Automated Updating of Environment Variable using Jenkins

One of the big problems of a operations person is to update environment variable every time there is a new change in the environment. Also using the same value of one variable in others copying it multiple times become a monotonous job.

Whenever a new environment variable comes under the change for the application the person who manages that have to change it in each and every environment. This work also becomes tedious when there are multiple environments. We can resolve this by Git and the help of Jenkins.

If you using Jenkins to build the application then you can easily use it to upgrade the environment variables without exposing to any developers in the logs and maintaining the environment.

Now their two types of setup for an application for both in production and staging environment. Either it will be using single Jenkins server for all environment or will use a separate Jenkins server per environment. Both can be managed the process, but for now being we will use that a single Jenkins server is used to manage a single environment.

Now their two types of setup for an application for both in production and staging environment. Either it will be using single Jenkins server for all environment or will use a separate Jenkins server per environment. Both can be managed the process, but for now being we will use that a single Jenkins server is used to manage a single environment.

Let's take I have two applications which are using same database server, same user but having different databases, and database developer can only know which application uses which database. and my Environment variables are

Application1

App1_Database_Host, App1_Database_User, App1_Database_pass, App1_Database_Port, App1_Database_Name

Application 2

App2_Database_Host, App2_Database_User, App2_Database_pass, App2_Database_Port, App2_Database_Name

Some of the basic things we require are:

• GITHUB (or any VCS)
• Jenkins Server (you can use any Ci-CD tool here we are using Jenkins because of opensource and huge plugins selections.)
• Server (for running an application, also we assume that your application required environment, obviously that's why we are going for this blog)

You also have Jenkins admin access to configure the job and env values on Jenkins.

Step 1: Get the environment variable values.

First, you have to get the commonly also the secretly used environment variables value used in your application which is never going to change, or if they are going to be changed then it is only known as the secret. Basically, we have to know all the address and credential type of values that are used in the application so that they are not dependent upon the developer and which are not require to change. For example, let's take our application to require database credentials. Now there are other ways to hide it, but using this method over top of those can provide an extra layer of security. Here are my database credentials.

Database User: testuser

Password: testpassword

Database Host: 10.0.0.1

Port: 3306

Database Name1: app1

Database Name2: app2

Step2: Create your own environment variables in Jenkins.

Now, this step we are creating variables for variables. That is we are going to create variables in Jenkins which are going to be in place of values which application required. First login your Jenkins server and go to "Manage Jenkins" then inside "Configure System", inside it under the section of "Global Properties" check mark the "Environment Variables" and click on "ADD" button in front of "list of variables" and start adding one by one name and values in it.

Database_User, Database_Pass, Database_Host,Database_port

As explained earlier that my developer know the database name thus we do not have to define it here.

Step 3: Create an env file in GIT.

So as your application using Git to build on Jenkins we have to create an environment file so that it can be loaded to Jenkins and have the environment variables you needed for your application. You can define the env file either inside a directory or can mention it on root directory as you like. I am creating app1.env for Application 1 and app2.env for Application 2. you can use a name that you like.

The content of these files are as follow:

app1.env

App1_Database_Host=$(Database_Host)

App1_Database_Port=$(Database_Port)

App1_Database_User=$(Database_User)

App1_Database_Pass=$(Database_Pass)

App1_Database_Name=app1

app2.env

App2_Database_Host=$(Database_Host)

App2_Database_Port=$(Database_Port)

App2_Database_User=$(Database_User)

App2_Database_Pass=$(Database_Pass)

App2_Database_Name=app2

Step 4: Configure Jenkins Job for Automating ENV Update

Your already created Jenkins job for both Application1 and Application2 just need two additional build steps, first one is "Execute Shell" and the second one is "Publish over SSH",  Since most of the projects are deploying the build over ssh and run command on the server by using ssh so we also use it.

First in execute shell section we have to run the following script assuming your env file is located in a root directory.

mkdir env_dir

cat app1.env | while read line; do
   eval echo $line >> env_dir/app1.env
done

This shell script will fetch the value from the Jenkins and write it to the new file.

Now send this newly generated env file using ssh on the server using publish over ssh or any way.

This method is also very useful when you require env to build the app, by using "inject env" plugin you can inject the env from the GitHub directly for your build without exposing the variables.