = 'registry.digitalocean.com/devsecops-lab' - // FIX: Use ONE shared repository name - REPO_NAME = 'devsecops-lab' + // 2. The ONE allowed repository for Free Tier + REPO_NAME = 'core' - // Create distinct tags for backend and frontend - // Result: registry.../devsecops-lab:backend-Dev-1 + // 3. Unique Tags to distinguish apps inside the 'core' repo + // Example: core:backend-Dev-25 BACKEND_TAG = "backend-${env.BRANCH_NAME}-${env.BUILD_NUMBER}" FRONTEND_TAG = "frontend-${env.BRANCH_NAME}-${env.BUILD_NUMBER}" } @@ -22,8 +24,8 @@ pipeline { stage('Install Dependencies') { steps { - // Check if folders exist to avoid errors - sh 'ls -la' + echo "Installing dependencies..." + // Ensure these folders exist in your repo! dir('backend') { sh 'npm install' } dir('frontend') { sh 'npm install' } } @@ -33,7 +35,7 @@ pipeline { steps { script { echo "Building Images..." - // Build both images using the SAME Repo URL but DIFFERENT Tags + // Build using the 'core' repo path but unique tags sh "docker build -t ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG} ./backend" sh "docker build -t ${REGISTRY_URL}/${REPO_NAME}:${FRONTEND_TAG} ./frontend" } @@ -42,19 +44,23 @@ pipeline { stage('Push to Registry') { steps { - // Securely inject the token into the script + // Securely inject the DO Token withCredentials([string(credentialsId: 'do-registry-token', variable: 'DO_TOKEN')]) { script { echo "Logging into DigitalOcean Registry..." - // Explicit Login: Uses the token as both user and password (DO Standard) - sh 'echo $DO_TOKEN | docker login registry.digitalocean.com -u $DO_TOKEN --password-stdin' + // 1. NUKE existing config to prevent credential-helper conflicts + sh 'rm -f ~/.docker/config.json' + + // 2. Force Raw Login (Token as Password) + // -u anything works, --password-stdin takes the token + sh 'echo $DO_TOKEN | docker login registry.digitalocean.com -u key_is_token --password-stdin' echo "Pushing images..." sh "docker push ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG}" sh "docker push ${REGISTRY_URL}/${REPO_NAME}:${FRONTEND_TAG}" - // Cleanup: Logout to keep the agent secure + // 3. Logout for security sh 'docker logout registry.digitalocean.com' } } @@ -64,17 +70,24 @@ pipeline { stage('Deploy') { steps { script { + // Dynamic Port Assignment based on Branch def appPort = "3000" - // Unique container name for this branch - def containerName = "app-${env.BRANCH_NAME}" + def containerName = "backend-${env.BRANCH_NAME}" - if (env.BRANCH_NAME == 'Dev') { appPort = "3001" } - else if (env.BRANCH_NAME == 'Release') { appPort = "3002" } - else if (env.BRANCH_NAME == 'main') { appPort = "3003" } + if (env.BRANCH_NAME == 'Dev') { + appPort = "3001" + echo "Deploying to DEV (Port 3001)" + } + else if (env.BRANCH_NAME == 'Release') { + appPort = "3002" + echo "Deploying to STAGING (Port 3002)" + } + else if (env.BRANCH_NAME == 'main') { + appPort = "3003" + echo "Deploying to PRODUCTION (Port 3003)" + } - echo "Deploying Backend to Port ${appPort}..." - - // Clean up old container + // 1. Cleanup Old Container try { sh "docker stop ${containerName} || true" sh "docker rm ${containerName} || true" @@ -82,7 +95,7 @@ pipeline { echo "No container to stop" } - // Run the specific BACKEND tag + // 2. Run New Container sh """ docker run -d \ --name ${containerName} \ @@ -94,4 +107,13 @@ pipeline { } } } + + post { + always { + // Cleanup workspace to save disk space + deleteDir() + // Cleanup dangling images + sh 'docker system prune -f' + } + } }