diff --git a/Dockerfile b/Dockerfile index b571261..b5cd7a5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ FROM node:18-alpine AS builder # Add metadata for authorship and app identification -LABEL maintainer="Amitabh Soni " \ +LABEL maintainer="Shubham Tayde " \ app="gemini" \ stage="build" @@ -27,7 +27,7 @@ RUN rm -rf node_modules && npm cache clean --force FROM node:18-alpine AS production # Add metadata for the final image -LABEL maintainer="Amitabh Soni " \ +LABEL maintainer="Shubham Tayde " \ app="gemini" \ stage="production" @@ -47,4 +47,4 @@ ENV NODE_ENV=production EXPOSE 3000 -CMD ["npm", "start"] \ No newline at end of file +CMD ["npm", "start"] diff --git a/GitOps/Jenkinsfile b/GitOps/Jenkinsfile index d743d8f..bd58d5a 100644 --- a/GitOps/Jenkinsfile +++ b/GitOps/Jenkinsfile @@ -1,7 +1,7 @@ @Library('Shared')_ pipeline { - agent { label 'dev-server' } + agent any parameters { string(name: 'GEMINI_DOCKER_TAG', defaultValue: 'v1', description: 'Docker tag for gemini image') @@ -16,7 +16,7 @@ pipeline { stage("Git: Code Checkout") { steps { - clone("https://github.com/Amitabh-DevOps/dev-gemini-clone.git", "DevOps") + clone("https://github.com/AWS-DevOps-shubh/dev-gemini-clone.git", "dev-shubh") } } @@ -29,7 +29,7 @@ pipeline { stage("Update: Kubernetes Manifest") { steps { dir('kubernetes') { - sh "sed -i 's|amitabhdevops/geminiamit.*|amitabhdevops/geminiamit:${params.GEMINI_DOCKER_TAG}|' gemini-deployment.yml" + sh "sed -i 's|devshubh2204/geminishubham.*|devshubh2204/geminishubham:${params.GEMINI_DOCKER_TAG}|' gemini-deployment.yml" } } } @@ -48,7 +48,7 @@ pipeline { git commit -m "Update gemini image to ${GEMINI_DOCKER_TAG}" echo "Pushing changes to github: " - git push https://github.com/Amitabh-DevOps/dev-gemini-clone.git DevOps + git push https://github.com/AWS-DevOps-shubh/dev-gemini-clone.git dev-shubh ''' } } @@ -106,7 +106,7 @@ pipeline {

""", - to: "amitabhdevops2024@gmail.com", + to: "shubhamtayde2409@gmail.com", from: "jenkins@example.com", mimeType: 'text/html' ) @@ -158,7 +158,7 @@ pipeline {

""", - to: "amitabhdevops2024@gmail.com", + to: "shubhamtayde2409@gmail.com", from: "jenkins@example.com", mimeType: 'text/html' ) @@ -167,4 +167,4 @@ pipeline { cleanWs() } } -} \ No newline at end of file +} diff --git a/Jenkinsfile b/Jenkinsfile index 038c483..21b1f15 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,184 +1,81 @@ -@Library('Shared')_ +@Library('shared') _ pipeline { - agent { label 'dev-server' } - + agent any + environment { - SONAR_HOME = tool "Sonar" - DOCKER_IMAGE = "geminiamit" - GIT_REPO = "https://github.com/Amitabh-DevOps/dev-gemini-clone.git" - GIT_BRANCH = "DevOps" - DOCKERHUB_USERNAME = "amitabhdevops" - DOCKER_IMAGE_NAME = "${DOCKERHUB_USERNAME}/${DOCKER_IMAGE}" - } - parameters { - string(name: 'GEMINI_DOCKER_TAG', defaultValue: 'v1', description: 'Setting docker image for latest push') + DOCKER_IMAGE_NAME = 'devshubh2204/geminiclonenip' + DOCKER_IMAGE_TAG = "${BUILD_NUMBER}" + GITHUB_CREDENTIALS = credentials('git-hub-cred') + GIT_BRANCH = "dev-shubh" } + stages { - stage("Clean Workspace") { - steps { - cleanWs() - } - } - stage("Code") { - steps { - // Use GIT_REPO and GIT_BRANCH from environment variables - clone("${GIT_REPO}", "${GIT_BRANCH}") - echo "Code cloning done from ${GIT_REPO} branch ${GIT_BRANCH}." - } - } - stage("Prepare Environment File") { - steps { - prepareEnvFile('.env.local', '.env.local') - } - } - stage("Build") { - steps { - dockerbuild("${DOCKER_IMAGE}", "${params.GEMINI_DOCKER_TAG}") - echo "Docker image ${DOCKER_IMAGE}:${params.GEMINI_DOCKER_TAG} built successfully." - } - } - stage("SonarQube Quality Analysis") { - steps { - sonarqube_analysis('Sonar', "${DOCKER_IMAGE}", "${DOCKER_IMAGE}") - } - } - stage("OWASP : Dependency Check") { + stage('Cleanup Workspace') { steps { - owasp_dependency() + script { + clean_ws() + } } } - stage("Sonar Quality Gate Scan") { + + stage('Clone Repository') { steps { - sonarqube_code_quality() + script { + clone("https://github.com/AWS-DevOps-shubh/dev-gemini-clone.git", "dev-shubh") + } } } - stage("Docker Image Security Scan (Trivy)") { - steps { - dockerScanTrivy("${DOCKER_IMAGE}", "${params.GEMINI_DOCKER_TAG}") - echo "Trivy scan completed for ${DOCKER_IMAGE}:${params.GEMINI_DOCKER_TAG}." + + stage('Build and Scan Docker Image') { + parallel { + stage('Build Main App Image') { + steps { + script { + docker_build( + imageName: env.DOCKER_IMAGE_NAME, + imageTag: env.DOCKER_IMAGE_TAG, + dockerfile: 'Dockerfile', + context: '.' + ) + } + } + } + + stage('Security Scan with Trivy') { + steps { + script { + trivy() + } + } + } } } - stage("Push to DockerHub") { + + stage('Push Docker Images') { steps { - dockerpush("dockerHub", "${DOCKER_IMAGE}", "${params.GEMINI_DOCKER_TAG}") - echo "Pushed ${DOCKERHUB_USERNAME}/${DOCKER_IMAGE}:${params.GEMINI_DOCKER_TAG} to DockerHub." + script { + docker_push( + imageName: env.DOCKER_IMAGE_NAME, + imageTag: env.DOCKER_IMAGE_TAG, + credentials: 'docker-hub-cred' + ) + } } } - // Uncommented and updated the "Run Container" stage to use environment variables - // stage("Run Container") { - // steps { - // dockerRunApp("${DOCKER_IMAGE}", "${params.GEMINI_DOCKER_TAG}", "env_local", "${DOCKER_IMAGE}", "--env-file .env.local -p 3000:3000") - // echo "Container started using ${DOCKER_IMAGE}:${DOCKER_TAG} with container name '${DOCKER_IMAGE}'." - // } - // } - stage("Cleanup Docker Images") { + + stage('Update Kubernetes Manifests') { steps { script { - sh "docker rmi ${DOCKER_IMAGE}:${params.GEMINI_DOCKER_TAG} || true" - sh "docker rmi ${DOCKERHUB_USERNAME}/${DOCKER_IMAGE}:${params.GEMINI_DOCKER_TAG} || true" - sh "docker image prune -f" + updatek8s( + imageTag: env.DOCKER_IMAGE_TAG, + manifestsPath: 'kubernetes', + gitCredentials: 'git-hub-cred', + gitUserName: 'AWS-DevOps-shubh', + gitUserEmail: 'devshubh2204@gmail.com', + ) } - echo "Cleaned up Docker image: ${DOCKERHUB_USERNAME}/${DOCKER_IMAGE}:${params.GEMINI_DOCKER_TAG}." } } } - post { - success { - archiveArtifacts artifacts: 'kubernetes/gemini-deployment.yml', followSymlinks: false - build job: "Gemini-CD", parameters: [ - string(name: 'GEMINI_DOCKER_TAG', value: "${params.GEMINI_DOCKER_TAG}") - ] - echo "Pipeline completed successfully!" - emailext ( - subject: "SUCCESS: Jenkins Pipeline for ${DOCKER_IMAGE}", - body: """ -
-

🎉 Pipeline Execution: SUCCESS 🎉

-

- Hello Team, -

-

- The Jenkins CI pipeline for ${DOCKER_IMAGE} completed successfully! -

- - - - - - - - - - - - - - - - - -
DetailsValues
Git Repository${GIT_REPO}
Branch${GIT_BRANCH}
Docker Image${DOCKERHUB_USERNAME}/${DOCKER_IMAGE}:${params.GEMINI_DOCKER_TAG}
-

- Visit Pipeline Logs for more details. -

-

- Thanks,
- Jenkins -

-
- """, - to: "amitabhdevops2024@gmail.com", - from: "jenkins@example.com", - mimeType: 'text/html', - attachmentsPattern: '**/table-report.html' - ) - } - failure { - echo "Pipeline failed. Please check the logs." - emailext ( - subject: "FAILURE: Jenkins Pipeline for ${DOCKER_IMAGE}", - body: """ -
-

🚨 Pipeline Execution: FAILURE 🚨

-

- Hello Team, -

-

- Unfortunately, the Jenkins CI pipeline for ${DOCKER_IMAGE} has failed. -

- - - - - - - - - - - - - - - - - -
DetailsValues
Git Repository${GIT_REPO}
Branch${GIT_BRANCH}
Docker Image${DOCKERHUB_USERNAME}/${DOCKER_IMAGE}:${params.GEMINI_DOCKER_TAG}
-

- Visit Pipeline Logs for more details. -

-

- Thanks,
- Jenkins -

-
- """, - to: "amitabhdevops2024@gmail.com", - from: "jenkins@example.com", - mimeType: 'text/html', - attachmentsPattern: '**/table-report.html' - ) - } - } -} \ No newline at end of file +} diff --git a/kubernetes/cert-issuer.yml b/kubernetes/cert-issuer.yml index 9a82d4f..beb19c4 100644 --- a/kubernetes/cert-issuer.yml +++ b/kubernetes/cert-issuer.yml @@ -8,7 +8,7 @@ spec: # The ACME server URL server: https://acme-v02.api.letsencrypt.org/directory # Email address used for ACME registration - email: # Replace with your email address + email: devshubh2204@gmail.com # Replace with your email address # Name of a secret used to store the ACME account private key privateKeySecretRef: name: letsencrypt-prod-key @@ -18,4 +18,4 @@ spec: ingress: class: nginx - \ No newline at end of file + diff --git a/kubernetes/configmap.yml b/kubernetes/configmap.yml index 9bb4d78..d4986b7 100644 --- a/kubernetes/configmap.yml +++ b/kubernetes/configmap.yml @@ -4,4 +4,7 @@ metadata: name: gemini-config namespace: gemini-namespace data: - NEXTAUTH_URL: # Enter your NextAuth URL here(Domain name/URL) \ No newline at end of file + GOOGLE_ID: 103384355930-outj5vptfg6lf5jc4kcfklhfa1sljuum.apps.googleusercontent.com + MONGODB_URI: mongodb://mongodb-service:27017/gemini + NEXTAUTH_URL: https://34.251.105.234.nip.io + MONGO_INITDB_ROOT_USERNAME: YWRtaW4= diff --git a/kubernetes/gemini-deployment.yml b/kubernetes/gemini-deployment.yml index c6c9a7f..7c9692b 100644 --- a/kubernetes/gemini-deployment.yml +++ b/kubernetes/gemini-deployment.yml @@ -17,7 +17,7 @@ spec: spec: containers: - name: gemini - image: amitabhdevops/geminiprod:v1 + image: devshubh2204/geminiclonenip:20 ports: - containerPort: 3000 resources: @@ -57,4 +57,4 @@ spec: valueFrom: secretKeyRef: name: gemini-secret - key: NEXT_PUBLIC_API_KEY \ No newline at end of file + key: NEXT_PUBLIC_API_KEY diff --git a/kubernetes/gemini-ingress.yml b/kubernetes/gemini-ingress.yml index 5e8fefb..72a1bd1 100644 --- a/kubernetes/gemini-ingress.yml +++ b/kubernetes/gemini-ingress.yml @@ -11,11 +11,11 @@ metadata: spec: tls: - hosts: - - geminiamitabh.letsdeployit.com + - geminishubh.34.251.105.234.nip.io secretName: gemini-tls-secret ingressClassName: nginx rules: - - host: "geminiamitabh.letsdeployit.com" + - host: geminishubh.34.251.105.234.nip.io http: paths: - path: / @@ -31,4 +31,4 @@ spec: service: name: nginx-service port: - number: 80 \ No newline at end of file + number: 80 diff --git a/kubernetes/secrets.yml b/kubernetes/secrets.yml index c3aa90d..6d56d03 100644 --- a/kubernetes/secrets.yml +++ b/kubernetes/secrets.yml @@ -5,8 +5,7 @@ metadata: namespace: gemini-namespace type: Opaque data: - GOOGLE_ID: # Enter your Google ID here in base64 encoded format - GOOGLE_SECRET: # Enter your Google secret here in base64 encoded format - NEXTAUTH_SECRET: # Enter your NextAuth secret here in base64 encoded format - NEXT_PUBLIC_API_KEY: # Enter your API key here in base64 encoded format - MONGODB_URI: # Enter your MongoDB URI here in base64 encoded format \ No newline at end of file + GOOGLE_SECRET:R09DU1BYLXhtMGNvLUZFbEtuV0JhYzgybVpQUzVqUG9ZdFc= + NEXTAUTH_SECRET:p2aQyMyvv4EQifX4i3GkAYRypTszDHxHE0aZr8GiHzg # Enter your NextAuth secret here in base64 encoded format + NEXT_PUBLIC_API_KEY:QUl6YVN5QmFqRG83LU9wNVB4UHRJQWVHbS1POVZOMVpxWktONzNV # Enter your API key here in base64 encoded format + MONGO_INITDB_ROOT_PASSWORD:c2h1YmhhbUAxMjM0