diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 00000000..b060da40 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,121 @@ +pipeline { + agent any + tools { + jdk 'jdk17' + maven 'maven1' + } + + stages { + stage('Checkout') { + steps { + git( + url: 'https://github.com/manish-g0u74m/Ekart-Java-Webapp.git', + branch: 'devops' + ) + } + } + + stage('Compile') { + steps { + sh 'mvn clean compile' + } + } + + stage('SonarQube Scan') { + steps { + withSonarQubeEnv('sonar') { + script { + def scanner = tool name: 'sonar', type: 'hudson.plugins.sonar.SonarRunnerInstallation' + sh """ + "${scanner}/bin/sonar-scanner" \ + -Dsonar.projectKey="Ekart-Java-WebApp" \ + -Dsonar.projectName="Ekart-Java-WebApp" \ + -Dsonar.sources=src \ + -Dsonar.java.binaries=target/classes + """ + } + } + } + } + + stage('Trivy file system scan') { + steps { + sh 'trivy fs --format table -o trivy-fs-report.html .' + } + } + + stage('Check SonarQube Quality Gate') { + steps { + echo 'Waiting for SonarQube Quality Gate result...' + timeout(time: 2, unit: 'MINUTES') { + waitForQualityGate abortPipeline: false + } + } + } + + stage('OWASP Dependency Check') { + steps { + dependencyCheck additionalArguments: '--scan ./ --nvdApiKey b588dcc5-7433-4160-b160-8d774e5b866', odcInstallation: 'dc' + dependencyCheckPublisher pattern: '**/dependency-check-report.xml' + } + } + stage('Build') { + steps { + sh "mvn clean package -DskipTests=true" + } + } + stage("docker Image build") { + steps { + echo "Code Build Stage" + sh "docker build -t ekart-java-webapp:latest -f ./docker/Dockerfile ." + } + } + + stage("TRIVY image Scane") { + steps { + sh "trivy image ekart-java-webapp:latest > trivy-frontend-image.txt" + } + } + + stage("Push To DockerHub") { + steps { + withCredentials([usernamePassword( + credentialsId: "dockerHubCreds", + usernameVariable: "dockerHubUser", + passwordVariable: "dockerHubPass" + )]) { + sh 'echo $dockerHubPass | docker login -u $dockerHubUser --password-stdin' + sh "docker image tag ekart-java-webapp:latest ${env.dockerHubUser}/ekart-java-webapp:latest" + + echo "Push Ekart-Java-Webapp image" + sh "docker push ${env.dockerHubUser}/ekart-java-webapp:latest" + } + } + } + stage("Deploy on K8s") { + steps { + withKubeConfig([credentialsId: 'kube-cred-id']) { + sh "kubectl apply -f ./k8s/ekart-ns.yml" + sh "kubectl apply -f ./k8s/ekart-service.yml" + sh "kubectl apply -f ./k8s/ekart-deployment.yml" + } + } + } + } + post { + success { + emailext( + to: 'manish.sharma.devops@gmail.com', + subject: 'Build Successful for Ekart Springboot Application', + body: 'The build has completed successfully for Ekart Springboot Application.' + ) + } + failure { + emailext( + to: 'manish.sharma.devops@gmail.com', + subject: 'Build Failed for Ekart Springboot Application', + body: 'The build has failed for Ekart Springboot Application. Please check the Jenkins logs for details.' + ) + } + } +} diff --git a/deploymentservice.yml b/deploymentservice.yml deleted file mode 100644 index 1d1c4e89..00000000 --- a/deploymentservice.yml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment # Kubernetes resource kind we are creating -metadata: - name: ekart-deployment -spec: - selector: - matchLabels: - app: ekart - replicas: 2 # Number of replicas that will be created for this deployment - template: - metadata: - labels: - app: ekart - spec: - containers: - - name: ekart - image: adijaiswal/ekart:latest # Image that will be used to containers in the cluster - imagePullPolicy: IfNotPresent - ports: - - containerPort: 8070 # The port that the container is running on in the cluster - - ---- - -apiVersion: v1 # Kubernetes API version -kind: Service # Kubernetes resource kind we are creating -metadata: # Metadata of the resource kind we are creating - name: ekart-ssvc -spec: - selector: - app: ekart - ports: - - protocol: "TCP" - port: 8070 # The port that the service is running on in the cluster - targetPort: 8070 # The port exposed by the service - type: LoadBalancer # type of the service. diff --git a/docker/Jenkinsfile b/docker/Jenkinsfile new file mode 100644 index 00000000..b060da40 --- /dev/null +++ b/docker/Jenkinsfile @@ -0,0 +1,121 @@ +pipeline { + agent any + tools { + jdk 'jdk17' + maven 'maven1' + } + + stages { + stage('Checkout') { + steps { + git( + url: 'https://github.com/manish-g0u74m/Ekart-Java-Webapp.git', + branch: 'devops' + ) + } + } + + stage('Compile') { + steps { + sh 'mvn clean compile' + } + } + + stage('SonarQube Scan') { + steps { + withSonarQubeEnv('sonar') { + script { + def scanner = tool name: 'sonar', type: 'hudson.plugins.sonar.SonarRunnerInstallation' + sh """ + "${scanner}/bin/sonar-scanner" \ + -Dsonar.projectKey="Ekart-Java-WebApp" \ + -Dsonar.projectName="Ekart-Java-WebApp" \ + -Dsonar.sources=src \ + -Dsonar.java.binaries=target/classes + """ + } + } + } + } + + stage('Trivy file system scan') { + steps { + sh 'trivy fs --format table -o trivy-fs-report.html .' + } + } + + stage('Check SonarQube Quality Gate') { + steps { + echo 'Waiting for SonarQube Quality Gate result...' + timeout(time: 2, unit: 'MINUTES') { + waitForQualityGate abortPipeline: false + } + } + } + + stage('OWASP Dependency Check') { + steps { + dependencyCheck additionalArguments: '--scan ./ --nvdApiKey b588dcc5-7433-4160-b160-8d774e5b866', odcInstallation: 'dc' + dependencyCheckPublisher pattern: '**/dependency-check-report.xml' + } + } + stage('Build') { + steps { + sh "mvn clean package -DskipTests=true" + } + } + stage("docker Image build") { + steps { + echo "Code Build Stage" + sh "docker build -t ekart-java-webapp:latest -f ./docker/Dockerfile ." + } + } + + stage("TRIVY image Scane") { + steps { + sh "trivy image ekart-java-webapp:latest > trivy-frontend-image.txt" + } + } + + stage("Push To DockerHub") { + steps { + withCredentials([usernamePassword( + credentialsId: "dockerHubCreds", + usernameVariable: "dockerHubUser", + passwordVariable: "dockerHubPass" + )]) { + sh 'echo $dockerHubPass | docker login -u $dockerHubUser --password-stdin' + sh "docker image tag ekart-java-webapp:latest ${env.dockerHubUser}/ekart-java-webapp:latest" + + echo "Push Ekart-Java-Webapp image" + sh "docker push ${env.dockerHubUser}/ekart-java-webapp:latest" + } + } + } + stage("Deploy on K8s") { + steps { + withKubeConfig([credentialsId: 'kube-cred-id']) { + sh "kubectl apply -f ./k8s/ekart-ns.yml" + sh "kubectl apply -f ./k8s/ekart-service.yml" + sh "kubectl apply -f ./k8s/ekart-deployment.yml" + } + } + } + } + post { + success { + emailext( + to: 'manish.sharma.devops@gmail.com', + subject: 'Build Successful for Ekart Springboot Application', + body: 'The build has completed successfully for Ekart Springboot Application.' + ) + } + failure { + emailext( + to: 'manish.sharma.devops@gmail.com', + subject: 'Build Failed for Ekart Springboot Application', + body: 'The build has failed for Ekart Springboot Application. Please check the Jenkins logs for details.' + ) + } + } +} diff --git a/k8s/ekart-deployment.yml b/k8s/ekart-deployment.yml new file mode 100644 index 00000000..36f9e72c --- /dev/null +++ b/k8s/ekart-deployment.yml @@ -0,0 +1,20 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ekart-deployment + namespace: ekart-ns +spec: + replicas: 2 + selector: + matchLabels: + app: ekart-app + template: + metadata: + labels: + app: ekart-app + spec: + containers: + - name: ekart-container + image: g0u74m/ekart-java-webapp:latest + ports: + - containerPort: 8070 diff --git a/k8s/ekart-ingress.yml b/k8s/ekart-ingress.yml new file mode 100644 index 00000000..7d5ca863 --- /dev/null +++ b/k8s/ekart-ingress.yml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: ekart-ingress + namespace: ekart-ns + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / +spec: + rules: + - http: + paths: + - path: /ekart + pathType: Prefix + backend: + service: + name: ekart-service + port: + number: 8070 diff --git a/k8s/ekart-ns.yml b/k8s/ekart-ns.yml new file mode 100644 index 00000000..f58ed605 --- /dev/null +++ b/k8s/ekart-ns.yml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: ekart-ns diff --git a/k8s/ekart-service.yml b/k8s/ekart-service.yml new file mode 100644 index 00000000..17fcbd9e --- /dev/null +++ b/k8s/ekart-service.yml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: ekart-service + namespace: ekart-ns +spec: + selector: + app: ekart-app + ports: + - protocol: TCP + port: 8070 + targetPort: 8070 + nodePort: 30003 + type: NodePort