Setting up a CI/CD Pipeline for NestJS with Jenkins, Gitlab, and AWS EKS

Introduction

Jenkins is a leading open-source automation tool that enables Continuous Integration (CI) and Continuous Delivery (CD). With its vast plugin ecosystem, Jenkins helps automate every stage from build and test to deploy, reducing manual errors and increasing software development speed.

Gitlab is not only a Git-based source code repository but also provides a comprehensive DevOps platform. Gitlab's key advantages are tight repository management, built-in Webhooks to trigger external pipelines, and powerful project management and code review features that help teams collaborate effectively.


In this article, I will guide you through setting up Jenkins to automatically pull source code from Gitlab and deploy to AWS EKS. The summary of the steps will be as follows:

  1. Build a source docker image from the NestJS source code and push it to AWS ECR
  2. Create an EKS Cluster and deploy with that docker image
  3. Setup configuration for Jenkins
  4. Add a Jenkinsfile to the NestJS project and push it to Gitlab
  5. When clicking build on Jenkins, it will run through the following steps:
  6. Pull the latest code from Gitlab
  7. Build a docker image from that source code and push it to AWS ECR
  8. Update the new docker image for the EKS Cluster

Prerequisites

Since this article mainly focuses on the Jenkins and Gitlab setup process, I will reuse the NestJS source code from previous articles; you can review them or use your project accordingly.


Detail

First, create a folder to set up the Jenkins deployment, including a .env file with the following content; please replace the necessary values accordingly:

AWS_ACCESS_KEY_ID = <AWS_ACCESS_KEY_ID>
AWS_SECRET_ACCESS_KEY = <AWS_SECRET_ACCESS_KEY>
AWS_REGION = ap-southeast-1
EKS_CLUSTER_NAME = <EKS_CLUSTER_NAME>
ECR_REGISTRY = <ECR_REGISTRY>
ECR_REPO_NAME = <ECR_REPO_NAME>

GITLAB_USERNAME = oauth2
GITLAB_API_TOKEN = <GITLAB_API_TOKEN>
GITLAB_REPO_URL = <GITLAB_REPO_URL>

  • Because this article will deploy to AWS EKS, you must input the necessary AWS information first. You can review my articles about AWS to know how to get access keys as well as create an EKS Cluster and push a docker image to ECR to have the cluster, registry, and repository name information to input.
  • For Gitlab information, GITLAB_USERNAME is the default, you don't need to change it; replace the remaining information with values from your Gitlab account.
  • Note that when creating the GITLAB_API_TOKEN, ensure you have granted at least the following permissions:


Before proceeding to the next steps, check to ensure that the resources on K8s have been successfully deployed and are running, as this is a mandatory condition for the next steps to function:

kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nestjs-app-55cc79b94b-qdkrl 1/1 Terminating 0 59m
pod/nestjs-app-86b6474f5c-v49c5 1/1 Running 0 9s

NAME TYPE CLUSTER-IP EXTERNAL-IP
PORT(S) AGE
service/kubernetes ClusterIP 172.20.0.1 <none>
443/TCP 27h
service/nestjs-service LoadBalancer 172.20.67.58 a75749a3a839a4d7b8725e456078d026-1015643982.ap-southeast-1.elb.amazonaws.com 80:32423/TCP 23h

NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nestjs-app 1/1 1 1 23h

NAME DESIRED CURRENT READY AGE
replicaset.apps/nestjs-app-55cc79b94b 0 0 0 20m
replicaset.apps/nestjs-app-86b6474f5c 1 1 1 10m



Next is creating the jenkins.yaml file:

jenkins:
systemMessage: "Jenkins auto config with JCasC for CI/CD."
securityRealm:
local:
allowsSignup: false
users:
- id: "admin"
password: "admin_password_change_me"
globalNodeProperties:
- envVars:
env:
- key: "AWS_REGION"
value: "${AWS_REGION}"
- key: "EKS_CLUSTER_NAME"
value: "${EKS_CLUSTER_NAME}"
- key: "ECR_REGISTRY"
value: "${ECR_REGISTRY}"
- key: "ECR_REPO_NAME"
value: "${ECR_REPO_NAME}"
- key: "DEPLOYMENT"
value: "deployment/nestjs-app"
- key: "CONTAINER_NAME"
value: "nestjs-container"

unclassified:
location:
url: http://localhost:8080/

credentials:
system:
domainCredentials:
- credentials:
- aws:
scope: GLOBAL
id: "aws-credentials-id"
accessKey: "${AWS_ACCESS_KEY_ID}"
secretKey: "${AWS_SECRET_ACCESS_KEY}"
- usernamePassword:
scope: GLOBAL
id: "gitlab-auth-id"
username: "${GITLAB_USERNAME}"
password: "${GITLAB_API_TOKEN}"
description: "Use to clone code from Gitlab"

jobs:
- script: >
pipelineJob('EKS-Deployment-Pipeline') {
definition {
cpsScm {
scm {
git {
remote {
url("${GITLAB_REPO_URL}")
credentials('gitlab-auth-id')
}
branches('*/develop')
}
scriptPath('Jenkinsfile')
}
}
}
}

This code uses Jenkins Configuration as Code (JCasC) to automate Jenkins setup. It defines environment variables for AWS/EKS, initializes credentials to connect to AWS and Gitlab, and automatically creates a Job Pipeline to pull code from Gitlab and perform deployment when changes occur.


Next is creating the Dockerfile:

FROM jenkins/jenkins:lts

USER root

ARG DOCKER_GID=999

RUN groupadd -g ${DOCKER_GID} docker_host || true \
&& usermod -aG ${DOCKER_GID} jenkins || usermod -aG docker_host jenkins

RUN apt-get update && apt-get install -y \
apt-transport-https ca-certificates curl gnupg lsb-release unzip \
&& install -m 0755 -d /etc/apt/keyrings \
&& curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc \
&& chmod a+r /etc/apt/keyrings/docker.asc \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian $(ls_release -cs) stable" > /etc/apt/sources.list.d/docker.list \
&& apt-get update && apt-get install -y docker-ce-cli \
&& curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \
&& unzip awscliv2.zip && ./aws/install && rm -rf awscliv2.zip aws \
&& curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" \
&& install -m 0755 kubectl /usr/local/bin/kubectl && rm kubectl \
&& apt-get clean && rm -rf /var/lib/apt/lists/*

RUN jenkins-plugin-cli --plugins \
configuration-as-code \
docker-workflow \
blueocean \
gitlab-plugin \
pipeline-aws \
kubernetes-cli \
job-dsl \
ansicolor \
json-path-api \
token-macro \
favorite \
git-client \
scm-api

COPY jenkins.yaml /var/jenkins_home/jenkins.yaml
ENV CASC_JENKINS_CONFIG=/var/jenkins_home/jenkins.yaml

USER jenkins

This Dockerfile is used to build a custom Jenkins image. It installs the necessary tools so Jenkins can work with Docker (build images), AWS CLI (manage cloud resources), and Kubectl (command EKS). Additionally, it also automatically installs important plugins and loads the jenkins.yaml configuration file into the system.


Creating the docker-compose.yml file:

services:
jenkins:
user: root
build:
context: .
args:
- DOCKER_GID=${DOCKER_GID}
container_name: jenkins
env_file: .env
environment:
- DOCKER_BUILDKIT=1
ports:
- "8080:8080"
- "50000:50000"
volumes:
- jenkins_home:/var/jenkins_home
- /var/run/docker.sock:/var/run/docker.sock
restart: unless-stopped

volumes:
jenkins_home:

This file defines how to launch the Jenkins container. It connects the container to the host machine's Docker socket (so Jenkins can run docker commands), maps access ports, loads environment variables from the .env file, and ensures Jenkins data is stored persistently via a volume.

Please note that the "context: ." part uses the Dockerfile above to run, so place the Dockerfile in the same folder as this docker-compose.yml file.


Creating the setup.sh file:

#!/bin/bash
echo "--- 1: Get GID of Docker Socket ---"
export DOCKER_GID=$(stat -c '%g' /var/run/docker.sock)
echo "Found GID: $DOCKER_GID"

echo "--- 2: Clean old build (if exists) ---"
docker-compose down

echo "--- 3: Build and run Jenkins ---"
docker-compose up -d --build

echo "--- Complete! Waiting Jenkins... ---"
echo "Access: http://localhost:8080"

This is a script that automates the entire startup process: it automatically gets the Docker Group ID to avoid permission errors, cleans up old containers, and then builds and runs Jenkins.


Next, use this command to run Jenkins:

chmod +x setup.sh && ./setup.sh


Now you can access Jenkins with the account information from the jenkins.yaml file created earlier.



It's not over yet; you need to create a Jenkinsfile in the source code project (here, the NestJS project) with the following content:

pipeline {
agent any
environment {
AWS_CRED_ID = 'aws-credentials-id'
IMAGE_TAG = "${env.BUILD_NUMBER}"
IMAGE_NAME = "${ECR_REPO_NAME}:${IMAGE_TAG}"
ECR_REPO_IMAGE = "${ECR_REGISTRY}/${ECR_REPO_NAME}"
IMAGE_FULL_PATH = "${ECR_REGISTRY}/${IMAGE_NAME}"

DOCKER_BUILDKIT = '1'
}

stages {
stage('Hello') {
steps {
echo 'Use Jenkinsfile from Gitlab to check tools version'
sh 'aws --version'
sh 'kubectl version --client'
sh 'docker version'
}
}

stage('Checkout') {
steps {
checkout scm
}
}

stage('Build & Push Image') {
steps {
script {
sh "aws ecr get-login-password --region ${AWS_REGION} | docker login --username AWS --password-stdin ${ECR_REPO_IMAGE}"

def appImage = docker.build("${ECR_REPO_IMAGE}")
appImage.push("${IMAGE_TAG}")
appImage.push('latest')
}
}
}

stage('Deploy to EKS') {
steps {
withAWS(credentials: "${AWS_CRED_ID}", region: "${AWS_REGION}") {
script {
sh "aws eks update-kubeconfig --region ${AWS_REGION} --name ${EKS_CLUSTER_NAME}"
sh "kubectl set image ${DEPLOYMENT} ${CONTAINER_NAME}=${IMAGE_FULL_PATH}"
sh "kubectl rollout status ${DEPLOYMENT}"
}
}
}
}
}

post {
always {
sh "docker image prune -f"
}
}
}

This Jenkinsfile defines the steps in the CI/CD pipeline: starting by checking tool versions, pulling the latest code, building the Docker image for the NestJS application, then pushing this image to AWS ECR, and finally updating the new image for the EKS Cluster to complete the deployment process.


Then push this NestJS project to Gitlab and return to Jenkins, because I already created a job during configuration in the jenkins.yaml file, you can immediately press build without creating a job manually.



The Jenkins build process will execute according to each step we defined in the Jenkinsfile.




You can also review the very detailed build history as follows:


The Docker image of the new source code has been successfully built and pushed to AWS ECR.


Check the results using Postman.


Happy coding!

See more articles here.

Comments

Post a Comment

Popular posts from this blog

All Practice Series

Image
Introduction This is a comprehensive page about the technologies I have shared in series format. You can view brief introductions and links to directly access each series you are interested in. In the field of software development, to deploy a product from the initial idea to its release, the standard process typically involves several stages as follows: Database : Designing and implementing the database according to business requirements, storing data during the system's operation. Backend : Handling the main logic of the system, communicating with the database and services. Frontend : Building the interface for users to interact with the system, which could be a desktop, mobile, or web application. This usually includes implementing UI/UX and integrating APIs from the backend. DevOps : Deploying the system for use, which can be done on a server or in the cloud. Testing : Applying testing methods to ensure the product meets the standards for release. Of course, these are just stan...
Read more

Deploying a NodeJS Server on Google Kubernetes Engine

Image
Introduction to GKE Google Kubernetes Engine (GKE) is a managed Kubernetes service provided by Google Cloud Platform , facilitating simple and efficient deployment of Docker images. We only need to provide some configuration for the number of nodes, machine types, and replicas to use. Some Concepts Cluster A Cluster is a collection of Nodes where Kubernetes can deploy applications. A cluster includes at least one Master Node and multiple Worker Nodes . The Master Node is used to manage the Worker Nodes . Node A Node is a server in the Kubernetes Cluster. Nodes can be physical servers or virtual machines. Each Node runs  Kubernetes , which is responsible for communication between the Master Node and Worker Node , as well as managing Pods and containers running on it. Pod A Pod is the smallest deployable unit in Kubernetes . Each Pod contains one or more containers, typically Docker containers. Containers in the same Pod share a network namespace, meaning they have the ...
Read more

Kubernetes Deployment for Zero Downtime

Image
Introduction In Kubernetes (K8s) , a Pod is the smallest resource unit used to run one or more containers during deployment. There are several ways to create a Pod : you can create it directly, use a ReplicationController , or a ReplicaSet . However, the most commonly used resource for managing Pods is the Deployment . When you use a Deployment , it actually creates a ReplicaSet to manage the Pods but comes with many additional benefits that support the deployment process. Some Advantages of Deployment : Ensures Pod Availability : It guarantees that the specified number of Pods are always running according to the configuration, automatically deploying additional Pods if any failures occur. Supports Restart and Undo Deployment : Allows you to easily restart or roll back to previous versions of your Deployment . Zero Downtime Deployment : When updating configurations or scaling Deployments , zero downtime is crucial. This means that new Pods are created while the old Pods are stil...
Read more

Setting up Kubernetes Dashboard with Kind

Image
Introduction In a previous article, I guided you through using Helm to deploy on Google Kubernetes Engine . However, if you want to cut down costs by using Kubernetes in your local environment instead of relying on a cloud provider during development, then Kind is your go-to. There are several tools to help set up Kubernetes locally, such as MiniKube , Kind , K3S , KubeAdm , and more. Each tool has its own pros and cons. In this article, I'll walk you through using Kind to quickly set up a Kubernetes cluster on Docker . Kind stands out for its compactness, making Kubernetes start up quickly, being user-friendly, and supporting the latest Kubernetes versions. Working with Kind Firstly, follow the instructions here to install Kind according to your operating system. If you're using Ubuntu , execute the command: [ $( uname -m ) = x86_64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.23.0/kind-linux-amd64 chmod +x ./kind sudo mv ./kind /usr/local/bin/ki...
Read more

Using Kafka with Docker and NodeJS

Image
Introduction to Kafka Kafka is an open-source , distributed messaging system that functions on a publish/subscribe model. It is widely used by numerous large companies for high-performance , real-time data streaming. Developed by LinkedIn since 2011, Kafka has grown into the most popular distributed streaming platform. It can handle vast amounts of records with high efficiency. Advantages of Kafka Open-source : Freely available and continuously improved by a large community. High-throughput, high-frequency : Capable of processing large volumes of data across topics continuously. Automatic message storage : Allows for easy message retrieval and verification. Large user community : Offers extensive support and shared resources. Basic Concepts If you're new to Kafka and Message Queues, here are some key concepts to understand: Producer : Creates and sends data to the Kafka server, where data is sent as messages in byte array format. Consumer : One or more consumers subscribe to...
Read more

Monitoring with cAdvisor, Prometheus and Grafana on Docker

Image
Introduction Monitoring a system is crucial after deploying a product to a production environment. Keeping an eye on system metrics like logs , CPU , RAM , disks , etc, helps identify the system's status, performance issues, and provides timely solutions to ensure stable operations. While cloud providers like Google , Amazon , or Azure offer built-in monitoring systems, if your company needs to manage multiple applications/systems/containers and desires a centralized monitoring system for easier management, using cAdvisor , Prometheus , and Grafana is a sensible choice. These three popular open-source tools are widely used by DevOps teams, especially for monitoring container applications. cAdvisor Developed by Google , cAdvisor is an open-source project used to analyze resource usage, performance, and other metrics from container applications, providing an overview of all running containers. Find more details here Prometheus Prometheus is a toolkit for system monitoring and a...
Read more

Practicing with Google Cloud Platform - Google Kubernetes Engine to deploy nginx

Image
Introduction This article provides simple step-by-step instructions for those who are new to Google Cloud Platform (GCP) and Google Kubernetes Engine (GKE) . I'll guide you through using  GKE  to create clusters and deploy nginx . The instructions below will primarily use gcloud  and kubectl  to initialize the cluster, which is more convenient than manual management on the Google Cloud interface. Prerequisites First, you need to prepare the following: Have a GCP account with permission to use Cloud services. If you're new, you'll get a $300 free trial to use for 90 days . Create a new GCP project. Enable Compute Engine and Kubernetes Engine services. Install Google Cloud SDK and kubectl For this installation step, refer to the GCP documentation for instructions tailored to your operating system. Once installed, execute the following commands to check if gcloud  and kubectl  are installed: gcloud version kubectl version If you see the version resul...
Read more

Kubernetes Practice Series

Image
Introduction Kubernetes (often abbreviated as K8s ) is an open-source system designed to automate the deployment, scaling, and management of containerized applications. This page serves as a collection of articles related to Kubernetes (K8s) , including theoretical concepts and practical guides on using Kubernetes to set up essential tools for the software development process. I will continue to update this series with new articles as ideas come to mind, to ensure the series becomes more comprehensive. The articles are arranged in increasing order of difficulty to make it easier for you to follow. If you have time, it's recommended that you start from the beginning of the series to acquire the necessary knowledge and information that will prepare you for the subsequent articles. Key Topics Covered in This Series Basic Knowledge : Fundamental concepts, common commands, etc. Resources : Pod, Deployment, Service, StatefulSet, Ingress, etc. Pod Autoscaler : Horizontal and Vertical sc...
Read more

NodeJS Practice Series

Image
Introduction NodeJS is an open-source and cross-platform JavaScript runtime environment . Here are some key points about NodeJS : V8 Engine : NodeJS runs on the V8 JavaScript engine , which is also the core of Google Chrome . This allows NodeJS to be highly performant. Asynchronous and Non-Blocking : NodeJS  uses an event-driven, non-blocking I/O model. It’s lightweight and efficient, making it ideal for data-intensive real-time applications. Single-Threaded : NodeJS  runs in a single process, handling multiple requests without creating new threads. It eliminates waiting and continues with the next request. Common Language : Frontend developers who write JavaScript for browsers can use the same language for server-side code in NodeJS . You can even use the latest ECMAScript standards without waiting for browser updates. This page is designed to compile articles related to NodeJS , including how to integrate it with various libraries and relevant tech stacks. I will cont...
Read more

Sitemap

Image
A page aggregator designed for easy reference and search, compiling all blog posts for convenient access. Loading all posts...
Read more