95
Deploy Node.js using Gitlab CI pipeline
- Repository in Gitlab with Node.js project
- Production server for which you have SSH access
- Configure a folder in the server for a production Node.js server using steps from this digitalocean guide
Setup the Gitlab CI/CD pipeline to push the Node.js code to the server and deploy it whenever code is merged to master branch.
Using a deploy token ensures that we can pull the code without the need to enter the credentials manually or save the credentials in the deploy script.
- Create a deploy token for the repository or for the associated group using the steps mentioned in the documentation
- Clone the repository in the production server's folder using the steps from the documentation. Make sure to use the correct repository url.
We are going to use Gitlab CI/CD Variables to save a private SSH key which Gitlab will use to authenticate with the server.
We are going to use SSH keys to authenticate rather than username and password as it is more secure.
This can be configured at a repository level or at a group level.
To view all the CI/CD variables of your repository,
- Go to your project’s Settings > CI/CD
- Expand the Variables section.
You can also view the same at a group level by first navigating to the group (Menu > Groups > Your Groups) and following the same steps.
If you already have a SSH_PRIVATE_KEY
private key variable listed, you can skip this step.
To create a new variable, Select the Add Variable button and fill in the details:
-
Key:
SSH_PRIVATE_KEY
-
Value:
<ssh_private_key_details>
. (To generate a new SSH public and private key pair, follow steps from this guide. Make sure to not accidentally overwrite any existing key pairs.) -
Type:
Variable
- Choose other settings based on your needs
Click Add Variable to add the variable
Now, we need to add SSH public key to the list of authorized_keys
in the production server.
- SSH into your server (
ssh [email protected]
) -
Add the SSH public key to
authorized_keys
nano ~/.ssh/authorized_keys
Paste the SSH public key(starts with
ssh-rsa
) in a new lineSave the file
Gitlab looks for .gitlab-ci.yml
in the root folder of your repository for CI/CD pipeline configurations
Add a new file .gitlab-ci.yml
in the root folder
before_script:
- apt-get update -qq
- apt-get install -qq git
# Setup SSH deploy keys
- "which ssh-agent || ( apt-get install -qq openssh-client )"
- eval $(ssh-agent -s)
- ssh-add <(echo "$SSH_PRIVATE_KEY")
- mkdir -p ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
deploy:
stage: deploy
environment:
name: production
url: https://example.com
script:
- bash deploy/deploy.sh
only:
- master
- Update the url in the above file to your domain
- We are using the default
ubuntu
docker package - We install
git
package and then configure it to add ourSSH_PRIVATE_KEY
- We also configure
StrictHostKeyChecking
tono
, to ensure git doesn't show manual prompt during initial connection. - We have setup pipeline named
deploy
with a single pipeline stagedeploy
which listens to commits onmaster
and runs the script indeploy/deploy.sh
Add a new file deploy.sh
in deploy
folder
#!/bin/bash
DEPLOY_SERVER=$DEPLOY_SERVER
echo "Deploying to ${DEPLOY_SERVER}"
ssh root@${DEPLOY_SERVER} 'bash' < ./deploy/server.sh
- Set the CI/CD variable
DEPLOY_SERVER
with valuedomain.com
for the repository using step 1.
- We set server variable
- We ssh into our server and then execute code at
deploy/server.sh
Add a new file server.sh
in deploy
folder
# Pull code
cd /var/www/html/folder-name/
git checkout master
git pull origin master
# Build and deploy
yarn install
yarn run build
pm2 restart server
- Update the
folder-name
in the above script to match the folder name used in the prerequisite step
- We navigate to the folder
- We get the latest changes from master branch
- We install dependencies and then optionally run build(incase of typescript project)
- Finally we restart the pm2 server
We need a runner to run our CI/CD pipeline jobs. This step is optional if a runner is already configured for your group in Gitlab.
To setup a new Gitlab group runner
- Install Gitlab Runner in any server with atleast 2GB of RAM using the steps from the documentation. The server should be separate from where Gitlab is installed for security reasons.
- Go to your group's Settings > CI/CD
- Expand the Runners section.
- Under the Set up a group runner manually section, copy the url and token
- Then register the runner in your server using steps from documentation
- Provide default image as
ubuntu
and empty tags
- Provide default image as
- Once the runner is registered, go back to the Runners section in Gitlab to see the runner appear under Available runners section
Push the .gitlab-ci.yml
and deploy/deploy.sh
, deploy/server.sh
files to master to start the automated deployment.
When the deployment is complete, you should see a green checkmark in the repository home page similar to
You can click the status icon to go to the pipeline and then to the individual job to see the command line output of your script
- If the job is not scheduled, make sure you have setup a runner and that the runner is active. Also check the runner parameters like
active
,protected
andtags
to see if any of the conditions are incorrect.
- https://medium.com/devops-with-valentine/deploy-over-ssh-from-gitlab-ci-pipeline-6a0d7b87e4a
- https://medium.com/@hfally/a-gitlab-ci-config-to-deploy-to-your-server-via-ssh-43bf3cf93775
- https://codeburst.io/gitlab-build-and-push-to-a-server-via-ssh-6d27ca1bf7b4
- https://erangad.medium.com/create-ci-cd-pipeline-for-nodejs-express-with-gitlab-6c420a956b10
95