Skip to main content

End To End CI CD Pipeline Project | CI CD Pipeline

----->>>> This is  Start of CI pipeline ------->>>>

pipeline {
    agent any

        tools {
            jdk 'jdk 11'
            maven 'maven3'
        }

        environment {
            SCANNER_HOME= tool 'sonar-scanner'
        }

    stages {
        stage ('Git checkout') {
            steps {
                git branch: 'main', changelog: false, poll: false, url: 'https://github.com/jaiswaladi246/Webshop-app.git'

            }
        }

        stage ('Git Compile') {
            steps {
                sh "mvn clean compile"

            }
        }

        stage ('Sonarqube Analysis'){
            steps {
                sh ''' $SCANNER_HOME/bin/sonar-scanner -Dsoner.url=http:\\13.126.10.25:9000 \
                -Dsoner-login=squ_3fhkdhfkdhkdshfklsdjhkdsfslkd07r753 \
                -Dsoner.projectname=shopping-cart \
                -Dsoner.java.binaries=. \
                -Dsoner.projectKey=shopping-cart '''

            }
        }

        stage ('OWASP SCAN') { // web App Scanner - https://www.zaproxy.org/
            steps {
                dependencyCheck additionalArguments: ' --scan ./', odcInstallation: 'DP'
                dependencyCheckPublisher pattern: '**/dependency-check-report.xml'
            }
        }

        stage ('Build Application') {
            steps {
                sh "mvn clean install -DskipTests=true"
            }
        }

        stage ('Build & Push Docker Image') {
            steps {
                script{
                    withDockerRegistry(credentialsid: 'bfjklgjf-545dfd-fdfsdfsd-5fsdf56',toolname: 'docker') {
                        sh "docker build -t shopping-cart -f docker/Dockerfile."
                        sh "docker tag shopping:latest ramshakarji/shopping:latest"
                        sh "docker push ramshanakrji/shopping:latest"
                    }
                }
            }
        }

        stage ('Trigger CD Pipeline') {
            steps {
                build job: "CD Pipeline", wait: true
            }
        }

    }
}


<<<<--- This is END of CI pipeline <<<< ----


---------------- Create New  Job and Trigger it --------------------


start of CD Pipeline --->

pipeline {

agent any

stages {
   stage ('Docker Deploy To Container')
     steps {
        script {
          withDockerRegistry(CredentialsId: 'bfureur-kdjf-fdfsdf-fdfsd-553ffd', toolname: 'docker')
               {
              sh "docker run -d --name shopping-cart -p 8070:8070 ramshaji/shopping:latest "
              }
           }
       }
    }
}

<----End of CD Pipeline

 3 Security Pipelines : 

For use DEVSECOPS which compare to normal devops procedure.

Security Analysis Tools

Sonar qube for Performing Code Quality check and Code coverage.
OWASP Dependency check for find-out for your source code has any known vulnerabilities.
Once docker image is created,   Trivy helps for scanning docker image itself.

stage ('Trivy Docker Scan') {

  steps {
     sh "trivy image ramshanakrji/shopping:latest "
        }
    
  }
 

Direct to source of Data


Comments

Post a Comment

Popular posts from this blog

Top 5 Providers with up to 100GB for free

Top Five Providers with Large Free Service Plans Finding a cloud storage provider is easy, but finding one with a lot of free storage space and all the features you require is much more difficult. Cloudwards.net has put together a guide on finding the  best cloud storage providers  with plenty of free space for that very reason, so you won’t have to traverse the cloud storage jungle alone. New cloud storage providers often offer generous free storage plans to get more users, but they soon get discontinued (even  Microsoft  did it). Not to mention that with new providers there is always a risk of the entire company shutting down.   pCloud Sync.com MEGA Degoo - Is the Best hubic          
Post a Comment
Read more

The 20 best Linux websites

The 20 best Linux websites I have compiled a list with the most useful websites about Linux (the distro specific sites are not included). They are great resources you can learn from or to find answer to your linux questions. These should be in any linux user bookmarks, so go ahead and look through these links and bookmark your favorite ones: 1) www.ibm.com/developerworks/linux Provides information on Linux, Linux resources, and Linux development. 2) www.howtogeek.com Includes help, tutorials, tips and how-to guides for Linux. 3) www.linuxquestions.org LinuxQuestions.org offers a free Linux forum where Linux newbies can ask questions and Linux experts can offer advice. Topics include security, installation, networking and much more. 4) www.tldp.org The Linux Documentation Project is working towards developing free, high quality documentation for the Linux operating system. The overall goal of the LDP is to collaborate in all of the issues of Linux documentation. ...
Post a Comment
Read more

Connecting to AWS - AWS Toolkit for VS Code

if this is your first time using the AWS Toolkit for Visual Studio Code,  Add Connection to AWS  User Interface (connection UI) automatically opens in VS Code. To access the connection UI at any time, open the command pallet by pressing  ( Ctrl+Shift+P  Windows), enter  AWS: Add a New Connection  into the search field, then select  AWS: Add a New Connection . Video Link :  https://www.youtube.com/watch?v=hYtYaFVWcCU  
Post a Comment
Read more