Automating SSH Script Execution with GitLab CI/CD for Beginners

Imagine you want to monitor web projects’ status by running an SSH script automatically by schedule in a Continuous Integration/Continuous Deployment (CI/CD) environment.

You can follow these steps:

Create a Monitoring Script:

• Write a script (e.g., Bash or Python) that uses tools like curl or wget to make HTTP requests to your web projects and check for the expected response (e.g., a specific HTTP status code).

Configure CI/CD Pipeline:

• Integrate this monitoring script into your CI/CD pipeline. This might involve adding a new step or job that runs the script after deployment.

Use SSH Keys for Authentication:

• Ensure your CI/CD environment has SSH keys set up to allow secure access to the server where your web projects are hosted.
• Nah, actually you can run SSH script just inside the Docker image of a runner by creating custom runner or shared runner with the appropriate tag.

Execute the Script via SSH:

• Within your CI/CD pipeline, use an SSH command to connect to the server where the web projects are hosted and run the monitoring script.

Handle Script Output:

• Capture the output of the script to determine if the web projects are up and running. You can use exit codes or specific messages from the script to signal success or failure.

Implement Notifications (Optional):

• If a project is found to be down, you can implement a notification system (e.g., email, Slack or Telegram) to alert relevant team members with the GitLab integration.

Consider Automation:

• Depending on your CI/CD platform, you might be able to set up scheduled jobs to run the monitoring script at regular intervals by using GitLab shcedules.

You use different CI/CD platform remember to adapt the steps to it and the tools available in your environment.

For more practical approach we will give you an example of using a simple Bash script and a hypothetical CI/CD tool like GitLab. Please note that you’ll need to adjust this example based on your specific environment and web projects.

Running SSH script in a specific server

In GitLab, you can achieve this using GitLab CI/CD pipelines with a .gitlab-ci.yml configuration file. Here's an example of how you can set up a job to monitor web projects using an SSH script:

1. Create the Monitoring Script:

Create a Bash script (e.g., monitor.sh) similar to the one provided in the previous response.

#!/bin/bash

# Define the URLs of the web projects you want to monitor
urls=(
    "http://example.com/project1"
    "http://example.com/project2"
)

# Responce failed results flag
responce_is_failed=false

# Iterate through the URLs and check their status
for url in "${urls[@]}"; do
    response=$(curl -s -o /dev/null -w "%{http_code}" "$url")

    if [ "$response" -eq 200 ]; then
        echo "Project at $url is up and running (HTTP $response)"
    else
        echo "Project at $url is down or experiencing an issue (HTTP $response)"
        
        # Set responce failed results flag to true statement
        responce_is_failed=true
        
        # Add code here to handle the situation (e.g., send a notification)
    fi
done
# if responce responce failed results flag is true exit script with 1
# In SSH every succesful script with 0 so we can tell pipeline if job is failed
if [ "$responce_is_failed" = true ]; then
    echo "There is a failed responce in the projects. Script will be exited with status 1. response_is_failed flag is $responce_is_failed"
    exit 1
fi

Create or edit your .gitlab-ci.yml file in the root directory of your GitLab repository. Add the following configuration:

stages:
  - monitor

monitoring:
  stage: monitor
  script:
    - 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
    - eval $(ssh-agent -s)
    - ssh-add <(echo "$SSH_PRIVATE_KEY")
    - ssh username@your_server 'bash -s' < path/to/monitor.sh
  only:
    - schedules

• Replace username, your_server, and path/to/monitor.sh with your specific information.
• Make sure to add your private SSH key as a secret variable in your GitLab project. You can name it SSH_PRIVATE_KEY.
• The job is set to run only when triggered by a schedule.

3. Add a Schedule in GitLab:

• In your GitLab project, go to Settings > CI/CD > Schedules.
• Create a new schedule and set it to run your monitoring job at the desired interval.
• For schedule setup you need to use crontab. You can look at crontab.guru for helping getting the appropriate schedule value with the crontab.

This configuration sets up a GitLab CI/CD pipeline that will run the monitoring script on the specified schedule using an SSH key for authentication on the remote server.

Remember to adjust the script and configuration to match your specific server setup and web project URLs.

Running SSH script in a runner

If you’re using GitLab CI/CD and want to run an SSH script directly in the runner environment without specifying a specific server, you can do so by leveraging the runner’s environment itself.

Here’s an example .gitlab-ci.yml file to demonstrate this:

stages:
  - monitor

monitoring:
  stage: monitor
  script:
    - echo "Running monitor.sh"
    - chmod +x monitor.sh
    - ./monitor.shstages: - monitor monitoring: stage: monitor script: - echo"Running monitor.sh" - chmod +x monitor.sh - ./monitor.sh

In this example:

1. The script section defines the commands that will be executed when this job runs in the GitLab CI/CD pipeline.
2. echo "Running monitor.sh" is a placeholder command that you can replace with any setup or informational commands you might need.
3. chmod +x monitor.sh makes sure that the script is executable.
4. ./monitor.sh executes the monitor.sh script.

Important Note: If you want to include an SSH operation within your script, you can do so directly in monitor.sh. For example, if your script connects to an external server via SSH, you can include the relevant ssh commands within monitor.sh.

With this configuration, when the GitLab CI/CD pipeline runs on a runner, it will execute the monitor.sh script without the need for specific server information. This assumes that any necessary dependencies or configurations are available on the runner environment.

Please ensure that the runner environment has the necessary permissions and access to execute the script and any other operations you include in monitor.sh.

Setting up integration

And finally the most intriguing and satisfying step of every automation process is receiving, or better not receiving lol, the failed results of the Urls Monitoring Script — Integration. You can set it up at the Settings -> Integration of your GitLab project.

In the tutorial we will look at the notification integrations with Slack and Telegram. Hail to the bots!

Setting up Integration with Slack

1. Create a Slack App:

• Go to https://api.slack.com/apps and log in to your Slack workspace.
• Click on “Create New App.”
• Fill out the required information and choose your Slack workspace.

2. Configure Incoming Webhooks:

• In the Slack App settings, navigate to Incoming Webhooks under “Features.”
• Activate Webhooks, and then click on “Add New Webhook to Workspace.”
• Choose a channel where you want notifications to be sent, and click “Allow.”
• Copy the Webhook URL.

3. Add Webhook URL to GitLab:

• In your GitLab project, go to Settings > Integrations.
• Paste the Slack Webhook URL in the “URL” field.
• Optionally, customize the trigger settings and add a custom name for the webhook.
• Click “Add Webhook” to save.

4. Test the Integration:

• Trigger an event in your GitLab project (e.g., a new push).
• You should receive a notification in the Slack channel you specified.

Actually, you can just receive the Webhook from your corporate administration access or just use GitLab for Slack App which is more advisable and updated version of Slack integration and will substitute Webhook integration in future versions of GitLab.

Setting up Integration with Telegram

1. Create a Telegram Bot:

• Open the Telegram app and search for the “BotFather” to create a new bot.
• Use the /newbot command to create a new bot. Follow the instructions provided by the BotFather to set up your bot.
• Note down the Bot Token.

2. Get Your Chat ID:

• Send a message to your bot in Telegram.
• Visit https://api.telegram.org/bot<YourBotToken>/getUpdates in a web browser, replacing <YourBotToken> with your actual Bot Token.
• Look for the “chat” section to find your Chat ID.

3. Add Telegram Integration in GitLab:

In your GitLab project, go to Settings > Integrations. Fill in the following information:

• URL: https://api.telegram.org/bot<YourBotToken>/sendMessage
• Method: POST
• Content type: application/json
• Secret token: Your Bot Token
• Secret token: Your Chat ID

Optionally, customize the trigger settings and add a custom name for the integration.

• Click “Add webhook” to save.

4. Test the Integration:

• Trigger an event in your GitLab project or just simply press “Test settings” button.
• You should receive a notification in your Telegram chat. Wow! Everything work like a charm.

Remember to replace <YourBotToken> with your actual Bot Token and <YourChatID> with your actual Chat ID.

This completes the setup of integrations with Slack and Telegram in GitLab. You should now receive notifications in both platforms based on your configured triggers. It is advised to turn on “Notify only broken pipelines” option. If selected, successful pipelines do not trigger a notification event and you will get rid of unnecessary destructions.

Conclusions

In this guide, we’ve outlined the steps to automate simple SSH script execution by using GitLab CI/CD for a project example understandable even for beginners and concentrated just on the CI/CD integration basics. We first covered setting up a monitoring script, then demonstrated how to configure GitLab CI/CD pipelines and finally setup running schedules for automation.

For those using Slack, we explained how to create a Slack App, set up incoming webhooks, and integrate it with GitLab for real-time notifications. Additionally, we detailed the process of creating a Telegram bot, obtaining the necessary credentials, and integrating it with GitLab for instant updates.

By following these steps, you can ensure seamless automation and timely notifications for your web projects, enhancing its efficiency, reliability and responsiveness.

P. S. Finally, we can have a calm QA sleep by knowing our web projects on the production are always up and running! 🚀