This article can be used as a quick reference for setting up code release pipeline for .net based projects. Gitlab pipelines is used here , but the solution can be generalised for other CI/CD automation tools available in market
Set Up a Gitlab Runner Machine
Gitlab runner is a build agent where all the build operations happen . If you are using gitlab.com for your git repositories , then configuring a runner in your VPC is a valid candidate for security sustenance
- Launch a windows server ( 2016 base server AWS AMI )
- 2. Verify .NET installation ( 4.6 is installed by default in this AMI )
- 3. Download and Install nuget in C:\buildtools. Add it to system path
4. Configure the gitlab runner ( follow https://docs.gitlab.com/runner/install/windows.html )
5. Download binary to C:\gitlab
6. Go to Group settings and fetch runner registration token to be used in next steps
NOTE: It is a good practice to register a common group runner for all the projects in a group .
7. Register the runner with gitlab.com
PS C:\gitlab> .\gitlab-runner-windows-amd4.exe register
Runtime platform arch=amd4 os=windows pid=2076 revision=1b659122 version=12.8.0
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
Please enter the gitlab-ci token for this runner:
Please enter the gitlab-ci description for this runner:
Please enter the gitlab-ci tags for this runner (comma separated):
Registering runner… succeeded runner=D5fhWHEa
Please enter the executor: docker, docker-windows, docker-ssh, parallels, shell, ssh, virtualbox, docker+machine, docker-ssh+machine, kubernetes, custom:
Runner registered successfully. Feel free to start it, but if it’s running already the config should be automatically reloaded!
Setup the gitlab runner as a service
PS C:\gitlab> .\gitlab-runner-windows-amd4.exe install
PS C:\gitlab> .\gitlab-runner-windows-amd4.exe start
PS C:\gitlab> .\gitlab-runner-windows-amd4.exe status
Verify Runner status on gitlab.com ( Group > Settings > CICD > Runners )
8. Install Git on this server from here.
9. Download build tools from https://visualstudio.microsoft.com/downloads/?q=build+tools
NOTE: Installing build tools requires reboot
NOTE: Make sure to restart gitlab runner service after all the utilities are added to system path. Else changes will not be picked up by the service
Configure Application Servers
Application servers also need to be configured to support remote deployment via msdeploy command . This link can be referenced as an in-depth guide .
- Use Microsoft Web platform installer to download and install Deploy tools 2.1: https://www.microsoft.com/web/downloads/platform.aspx
- 2. Windows Server 2008 supports Web Deploy Publishing using Remote Agent. This requires user credentials with Administrative privileges .Follow this link for setup.
- 3. Windows Server 2016 supports Web Deploy Publishing using Web Deploy Handler. This is more secure approach as compared to Remote agent .Follow this link for setup.
Configure gitlab pipelines
GItlab pipelines is now ready to use registered runner for build and deployment actions.
Gitlab CICD environment variables should be used to securely inject sensitive information in pipeline.
This is a sample yaml file which can be placed in project root directory
|– nuget restore|
|– msbuild “.\dotnet-project\dotnet-project.csproj” “-p:Configuration=Release;Outdir=.\Build;DeployOnBuild=true;DeployTarget=Package”|
|– .\dotnet-project\Build\_PublishedWebsites\dotnet-project_Package\dotnet-project.deploy.cmd /Y /M:http://172.31.1.224/MSDeployAgentService /U:$env:CI_USER_NAME /P:$env:CI_USER_PASSWORD -allowUntrusted “-setParam:name=’IIS Web Application Name’,value=’sample web site'”|
|– curl http://172.31.1.224|
/Y can be replaced while manually testing deploy command. It runs the deploy command with -whatif flag which executed the deploy command in dry run mode/M represents the machine address where site has to be deployed .
http://172.31.1.224/MSDeployAgentService : Address when when remote agent is used
http://172.31.1.224:8172/msdeploy.axd : Address when Web deploy handler is used
NOTE: notice the username and password injection in deploy script . both are CICD environment variables added in project settings and password is masked to avoid exposing value in build logs