CI/CD
Overview
The CI/CD pipeline is an essential part of modern software development, facilitating automated testing and deployment of code. In this project, we use Jenkins for continuous integration, SonarQube for code quality analysis, and Spinnaker for continuous deployment.
CI/CD Pipeline
Jenkins
Jenkins is an open-source automation server that offers an easy way to set up a continuous integration and continuous delivery (CI/CD) pipeline. Continuous integration (CI) is a DevOps practice in which team members regularly commit their code changes to the version control repository, after which automated builds and tests are run. Continuous delivery (CD) is a series of practices where code changes are automatically built, tested, and deployed to production. Jenkins is the most popular open-source CI/CD tool on the market today and is used by companies large and small, including Google, Amazon, and Facebook.
Installation
We use Jenkins as a Docker container. The following command will pull the latest Jenkins image from Docker Hub and run it on port 7070.
docker run -d -p 7070:8080 -p 50000:50000 jenkins/jenkins:lts
After running the above command, we can access Jenkins at http://localhost:7070. The first time we access Jenkins, we will be asked to enter the administrator password. We can get the password by running the following command.
docker exec -it <container_id> cat /var/jenkins_home/secrets/initialAdminPassword
After entering the password, we will be asked to install the suggested plugins or select the plugins to install. We can select the plugins to install. After installing the plugins, we will be asked to create the first admin user. After creating the admin user, we can access Jenkins.
Webhook Configuration
We need to configure the webhook for the GitHub repository. We can configure the webhook by going to the repository settings, selecting Webhooks, and clicking Add webhook. We need to enter the Payload URL, which is the URL of the Jenkins server, and the secret token. We can get the secret token by going to the Jenkins server, selecting Manage Jenkins, selecting Configure System, and scrolling down to GitHub Web Hook. We need to select the option Let Jenkins auto-manage hook URLs. We can also select the option Let Jenkins auto-manage hook URLs for jobs that use the GitSCM feature. We need to click Advanced and select the option Specify another hook secret for each job. We need to click Generate and copy the secret token. We need to paste the secret token to the GitHub repository settings.
Pipeline Configuration
We need to create a pipeline for the project. We can create a pipeline by going to the Jenkins server, selecting New Item, entering the item name, and selecting Pipeline. We need to click OK. We need to scroll down to Pipeline and select Pipeline script from SCM. We need to select Git for SCM, enter the repository URL, and enter the credentials. We need to click Save.
Pipeline Script
We need to create a pipeline script for the project. We can create a pipeline script by going to the Jenkins server, selecting New Item, entering the item name, and selecting Pipeline. We need to click OK. We need to scroll down to Pipeline and select Pipeline script. We need to enter the pipeline script and click Save.
Pipeline Script for the Project
We need to create a pipeline script for the project. We can create a pipeline script by going to the Jenkins server, selecting New Item, entering the item name, and selecting Pipeline. We need to click OK. We need to scroll down to Pipeline and select Pipeline script. We need to enter the pipeline script and click Save.
pipeline {
agent none
environment {
NX_BRANCH = env.BRANCH_NAME.replace('PR-', '')
}
stages {
stage('Pipeline') {
parallel {
stage('Main') {
when {
branch 'main'
}
agent any
steps {
sh "pnpm install"
sh "npx nx-cloud start-ci-run --stop-agents-after='build'"
sh "npx nx format:check"
sh "npx nx affected --base=HEAD~1 -t lint --parallel=3 & npx nx affected --base=HEAD~1 -t test --parallel=3 --configuration=ci & npx nx affected --base=HEAD~1 -t build --parallel=3"
}
}
stage('PR') {
when {
not { branch 'main' }
}
agent any
steps {
sh "pnpm install"
sh "npx nx-cloud start-ci-run --stop-agents-after='build'"
sh "npx nx format:check"
sh "npx nx affected --base origin/${env.CHANGE_TARGET} -t lint --parallel=2 & npx nx affected --base origin/${env.CHANGE_TARGET} -t test --parallel=2 --configuration=ci & npx nx affected --base origin/${env.CHANGE_TARGET} -t build --parallel=2"
}
}
stage('Agent1') {
agent any
steps {
sh "pnpm install"
sh "npx nx-cloud start-agent"
}
}
stage('Agent2') {
agent any
steps {
sh "pnpm install"
sh "npx nx-cloud start-agent"
}
}
stage('Agent3') {
agent any
steps {
sh "pnpm install"
sh "npx nx-cloud start-agent"
}
}
}
}
}
}
SonarQube
SonarQube is an open-source platform for continuous inspection of code quality. It is used to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages. SonarQube offers reports on duplicated code, coding standards, unit tests, code coverage, code complexity, comments, bugs, and security vulnerabilities. SonarQube can be extended with plugins for additional languages, metrics, and integration with other development tools such as continuous integration and build systems.
Installation
We use SonarQube as a Docker container. The following command will pull the latest SonarQube image from Docker Hub and run it on port 9000.
docker run -d --name sonarqube -p 9000:9000 sonarqube
ArgoCD
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It follows the GitOps pattern of using Git repositories as the source of truth for defining the desired application state. Kubernetes manifests can be specified in several ways: kustomize applications, ksonnet applications, helm charts, or plain directory of YAML/json manifests. Argo CD automates the deployment of the desired application states in the specified target environments. Application deployments can track updates to branches, tags, or pinned to a specific version of manifests at a Git commit. Argo CD runs a server process (argocd-server) which exposes both a web UI and a gRPC API (both secured via TLS). The web UI is served out of the argocd-server process itself. The API server is useful for automation or integrating with other tools, such as CI/CD, that need to interact with Argo CD.
Installation
We use ArgoCD as a Docker container. The following command will pull the latest ArgoCD image from Docker Hub and run it on port 7050.
docker run -d -p 7050:8080 argoproj/argocd:v2.1.2
After running the above command, we can access ArgoCD at http://localhost:7050. The default username is admin and the default password is password. We can change the password by running the following command.
kubectl -n argocd patch secret argocd-secret \
-p '{"stringData": {
"admin.password": "Hutech@123"
}}'
After changing the password, we can access ArgoCD with the new password.
Webhook Configuration
We need to configure the webhook for the GitHub repository. We can configure the webhook by going to the repository settings, selecting Webhooks, and clicking Add webhook. We need to enter the Payload URL, which is the URL of the ArgoCD server, and the secret token. We need to click Add webhook.