Merge pull request #13 from tainguyenbp/feat/learning-jenkins-files

learning jenkins cicd with jenkinsfile
tainguyenbp · Jul 6, 2024 · e465ed7 · e465ed7
2 parents 067ef34 + 35720aa
commit e465ed7
Show file tree

Hide file tree

Showing 2 changed files with 95 additions and 0 deletions.
diff --git a/jenkins-pipeline-scripts/Jenkinsfile b/jenkins-pipeline-scripts/Jenkinsfile
@@ -0,0 +1,21 @@
+pipeline {
+    agent any
+
+    stages {
+        stage('Build') {
+            steps {
+                echo 'Building..'
+            }
+        }
+        stage('Test') {
+            steps {
+                echo 'Testing..'
+            }
+        }
+        stage('Deploy') {
+            steps {
+                echo 'Deploying....'
+            }
+        }
+    }
+}
diff --git a/jenkins-pipeline-scripts/uptime-kuma/Jenkinsfile b/jenkins-pipeline-scripts/uptime-kuma/Jenkinsfile
@@ -0,0 +1,74 @@
+pipeline{
+    agent any
+    tools{
+        jdk 'jdk17'
+        nodejs 'node18'
+    }
+    environment {
+        SCANNER_HOME=tool 'sonar-scanner'
+    }
+    stages {
+        stage('Checkout from Git'){
+            steps{
+                git branch: 'main', url: 'https://github.com/tainguyenbp/learn-programming.git'
+            }
+        }
+        stage('Install Dependencies') {
+            steps {
+                sh "npm install"
+            }
+        }
+        stage("Sonarqube Analysis "){
+            steps{
+                withSonarQubeEnv('sonar-server') {
+                    sh ''' $SCANNER_HOME/bin/sonar-scanner -Dsonar.projectName=uptime \
+                    -Dsonar.projectKey=uptime '''
+                }
+            }
+        }
+        stage("quality gate"){
+           steps {
+                script {
+                    waitForQualityGate abortPipeline: false, credentialsId: 'Sonar-token'
+                }
+            }
+        }
+        stage('OWASP FS SCAN') {
+            steps {
+                dependencyCheck additionalArguments: '--scan ./ --disableYarnAudit --disableNodeAudit', odcInstallation: 'DP-Check'
+                dependencyCheckPublisher pattern: '**/dependency-check-report.xml'
+            }
+        }
+        stage('TRIVY FS SCAN') {
+            steps {
+                sh "trivy fs . > trivyfs.json"
+            }
+        }
+        stage("Docker Build & Push"){
+            steps{
+                script{
+                   withDockerRegistry(credentialsId: 'docker', toolName: 'docker'){
+                       sh "docker build -t uptime ."
+                       sh "docker tag uptime sevenajay/uptime:latest "
+                       sh "docker push sevenajay/uptime:latest "
+                    }
+                }
+            }
+        }
+        stage("TRIVY"){
+            steps{
+                sh "trivy image sevenajay/uptime:latest > trivy.json"
+            }
+        }
+        stage ("Remove container") {
+            steps{
+                sh "docker stop uptime | true"
+                sh "docker rm uptime | true"
+             }
+        }
+        stage('Deploy to container'){
+            steps{
+                sh 'docker run -d --name chatbot -v /var/run/docker.sock:/var/run/docker.sock -p 3001:3001 sevenajay/uptime:latest'
+            }
+        }
+    }