🎖️Project : DevSecOps Jenkins CI/CD pipeline for a Node.js Application

🔗Tools Required:-

1. GitHub: For source code repository and version control.

2. Docker and Docker Compose: For containerizing the Node.js application.

3. Jenkins: For setting up and managing the CI/CD pipeline.

4. SonarQube: For continuous inspection of code quality.

5. OWASP tools: For identifying security vulnerabilities in the application.

6. Trivy: For scanning Docker images for vulnerabilities.

7. DevSecOps practices: Integrating security at every phase of the software development lifecycle.

🔗Step 1:- Launch Instance

⭐ Create EC2 instance & connect

🔗Step 2:- Install Jenkins

⭐After installation of Jenkins add an 8080 port in the EC2 security group

⭐Access the Jenkins in your web browser it opens the unlock Jenkins window

http://localhost:8080

⭐Enter the Administrator Password & click on Continue, Jenkins gets started.

⭐Create the job, select pipeline

⭐Add the GitHub URL

⭐Pipeline script -> Add your code & save

pipeline{

    agent any
    environment{
        SONAR_HOME=tool "Sonar"
    }
    stages{

        stage("Code"){
            steps{
                git url:"https://github.com/sarikakamble/node-todo-cicd.git/", branch:"master"
                echo "Code cloned successfully."
            }
        }
        stage("Sonarqube Analysis"){
            steps{
                withSonarQubeEnv("Sonar"){
                    sh "$SONAR_HOME/bin/sonar-scanner -Dsonar.projectName=nodetodo -Dsonar.projectKey=nodetodo -X"
                } 
            }
        }
        stage("Sonarqube Quality Gates"){
            steps{
                timeout(time:1 , unit:"MINUTES"){
                    waitForQualityGate abortPipeline: false
                }
            }
        }
        stage("OWASP"){
            steps{
                dependencyCheck additionalArguments: '--scan ./', odcInstallation: 'OWASP'
                dependencyCheckPublisher pattern: '**/dependency-check-report.xml' 
            }
        }
        stage("Build & Test"){
            steps{
                sh 'docker build -t node-app-batch-6:latest .'
                echo "Code built successfully."
            }
        }
        stage("Trivy"){
            steps{
                sh "trivy image node-app-batch-6"
            }
        }
        stage("Push to private DockerHub Repo"){
            steps{
                withCredentials([usernamePassword(credentialsId:"DockerHubCreds",passwordVariable:"dockerPass",usernameVariable:"dockerUser")]){
                    sh "docker login -u ${env.dockerUser} -p ${env.dockerPass}"
                    sh "docker tag node-app-batch-6:latest ${env.dockerUser}/node-app-batch-6:latest"
                    sh "docker push ${env.dockerUser}/node-app-batch-6:latest"
                }
            }
        }
        stage("Deploy"){
            steps{
                sh "docker-compose up -d"
                echo "App Deployed successfully."
            }
        }
    }
}

🔗Step 3:- Install Docker

⭐Add your current user & Jenkins to the docker group to get all permission

sudo usermod -aG doker $USER
sudo usermod -aG docker jenkins

🔗Step 4:- SonarQube Server

⭐Add SonarQube plugins

⭐Install SonarQube server

⭐Add the 9000 port in the EC2 security group

⭐Access the SonarQube on a web browser

http://localhost:9000

🔗Step 5:- Add new credentials

⭐Go to Manage Jenkins -> Credentials

🔗Step 6:- Build your application

⭐Click on Build Now

⭐Add the port 8000 in EC2 security group to access your application

⭐Access the application on a web browser

http://localhost:8000

📚Happy Learning :)