DevSecOps/DevSecOps-Lab
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8eab022a91c4af17edb5feaa3a3c923a1347daca
DevSecOps-Lab/Jenkinsfile
dev-1 8eab022a91
Some checks failed
DevSecOps-Multibranch/pipeline/head There was a failure building this commit
Details
feat: deploy both backend (3001) and frontend (3002) on shared Docker network for Dev; backend listens on 3001; robust for gitea server
2025-11-30 18:45:15 +05:30

113 lines
5.7 KiB
Groovy
Raw Blame History

stage('Deploy') {
steps {
script {
// Define Ports for Dev environment
def backendPort = "3001"
def frontendPort = "3002"
def backendContainer = "backend"
def frontendContainer = "frontend"
def network = "devsecops-net"
def remote = "ssh -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa_deploy ${DEPLOY_USER}@${DEPLOY_HOST}"
withCredentials([string(credentialsId: 'do-registry-token', variable: 'DO_TOKEN')]) {
// 1. Remote Login
sh "${remote} 'echo ${DO_TOKEN} | docker login registry.digitalocean.com -u token --password-stdin'"
// 2. Create network if not exists
sh "${remote} 'docker network inspect ${network} >/dev/null 2>&1 || docker network create ${network}'"
// 3. Pull images
sh "${remote} 'docker pull ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG}'"
sh "${remote} 'docker pull ${REGISTRY_URL}/${REPO_NAME}:${FRONTEND_TAG}'"
// 4. Remove old containers
sh "${remote} 'docker stop ${backendContainer} || true'"
sh "${remote} 'docker rm ${backendContainer} || true'"
sh "${remote} 'docker stop ${frontendContainer} || true'"
sh "${remote} 'docker rm ${frontendContainer} || true'"
// 5. Run backend
sh "${remote} 'docker run -d --name ${backendContainer} --network ${network} --restart always -p ${backendPort}:3001 ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG}'"
// 6. Run frontend
sh "${remote} 'docker run -d --name ${frontendContainer} --network ${network} --restart always -p ${frontendPort}:80 ${REGISTRY_URL}/${REPO_NAME}:${FRONTEND_TAG}'"
echo "SUCCESS: Backend at http://${DEPLOY_HOST}:${backendPort}, Frontend at http://${DEPLOY_HOST}:${frontendPort}"
}
}
}
}
sh "docker build -t ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG} ./backend"
sh "docker build -t ${REGISTRY_URL}/${REPO_NAME}:${FRONTEND_TAG} ./frontend"
}
}
}
stage('Push to Registry') {
steps {
// We MUST inject the token here, or the push will fail with "Unauthorized"
withCredentials([string(credentialsId: 'do-registry-token', variable: 'DO_TOKEN')]) {
script {
echo "Logging into Registry..."
// 1. Clean previous state
sh 'rm -f ~/.docker/config.json'
// 2. Login using Token as Password
sh 'echo $DO_TOKEN | docker login registry.digitalocean.com -u token --password-stdin'
echo "Pushing images..."
sh "docker push ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG}"
sh "docker push ${REGISTRY_URL}/${REPO_NAME}:${FRONTEND_TAG}"
// 3. Logout
sh 'docker logout registry.digitalocean.com'
}
}
}
}
// --- REMOTE DEPLOYMENT (AGENT -> GITEA SERVER) ---
stage('Deploy') {
steps {
script {
// Define Ports based on Branch
def appPort = "3000"
if (env.BRANCH_NAME == 'Dev') { appPort = "3001" }
else if (env.BRANCH_NAME == 'Release') { appPort = "3002" }
else if (env.BRANCH_NAME == 'main') { appPort = "3003" }
def containerName = "backend-${env.BRANCH_NAME}"
// Define SSH Command using the specific deploy key we created
def remote = "ssh -o StrictHostKeyChecking=no -i ~/.ssh/id_rsa_deploy ${DEPLOY_USER}@${DEPLOY_HOST}"
echo "Deploying to ${DEPLOY_HOST} on Port ${appPort}..."
// We need the token again to PULL the image on the remote server
withCredentials([string(credentialsId: 'do-registry-token', variable: 'DO_TOKEN')]) {
// 1. Remote Login
sh "${remote} 'echo ${DO_TOKEN} | docker login registry.digitalocean.com -u token --password-stdin'"
// 2. Remote Pull
sh "${remote} 'docker pull ${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG}'"
// 3. Remote Restart (Stop -> Remove -> Run)
sh "${remote} 'docker stop ${containerName} || true'"
sh "${remote} 'docker rm ${containerName} || true'"
sh """
${remote} 'docker run -d \
--name ${containerName} \
--restart always \
-p ${appPort}:3000 \
${REGISTRY_URL}/${REPO_NAME}:${BACKEND_TAG}'
"""
echo "SUCCESS: App is live at http://${DEPLOY_HOST}:${appPort}"
}
}
}
}
}
post {
always {
// Save disk space on the Agent
sh 'docker system prune -f'
}
}
}
Reference in New Issue View Git Blame Copy Permalink