-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathJenkinsfile
126 lines (107 loc) · 3.12 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
pipeline {
agent any
environment{
DOCKERHUB_USERNAME = "wizhubdocker8s"
APP_NAME = "java-app-argo"
IMAGE_TAG = "${BUILD_NUMBER}"
IMAGE_NAME = "${DOCKERHUB_USERNAME}" + "/" + "${APP_NAME}"
DOCKER_CREDS = credentials('dockerhub')
}
stages {
stage('Clean Workspace'){
steps{
script{
cleanWs()
}
}
}
stage('Checkout SCM'){
steps{
script{
git credentialsId: 'Github',
url: 'https://github.com/Taiwolawal/CICD-DEVSECOPS.git',
branch: 'main'
}
}
}
stage('Unit Tests: JUnit') {
steps {
sh "mvn test"
}
}
stage('Integration Test: Maven'){
steps{
sh 'mvn verify -DskipUnitTests'
}
}
stage('Static Code Analysis: Sonarqube') {
steps {
withSonarQubeEnv(credentialsId: 'jenkins-sonar', installationName: 'sonar-api') {
sh 'mvn clean package sonar:sonar'
}
}
}
stage('Quality Gate Check Status: Sonarqube'){
steps{
waitForQualityGate abortPipeline: false, credentialsId: 'jenkins-sonar'
}
}
// stage('Build Artifact: Maven') {
// steps {
// sh "mvn clean package -DskipTests=true"
// archiveArtifacts 'target/*.jar'
// }
// }
// stage('Vulnerability Scan'){
// steps{
// parallel(
// "Dependency Scan":{
// sh "mvn dependency-check:check"
// },
// "Dockerfile Scan":{
// script {
// sh "trivy config Dockerfile"
// //sh "bash trivy-dockerfile-image-scan.sh"
// sh "trivy fs Dockerfile"
// }
// }
// )
// }
// }
// stage('Docker Image Build'){
// steps{
// sh "docker build -t ${IMAGE_NAME} ."
// sh "docker image tag ${IMAGE_NAME} ${IMAGE_NAME}:${IMAGE_TAG}"
// sh "docker image tag ${IMAGE_NAME} ${IMAGE_NAME}:latest"
// }
// }
// stage('Docker Image Scan: Trivy'){
// steps{
// sh "trivy image ${IMAGE_NAME}:latest > scan.txt"
// sh "cat scan.txt"
// //sh "bash trivy-image-scan.sh"
// }
// }
// stage('Docker Image Push: DockerHub'){
// steps{
// sh 'docker login -u $DOCKER_CREDS_USR -p $DOCKER_CREDS_PSW'
// sh "docker image push ${IMAGE_NAME}:${IMAGE_TAG}"
// sh "docker image push ${IMAGE_NAME}:latest"
// }
// }
// stage('Docker Image Cleanup'){
// steps{
// sh "docker rmi ${IMAGE_NAME}:${IMAGE_TAG}"
// sh "docker rmi ${IMAGE_NAME}:latest"
// }
// }
// stage('Trigger CD Pipeline'){
// steps{
// sh "curl -v -k --user jenkins:117460c38498ed9515004d8120d2fb84c6 \
// -X POST _H 'cache-control: no-cache' -H 'content-type: application/x-www-form-urlencoded' \
// --data 'IMAGE_TAG=${IMAGE_TAG}' \
// 'http://44.215.173.223:8080/job/DevSecOps-CD/buildWithParameters?Token=gitops-config'"
// }
// }
}
}