SH
SHELL
AI Powered Learning Portal
The Industrial Line: Linux in CI/CD
·TechSoftware Development

The Industrial Line: Linux in CI/CD

Master the heart of modern development. Learn how Linux powers CI/CD pipelines. Understand 'Runners', 'Agents', and 'Build Servers'. Learn to write a deploy script that updates a production server securely from a GitHub or GitLab action.

linuxdevopscloudcicdgithub-actionsgitlabbashautomation

Linux in CI/CD: The Industrial Pipeline

In a modern company, a developer writes code on their laptop and "Pushes" it to GitHub or GitLab. Within minutes, the code is tested, a Docker image is built, and the website is updated.

Linux is the engine of this entire process.

Every CI/CD "Runner" (the machine that does the work) is usually a Linux container or a VM. In this lesson, we will learn how to bridge the gap between your code repository and your production Linux server. We will learn to write Secure Deployment Scripts.

1. The Runner: Your Remote Admin

A Runner is a Linux process that "Subscribes" to a job queue. When you push code, the Runner:

  1. Clones your code.
  2. Prepares the environment (Installs Python, Node, or Go).
  3. Executes your tests.
  4. Deploys the result.

2. Secure Deployment: The 'SSH' Strategy

The most common way to update a server from a pipeline is via SSH.

# Example snippet for a GitHub Action
- name: Deploy to Production
  run: |
    ssh -i deploy_key user@production-ip "cd /var/www/app && git pull && systemctl restart app"

3. The Security Problem: Managing the "Deploy Key"

You must never store your server's password in your code. You must use CI/CD Secrets.

  • You generate an SSH Key pair.
  • You put the Private Key in the GitHub/GitLab "Secrets" settings.
  • You put the Public Key in your server's authorized_keys.

4. Practical: The "Rollback" Logic

What if your deployment script fails halfway through? Your website might be broken! A professional CI/CD script always prepares a Rollback.

#!/bin/bash
# A simple deployment script with a safety net
APP_DIR="/var/www/my_app"
BACKUP_DIR="/var/www/my_app_backup"

# 1. Create a backup
cp -R $APP_DIR $BACKUP_DIR

# 2. Attempt update
if git pull; then
    echo "Deployment successful."
    rm -rf $BACKUP_DIR
else
    echo "Deployment failed! Rolling back..."
    mv $BACKUP_DIR $APP_DIR
    exit 1
fi

5. Identifying "Build Artifacts"

Often, you don't want to sync your whole source code (including your hidden .git folder) to the server. You only want the final "Build" (the compiled binary or the minified Javascript). These are called Artifacts.

6. Example: A Pipeline Health Checker (Python)

If you have 50 deployments a day, you need to know which ones are taking too long. Here is a Python script that parses a deployment log and alerts you if the average duration is increasing.

import time

def parse_deploy_logs(log_file="deploy.log"):
    """
    Parses deployment timestamps to find performance trends.
    """
    print("--- Pipeline Performance Audit ---")
    
    deployments = []
    with open(log_file, "r") as f:
        for line in f:
            if "DEPLOY_START" in line:
                start = int(line.split(":")[1])
            if "DEPLOY_END" in line:
                end = int(line.split(":")[1])
                deployments.append(end - start)
                
    if not deployments:
        print("No logs found.")
        return

    avg_time = sum(deployments) / len(deployments)
    print(f"Average Deploy Time: {avg_time:.2f} seconds.")
    
    if avg_time > 300: # 5 minutes
        print("[WA] Warning: Deployment pipeline is becoming slow!")

if __name__ == "__main__":
    # parse_deploy_logs()
    pass

7. Professional Tip: Use 'Docker-in-Docker' (DinD)

In many CI/CD environments, your runner is already a container. To build a new container inside that container, you need DinD. This is powerful but requires security considerations (Privileged mode).

8. Summary

CI/CD is the automation of the software lifecycle.

  • Runners are the "Disposable" workers of devops.
  • SSH Keys and Secrets are the foundation of secure deployment.
  • Rollback logic is mandatory for production safety.
  • Artifacts are the final product of the pipeline.
  • Linux provides the shells, the networking, and the security for it all.

In the next lesson, we move from manual updates to "Base Images": The Art of Golden Images with Packer.

Quiz Questions

  1. Why is it dangerous to store API keys directly in a .gitlab-ci.yml file?
  2. What is a "Runner" in the context of GitHub Actions or GitLab CI?
  3. How can you ensure a deployment script fails safely if one of its commands fails? (Hint: set -e).

Continue to Lesson 5: Golden Images—Mastering Packer and Image Creation.

Previous LessonThe First Breath: Mastering Cloud-Init
Next LessonThe Golden Standard: Mastering Packer

Subscribe to our newsletter

Get the latest posts delivered right to your inbox.

Subscribe on LinkedIn