-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathJenkinsfile
115 lines (94 loc) · 3.22 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
pipeline {
agent any
tools {
dockerTool 'docker'
}
environment {
frontendImage = "patelaum/massmx-frontend:${GIT_COMMIT}"
backendImage = "patelaum/massmx-backend:${GIT_COMMIT}"
SONAR_TOKEN = credentials('sonarqube-token')
}
stages {
stage('Checkout') {
steps {
script {
git url: 'https://github.com/patel-aum/massx.git', branch: 'dev', credentialsId: 'github-creds'
}
}
}
stage('SonarQube Scan') {
steps {
script {
def scannerHome = tool 'sonar-scanner';
withSonarQubeEnv('SonarQube') {
sh "${scannerHome}/bin/sonar-scanner"
}
}
}
}
stage('Build Docker Image') {
steps {
script {
sh "${tool 'docker'}/bin/docker build -t ${backendImage} -f ./deploy/Dockerfile.backend ."
sh "${tool 'docker'}/bin/docker build -t ${frontendImage} -f ./deploy/Dockerfile.frontend ."
}
}
}
stage('Trivy Scan') {
steps {
script {
def reportFile = 'trivy-report.txt'
try {
sh """
trivy image ${frontendImage} > ${reportFile}
"""
echo "Frontend Image Trivy Report:"
readFile(reportFile).eachLine { line ->
echo line
}
sh """
trivy image ${backendImage} > ${reportFile}
"""
echo "Backend Image Trivy Report:"
readFile(reportFile).eachLine { line ->
echo line
}
} catch (Exception e) {
echo "An error occurred during the Trivy scan: ${e.message}"
currentBuild.result = 'UNSTABLE' }
}
}
}
stage('Push Docker Images') {
steps {
script {
docker.withRegistry('https://index.docker.io/v1/', 'docker-hub') { // Using Jenkins secret 'docker-hub'
sh "docker push ${frontendImage}"
sh "docker push ${backendImage}"
}
}
}
}
stage('Update Kubernetes Deployment') {
steps {
withKubeCredentials(kubectlCredentials: [[caCertificate: '''<ur-cacert>''', clusterName: 'microk8s-cluster', contextName: 'microk8s', credentialsId: 'kubectl-jenkins-sa', namespace: '', serverUrl: 'https://10.152.183.1:443']]) {
sh """
sed -i 's|patelaum/massmx-frontend:.*|${frontendImage}|' ./kubernetes/deployment.app.yaml
sed -i 's|patelaum/massmx-backend:.*|${backendImage}|' ./kubernetes/deployment.app.yaml
kubectl apply -f ./kubernetes/deployment.app.yaml
"""
}
}
}}
post {
always {
cleanWs()
}
success {
echo "Deployment was successful"
}
failure {
echo "Build or tests failed, deployment aborted"
}
}
}