sdtest/Jenkinsfile4 at main · mekaizen/sdtest · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
pipeline {
    agent {
        docker {
            image 'maven:3.9.9-eclipse-temurin-21' // Use Maven image with Java and curl
            args '-v /var/run/docker.sock:/var/run/docker.sock'
        }
    }

    environment {
        SONAR_TOKEN = credentials('SONAR_TOKEN')
        APP_IMAGE = 'doc18/sdlc-app'
        ZAP_IMAGE = 'zaproxy/zap-stable'
    }

    stages {
        stage('Checkout') {
            steps {
                git branch: 'main', url: 'https://github.com/mekaizen/sdtest.git'
                sh 'ls -la'
            }
        }

        stage('Build with Maven') {
            steps {
                // Run Maven build inside the Docker container
                sh """
                    mvn clean install
                """
            }
        }

        stage('SonarQube Analysis') {
            steps {
                script {
                    // Run SonarQube analysis
                    sh """
                        mvn org.sonarsource.scanner.maven:sonar-maven-plugin:4.0.0.4121:sonar \
                        -Dsonar.projectKey=sdlc-test \
                        -Dsonar.sources=src/main/java \
                        -Dsonar.tests=src/test/java \
                        -Dsonar.exclusions=**/target/**,**/*.jar \
                        -Dsonar.host.url=http://172.18.0.5:9000 \
                        -Dsonar.token=${SONAR_TOKEN}
                    """
                }
            }
        }

        stage('Start Application') {
            steps {
                script {
                    // Start the application for testing locally on port 8066
                    sh '''
                        nohup java -jar target/sdlc-test-0.0.1-SNAPSHOT.jar --server.port=8066 > app.log 2>&1 &
                    '''
                    sleep 20 // Increase sleep time to ensure the application fully starts
                }
            }
        }

        stage('Verify Application Running') {
            steps {
                script {
                    // Check if the application is running and accessible on port 8066
                    sh '''
                        curl -I http://localhost:8066 || {
                            echo "Application is not running!"
                            exit 1
                        }
                    '''
                }
            }
        }

        stage('Check Application Logs') {
            steps {
                script {
                    // Output the application logs
                    sh 'cat app.log'
                }
            }
        }

        stage('ZAP Security Scan') {
            steps {
                script {
                    // Run ZAP security scan
                    sh """
                        docker run --rm --network jenkins-sonar-network \
                        -v /home/cyber/Documents/practice/projects/sdtest:/zap/wrk \
                        ${ZAP_IMAGE} zap-baseline.py -t http://app:8084 -r zap_report.html
                    """
                }
            }
        }
    }

    post {
        always {
            sh 'docker stop app || true && docker rm app || true'
            archiveArtifacts artifacts: 'zap_report.html', allowEmptyArchive: true
        }
    }
}