This repository contains AWS CDK code for setting up a Continuous Integration/Continuous Deployment (CI/CD) environment using Jenkins and SonarQube on AWS. The infrastructure is provisioned using AWS CDK in TypeScript and includes the following components:
- VPC Stack (
lib/forge.ts): Sets up the networking environment. - Jenkins Stack (
lib/jenkins.ts): Deploys Jenkins using AWS Fargate. - SonarQube Stack (
lib/sonarqube.ts): Deploys SonarQube using AWS Fargate.
- AWS CDK Jenkins and SonarQube Setup
The CDK stacks provision the following AWS resources:
- VPC with Public and Private Subnets: Enables networking for ECS tasks and load balancers.
- ECS Cluster: Hosts Jenkins and SonarQube services using AWS Fargate.
- EFS File System: Provides persistent storage for Jenkins data.
- Application Load Balancers (ALBs): Allow access to Jenkins and SonarQube over HTTP.
- NAT Gateway: Provides internet access for ECS tasks in private subnets.
- Secrets Manager: Stores sensitive information like admin credentials and tokens.
- AWS Account: With permissions to create VPCs, ECS clusters, EFS, and other resources.
- AWS CLI: Installed and configured with your AWS credentials.
- AWS CDK: Installed globally (
npm install -g aws-cdk). - Node.js and NPM: For CDK and TypeScript development.
- Git: To clone the repository.
git clone https://github.com/Adrastopoulos/forge
cd forgepnpm installIf you haven't bootstrapped your AWS environment for CDK, run:
cdk bootstrapStack File: src/lib/forge.ts
This stack sets up the VPC with the necessary networking components.
cdk deploy ForgeStackStack File: src/lib/sonarqube.ts
Before deploying, ensure that the sonarqube-stack.ts file references the VPC created in the previous step.
cdk deploy SonarQubeStack File: lib/jenkins.ts
Update the jenkins.ts file to include the SonarQube URL output from the previous deployment.
cdk deploy Jenkins- Jenkins:
- URL: Outputted after deploying
Jenkins. - Credentials: Retrieve the admin username and password from AWS Secrets Manager (
JenkinsAdminSecret).
- URL: Outputted after deploying
- SonarQube:
- URL: Outputted after deploying
SonarQube. - Credentials: Default (
admin/admin), you will be prompted to change the password on first login.
- URL: Outputted after deploying
- Log into Jenkins using the credentials from Secrets Manager.
- Verify the Pipeline Job:
- The
Build-Petclinicpipeline job should be pre-configured via Jenkins CasC.
- The
- Run the Pipeline:
- Navigate to the job and click "Build Now".
- Monitor the Build:
- View the console output to ensure that the code is checked out, built, and analyzed by SonarQube.
- Access Petclinic Application (Optional):
- If the pipeline deploys the application, access it using the appropriate URL.
The provisioning of Jenkins and SonarQube is automated using AWS CDK stacks:
src/lib/forge.ts: Provisions the VPC and networking components.src/lib/sonarqube.ts: Sets up SonarQube as an ECS Fargate service.src/lib/jenkins.ts: Sets up Jenkins as an ECS Fargate service, including CasC configuration.
- AWS CDK Scripts: The
cdkcommands automate the deployment of infrastructure. - Jenkins CasC: Jenkins Configuration as Code automates the setup of Jenkins, including plugins, credentials, and jobs.
- Spring Petclinic Repository: https://github.com/spring-projects/spring-petclinic
- AWS CDK Documentation: https://docs.aws.amazon.com/cdk/v2/guide/home.html
- Jenkins Official Docker Image: https://hub.docker.com/r/jenkins/jenkins
- SonarQube Official Docker Image: https://hub.docker.com/_/sonarqube
- Jenkins Configuration as Code (CasC): https://plugins.jenkins.io/configuration-as-code/