-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathJenkinsfile
156 lines (141 loc) · 5.26 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
pipeline {
agent any
tools {
maven "Maven" // Replace "Maven" with the Maven version configured in Jenkins
jdk "jdk" // Replace "jdk" with the JDK version configured in Jenkins
}
environment {
DOCKER_IMAGE_NAME = 'calculator'
GITHUB_REPO_URL = 'https://github.com/Priyansuvaish/calculator_final.git'
SONAR_PROJECT_KEY = 'calculator_final'
SONAR_PROJECT_NAME = 'calculator_final'
SONAR_HOST_URL = 'http://localhost:9000'
SONAR_TOKEN = 'sqp_c8bb2fe655dfe32984cb510d2fccd69ffb3e2776' // Replace with your actual token
ZAP_DOCKER_IMAGE = 'docker pull zaproxy/zap-stable' // OWASP ZAP Docker image
TARGET_URL = 'https://testapp12-hjbyfqbvb5hnbshv.southindia-01.azurewebsites.net/' // Replace with your actual target URL
REPORT_DIR = 'zap-reports' // Directory to store ZAP reports
}
stages {
stage('Checkout') {
steps {
script {
git branch: 'master', url: "${GITHUB_REPO_URL}"
}
}
}
stage('Build') {
steps {
script {
mvnHome = tool 'Maven'
sh "${mvnHome}/bin/mvn clean package"
}
}
}
stage('Test') {
steps {
script {
sh "${mvnHome}/bin/mvn test"
}
}
}
stage('SonarQube Analysis') {
steps {
script {
withSonarQubeEnv('SonarQube') { // Ensure 'SonarQube' matches your Jenkins server configuration
sh """
${mvnHome}/bin/mvn clean verify sonar:sonar \
-Dsonar.projectKey=${SONAR_PROJECT_KEY} \
-Dsonar.projectName=${SONAR_PROJECT_NAME} \
-Dsonar.host.url=${SONAR_HOST_URL} \
-Dsonar.token=${SONAR_TOKEN}
"""
}
}
}
}
stage('OWASP ZAP Scan') {
steps {
catchError(buildResult: 'SUCCESS', stageResult: 'SUCCESS') {
script {
// Pull OWASP ZAP Docker image
sh "docker pull ${ZAP_DOCKER_IMAGE}"
// Run ZAP Docker container with scan
sh """
docker run -v \$(pwd)/${REPORT_DIR}:/zap/wrk/:rw -t ${ZAP_DOCKER_IMAGE} \
zap-baseline.py -t ${TARGET_URL} -g gen.conf -r /zap/wrk/zap_report.html
"""
// Debug: List the contents of the REPORT_DIR to ensure the report was generated
sh "ls -la ${REPORT_DIR}"
}
}
}
}
stage('Copy ZAP Report to Jenkins Workspace') {
steps {
script {
// Check if the report exists before copying
def reportFile = "${REPORT_DIR}/zap_report.html"
if (fileExists(reportFile)) {
echo "ZAP report found, copying to workspace."
sh "cp ${reportFile} ${WORKSPACE}/zap_report.html"
} else {
echo "ZAP report not found, skipping copy."
}
}
}
}
stage('Archive ZAP Report') {
steps {
script {
// Archive the ZAP report if it exists
if (fileExists('zap_report.html')) {
archiveArtifacts artifacts: 'zap_report.html', fingerprint: true
} else {
echo "ZAP report not found for archiving."
}
}
}
}
stage('Archive Build Artifacts') {
steps {
archiveArtifacts artifacts: '**/target/*.jar', fingerprint: true
}
}
// Uncomment below stages to enable Docker and Ansible steps
// stage('Build Docker Image') {
// steps {
// script {
// docker.build("${DOCKER_IMAGE_NAME}", '.')
// }
// }
// }
// stage('Push Docker Image') {
// steps {
// script {
// docker.withRegistry('', 'docker-hub-credentials-id') { // Replace with your Jenkins credential ID
// sh 'docker tag calculator <your-dockerhub-username>/calculator:latest'
// sh 'docker push <your-dockerhub-username>/calculator:latest'
// }
// }
// }
// }
// stage('Run Ansible Playbook') {
// steps {
// script {
// ansiblePlaybook(
// playbook: 'deploy.yml',
// inventory: 'inventory'
// )
// }
// }
// }
}
post {
success {
echo 'Build succeeded.'
}
failure {
echo 'Build failed.'
}
}
}