Sarika's DevOps Journey
🎖️Project : DevSecOps Jenkins CI/CD pipeline for a Node.js Application

🎖️Project : DevSecOps Jenkins CI/CD pipeline for a Node.js Application

Sarika Kamble's photo
Sarika Kamble
·

2 min read

Table of contents

🔗Tools Required:-

  1. GitHub: For source code repository and version control.

  2. Docker and Docker Compose: For containerizing the Node.js application.

  3. Jenkins: For setting up and managing the CI/CD pipeline.

  4. SonarQube: For continuous inspection of code quality.

  5. OWASP tools: For identifying security vulnerabilities in the application.

  6. Trivy: For scanning Docker images for vulnerabilities.

  7. DevSecOps practices: Integrating security at every phase of the software development lifecycle.

🔗Step 1:- Launch Instance

Create EC2 instance & connect

🔗Step 2:- Install Jenkins

After installation of Jenkins add an 8080 port in the EC2 security group

Access the Jenkins in your web browser it opens the unlock Jenkins window

localhost:8080

Enter the Administrator Password & click on Continue, Jenkins gets started.

Create the job, select pipeline

Add the GitHub URL

Pipeline script -> Add your code & save

pipeline{

    agent any
    environment{
        SONAR_HOME=tool "Sonar"
    }
    stages{

        stage("Code"){
            steps{
                git url:"https://github.com/sarikakamble/node-todo-cicd.git/", branch:"master"
                echo "Code cloned successfully."
            }
        }
        stage("Sonarqube Analysis"){
            steps{
                withSonarQubeEnv("Sonar"){
                    sh "$SONAR_HOME/bin/sonar-scanner -Dsonar.projectName=nodetodo -Dsonar.projectKey=nodetodo -X"
                } 
            }
        }
        stage("Sonarqube Quality Gates"){
            steps{
                timeout(time:1 , unit:"MINUTES"){
                    waitForQualityGate abortPipeline: false
                }
            }
        }
        stage("OWASP"){
            steps{
                dependencyCheck additionalArguments: '--scan ./', odcInstallation: 'OWASP'
                dependencyCheckPublisher pattern: '**/dependency-check-report.xml' 
            }
        }
        stage("Build & Test"){
            steps{
                sh 'docker build -t node-app-batch-6:latest .'
                echo "Code built successfully."
            }
        }
        stage("Trivy"){
            steps{
                sh "trivy image node-app-batch-6"
            }
        }
        stage("Push to private DockerHub Repo"){
            steps{
                withCredentials([usernamePassword(credentialsId:"DockerHubCreds",passwordVariable:"dockerPass",usernameVariable:"dockerUser")]){
                    sh "docker login -u ${env.dockerUser} -p ${env.dockerPass}"
                    sh "docker tag node-app-batch-6:latest ${env.dockerUser}/node-app-batch-6:latest"
                    sh "docker push ${env.dockerUser}/node-app-batch-6:latest"
                }
            }
        }
        stage("Deploy"){
            steps{
                sh "docker-compose up -d"
                echo "App Deployed successfully."
            }
        }
    }
}

🔗Step 3:- Install Docker

Add your current user & Jenkins to the docker group to get all permission

sudo usermod -aG doker $USER
sudo usermod -aG docker jenkins

🔗Step 4:- SonarQube Server

Add SonarQube plugins

Install SonarQube server

Add the 9000 port in the EC2 security group

Access the SonarQube on a web browser

localhost:9000

🔗Step 5:- Add new credentials

Go to Manage Jenkins -> Credentials

🔗Step 6:- Build your application

Click on Build Now

Add the port 8000 in EC2 security group to access your application

Access the application on a web browser

localhost:8000

📚Happy Learning :)

DevopsDevSecOps#90daysofdevops#90daysofdevops chanllenge#90daysofdevopschallengeTrainWithShubham