sudo ./script1.sh
- eclipse => Eclipse Temurin installerVersion
- sonarqube => SonarQube Scanner
- gates => Sonar Quality Gates
- node js => NodeJS
- docker => Docker, Docker Commons, Docker Pipeline, Docker API, docker-build-step, CloudBees Docker Build and Publish.
- nodejs =>
- name: node16
- version: NodeJS 16.2.0
- JDK => Install from adoptium.net => Install from adoptium.net
- name: jdk17
- version: jdk-17.0.8.1+1
- docker => Download from docker.com => Download from docker.com
- name: docker
- version: latest
- sonarqube scanner => Install from Maven Central => keep the default version
- name: sonar-scanner
docker run -d --name sonar -p 9000:9000 sonarqube:lts-community
Sonarqube web UI: Go to: Administration -> Security -> Users -> Tokens, name:token-for-jenkins, then generate a token, then copy it. Jenkins web UI: Go to: Manage Jenkins -> Credentials -> Add Credentials -> Kind:Secret text -> secret: -> ID:SonarQube-Token
Manage Jenkins -> System -> SonarQube installations -> name:SonarQube-Server -> Server URL: http://192.168.3.164:9000 -> Server authentication token: Choose your token
Quality Gates -> create -> name:SonarQube-Quality-Gate
Administration -> Configuration -> webhooks -> create -> name:jenkins, URL: http://192.168.3.164:8080/sonarqube-webhook/
Go to Your GitHub -> Settings -> Developer Settings -> Personal access tokens -> Generate a token and copy it.
Go to Jenkins -> Manage Jenkins -> Credentials -> Add Credentials -> Kind: Username with password ->Username:
Password: -> ID:github
Go to DockerHub -> Account Settings -> Security -> New Access Token -> Generate a token and copy it.
Go to Jenkins -> Manage Jenkins -> Credentials -> Add Credentials -> Kind: Username with password ->Username:
Password: -> ID:dockerhub
Go to SonarQube -> Projects -> Manually -> name:PFS-CICD -> Setup -> Locally -> Generate -> Continue -> Choose your build and your OS
Go to Jenkins -> New item -> name:PFS-CICD -> choose Pipeline -> Discard old builds -> Max # of builds to keep: 2 -> Script:
pipeline {
agent any
tools {
jdk 'jdk17'
nodejs 'node16'
}
environment {
SCANNER_HOME = tool 'sonar-scanner'
}
stages {
stage('clean workspace') {
steps {
cleanWs()
}
}
stage('Checkout from Git') {
steps {
git branch: 'main', url: 'https://github.com/iliass-bamghari/youtube-clone.git'
}
}
stage("Sonarqube Analysis") {
steps {
withSonarQubeEnv('SonarQube-Server') {
sh '''$SCANNER_HOME/bin/sonar-scanner -Dsonar.projectName=PFS-CICD \
-Dsonar.projectKey=PFS-CICD'''
}
}
}
stage("Quality Gate") {
steps {
script {
waitForQualityGate abortPipeline: false, credentialsId: 'SonarQube-Token'
}
}
}
stage('Install Dependencies') {
steps {
sh "npm install"
}
}
stage('TRIVY FS SCAN') {
steps {
sh "trivy fs . > trivyfs.txt"
}
}
stage("Docker Build & Push"){
steps{
script{
withDockerRegistry(credentialsId: 'dockerhub', toolName: 'docker'){
sh "docker build -t pfspipeline ."
sh "docker tag pfspipeline iliassbamghari/pfspipeline:latest "
sh "docker push iliassbamghari/pfspipeline:latest "
}
}
}
}
stage("TRIVY Image Scan"){
steps{
sh "trivy image iliassbamghari/pfspipeline:latest > trivyimage.txt"
}
}
}
}