pipeline {
agent any
tools {
jdk 'jdk17'
nodejs 'nodejs'
}
environment {
SONARQUBE_HOME=tool 'sonar-scanner'
}
stages {
stage ('clean workspace'){
steps {
cleanWs()
}
}
stage ('Git Clone') {
steps {
git branch:'main', url:'https://github.com/AbdulAziz-uk/Disney_Hotstar.git'
}
}
stage ('Sonar Analysis'){
steps {
withSonarQubeEnv('sonarqube-server'){
sh ''' $SONARQUBE_HOME/bin/sonar-scanner -Dsonar.projectName=hotstar \
-Dsonar.projectKey=hotstar '''
}
}
}
stage ('quality gate'){
steps {
script {
waitForQualityGate abortPipeline:false, credentialsId:'sonar-token'
}
}
}
stage ('Install Dependencies'){
steps {
sh "npm install"
}
}
stage ('OWASP FS Scan'){
steps {
dependencyCheck additionalArguments:'--scan ./ --disableYarnAudit --disableNodeAudit --nvdApiKey 36883b57-9d9d-4677-b466-f7012f883687', odcInstallation:'DC'
dependencyCheckPublisher pattern:'**/dependency-check-report.xml'
}
}
stage ('Trivy FS Scan'){
steps {
sh "trivy fs . > trivyfs.txt"
}
}
stage ('Docker Build & Push'){
steps {
script {
withDockerRegistry(credentialsId:'docker', toolName:'docker'){
sh "docker build -t hotstar ."
sh "docker tag hotstar aziz27uk/hotstar:latest"
sh "docker push aziz27uk/hotstar:latest"
}
}
}
}
stage ('Trivy'){
steps {
sh "trivy image aziz27uk/hotstar:latest > trivyimage.txt"
}
}
stage ('Deploy to Container'){
steps {
sh 'docker run -d --name hotstar -p 3000:3000 aziz27uk/hotstar:latest'
}
}
}
post {
always {
script {
def buildStatus = currentBuild.currentResult
def buildUser = currentBuild.getBuildCauses('hudson.model.Cause$UserIdCause')[0]?.userId ?:'Github User'
emailext (
subject:"Pipeline ${buildStatus}:${env.JOB_NAME} #${env.BUILD_NUMBER}",
body:"""
This is a Jenkins HOTSTAR CICD pipeline status.
Project:${env.JOB_NAME}
Build Number:${env.BUILD_NUMBER}
Build Status:${buildStatus}
Started by:${buildUser}
Build URL:${env.BUILD_URL}
""",
to:'aziz.azure2024@gmail.com',
from:'aziz.azure2024@gmail.com',
replyTo:'aziz.azure2024@gmail.com',
mimeType:'text/html',
attachmentsPattern:'trivyfs.txt,trivyimage.txt'
)
}
}
}
}