eks-cicd-deploy/Jenkinsfile_Docker at main · devops-practicals/eks-cicd-deploy · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
pipeline {
    tools {
        maven 'Maven3'
    }
    agent any
    environment {
        AWS_REGION = 'ap-south-1'
        ECR_REPO_NAME = 'springboot-jenkins-ecr-repo'
        EKS_CLUSTER_NAME = 'jenkins-eks-cluster'
    }
    stages {
        /*
        stage('Checkout') {
            steps {
                git branch: 'main', credentialsId: 'github-credentials', url: 'https://github.com/devops-practicals/springboot-jenkins-eks.git'
            }
        }
        */
        stage('Set AWS Account ID') {
            steps {
                script {
                    def accountId = sh(script: "aws sts get-caller-identity --query Account --output text", returnStdout: true).trim()
                    env.AWS_ACCOUNT_ID = accountId
                    echo "Account ID set to: ${env.AWS_ACCOUNT_ID}"
                    env.registry = "${env.AWS_ACCOUNT_ID}.dkr.ecr.${env.AWS_REGION}.amazonaws.com/springboot-jenkins-ecr-repo"
                    echo "registry is set to: ${env.registry}"
                }
            }
        }
        stage('Build Jar') {
            steps {
                sh 'mvn clean package'
            }
        }

        stage('Build image') {
          steps{
            script {
                sh 'whoami'
                def dockerImage = docker.build(registry)
            }
          }
        }

        // stage('Scan Image with Trivy') {
        //     steps {
        //         script {
        //             sh """
        //                 export TRIVY_HOME=\$HOME/.local/bin
        //                 mkdir -p \$TRIVY_HOME
        //                 if ! command -v trivy > /dev/null; then
        //                     curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b \$TRIVY_HOME
        //                 fi
        //                 export PATH=\$TRIVY_HOME:\$PATH
        //                 \$TRIVY_HOME/trivy --version
        //                 \$TRIVY_HOME/trivy image --exit-code 1 --severity HIGH,CRITICAL ${env.registry}:latest || true
        //             """
        //         }
        //     }
        // }

        Uploading Docker images into AWS ECR
        stage('Image Push to ECR') {
            steps{
                script {
                    sh """
                        aws ecr describe-repositories --repository-names ${env.ECR_REPO_NAME} --region ${env.AWS_REGION} || aws ecr create-repository --repository-name ${env.ECR_REPO_NAME} --region ${env.AWS_REGION}
                        aws ecr get-login-password --region ${env.AWS_REGION} | docker login --username AWS --password-stdin ${env.AWS_ACCOUNT_ID}.dkr.ecr.${env.AWS_REGION}.amazonaws.com
                        docker push ${env.AWS_ACCOUNT_ID}.dkr.ecr.${env.AWS_REGION}.amazonaws.com/springboot-jenkins-ecr-repo:latest
                        docker rmi ${env.registry}:latest || true
                    """
                }
            }
        }

    }
}