Jenkins git-hooks trigger config

Git hooks needs to be fired first at git server side.

Central Idea(s):  Code Delivery/release: 

Jenkins runs jobs as user jenkins.
But it does not have a login shell.
1. Hence we need to "su - jenkins -s /bin/bash"
   SSH from command line to remote deployment/destination server
     - to add an entry into known_hosts file.
2. Jenkins logs into remote server as root.  Hence add public key to ~root/.ssh/authorized_keys of deployment server.
3. Execute the rsync to deployment/destination and verify

1. configured post-release hook as :

      (make sure file post-release.sample is copied into post-relesae without extension.  file as post-release.sh may not fire)

1. def get_git_branch(refName):  
2.     return subprocess.check_output(['git', 'rev-parse', '--symbolic', '--abbrev-ref', refName])  
3.   
4.   
5. if __name__ == '__main__':  
6.     orig_stdout = sys.stdout  
7.     fd = file('/opt/git/git-actions/jenkins-action.log', 'a')  
8.     sys.stdout = fd  
9.     print "========== POST receive BEGIN git@fts-vm-ci:/opt/git/testdel =========="  
10.   
11.   
12.     #--- Read in each ref / branch that the user had pushed to repo   
13.     for line in sys.stdin.xreadlines():  
14.         print "python post-receive: PUSHED this build LINE: : %s" % line   
15.         old, new, ref = line.strip().split(' ')  
16.         print "current push/receive values: oldRev: %s, newRev: %s, ref: %s " % (old, new, ref)   
17.         thisBranch = get_git_branch(ref)  
18.         print "thisBranch: %s" % thisBranch  
19.         if ref == 'refs/heads/master':  
20.             print "=============================================="  
21.             print "Received master. Triggering jenkins.        "  
22.             print "=============================================="  
23.             sys.stdout.flush()  
24.             call(["curl", "-sS", "-X", "POST", "http://JENKINS:PORT/job/JOBNAME/build"])  

call(["curl", "-sS", "-X", "POST", "http://JENKINS:PORT/job/JOBNAME/build  <-- even if git repo is at JENKINS server, please DO NOT use localhsot:PORT here

if we are going to trigger a branch build, then, use some syntax as:

1.         if BRANCH_NAME in thisBranch:  
2.             print "----- received branch %s, ALERTING jenkins: " % ref  
3.             sys.stdout.flush()  
4.             call(["curl", "-sS", "-X", "POST", "http://fts-vm-ci:8090/job/<BRANCH_JOB>/build"])  

2. swich user as jenkins with bash shell:

su jenkins -s /bin/bash

3. do a key-gen , to generate ssh rsa keys as:

ssh-keygen -t rsa

4. Copy the key to destination where jenkins has to RSYNC the git branch or origin/master to:

ssh-copy-id root@<deployment server)

5. Find out the workspace folder of the bloody build job in jenkins

/var/lib/jenkins/jobs/<JOBNAME>/workspace/

6. Do a DRY-RUN rsync now: (check if anything stupid is going on).

rsync --dry-run -av --exclude-from '/var/www/cgi-bin/config/rsync-exclude-list.txt' --delete -e ssh /var/lib/jenkins/jobs/cgi-bin\ testdel.git/workspace/ root@DEV-:/var/www/<DEPLOY_FOLDER>

7. Do an actual run (test) to see if everything goes to destination DEV server.  NOT PROD.

rsync -av --exclude-from '/var/www/cgi-bin/config/rsync-exclude-list.txt' --delete -e ssh /var/lib/jenkins/jobs/<JOBNAME>/workspace/ root@DEV:/var/www/<DEPLOY_FOLDER>

NOTE: used 'root' to ssh into deployment | DEV server.  But NOT recommended.  use another valid user.

8.  Move the above tested command into jenkins job configuration with SSH plugin... as:

 

9. Using sudoers file (visudo command) Give jenkins to execute rsync as superuser.

jenkins    ALL = NOPASSWD: /usr/bin/rsync

( NO NEED to do this as rsync is done with ssh.  We already had transferred public key to root. )

Output: