-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathJenkinsfile
92 lines (85 loc) · 3.21 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
pipeline {
agent {
docker {
image 'myjenkins-blueocean:2.452.1-1'
args '-v /var/run/docker.sock:/var/run/docker.sock'
}
}
environment {
DOCKER_COMPOSE_FILE = '/var/jenkins_home/workspace/RoomBooker/docker-compose.yml'
DOCKER_HOST = 'unix:///var/run/docker.sock'
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY = credentials('NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY')
STRIPE_SECRET_KEY = credentials('STRIPE_SECRET_KEY')
admin_email = credentials('admin_email')
admin_password = credentials('admin_password')
FRONTEND_BASE_URL = 'https://roombooker.zapto.org'
BACKEND_API_URL = credentials('BACKEND_API_URL')
NEXT_PUBLIC_SESSION_PASSWORD = credentials('NEXT_PUBLIC_SESSION_PASSWORD')
DB_USERNAME = credentials('DB_USERNAME')
DB_PASSWORD = credentials('DB_PASSWORD')
DB_HOST = credentials('DB_HOST')
DB_NAME = credentials('DB_NAME')
DB_PORT = credentials('DB_PORT')
SONARQUBE_SCANNER = tool 'SonarQubeScanner'
SONARQUBE_TOKEN = credentials('SONARQUBE_TOKEN')
SONARQUBE_PROJECT_KEY = credentials('SONARQUBE_PROJECT_KEY')
SONARQUBE_URL = credentials('SONARQUBE_URL')
}
stages {
stage('Checkout') {
steps {
script {
git branch: 'main', credentialsId: 'gh', url: 'https://github.com/aloysiustayy/ICT2216-RoomBooker.git'
sh '''
ls -lart ./*
echo Hello World
'''
}
}
}
stage('Build and Deploy') {
steps {
script {
sh 'docker compose -f ${DOCKER_COMPOSE_FILE} down'
sh 'docker compose -f ${DOCKER_COMPOSE_FILE} build --no-cache fastapi'
sh 'docker compose -f ${DOCKER_COMPOSE_FILE} build nextjs'
sh 'docker compose -f ${DOCKER_COMPOSE_FILE} up -d'
}
}
}
stage('OWASP Dependency-Check Vulnerabilities') {
steps {
dependencyCheck additionalArguments: '''
--enableExperimental
-o './'
-s './'
-f 'ALL'
--prettyPrint''', odcInstallation: 'OWASP Dependency-Check Vulnerabilities'
dependencyCheckPublisher pattern: 'dependency-check-report.xml'
}
}
stage('SonarQube Analysis') {
steps {
script {
withSonarQubeEnv('SonarQube') {
sh '''
${SONARQUBE_SCANNER}/bin/sonar-scanner \
-Dsonar.projectKey=${SONARQUBE_PROJECT_KEY} \
-Dsonar.sources=. \
-Dsonar.host.url=${SONARQUBE_URL} \
-Dsonar.token=${SONARQUBE_TOKEN}
'''
}
}
}
}
}
post {
always {
cleanWs()
script {
sh 'docker builder prune -f'
}
}
}
}