Introduction
In modern enterprise environments, deploying applications manually to multiple environments like DEV, QA, UAT, and PROD is risky, error-prone, and inefficient.
Organizations need:
Automated deployments
Environment-specific targeting
Approval gates for production
Backup and rollback capability
Secure file transfer
High reliability and auditability
In this article, we will build a production-grade Jenkins pipeline that deploys a WAR file across multiple environments using:
Parameterized pipelines
SCP deployment
SSH secure authentication
Approval gates
Automatic backup
Rollback support
Tomcat restart
Deployment verification
This architecture is used in real enterprise environments.
Enterprise Deployment Architecture
Developer
↓
Git Repository
↓
Jenkins Pipeline
↓
Build WAR File
↓
Select Environment (DEV/QA/UAT/PROD)
↓
Approval Gate (PROD only)
↓
Backup Existing WAR
↓
Deploy WAR using SCP
↓
Restart Tomcat
↓
Health Check Verification
↓
Application Live
Prerequisites
Before implementing this pipeline, ensure:
1. Jenkins Installed
Required plugins:
Pipeline Plugin
SSH Agent Plugin
Credentials Plugin
2. Add SSH Credentials in Jenkins
Navigate:
Manage Jenkins → Credentials → Global → Add Credentials
Select:
Kind: SSH Username with private key
ID: tomcat-key
Username: ec2-user
Private key: Paste PEM file
3. Tomcat Installed on Target Servers
Example path:
/opt/tomcat/webapps/
⚙️ Complete Enterprise Jenkins Pipeline
pipeline {
agent any
tools {
maven 'Maven-3.9'
}
parameters {
choice(
name: 'ENV',
choices: ['DEV', 'QA', 'UAT', 'PROD'],
description: 'Select Deployment Environment'
)
booleanParam(
name: 'ROLLBACK',
defaultValue: false,
description: 'Rollback deployment'
)
}
environment {
DEV_SERVER = "10.0.0.10"
QA_SERVER = "10.0.0.20"
UAT_SERVER = "10.0.0.30"
PROD_SERVER = "10.0.0.40"
USER = "ec2-user"
DEPLOY_PATH = "/opt/tomcat/webapps/"
BACKUP_PATH = "/opt/tomcat/backup/"
WAR_FILE = "target/myapp.war"
}
stages {
Stage('checkout')
{
Steps{
git 'https://GitHub.com/sresrinivas/EBusibess.git'
}
}
stage('Build WAR') {
when {
expression { params.ROLLBACK == false }
}
steps {
sh 'mvn clean package'
}
}
stage('Select Server') {
steps {
script {
if (params.ENV == "DEV")
env.SERVER = env.DEV_SERVER
if (params.ENV == "QA")
env.SERVER = env.QA_SERVER
if (params.ENV == "UAT")
env.SERVER = env.UAT_SERVER
if (params.ENV == "PROD")
env.SERVER = env.PROD_SERVER
}
}
}
stage('Approval for PROD') {
when {
expression { params.ENV == 'PROD' }
}
steps {
input message: "Approve deployment to PROD?", ok: "Deploy"
}
}
stage('Backup WAR') {
steps {
sshagent(['tomcat-key']) {
sh """
ssh -o StrictHostKeyChecking=no ${USER}@${SERVER} '
mkdir -p ${BACKUP_PATH}
cp ${DEPLOY_PATH}/myapp.war ${BACKUP_PATH}/myapp-${BUILD_NUMBER}.war || true
'
"""
}
}
}
stage('Deploy WAR') {
when {
expression { params.ROLLBACK == false }
}
steps {
sshagent(['tomcat-key']) {
sh """
scp -o StrictHostKeyChecking=no \
${WAR_FILE} \
${USER}@${SERVER}:${DEPLOY_PATH}
"""
}
}
}
stage('Rollback WAR') {
when {
expression { params.ROLLBACK == true }
}
steps {
sshagent(['tomcat-key']) {
sh """
ssh -o StrictHostKeyChecking=no ${USER}@${SERVER} '
cp ${BACKUP_PATH}/myapp-${BUILD_NUMBER}.war ${DEPLOY_PATH}/myapp.war
'
"""
}
}
}
stage('Restart Tomcat') {
steps {
sshagent(['tomcat-key']) {
sh """
ssh -o StrictHostKeyChecking=no ${USER}@${SERVER} '
systemctl restart tomcat
'
"""
}
}
}
stage('Health Check') {
steps {
sh """
curl -I http://${SERVER}:8080/myapp || true
"""
}
}
}
}
** Rollback Mechanism**
If deployment fails, simply run pipeline with:
ROLLBACK = true
Pipeline will restore previous WAR file automatically.
Production Safety Mechanisms
Production deployment includes:
Manual approval
Backup before deployment
Secure SSH authentication
Health check verification
Key Enterprise Features
✔ Multi-Environment Deployment
This pipeline allows seamless deployment across DEV, QA, UAT, and PROD environments using a single Jenkins pipeline. Engineers can select the target environment dynamically during runtime.
✔ Secure Deployment using SCP and SSH
WAR files are transferred securely using SCP with SSH key authentication, ensuring encrypted communication between Jenkins and target servers.
✔ Production Approval Gate
Before deploying to the production environment, the pipeline enforces a manual approval step. This prevents accidental deployments and ensures controlled releases.
✔ Automatic Backup Before Deployment
The pipeline automatically creates a backup of the currently deployed WAR file. This ensures that a stable version is always available for recovery.
✔ Instant Rollback Capability
If a deployment fails or causes issues, the pipeline can instantly restore the previous version using the backup, minimizing downtime and risk.
✔ Fully Automated Deployment Workflow
From build to deployment to service restart and verification, the entire process is automated, reducing manual intervention and human error.
✔ Secure Credential Management
All SSH keys and credentials are securely stored and managed within Jenkins Credentials Manager, ensuring enterprise-grade security.
✔ Deployment Verification and Health Check
After deployment, the pipeline verifies application availability using automated health checks, ensuring successful deployment
Real Enterprise Benefits
✔ Eliminates Manual Deployment Risks
Manual deployments are prone to errors, inconsistencies, and delays. This automated pipeline ensures reliable and repeatable deployments.
✔ Improves Deployment Speed and Efficiency
What previously took 30–60 minutes manually can now be completed in minutes with automation.
✔ Ensures Production Safety and Stability
With approval gates, backups, and rollback mechanisms, production environments remain safe and stable.
✔ Enables Faster Release Cycles
Organizations can deploy features, fixes, and updates quickly and confidently, supporting agile and DevOps practices.
✔ Provides Full Traceability and Auditability
Every deployment is logged and traceable in Jenkins, helping teams track changes and maintain compliance.
✔ Reduces Downtime and Improves System Reliability
Automatic rollback and health checks reduce downtime and ensure high availability of applications.
✔ Enhances DevOps Automation Maturity
This pipeline reflects enterprise-level DevOps practices used in banking, fintech, healthcare, and large-scale cloud environments.
✔ Supports Scalable and Future-Ready Architecture
This approach can be extended easily to Kubernetes, cloud deployments, blue-green deployments, and GitOps workflows.
Future Improvements
You can enhance further with:
Blue-Green deployment
Canary deployment
Kubernetes deployment
Automated rollback on health check failure
Slack notifications
GitOps integration
Conclusion
This Jenkins pipeline provides a complete enterprise-grade deployment solution with:
Multi-environment deployment
Secure SCP transfer
Approval gates
Backup and rollback
Fully automated workflow
This is a real-world production deployment pattern used by enterprise DevOps teams globally.
Top comments (0)