How to make ssh deployment more clear in gitlab?

krzysztof.konrad.lem · March 27, 2024, 3:07pm

I’m deploying my app with:

deploy_serv_1:
  stage: deploy
  before_script:
    - chmod 400 $SSH_KEY 
  variables:
    PULL_IMAGE_COMMAND: "here is my bash command with pulling"
    RUN_CONTAINER_COMMAND: "here is my bash command with runing"
  script:
    - ssh -i $SSH_KEY -o StrictHostKeyChecking=no -p $PORT user@$SERVER "
                          export ABC1=$ABC1 &&
                          export ABC2=$ABC2 &&
                          export ABC3=$ABC3 &&
                          export ABC4=$ABC4 &&
                          export ABC5=$ABC5 &&
                          export ABC6=$ABC6 &&
                          export ABC7=$ABC7 &&
                          export ABC8=$ABC8 &&
                          $PULL_IMAGE_COMMAND &&
                          $RUN_CONTAINER_COMMAND"

It works.
Challenge here is that is when variables have long names it is very messy.

Problem to solve

In bash I can do something like:

ssh user@server < file_with_comands_to_run

a) How to do this with gitlab pipeline?
b) Maybe is another cleaner way of doing that?

dnsmichi · March 27, 2024, 7:33pm

You could provision the script file using scp first, and then call it through ssh.

A less error prone approach can be using an Ansible playbook to distribute the file(s), and call it, and ensure that all container images are pulled, etc. An example for a tutorial: Automating My Infrastructure with Ansible and Gitlab CI: Part 1 – Getting Started | Blogging to Nowhere

krzysztof.konrad.lem · March 27, 2024, 9:48pm

" You could provision the script file using scp first, and then call it through ssh ."

This is what I’m doing right now.
Challenge here are all this env variables.

@dnsmichi am I correctly interpret your answer that there is no better way of
passing this env vars then what I’m doing now?

dnsmichi · March 28, 2024, 12:17am

krzysztof.konrad.lem:

                          export ABC1=$ABC1 &&
                          export ABC2=$ABC2 &&
                          export ABC3=$ABC3 &&
                          export ABC4=$ABC4 &&
                          export ABC5=$ABC5 &&
                          export ABC6=$ABC6 &&
                          export ABC7=$ABC7 &&
                          export ABC8=$ABC8 &&
                          $PULL_IMAGE_COMMAND &&
                          $RUN_CONTAINER_COMMAND"

The ABC variables could be put into an .env file which is sourced at the beginning of the script. That file is stored in the Git repository (unless it contains credentials, never commit this into Git - consider populating them on-demand in CI/CD before_script sections).

Something like this, but beware I am not a good bash programmer - I asked GitLab Duo Chat to generate it for me, using the prompt Create a bash script which sources a .env file, checks if the docker CLI is installed, and pulls and runs a specific image, use python:3.11

#!/bin/bash

# Source .env file
source .env

# Check if docker is installed
if ! command -v docker &> /dev/null
then
    echo "docker could not be found"
    exit
fi

# Pull python image 
docker pull python:3.11

# Run image
docker run -it python:3.11

The CI/CD portions could look like the following.

Chat prompt for reference: Please show how to send a .env and deploy.sh script file over scp to a remote host, and then call the script over SSH. All in a CI/CD jobc

stages:
  - deploy

deploy_job:
  stage: deploy
  script:
    # Copy .env file to remote host
    - scp .env remote_user@remote_host:/path/to/app  

    # Copy deploy script to remote host
    - scp deploy.sh remote_user@remote_host:/path/to/app

    # SSH into remote host and run deploy script
    - ssh remote_user@remote_host "cd /path/to/app && ./deploy.sh"