From 5931a6d09dabbbeb230405da703da926b623e5be Mon Sep 17 00:00:00 2001
From: Iamthor15 <155723542+Iamthor15@users.noreply.github.com>
Date: Mon, 17 Jun 2024 17:02:47 +0530
Subject: [PATCH 1/3] Create Jenkinsfile
---
Jenkinsfile | 76 +++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 76 insertions(+)
create mode 100644 Jenkinsfile
diff --git a/Jenkinsfile b/Jenkinsfile
new file mode 100644
index 00000000..cbc92c19
--- /dev/null
+++ b/Jenkinsfile
@@ -0,0 +1,76 @@
+pipeline{
+ agent any
+ tools{
+ jdk 'jdk17'
+ nodejs 'node16'
+ }
+ environment {
+ SCANNER_HOME=tool 'sonar-scanner'
+ }
+ stages {
+ stage('clean workspace'){
+ steps{
+ cleanWs()
+ }
+ }
+ stage('Checkout from Git'){
+ steps{
+ git branch: 'main', url: 'https://github.com/Iamthor15/DevSecOps-Project'
+ }
+ }
+ stage("Sonarqube Analysis "){
+ steps{
+ withSonarQubeEnv('sonar-server') {
+ sh ''' $SCANNER_HOME/bin/sonar-scanner -Dsonar.projectName=Netflix \
+ -Dsonar.projectKey=Netflix '''
+ }
+ }
+ }
+ stage("quality gate"){
+ steps {
+ script {
+ waitForQualityGate abortPipeline: false, credentialsId: 'Sonar-token'
+ }
+ }
+ }
+ stage('Install Dependencies') {
+ steps {
+ sh "npm install"
+ }
+ }
+ stage('OWASP FS SCAN') {
+ steps {
+ dependencyCheck additionalArguments: '--scan ./ --disableYarnAudit --disableNodeAudit', odcInstallation: 'DP-Check'
+ dependencyCheckPublisher pattern: '**/dependency-check-report.xml'
+ }
+ }
+ stage('TRIVY FS SCAN') {
+ steps {
+ sh "trivy fs . > trivyfs.txt"
+ }
+ }
+ stage("Docker Build & Push"){
+ steps{
+ script{
+ withDockerRegistry(credentialsId: 'docker', toolName: 'docker'){
+ sh "docker build --build-arg TMDB_V3_API_KEY=0c2fe67ca7a6c9d723fd6414791cb98f -t netflix ."
+ sh "docker tag netflix rithik1504/netflix:latest "
+ sh "docker push rithik1504/netflix:latest "
+ }
+ }
+ }
+ }
+ stage("TRIVY"){
+ steps{
+ sh "trivy image rithik1504/netflix:latest > trivyimage.txt"
+ }
+ }
+ stage('Deploy to container'){
+ steps{
+ sh 'docker run -d -p 8081:80 rithik1504/netflix:latest'
+ }
+ }
+ }
+}
+
+
From 57a3660600125e216baf2c53a510d0c9b5307256 Mon Sep 17 00:00:00 2001
From: Iamthor15 <155723542+Iamthor15@users.noreply.github.com>
Date: Mon, 17 Jun 2024 17:39:24 +0530
Subject: [PATCH 2/3] Update Jenkinsfile
---
Jenkinsfile | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/Jenkinsfile b/Jenkinsfile
index cbc92c19..3caf5c2b 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -72,5 +72,16 @@ pipeline{
}
}
}
-
+post {
+ always {
+ emailext attachLog: true,
+ subject: "'${currentBuild.result}'",
+ body: "Project: ${env.JOB_NAME}
" +
+ "Build Number: ${env.BUILD_NUMBER}
" +
+ "URL: ${env.BUILD_URL}
",
+ to: 'singhrithik946@gmail.com', #change mail here
+ attachmentsPattern: 'trivyfs.txt,trivyimage.txt'
+ }
+ }
+}
From 78fd652afeb51bad1ed5a7bfa9ff1431a3880204 Mon Sep 17 00:00:00 2001
From: Iamthor15 <155723542+Iamthor15@users.noreply.github.com>
Date: Mon, 17 Jun 2024 20:41:25 +0530
Subject: [PATCH 3/3] Update Jenkinsfile
---
Jenkinsfile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Jenkinsfile b/Jenkinsfile
index 3caf5c2b..b0ee0654 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -79,7 +79,7 @@ post {
body: "Project: ${env.JOB_NAME}
" +
"Build Number: ${env.BUILD_NUMBER}
" +
"URL: ${env.BUILD_URL}
",
- to: 'singhrithik946@gmail.com', #change mail here
+ to: 'singhrithik946@gmail.com',
attachmentsPattern: 'trivyfs.txt,trivyimage.txt'
}
}