-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathjenkinsfile.groovy
More file actions
66 lines (56 loc) · 1.98 KB
/
jenkinsfile.groovy
File metadata and controls
66 lines (56 loc) · 1.98 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
pipeline{
agent {label 'Nodes1'}
tools {
maven "Maven3"
git 'git3'
}
stages{
stage('Checkout code from git'){
steps{
checkout scmGit(branches: [[name: '*/main']], extensions: [], userRemoteConfigs: [[url: 'https://github.com/NgomSysOps/new_devops_pro']])
}
}
stage('Static Code with SonarQube'){
steps{
withSonarQubeEnv('SonarQube') {
sh 'mvn sonar:sonar'
}
}
}
stage('Building Maven project'){
steps{
sh 'mvn clean install'
}
}
stage('Trivy Scan Config files'){
steps{
sh 'trivy fs --severity HIGH,CRITICAL --scanners config /home/ngom/jenkins_root_directory/workspace/testpipeline'
}
}
stage('Building docker image'){
steps{
sh 'docker build -t ngomansible/my_private_repo:$BUILD_NUMBER .'
}
}
stage('Trivy Scan Docker image'){
steps{
sh 'trivy image --severity HIGH,CRITICAL --no-progress --exit-code 0 ngomansible/my_private_repo:latest'
}
}
stage('Push image to DockerHub'){
steps{
withCredentials([string(credentialsId: 'DockerToken', variable: 'docker_cred')]) {
sh 'docker login -u ngomansible -p ${docker_cred}'
}
sh 'docker push ngomansible/my_private_repo:$BUILD_NUMBER'
}
}
stage('Deploy app to Kubernetes'){
steps{
withKubeConfig(caCertificate: '', clusterName: '', contextName: '', credentialsId: 'k8s-cred', namespace: '', restrictKubeConfigAccess: false, serverUrl: '') {
sh ' kubectl apply -f myDeployment.yml'
}
}
}
}
}