Skip to content

nickrgarner/deploy-pipeline

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

176 Commits

M1 Docs

M1 Docs

 
 

M2 Docs

M2 Docs

 
 

assets

assets

 
 

cm

cm

 
 

commands

commands

 
 

lib

lib

 
 

templates

templates

 
 

test

test

 
 

.gitignore

.gitignore

 
 

CHECKPOINT.md

CHECKPOINT.md

 
 

README.md

README.md

 
 

analysis.js

analysis.js

 
 

application.yml

application.yml

 
 

basic-security.groovy

basic-security.groovy

 
 

checkbox.yml

checkbox.yml

 
 

index.js

index.js

 
 

itrust.yml

itrust.yml

 
 

jenkins_jobs.ini

jenkins_jobs.ini

 
 

m3-checkpoint.png

m3-checkpoint.png

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

sample-canary-event.json

sample-canary-event.json

 
 

Repository files navigation

Team 23 - Spicy Pandas

CSC 519 - DevOps, Spring 2021

Milestone 3 Checkpoint

Screencast Part 1

Screencast Part 2

Final Demo Video

Usage

Setup

# Create .vault-pass file
echo "<VAULT PASSWORD>\n" >> .vault-pass

# Install
npm install
npm link

Configure Jenkins and build environment:

# Provision and configure VM
pipeline setup --gh-user <NCSU Github User> --gh-pass <NCSU Github Password>

NOTE: NCSU Github Password should be a Personal Access Token or a plain-text password that escapes special characters.

NOTE: If cloning the repo onto a host system that uses Windows OS you may need to update the line endings style in /cm/server-init.sh from CRLF to LF before running the pipeline setup command.

Run checkbox.io build job:

pipeline build checkbox.io -u <JENKINS USERNAME> -p <JENKINS PASSWORD>

Run iTrust build job:

pipeline build iTrust -u <JENKINS USERNAME> -p <JENKINS PASSWORD>

Run mutation fuzzer for iTrust2-v8 repo:

pipeline useful-tests -c <repetitions> --gh-user <NCSU Github User> --gh-pass <NCSU Github Password>

NOTE: NCSU Github Password should be a Personal Access Token or a plain-text password that escapes special characters.

Provision production instances:

# Provision on Digital Ocean - requires API token in `commands/produp.js`
pipeline prod up

# Provision locally with VirtualBox
pipeline prod up --local

NOTE: The proper inventory file will be generated at runtime by running one of these commands.

Deploy applications:

# Install checkbox.io dependencies and serve with nginx
pipeline deploy checkbox -i inventory.ini

# Install iTrust2-v8 dependencies and serve with Tomcat9
pipeline deploy iTrust -i inventory.ini

NOTE: Deploying iTrust2 requires FIRST running a Jenkins build of the project to generate a snapshot WAR file.

Lessons Learned

  • One of the difficulties of canary analysis is determining which health metrics are important to the project being tested. For example, HTTP codes are arguably most useful for web applications and REST APIs.
  • Getting SSH key pairs proliferated to the various deploy targets can be challenging depending on initial security setups, but help ensure smooth interactions with the configuration server once established.
  • Tomcat and nginx configuration are quite complicated and application-dependent, requiring a lot of trial, error, and debugging to successfully implement.
  • Arguably the most useful role of canary analysis is in support of gradual rollout of new releases, versus as a testing tool. Traffic can be incrementally diverted to new versions of the code without impacting the entire userbase at once.

Past Milestones

Build README

Build Checkpoint

Test README

Test Checkpoint

About

Automated end-to-end CI/CD pipeline to build, test, and deploy NodeJS and Java projects

Topics

ansible devops deployment mutation-testing jenkins-pipeline canary-test

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

3 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages