Skip to main content

End To End CI CD Pipeline Project | CI CD Pipeline

----->>>> This is  Start of CI pipeline ------->>>>

pipeline {
    agent any

        tools {
            jdk 'jdk 11'
            maven 'maven3'
        }

        environment {
            SCANNER_HOME= tool 'sonar-scanner'
        }

    stages {
        stage ('Git checkout') {
            steps {
                git branch: 'main', changelog: false, poll: false, url: 'https://github.com/jaiswaladi246/Webshop-app.git'

            }
        }

        stage ('Git Compile') {
            steps {
                sh "mvn clean compile"

            }
        }

        stage ('Sonarqube Analysis'){
            steps {
                sh ''' $SCANNER_HOME/bin/sonar-scanner -Dsoner.url=http:\\13.126.10.25:9000 \
                -Dsoner-login=squ_3fhkdhfkdhkdshfklsdjhkdsfslkd07r753 \
                -Dsoner.projectname=shopping-cart \
                -Dsoner.java.binaries=. \
                -Dsoner.projectKey=shopping-cart '''

            }
        }

        stage ('OWASP SCAN') { // web App Scanner - https://www.zaproxy.org/
            steps {
                dependencyCheck additionalArguments: ' --scan ./', odcInstallation: 'DP'
                dependencyCheckPublisher pattern: '**/dependency-check-report.xml'
            }
        }

        stage ('Build Application') {
            steps {
                sh "mvn clean install -DskipTests=true"
            }
        }

        stage ('Build & Push Docker Image') {
            steps {
                script{
                    withDockerRegistry(credentialsid: 'bfjklgjf-545dfd-fdfsdfsd-5fsdf56',toolname: 'docker') {
                        sh "docker build -t shopping-cart -f docker/Dockerfile."
                        sh "docker tag shopping:latest ramshakarji/shopping:latest"
                        sh "docker push ramshanakrji/shopping:latest"
                    }
                }
            }
        }

        stage ('Trigger CD Pipeline') {
            steps {
                build job: "CD Pipeline", wait: true
            }
        }

    }
}


<<<<--- This is END of CI pipeline <<<< ----


---------------- Create New  Job and Trigger it --------------------


start of CD Pipeline --->

pipeline {

agent any

stages {
   stage ('Docker Deploy To Container')
     steps {
        script {
          withDockerRegistry(CredentialsId: 'bfureur-kdjf-fdfsdf-fdfsd-553ffd', toolname: 'docker')
               {
              sh "docker run -d --name shopping-cart -p 8070:8070 ramshaji/shopping:latest "
              }
           }
       }
    }
}

<----End of CD Pipeline

 3 Security Pipelines : 

For use DEVSECOPS which compare to normal devops procedure.

Security Analysis Tools

Sonar qube for Performing Code Quality check and Code coverage.
OWASP Dependency check for find-out for your source code has any known vulnerabilities.
Once docker image is created,   Trivy helps for scanning docker image itself.

stage ('Trivy Docker Scan') {

  steps {
     sh "trivy image ramshanakrji/shopping:latest "
        }
    
  }
 

Direct to source of Data


Comments

Post a Comment

Popular posts from this blog

Connecting to AWS - AWS Toolkit for VS Code

if this is your first time using the AWS Toolkit for Visual Studio Code,  Add Connection to AWS  User Interface (connection UI) automatically opens in VS Code. To access the connection UI at any time, open the command pallet by pressing  ( Ctrl+Shift+P  Windows), enter  AWS: Add a New Connection  into the search field, then select  AWS: Add a New Connection . Video Link :  https://www.youtube.com/watch?v=hYtYaFVWcCU  
Post a Comment
Read more

Top 5 Providers with up to 100GB for free

Top Five Providers with Large Free Service Plans Finding a cloud storage provider is easy, but finding one with a lot of free storage space and all the features you require is much more difficult. Cloudwards.net has put together a guide on finding the  best cloud storage providers  with plenty of free space for that very reason, so you won’t have to traverse the cloud storage jungle alone. New cloud storage providers often offer generous free storage plans to get more users, but they soon get discontinued (even  Microsoft  did it). Not to mention that with new providers there is always a risk of the entire company shutting down.   pCloud Sync.com MEGA Degoo - Is the Best hubic          
Post a Comment
Read more