-
Notifications
You must be signed in to change notification settings - Fork 3
/
Jenkinsfile
75 lines (75 loc) · 2.65 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
pipeline {
environment {
dockerhubCredentials = 'dockerhubCredentials'
}
agent any
stages {
stage('Hashing images') {
steps {
script {
env.GIT_HASH = sh(
script: "git show --oneline | head -1 | cut -d' ' -f1",
returnStdout: true
).trim()
}
}
}
stage('Lint Dockerfile') {
steps {
script {
docker.image('hadolint/hadolint:latest-debian').inside() {
sh 'hadolint ./Dockerfile | tee -a hadolint_lint.txt'
sh '''
lintErrors=$(stat --printf="%s" hadolint_lint.txt)
if [ "$lintErrors" -gt "0" ]; then
echo "Errors have been found, please see below"
cat hadolint_lint.txt
exit 1
else
echo "There are no erros found on Dockerfile!!"
fi
'''
}
}
}
}
stage('Build & Push to dockerhub') {
steps {
script {
dockerImage = docker.build("aminueza/capstone-bcrypt:${env.GIT_HASH}")
docker.withRegistry('', dockerhubCredentials) {
dockerImage.push()
}
}
}
}
stage('Scan Dockerfile to find vulnerabilities') {
steps{
aquaMicroscanner imageName: "aminueza/capstone-bcrypt:${env.GIT_HASH}", notCompliesCmd: 'exit 4', onDisallowed: 'fail', outputFormat: 'html'
}
}
stage('Build Docker Container') {
steps {
sh 'docker run --name capstone -d -p 80:80 aminueza/capstone-bcrypt:${env.GIT_HASH}'
}
}
stage('Deploying to EKS') {
steps {
dir('k8s') {
withAWS(credentials: 'aws-credentials', region: 'eu-west-1') {
sh "aws eks --region eu-west-1 update-kubeconfig --name capstone"
sh 'kubectl apply -f capstone-k8s.yaml'
}
}
}
}
stage("Cleaning Docker up") {
steps {
script {
sh "echo 'Cleaning Docker up'"
sh "docker system prune"
}
}
}
}
}