diff --git a/Jenkins-Pipeline-Code/Jenkinsfile-Backend b/Jenkins-Pipeline-Code/Jenkinsfile-Backend deleted file mode 100644 index b0826fb70..000000000 --- a/Jenkins-Pipeline-Code/Jenkinsfile-Backend +++ /dev/null @@ -1,113 +0,0 @@ -pipeline { - agent any - tools { - jdk 'jdk' - nodejs 'nodejs' - } - environment { - SCANNER_HOME=tool 'sonar-scanner' - AWS_ACCOUNT_ID = credentials('ACCOUNT_ID') - AWS_ECR_REPO_NAME = credentials('ECR_REPO2') - AWS_DEFAULT_REGION = 'us-east-1' - REPOSITORY_URI = "${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/" - } - stages { - stage('Cleaning Workspace') { - steps { - cleanWs() - } - } - stage('Checkout from Git') { - steps { - git credentialsId: 'GITHUB', url: 'https://github.com/AmanPathak-DevOps/End-to-End-Kubernetes-Three-Tier-DevSecOps-Project.git' - } - } - stage('Sonarqube Analysis') { - steps { - dir('Application-Code/backend') { - withSonarQubeEnv('sonar-server') { - sh ''' $SCANNER_HOME/bin/sonar-scanner \ - -Dsonar.projectName=three-tier-backend \ - -Dsonar.projectKey=three-tier-backend ''' - } - } - } - } - stage('Quality Check') { - steps { - script { - waitForQualityGate abortPipeline: false, credentialsId: 'sonar-token' - } - } - } - stage('OWASP Dependency-Check Scan') { - steps { - dir('Application-Code/backend') { - dependencyCheck additionalArguments: '--scan ./ --disableYarnAudit --disableNodeAudit', odcInstallation: 'DP-Check' - dependencyCheckPublisher pattern: '**/dependency-check-report.xml' - } - } - } - stage('Trivy File Scan') { - steps { - dir('Application-Code/backend') { - sh 'trivy fs . > trivyfs.txt' - } - } - } - stage("Docker Image Build") { - steps { - script { - dir('Application-Code/backend') { - sh 'docker system prune -f' - sh 'docker container prune -f' - sh 'docker build -t ${AWS_ECR_REPO_NAME} .' - } - } - } - } - stage("ECR Image Pushing") { - steps { - script { - sh 'aws ecr get-login-password --region ${AWS_DEFAULT_REGION} | docker login --username AWS --password-stdin ${REPOSITORY_URI}' - sh 'docker tag ${AWS_ECR_REPO_NAME} ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}' - sh 'docker push ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}' - } - } - } - stage("TRIVY Image Scan") { - steps { - sh 'trivy image ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER} > trivyimage.txt' - } - } - stage('Checkout Code') { - steps { - git credentialsId: 'GITHUB', url: 'https://github.com/AmanPathak-DevOps/End-to-End-Kubernetes-Three-Tier-DevSecOps-Project.git' - } - } - stage('Update Deployment file') { - environment { - GIT_REPO_NAME = "End-to-End-Kubernetes-Three-Tier-DevSecOps-Project" - GIT_USER_NAME = "AmanPathak-DevOps" - } - steps { - dir('Kubernetes-Manifests-file/Backend') { - withCredentials([string(credentialsId: 'github', variable: 'GITHUB_TOKEN')]) { - sh ''' - git config user.email "aman07pathak@gmail.com" - git config user.name "AmanPathak-DevOps" - BUILD_NUMBER=${BUILD_NUMBER} - echo $BUILD_NUMBER - imageTag=$(grep -oP '(?<=backend:)[^ ]+' deployment.yaml) - echo $imageTag - sed -i "s/${AWS_ECR_REPO_NAME}:${imageTag}/${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}/" deployment.yaml - git add deployment.yaml - git commit -m "Update deployment Image to version \${BUILD_NUMBER}" - git push https://${GITHUB_TOKEN}@github.com/${GIT_USER_NAME}/${GIT_REPO_NAME} HEAD:master - ''' - } - } - } - } - } -} \ No newline at end of file diff --git a/Jenkins-Pipeline-Code/Jenkinsfile-Frontend b/Jenkins-Pipeline-Code/Jenkinsfile-Frontend deleted file mode 100644 index 9be1a50c0..000000000 --- a/Jenkins-Pipeline-Code/Jenkinsfile-Frontend +++ /dev/null @@ -1,113 +0,0 @@ -pipeline { - agent any - tools { - jdk 'jdk' - nodejs 'nodejs' - } - environment { - SCANNER_HOME=tool 'sonar-scanner' - AWS_ACCOUNT_ID = credentials('ACCOUNT_ID') - AWS_ECR_REPO_NAME = credentials('ECR_REPO1') - AWS_DEFAULT_REGION = 'us-east-1' - REPOSITORY_URI = "${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/" - } - stages { - stage('Cleaning Workspace') { - steps { - cleanWs() - } - } - stage('Checkout from Git') { - steps { - git credentialsId: 'GITHUB', url: 'https://github.com/AmanPathak-DevOps/End-to-End-Kubernetes-Three-Tier-DevSecOps-Project.git' - } - } - stage('Sonarqube Analysis') { - steps { - dir('Application-Code/frontend') { - withSonarQubeEnv('sonar-server') { - sh ''' $SCANNER_HOME/bin/sonar-scanner \ - -Dsonar.projectName=three-tier-frontend \ - -Dsonar.projectKey=three-tier-frontend ''' - } - } - } - } - stage('Quality Check') { - steps { - script { - waitForQualityGate abortPipeline: false, credentialsId: 'sonar-token' - } - } - } - stage('OWASP Dependency-Check Scan') { - steps { - dir('Application-Code/frontend') { - dependencyCheck additionalArguments: '--scan ./ --disableYarnAudit --disableNodeAudit', odcInstallation: 'DP-Check' - dependencyCheckPublisher pattern: '**/dependency-check-report.xml' - } - } - } - stage('Trivy File Scan') { - steps { - dir('Application-Code/frontend') { - sh 'trivy fs . > trivyfs.txt' - } - } - } - stage("Docker Image Build") { - steps { - script { - dir('Application-Code/frontend') { - sh 'docker system prune -f' - sh 'docker container prune -f' - sh 'docker build -t ${AWS_ECR_REPO_NAME} .' - } - } - } - } - stage("ECR Image Pushing") { - steps { - script { - sh 'aws ecr get-login-password --region ${AWS_DEFAULT_REGION} | docker login --username AWS --password-stdin ${REPOSITORY_URI}' - sh 'docker tag ${AWS_ECR_REPO_NAME} ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}' - sh 'docker push ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}' - } - } - } - stage("TRIVY Image Scan") { - steps { - sh 'trivy image ${REPOSITORY_URI}${AWS_ECR_REPO_NAME}:${BUILD_NUMBER} > trivyimage.txt' - } - } - stage('Checkout Code') { - steps { - git credentialsId: 'GITHUB', url: 'https://github.com/AmanPathak-DevOps/End-to-End-Kubernetes-Three-Tier-DevSecOps-Project.git' - } - } - stage('Update Deployment file') { - environment { - GIT_REPO_NAME = "End-to-End-Kubernetes-Three-Tier-DevSecOps-Project" - GIT_USER_NAME = "AmanPathak-DevOps" - } - steps { - dir('Kubernetes-Manifests-file/Frontend') { - withCredentials([string(credentialsId: 'github', variable: 'GITHUB_TOKEN')]) { - sh ''' - git config user.email "aman07pathak@gmail.com" - git config user.name "AmanPathak-DevOps" - BUILD_NUMBER=${BUILD_NUMBER} - echo $BUILD_NUMBER - imageTag=$(grep -oP '(?<=frontend:)[^ ]+' deployment.yaml) - echo $imageTag - sed -i "s/${AWS_ECR_REPO_NAME}:${imageTag}/${AWS_ECR_REPO_NAME}:${BUILD_NUMBER}/" deployment.yaml - git add deployment.yaml - git commit -m "Update deployment Image to version \${BUILD_NUMBER}" - git push https://${GITHUB_TOKEN}@github.com/${GIT_USER_NAME}/${GIT_REPO_NAME} HEAD:master - ''' - } - } - } - } - } -} \ No newline at end of file diff --git a/Jenkins-Server-TF/.terraform.lock.hcl b/Jenkins-Server-TF/.terraform.lock.hcl deleted file mode 100644 index 299c5907e..000000000 --- a/Jenkins-Server-TF/.terraform.lock.hcl +++ /dev/null @@ -1,25 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "5.31.0" - constraints = ">= 2.7.0" - hashes = [ - "h1:WwgMbMOhZblxZTdjHeJf9XB2/hcSHHmpuywLxuTWYw0=", - "zh:0cdb9c2083bf0902442384f7309367791e4640581652dda456f2d6d7abf0de8d", - "zh:2fe4884cb9642f48a5889f8dff8f5f511418a18537a9dfa77ada3bcdad391e4e", - "zh:36d8bdd72fe61d816d0049c179f495bc6f1e54d8d7b07c45b62e5e1696882a89", - "zh:539dd156e3ec608818eb21191697b230117437a58587cbd02ce533202a4dd520", - "zh:6a53f4b57ac4eb3479fc0d8b6e301ca3a27efae4c55d9f8bd24071b12a03361c", - "zh:6faeb8ff6792ca7af1c025255755ad764667a300291cc10cea0c615479488c87", - "zh:7d9423149b323f6d0df5b90c4d9029e5455c670aea2a7eb6fef4684ba7eb2e0b", - "zh:8235badd8a5d0993421cacf5ead48fac73d3b5a25c8a68599706a404b1f70730", - "zh:860b4f60842b2879c5128b7e386c8b49adeda9287fed12c5cd74861bb659bbcd", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:b021fceaf9382c8fe3c6eb608c24d01dce3d11ba7e65bb443d51ca9b90e9b237", - "zh:b38b0bfc1c69e714e80cf1c9ea06e687ee86aa9f45694be28eb07adcebbe0489", - "zh:c972d155f6c01af9690a72adfb99cfc24ef5ef311ca92ce46b9b13c5c153f572", - "zh:e0dd29920ec84fdb6026acff44dcc1fb1a24a0caa093fa04cdbc713d384c651d", - "zh:e3127ebd2cb0374cd1808f911e6bffe2f4ac4d84317061381242353f3a7bc27d", - ] -} diff --git a/Jenkins-Server-TF/backend.tf b/Jenkins-Server-TF/backend.tf deleted file mode 100644 index 9d46f4e7c..000000000 --- a/Jenkins-Server-TF/backend.tf +++ /dev/null @@ -1,16 +0,0 @@ -terraform { - backend "s3" { - bucket = "my-ews-baket1" - region = "us-east-1" - key = "End-to-End-Kubernetes-Three-Tier-DevSecOps-Project/Jenkins-Server-TF/terraform.tfstate" - dynamodb_table = "Lock-Files" - encrypt = true - } - required_version = ">=0.13.0" - required_providers { - aws = { - version = ">= 2.7.0" - source = "hashicorp/aws" - } - } -} \ No newline at end of file diff --git a/Jenkins-Server-TF/ec2.tf b/Jenkins-Server-TF/ec2.tf deleted file mode 100644 index 9bff6b449..000000000 --- a/Jenkins-Server-TF/ec2.tf +++ /dev/null @@ -1,16 +0,0 @@ -resource "aws_instance" "ec2" { - ami = data.aws_ami.ami.image_id - instance_type = "t2.2xlarge" - key_name = var.key-name - subnet_id = aws_subnet.public-subnet.id - vpc_security_group_ids = [aws_security_group.security-group.id] - iam_instance_profile = aws_iam_instance_profile.instance-profile.name - root_block_device { - volume_size = 30 - } - user_data = templatefile("./tools-install.sh", {}) - - tags = { - Name = var.instance-name - } -} \ No newline at end of file diff --git a/Jenkins-Server-TF/gather.tf b/Jenkins-Server-TF/gather.tf deleted file mode 100644 index 946b8b63b..000000000 --- a/Jenkins-Server-TF/gather.tf +++ /dev/null @@ -1,10 +0,0 @@ -data "aws_ami" "ami" { - most_recent = true - - filter { - name = "name" - values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"] - } - - owners = ["099720109477"] -} \ No newline at end of file diff --git a/Jenkins-Server-TF/iam-instance-profile.tf b/Jenkins-Server-TF/iam-instance-profile.tf deleted file mode 100644 index a56217eba..000000000 --- a/Jenkins-Server-TF/iam-instance-profile.tf +++ /dev/null @@ -1,4 +0,0 @@ -resource "aws_iam_instance_profile" "instance-profile" { - name = "Jenkins-instance-profile" - role = aws_iam_role.iam-role.name -} \ No newline at end of file diff --git a/Jenkins-Server-TF/iam-policy.tf b/Jenkins-Server-TF/iam-policy.tf deleted file mode 100644 index 66d06f9e3..000000000 --- a/Jenkins-Server-TF/iam-policy.tf +++ /dev/null @@ -1,5 +0,0 @@ -resource "aws_iam_role_policy_attachment" "iam-policy" { - role = aws_iam_role.iam-role.name - # Just for testing purpose, don't try to give administrator access - policy_arn = "arn:aws:iam::aws:policy/AdministratorAccess" -} \ No newline at end of file diff --git a/Jenkins-Server-TF/iam-role.tf b/Jenkins-Server-TF/iam-role.tf deleted file mode 100644 index cd7699db3..000000000 --- a/Jenkins-Server-TF/iam-role.tf +++ /dev/null @@ -1,17 +0,0 @@ -resource "aws_iam_role" "iam-role" { - name = var.iam-role - assume_role_policy = < /dev/null -echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \ - https://pkg.jenkins.io/debian binary/ | sudo tee \ - /etc/apt/sources.list.d/jenkins.list > /dev/null -sudo apt-get update -y -sudo apt-get install jenkins -y - -# Installing Docker -#!/bin/bash -sudo apt update -sudo apt install docker.io -y -sudo usermod -aG docker jenkins -sudo usermod -aG docker ubuntu -sudo systemctl restart docker -sudo chmod 777 /var/run/docker.sock - -# If you don't want to install Jenkins, you can create a container of Jenkins -# docker run -d -p 8080:8080 -p 50000:50000 --name jenkins-container jenkins/jenkins:lts - -# Run Docker Container of Sonarqube -#!/bin/bash -docker run -d --name sonar -p 9000:9000 sonarqube:lts-community - - -# Installing AWS CLI -#!/bin/bash -curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" -sudo apt install unzip -y -unzip awscliv2.zip -sudo ./aws/install - -# Installing Kubectl -#!/bin/bash -sudo apt update -sudo apt install curl -y -sudo curl -LO "https://dl.k8s.io/release/v1.28.4/bin/linux/amd64/kubectl" -sudo chmod +x kubectl -sudo mv kubectl /usr/local/bin/ -kubectl version --client - - -# Installing eksctl -#! /bin/bash -curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp -sudo mv /tmp/eksctl /usr/local/bin -eksctl version - -# Installing Terraform -#!/bin/bash -wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg -echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list -sudo apt update -sudo apt install terraform -y - -# Installing Trivy -#!/bin/bash -sudo apt-get install wget apt-transport-https gnupg lsb-release -y -wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add - -echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list -sudo apt update -sudo apt install trivy -y - - -# Intalling Helm -#! /bin/bash -sudo snap install helm --classic \ No newline at end of file diff --git a/Jenkins-Server-TF/variables.tf b/Jenkins-Server-TF/variables.tf deleted file mode 100644 index 339515178..000000000 --- a/Jenkins-Server-TF/variables.tf +++ /dev/null @@ -1,8 +0,0 @@ -variable "vpc-name" {} -variable "igw-name" {} -variable "rt-name" {} -variable "subnet-name" {} -variable "sg-name" {} -variable "instance-name" {} -variable "key-name" {} -variable "iam-role" {} \ No newline at end of file diff --git a/Jenkins-Server-TF/variables.tfvars b/Jenkins-Server-TF/variables.tfvars deleted file mode 100644 index 310601aa9..000000000 --- a/Jenkins-Server-TF/variables.tfvars +++ /dev/null @@ -1,8 +0,0 @@ -vpc-name = "Jenkins-vpc" -igw-name = "Jenkins-igw" -subnet-name = "Jenkins-subnet" -rt-name = "Jenkins-route-table" -sg-name = "Jenkins-sg" -instance-name = "Jenkins-server" -key-name = "Aman-Pathak" -iam-role = "Jenkins-iam-role" \ No newline at end of file diff --git a/Jenkins-Server-TF/vpc.tf b/Jenkins-Server-TF/vpc.tf deleted file mode 100644 index 938a71e3f..000000000 --- a/Jenkins-Server-TF/vpc.tf +++ /dev/null @@ -1,73 +0,0 @@ -resource "aws_vpc" "vpc" { - cidr_block = "10.0.0.0/16" - - tags = { - Name = var.vpc-name - } -} - -resource "aws_internet_gateway" "igw" { - vpc_id = aws_vpc.vpc.id - - tags = { - Name = var.igw-name - } -} - -resource "aws_subnet" "public-subnet" { - vpc_id = aws_vpc.vpc.id - cidr_block = "10.0.1.0/24" - availability_zone = "us-east-1a" - map_public_ip_on_launch = true - - tags = { - Name = var.subnet-name - } -} - -resource "aws_route_table" "rt" { - vpc_id = aws_vpc.vpc.id - route { - cidr_block = "0.0.0.0/0" - gateway_id = aws_internet_gateway.igw.id - } - - tags = { - Name = var.rt-name - } -} - -resource "aws_route_table_association" "rt-association" { - route_table_id = aws_route_table.rt.id - subnet_id = aws_subnet.public-subnet.id -} - -resource "aws_security_group" "security-group" { - vpc_id = aws_vpc.vpc.id - description = "Allowing Jenkins, Sonarqube, SSH Access" - - ingress = [ - for port in [22, 8080, 9000, 9090, 80] : { - description = "TLS from VPC" - from_port = port - to_port = port - protocol = "tcp" - ipv6_cidr_blocks = ["::/0"] - self = false - prefix_list_ids = [] - security_groups = [] - cidr_blocks = ["0.0.0.0/0"] - } - ] - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } - - tags = { - Name = var.sg-name - } -} \ No newline at end of file diff --git a/Kubernetes-Manifests-file/Backend/deployment.yaml b/Kubernetes-Manifests-file/Backend/deployment.yaml index 39658275f..dce24dbf6 100644 --- a/Kubernetes-Manifests-file/Backend/deployment.yaml +++ b/Kubernetes-Manifests-file/Backend/deployment.yaml @@ -54,4 +54,4 @@ spec: port: 3500 initialDelaySeconds: 5 periodSeconds: 5 - successThreshold: 1 \ No newline at end of file + successThreshold: 1 diff --git a/Kubernetes-Manifests-file/Backend/service.yaml b/Kubernetes-Manifests-file/Backend/service.yaml index 7fa7bc71e..c1bb85f0c 100644 --- a/Kubernetes-Manifests-file/Backend/service.yaml +++ b/Kubernetes-Manifests-file/Backend/service.yaml @@ -9,4 +9,4 @@ spec: protocol: TCP type: ClusterIP selector: - role: api \ No newline at end of file + role: api diff --git a/Kubernetes-Manifests-file/Database/deployment.yaml b/Kubernetes-Manifests-file/Database/deployment.yaml index 379e56cf8..7997f7ade 100644 --- a/Kubernetes-Manifests-file/Database/deployment.yaml +++ b/Kubernetes-Manifests-file/Database/deployment.yaml @@ -43,4 +43,4 @@ spec: volumes: - name: mongo-volume persistentVolumeClaim: - claimName: mongo-volume-claim \ No newline at end of file + claimName: mongo-volume-claim diff --git a/Kubernetes-Manifests-file/Database/pv.yaml b/Kubernetes-Manifests-file/Database/pv.yaml index c37325cd1..6bbf1373e 100644 --- a/Kubernetes-Manifests-file/Database/pv.yaml +++ b/Kubernetes-Manifests-file/Database/pv.yaml @@ -10,4 +10,4 @@ spec: accessModes: - ReadWriteOnce hostPath: - path: /data/db \ No newline at end of file + path: /data/db diff --git a/Kubernetes-Manifests-file/Database/pvc.yaml b/Kubernetes-Manifests-file/Database/pvc.yaml index 13eb7d2b3..18178f480 100644 --- a/Kubernetes-Manifests-file/Database/pvc.yaml +++ b/Kubernetes-Manifests-file/Database/pvc.yaml @@ -9,4 +9,4 @@ spec: storageClassName: "" resources: requests: - storage: 1Gi \ No newline at end of file + storage: 1Gi diff --git a/Kubernetes-Manifests-file/Database/secrets.yaml b/Kubernetes-Manifests-file/Database/secrets.yaml index 11264032d..75475ced6 100644 --- a/Kubernetes-Manifests-file/Database/secrets.yaml +++ b/Kubernetes-Manifests-file/Database/secrets.yaml @@ -5,5 +5,5 @@ metadata: name: mongo-sec type: Opaque data: - password: cGFzc3dvcmQxMjM= #Three-Tier-Project - username: YWRtaW4= #admin \ No newline at end of file + password: cGFzc3dvcmQxMjM= + username: YWRtaW4= diff --git a/Kubernetes-Manifests-file/Database/service.yaml b/Kubernetes-Manifests-file/Database/service.yaml index 1fdba64bb..6aa4d5052 100644 --- a/Kubernetes-Manifests-file/Database/service.yaml +++ b/Kubernetes-Manifests-file/Database/service.yaml @@ -10,4 +10,4 @@ spec: - name: mongodb-svc protocol: TCP port: 27017 - targetPort: 27017 \ No newline at end of file + targetPort: 27017 diff --git a/Kubernetes-Manifests-file/Frontend/deployment.yaml b/Kubernetes-Manifests-file/Frontend/deployment.yaml index 5927afe73..eed137ff3 100644 --- a/Kubernetes-Manifests-file/Frontend/deployment.yaml +++ b/Kubernetes-Manifests-file/Frontend/deployment.yaml @@ -31,4 +31,4 @@ spec: - name: REACT_APP_BACKEND_URL value: "http://backend.amanpathakdevops.study/api/tasks" ports: - - containerPort: 3000 \ No newline at end of file + - containerPort: 3000 diff --git a/Kubernetes-Manifests-file/Frontend/service.yaml b/Kubernetes-Manifests-file/Frontend/service.yaml index de2f6df78..7b8661795 100644 --- a/Kubernetes-Manifests-file/Frontend/service.yaml +++ b/Kubernetes-Manifests-file/Frontend/service.yaml @@ -1,12 +1,13 @@ apiVersion: v1 kind: Service -metadata: +metadata: name: frontend namespace: three-tier spec: - ports: - - port: 3000 - protocol: TCP - type: ClusterIP selector: - role: frontend \ No newline at end of file + role: frontend + ports: + - protocol: TCP + port: 80 # Expose on port 80 externally + targetPort: 3000 # Container's port + type: LoadBalancer diff --git a/Kubernetes-Manifests-file/ingress.yaml b/Kubernetes-Manifests-file/ingress.yaml deleted file mode 100644 index 69686261c..000000000 --- a/Kubernetes-Manifests-file/ingress.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: mainlb - namespace: three-tier - annotations: - alb.ingress.kubernetes.io/scheme: internet-facing - alb.ingress.kubernetes.io/target-type: ip - alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]' -spec: - ingressClassName: alb - rules: - - host: backend.amanpathakdevops.study - http: - paths: - - path: /api - pathType: Prefix - backend: - service: - name: api - port: - number: 3500 - - path: / - pathType: Prefix - backend: - service: - name: frontend - port: - number: 3000 - \ No newline at end of file diff --git a/jenkinsfile b/jenkinsfile new file mode 100644 index 000000000..e834de2f0 --- /dev/null +++ b/jenkinsfile @@ -0,0 +1,142 @@ +pipeline { + agent any + + environment { + AWS_REGION = 'us-east-1' + ECR_REGISTRY = '949908266326.dkr.ecr.us-east-1.amazonaws.com' + FRONTEND_REPO = 'sukhab_app' + BACKEND_REPO = 'backend-app' + IMAGE_TAG = "latest" + NAMESPACE = "three-tier" + SONAR_PROJECT_KEY = "sukhab-backend" + SONAR_TOKEN = credentials('sonarqube') // ✅ Add your SonarQube token credentials ID here + } + + stages { + + stage('Checkout Code') { + steps { + echo "🔄 Cloning the repo" + git url: "https://github.com/Gursukhab/TWSThreeTierAppChallenge.git", branch: "main" + echo "code clonned successfully" + } + } + + // ✅ NEW STAGE + stage('SonarQube Analysis') { + steps { + dir('Application-Code/backend') { + withSonarQubeEnv('MySonarQube') { + sh """ + sonar-scanner \ + -Dsonar.projectKey=$SONAR_PROJECT_KEY \ + -Dsonar.sources=. \ + -Dsonar.host.url=http://localhost:9000 \ + -Dsonar.login=$SONAR_TOKEN + """ + } + } + } + } + + + stage('Login to AWS ECR') { + steps { + withCredentials([usernamePassword(credentialsId: 'aws-ecr-creds', usernameVariable: 'AWS_ACCESS_KEY_ID', passwordVariable: 'AWS_SECRET_ACCESS_KEY')]) { + sh ''' + mkdir -p ~/.aws + + echo "[default]" > ~/.aws/credentials + echo "aws_access_key_id=$AWS_ACCESS_KEY_ID" >> ~/.aws/credentials + echo "aws_secret_access_key=$AWS_SECRET_ACCESS_KEY" >> ~/.aws/credentials + + echo "[default]" > ~/.aws/config + echo "region=$AWS_REGION" >> ~/.aws/config + + aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $ECR_REGISTRY + ''' + } + } + } + + stage('Build and Push Frontend Image') { + steps { + dir('Application-Code/frontend') { + sh """ + docker build -t ${FRONTEND_REPO}:${IMAGE_TAG} . + docker tag ${FRONTEND_REPO}:${IMAGE_TAG} ${ECR_REGISTRY}/${FRONTEND_REPO}:${IMAGE_TAG} + docker push ${ECR_REGISTRY}/${FRONTEND_REPO}:${IMAGE_TAG} + """ + } + } + } + + stage('Build and Push Backend Image') { + steps { + dir('Application-Code/backend/') { + sh """ + docker build -t ${BACKEND_REPO}:${IMAGE_TAG} . + docker tag ${BACKEND_REPO}:${IMAGE_TAG} ${ECR_REGISTRY}/${BACKEND_REPO}:${IMAGE_TAG} + docker push ${ECR_REGISTRY}/${BACKEND_REPO}:${IMAGE_TAG} + """ + } + } + } + + stage('Update Deployment YAMLs with Image') { + steps { + sh """ + sed -i 's|image:.*|image: ${ECR_REGISTRY}/${BACKEND_REPO}:${IMAGE_TAG}|' Kubernetes-Manifests-file/Backend/deployment.yaml + sed -i 's|image:.*|image: ${ECR_REGISTRY}/${FRONTEND_REPO}:${IMAGE_TAG}|' Kubernetes-Manifests-file/Frontend/deployment.yaml + """ + } + } + + stage('Create Namespace') { + steps { + sh """ + kubectl get namespace ${NAMESPACE} || kubectl create namespace ${NAMESPACE} + """ + } + } + + stage('Deploy to Kubernetes') { + steps { + script { + dir('Kubernetes-Manifests-file/Database') { + sh ''' + kubectl apply -f secrets.yaml + kubectl apply -f pv.yaml + kubectl apply -f pvc.yaml + kubectl apply -f service.yaml + kubectl apply -f deployment.yaml + ''' + } + + dir('Kubernetes-Manifests-file/Backend') { + sh ''' + kubectl apply -f service.yaml + kubectl apply -f deployment.yaml + ''' + } + + dir('Kubernetes-Manifests-file/Frontend') { + sh ''' + kubectl apply -f service.yaml + kubectl apply -f deployment.yaml + ''' + } + } + } + } + } + + post { + success { + echo '✅ Successfully deployed everything!' + } + failure { + echo '❌ Pipeline failed. Check logs.' + } + } +}