Here is a deployment script that can be run from Jenkins.
It establishes VPN connections, creates SSH tunnels and copies the WAR file to remote server. At the end the WAR is verified and a deployment script is executed.
The 192.168.0.2 is the server that gives access to other machines. The target tomcat server is 192.168.0.3, but it can be accessed only from 192.168.0.2.
The deploy.sh is responsible to stop tomcat server, delete the old artifact and start the tomcat server.
#!/bin/bash
now="$(date +'%Y%m%d%H%M')"
yes | cp /opt/hudson/jobs/WAR/lastSuccessful/archive/target/app.war ./app.war
cksumline=`cksum ./app.war`
fileChkSum=$(echo "$cksumline" | awk '{print $1}')
fileSize=$(echo "$cksumline" | awk '{print $2}')
#echo "Local Checksum:$fileChkSum"
#echo "Local FileSize:$fileSize"
sudo pon vpn-conn1
echo VPN connected
sleep 10
echo Creating tunnel
sshpass -p $pass ssh -f -o ExitOnForwardFailure=yes -o StrictHostKeyChecking=no user@192.168.0.2 -L 1234:192.168.0.3:22 'sleep 30' &
sleep 10
echo Tunnel created
echo Copyng WAR file...
sshpass -p $pass scp -oStrictHostKeyChecking=no -P 1234 ./app.war user@localhost:webapps/app.war.$now
echo WAR file copied.
cksumline2=`sshpass -p $pass ssh -oStrictHostKeyChecking=no -p 1234 user@localhost cksum webapps/app.war.$now`
echo "Checksum execution on remote machine: $cksumline2"
fileChkSum2=$(echo "$cksumline2" | awk '{print $1}')
fileSize2=$(echo "$cksumline2" | awk '{print $2}')
if [[ "$fileChkSum" != "$fileChkSum2" ]]; then
echo "Checksum differs! local: $fileChkSum, remote: $fileChkSum2"
sudo poff vpn-conn1
echo VPN disconnected
exit -1
fi
if [[ "$fileSize" != "$fileSize2" ]]; then
echo "Size differs! local: $fileSize, remote: $fileSize2"
sudo poff vpn-conn1
echo VPN disconnected
exit -1
fi
sshpass -p $pass ssh -oStrictHostKeyChecking=no -p 1234 user@localhost cp webapps/app.war.$now webapps/app.war
sshpass -p $pass ssh -oStrictHostKeyChecking=no -p 1234 user@localhost ./deploy.sh
sudo poff vpn-conn1
echo VPN disconnected
