CI/CD DASHBOARD

ABOUT THIS PROJECT

A fully automated CI/CD platform on bare metal Kubernetes. Cloud credits ran out, but the constraints forced deeper learning - when you can't throw money at managed services, you actually understand what's running.

INFRASTRUCTURE

• Jenkins on K8s with ephemeral BuildKit agents (spin up per build, auto-terminate)
• Jenkins fully governed by Helm + JCasC - plugins, jobs, cloud config, everything is version controlled. Lose the pod? Helm redeploys identical state.
• ArgoCD for GitOps - git push triggers automatic deployment
• All credentials managed via Kubernetes Secrets
• Self-healing through K8s with proper namespace isolation

THE HARD PROBLEMS SOLVED

• Jenkins K8s plugin strictness - pod templates silently fail with wrong YAML structure, inheritFrom falls back to empty templates without warning
• Duplicate Kubernetes clouds - Helm injected a default cloud that conflicted with JCasC config, causing non-deterministic agent failures
• WebSocket vs TCP agent mismatch - agents failing to connect until protocol was aligned
• BuildKit running privileged (rootless deferred) - made deliberate tradeoff to prioritize delivery over security hardening in phase 1
• Webhook loop prevention - Jenkins commits triggering infinite builds, solved with fast abort on controller before spinning up K8s pods

PIPELINE FLOW

Commits to GitHub trigger Jenkins. Jenkins builds and pushes a Docker image, then updates the K8s manifest. ArgoCD detects the change and syncs the deployment.

SYSTEM SIGNALS

• JENKINS - CI server health
• ARGOCD - GitOps controller health
• SYNC - ArgoCD sync state (deployed matches git)

TRIGGER BUILD

Clicking "Trigger New Build" bumps the VERSION file in GitHub, which triggers the Jenkins webhook and starts a new pipeline run.