Question: Create the jenkins cicd pipeline to deploy the nodejs application on aws eks cluster using following steps:
- checkout the code from scm, if stage fail then exit the pipeline and send the error on a mail
- chekc the code quality and quality gate using sonarqube if the code quality is below 80% then exit the pipeline and send the report on a mail
- check the code using trivy, if stage fail then exit the pipeline and send the error on a mail
- Run the test, if stage fail then exit the pipeline and send the error on a mail
- create the docker image and scan the docker image using trivy
- push the docker image to aws ecr, if stage fail then exit the pipeline and send the error on a mail
- update the manifest files in gitops blue environment and deploy the code
- Switch the traffic to the blue environment if all are ok then updathe the gitops manifest of green and environment and deploy the code and switch traffic to green environment. if all are not ok then rollback the previous green version
pipeline {
agent any
environment {
AWS_REGION = 'us-west-2'
EKS_CLUSTER = 'your-eks-cluster'
DOCKER_REGISTRY = '123456789012.dkr.ecr.us-west-2.amazonaws.com'
REPO_URL = 'https://github.com/your-repo.git'
SONARQUBE_SERVER = 'your-sonarqube-server'
TRIVY_IMAGE = 'aquasec/trivy:latest'
APP_NAME = 'my-app'
}
stages {
stage('Checkout') {
steps {
script {
try {
git credentialsId: 'your-git-credentials-id', url: "${REPO_URL}"
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Checkout",
body: "Checkout stage failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Checkout stage failed"
}
}
}
}
stage('Code Quality Check') {
steps {
script {
try {
withSonarQubeEnv('SonarQube') {
sh 'sonar-scanner -Dsonar.projectKey=your_project_key -Dsonar.sources=src -Dsonar.host.url=${SONARQUBE_SERVER} -Dsonar.login=your_sonarqube_token'
}
timeout(time: 5, unit: 'MINUTES') {
def qg = waitForQualityGate()
if (qg.status != 'OK') {
emailext subject: "Jenkins Pipeline Failed: Code Quality Check",
body: "Code Quality Check failed with quality gate status: ${qg.status}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Code Quality Check failed with quality gate status: ${qg.status}"
}
}
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Code Quality Check",
body: "Code Quality Check failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Code Quality Check failed"
}
}
}
}
stage('Security Scan with Trivy') {
steps {
script {
try {
sh "docker run --rm -v $(pwd):/app -w /app ${TRIVY_IMAGE} fs /app"
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Security Scan",
body: "Security Scan failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Security Scan failed"
}
}
}
}
stage('Run Tests') {
steps {
script {
try {
sh 'npm install'
sh 'npm test'
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Test Run",
body: "Test Run failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Test Run failed"
}
}
}
}
stage('Build Docker Image') {
steps {
script {
try {
sh 'docker build -t ${APP_NAME}:latest .'
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Build Docker Image",
body: "Build Docker Image failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Build Docker Image failed"
}
}
}
}
stage('Scan Docker Image with Trivy') {
steps {
script {
try {
sh "docker run --rm -v /var/run/docker.sock:/var/run/docker.sock ${TRIVY_IMAGE} image ${APP_NAME}:latest"
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Docker Image Scan",
body: "Docker Image Scan failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Docker Image Scan failed"
}
}
}
}
stage('Push Docker Image to ECR') {
steps {
script {
try {
sh 'aws ecr get-login-password --region ${AWS_REGION} | docker login --username AWS --password-stdin ${DOCKER_REGISTRY}'
sh "docker tag ${APP_NAME}:latest ${DOCKER_REGISTRY}/${APP_NAME}:latest"
sh "docker push ${DOCKER_REGISTRY}/${APP_NAME}:latest"
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Push Docker Image",
body: "Push Docker Image failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Push Docker Image failed"
}
}
}
}
stage('Update GitOps Blue Environment') {
steps {
script {
try {
// Update the manifest files in the GitOps repository
sh 'sed -i "s|image: ${APP_NAME}:.*|image: ${DOCKER_REGISTRY}/${APP_NAME}:latest|" k8s/blue-deployment.yaml'
sh 'git add k8s/blue-deployment.yaml'
sh 'git commit -m "Update image to ${DOCKER_REGISTRY}/${APP_NAME}:latest"'
sh 'git push'
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Update GitOps",
body: "Update GitOps failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Update GitOps failed"
}
}
}
}
stage('Deploy to Blue Environment') {
steps {
script {
try {
withCredentials([file(credentialsId: 'kubeconfig', variable: 'KUBECONFIG')]) {
sh 'kubectl apply -f k8s/blue-deployment.yaml'
}
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Deploy to Blue Environment",
body: "Deploy to Blue Environment failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Deploy to Blue Environment failed"
}
}
}
}
stage('Switch Traffic to Blue') {
steps {
script {
try {
withCredentials([file(credentialsId: 'kubeconfig', variable: 'KUBECONFIG')]) {
// Switch traffic to blue environment
sh 'kubectl patch service my-app-service -p \'{"spec":{"selector":{"version":"blue"}}}\''
}
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Switch Traffic to Blue",
body: "Switch Traffic to Blue failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Switch Traffic to Blue failed"
}
}
}
}
stage('Verify Blue Deployment') {
steps {
script {
try {
// Add verification steps to ensure the application is working fine
sh 'curl -f http://my-app-service-blue-endpoint/health'
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Verify Blue Deployment",
body: "Verify Blue Deployment failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Verify Blue Deployment failed"
}
}
}
}
stage('Update GitOps Green Environment') {
steps {
script {
try {
// Update the manifest files in the GitOps repository
sh 'sed -i "s|image: ${APP_NAME}:.*|image: ${DOCKER_REGISTRY}/${APP_NAME}:latest|" k8s/green-deployment.yaml'
sh 'git add k8s/green-deployment.yaml'
sh 'git commit -m "Update image to ${DOCKER_REGISTRY}/${APP_NAME}:latest"'
sh 'git push'
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Update GitOps",
body: "Update GitOps failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Update GitOps failed"
}
}
}
}
stage('Deploy to Green Environment') {
steps {
script {
try {
withCredentials([file(credentialsId: 'kubeconfig', variable: 'KUBECONFIG')]) {
sh 'kubectl apply -f k8s/green-deployment.yaml'
}
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Deploy to Green Environment",
body: "Deploy to Green Environment failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Deploy to Green Environment failed"
}
}
}
}
stage('Switch Traffic to Green') {
steps {
script {
try {
withCredentials([file(credentialsId: 'kubeconfig', variable: 'KUBECONFIG')]) {
// Switch traffic to green environment
sh 'kubectl patch service my-app-service -p \'{"spec":{"selector":{"version":"green"}}}\''
}
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Switch Traffic to Green",
body: "Switch Traffic to Green failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Switch Traffic to Green failed"
}
}
}
}
stage('Verify Green Deployment') {
steps {
script {
try {
// Add verification steps to ensure the application is working fine
sh 'curl -f http://my-app-service-green-endpoint/health'
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Verify green Deployment",
body: "Verify Blue Deployment failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Verify green Deployment failed"
}
}
}
}
stage('Rollback to Blue') {
when {
expression { currentBuild.result == 'FAILURE' }
}
steps {
script {
try {
withCredentials([file(credentialsId: 'kubeconfig', variable: 'KUBECONFIG')]) {
// Switch traffic back to blue environment
sh 'kubectl patch service my-app-service -p \'{"spec":{"selector":{"version":"blue"}}}\''
}
} catch (Exception e) {
emailext subject: "Jenkins Pipeline Failed: Rollback to Blue",
body: "Rollback to Blue failed with error: ${e.message}",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
error "Rollback to Blue failed"
}
}
}
}
}
post {
success {
emailext subject: "Jenkins Pipeline Succeeded",
body: "The Jenkins pipeline has completed successfully.",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
}
failure {
emailext subject: "Jenkins Pipeline Failed",
body: "The Jenkins pipeline has failed. Please check the details and logs.",
recipientProviders: [[$class: 'DevelopersRecipientProvider']]
}
}
}
