Jenkins CI Pipeline Setup with EC2, SonarQube, Docker, Maven, and TRIVY

Project Overview

This project demonstrates a complete CI pipeline setup using Jenkins, deployed on an AWS EC2 instance. The pipeline integrates with SonarQube for code quality analysis, Docker for containerization, Maven for build automation, and TRIVY for Docker image scanning.

Table of Contents

• Project Overview
• Setup Instructions
  • Step 1: Create EC2 Instance
  • Step 2: Connect and Install Tools
  • Step 3: Install Jenkins
  • Step 4: Change Security Group
  • Step 5: Access Jenkins Console
  • Step 6: Retrieve Administrator Password
  • Step 7: Install Suggested Plugins
  • Step 8: Create First User
  • Step 9: Create Pipeline Job
  • Step 10: Add Pipeline Script as SCM
  • Step 11: Add Required Plugins
  • Step 12: Setup Docker
  • Step 13: Install and Configure SonarQube
  • Step 14: Install Maven
  • Step 15: Install TRIVY
  • Step 16: Integrate SonarQube with Jenkins
  • Step 17: Add Docker Hub Credentials
  • Step 18: Add Jenkins Shared Library
  • Step 19: Verify Pipeline Execution

Setup Instructions

Step 1: Create EC2 Instance

1. Launch an EC2 Instance
   • Instance Type: t2.medium
   • EBS Volume: 30 GB
   • Region: US-EAST-1
   • Operating System: Ubuntu

Step 2: Connect and Install Tools

1. Connect to EC2

   • SSH into your EC2 instance.
   • Switch to the root user:

     sudo su

2. Install Required Tools

   • Follow the installation commands from the provided script:

     wget https://github.com/Hafeezbaig/tools_installation_scripts/raw/main/jenkins.sh
     chmod +x jenkins.sh
     ./jenkins.sh

Step 3: Install Jenkins

1. Install Jenkins
   • Run the installation script for Jenkins:

     wget https://github.com/Hafeezbaig/tools_installation_scripts/raw/main/jenkins.sh
     chmod +x jenkins.sh
     ./jenkins.sh

Step 4: Change Security Group

1. Update Security Group
   • Allow necessary ports (e.g., HTTP, Jenkins port 8080) in the EC2 security group settings.

Step 5: Access Jenkins Console

1. Sign Into Jenkins
   • Access Jenkins via http://<EC2_PUBLIC_IP>:8080/.

Step 6: Retrieve Administrator Password

1. Get Admin Password
   • Run the following command in the EC2 instance:

     cat /var/lib/jenkins/secrets/initialAdminPassword

Step 7: Install Suggested Plugins

1. Install Plugins
   • Navigate to Manage Jenkins -> Manage Plugins and install all suggested plugins.

Step 8: Create First User

1. Set Up User
   • Follow the Jenkins setup wizard to create your first user.

Step 9: Create Pipeline Job

1. Create Pipeline Job
   • Create a new Pipeline job in Jenkins.

Step 10: Add Pipeline Script as SCM

1. Configure SCM
   • Use the pipeline script from:

     https://github.com/Hafeezbaig/Java_app_3.0.git
     

Step 11: Add Required Plugins

1. Install Additional Plugins
   • Navigate to Manage Jenkins -> Manage Plugins -> Available Plugins and install:
     • SonarQube Scanner
     • SonarQube Generic Coverage
     • Sonar Quality Gates
     • Artifactory
     • Jfrog

Step 12: Setup Docker

1. Install Docker

   • Follow the installation script for Docker:

     wget https://github.com/Hafeezbaig/tools_installation_scripts/raw/main/docker.sh
     chmod +x docker.sh
     ./docker.sh

2. Verify Docker Installation

   • Check Docker version:

     docker -v

Step 13: Install and Configure SonarQube

1. Install SonarQube

   • Follow the installation script for SonarQube:

     wget https://github.com/Hafeezbaig/tools_installation_scripts/raw/main/sonarqube.sh
     chmod +x sonarqube.sh
     ./sonarqube.sh

2. Start SonarQube Container

   • Start the container if it's not running:

     docker ps -a
     docker start <containerID>

3. Login to SonarQube Dashboard

   • Username: admin
   • Password: admin

4. Create SonarQube Token

   • Navigate to Administration -> My Account -> Security -> Create token.

5. Integrate SonarQube with Jenkins

   • Go to SonarQube Dashboard -> Administration -> Configuration -> Webhooks.
   • Add the following URL:

     http://<EC2_IP>:8080/sonarqube-webhook/
     

Step 14: Install Maven

1. Install Maven
   • Follow the installation script for Maven:

     wget https://github.com/Hafeezbaig/tools_installation_scripts/raw/main/Maven.sh
     chmod +x Maven.sh
     ./Maven.sh

Step 15: Install TRIVY

1. Install TRIVY
   • Follow the installation script for TRIVY:

     wget https://github.com/Hafeezbaig/tools_installation_scripts/raw/main/trivy.sh
     chmod +x trivy.sh
     ./trivy.sh

Step 16: Integrate SonarQube with Jenkins

1. Add SonarQube Server
   • Navigate to Manage Jenkins -> Configure System -> SonarQube Servers.
   • Add SonarQube URL and token.

Step 17: Add Docker Hub Credentials

1. Add Docker Hub Credentials
   • Navigate to Manage Jenkins -> Credentials -> System -> Global credentials.
   • Add Docker Hub credentials with the ID docker.

Step 18: Add Jenkins Shared Library

1. Configure Shared Library
   • Go to Manage Jenkins -> Configure System -> Global Pipeline Libraries.
   • Add the following data:
     • Name: my-shared-library
     • Default Version: main
     • Git URL:

       https://github.com/Hafeezbaig/jenkins_shared_lib.git
       

Step 19: Verify Pipeline Execution

1. Check Pipeline Execution
   • Monitor Jenkins logs for pipeline execution details.
   • Review TRIVY scan results for Docker image vulnerabilities.
   • Check the SonarQube dashboard for code quality reports.

Feel Free to Contribute

Feel free to contribute to the project or use it as a reference for your own development needs. For any issues or suggestions, please open an issue in the GitHub repository.

Made By

This project is developed by Hafeez Baig.

Connect

• Portfolio
• Connect

Socials

• GitHub
• LinkedIn
• Instagram

Feedback or Bug Report

• Talk