pipeline {
    agent any
    tools {
        jdk 'jdk17'
        nodejs 'node23'
    }
    environment {
        SCANNER_HOME=tool 'sonar-scanner'
    }
    stages {
        stage ("clean workspace") {
            steps {
                cleanWs()
            }
        }
        stage ("Git Checkout") {
            steps {
                git 'https://github.com/AbdulAziz-uk/zomato.git'
            }
        }
        stage("Sonarqube Analysis"){
            steps{
                withSonarQubeEnv('sonar') {
                    sh ''' $SCANNER_HOME/bin/sonar-scanner -Dsonar.projectName=zomato \
                    -Dsonar.projectKey=zomato '''
                }
            }
        }
        stage("Code Quality Gate"){
           steps {
                script {
                    waitForQualityGate abortPipeline: false, credentialsId: 'sonar-token' 
                }
            } 
        }
        stage("Install NPM Dependencies") {
            steps {
                sh "npm install"
            }
        }
        stage('OWASP FS SCAN') {
            steps {
                dependencyCheck additionalArguments:'--scan ./ --disableYarnAudit --disableNodeAudit -n', odcInstallation:'DC'
                dependencyCheckPublisher pattern:'**/dependency-check-report.xml'
            }
        }
        stage ("Trivy File Scan") {
            steps {
                sh "trivy fs . > trivy.txt"
            }
        }
        stage ("Build Docker Image") {
            steps {
                sh "docker build -t zomato ."
            }
        }
        stage ("Tag & Push to DockerHub") {
            steps {
                script {
                    withDockerRegistry(credentialsId:'docker-cred') {
                        sh "docker tag zomato aziz27uk/zomato:latest "
                        sh "docker push aziz27uk/zomato:latest "
                    }
                }
            }
        }
        stage('Docker Scout Image Analysis') {
            steps {
                script{
                   withDockerRegistry(credentialsId:'docker-cred', toolName:'docker'){
                       sh 'docker-scout quickview aziz27uk/zomato:latest'
                       sh 'docker-scout cves aziz27uk/zomato:latest'
                       sh 'docker-scout recommendations aziz27uk/zomato:latest'
                   }
                }
            }
        }
        stage ("Deploy to Container") {
            steps {
                sh 'docker run -d --name zomato -p 3000:3000 aziz27uk/zomato:latest'
            }
        }
    }
    post {
    always {
        emailext attachLog:true,
            subject:"'${currentBuild.result}'",
            body:"""
                <html>
                <body>
                    <div style="background-color:#FFA07A; padding:10px; margin-bottom:10px;">
                        <p style="color:white; font-weight:bold;">Project:${env.JOB_NAME}</p>
                    </div>
                    <div style="background-color:#90EE90; padding:10px; margin-bottom:10px;">
                        <p style="color:white; font-weight:bold;">Build Number:${env.BUILD_NUMBER}</p>
                    </div>
                    <div style="background-color:#87CEEB; padding:10px; margin-bottom:10px;">
                        <p style="color:white; font-weight:bold;">URL:${env.BUILD_URL}</p>
                    </div>
                </body>
                </html>
                """,
            to:'aziz.azure2025@gmail.com',
            mimeType:'text/html',
            attachmentsPattern:'trivy.txt'
        }
    }
}