This project sets up a Continuous Integration (CI) and Continuous Delivery (CD) pipeline using Jenkins on AWS EC2 instances. It integrates several tools such as SonarQube for code quality analysis, Nexus for artifact storage, Maven for build automation, and Slack for notifications. The pipeline is designed to automate the process of building, testing, analyzing, and deploying code.
Project Overview Technologies Used Pre-requisites Pipeline Flow Step-by-Step Installation Additional Integrations Slack Notifications
The CI/CD pipeline is structured to automate and streamline the software development process. It starts with developers committing code to a Git repository, followed by Jenkins orchestrating the build, test, and deployment pipeline. The pipeline includes static code analysis with SonarQube and Checkstyle, artifact storage with Nexus, and real-time notifications with Slack.
- AWS EC2: Hosts Jenkins, Nexus, and SonarQube.
- Jenkins: Central server that manages and runs the CI/CD pipeline.
- SonarQube: Analyzes the code for quality and security issues.
- Checkstyle: Ensures that the code follows coding standards.
- Maven: Automates the build process.
- Git: Version control system for tracking code changes.
- Nexus: Stores built artifacts like WAR files and downloads from it dependencies
- Slack: Provides real-time notifications for pipeline statuses.
Before starting, make sure you have the following:
- AWS Account: Required to provision EC2 instances for Jenkins, SonarQube, and Nexus.
- GitHub Account: Store your project’s code and manage version control.
- Security Groups: Set up security rules to allow inbound traffic to Jenkins (port 8080), Nexus (port 8081), and SonarQube (port 9000).
- Code Commit: Developers push code to a GitHub repository.
- Jenkins Build: Jenkins automatically triggers a build based on the code push (triggered by GitHub webhook).
- Build & Test: Jenkins builds the project using Maven, skipping tests initially.
- Unit Testing: Jenkins runs unit tests.
- Code Quality Analysis: SonarQube and Checkstyle analyze the code for bugs, code smells, and vulnerabilities.
- Quality Gate Check: Jenkins verifies that the code passes the quality gates set in SonarQube.
- Artifact Storage: Successful builds are packaged and uploaded to Nexus for version control.
- Notifications: Slack sends notifications at different stages of the pipeline, including build success, failure, and code quality results.
- Step 1: AWS Setup Login to AWS: Access your AWS account and navigate to the EC2 dashboard. Create Key Pair: Generate an SSH key pair to access your EC2 instances securely. Create Security Groups: Create security groups to allow traffic to Jenkins (8080), Nexus (8081), and SonarQube (9000).
- Step 2: Launch EC2 Instances Jenkins Instance: Launch an EC2 instance for Jenkins and configure it using a user data script to install Jenkins and the required plugins. Nexus Instance: Launch a separate EC2 instance for Nexus. Set up and configure repositories for your project artifacts. SonarQube Instance: Launch another EC2 instance for SonarQube. Verify that SonarQube is installed and accessible via its IP.
- Step 3: Post-Installation Setup Jenkins Setup: Access Jenkins through the public IP of the EC2 instance and complete the initial setup. Install the required GitHub, Maven, SonarQube, and Nexus integration plugins. Nexus Setup: Configure Nexus to store artifacts from Jenkins builds. Create repositories for storing snapshots and releases. SonarQube Setup: Ensure SonarQube is set up correctly and is integrated with Jenkins for code quality checks.
- Step 4: GitHub Setup Create a GitHub Repository: Store your project code in a GitHub repository. Integrate with VSCode: Use VSCode for local development, and push changes to GitHub. Ensure GitHub webhooks are configured to trigger Jenkins builds.
- Step 5: Configure Jenkins Jobs Build Job: Configure a Jenkins job that builds the project using Maven and runs unit tests. SonarQube Job: Add a stage to the Jenkins job that performs code quality analysis using SonarQube and Checkstyle. Artifact Upload: Add a step in Jenkins to upload build artifacts to Nexus.
- Additional Integrations GitHub Webhook Purpose: Automatically triggers a Jenkins build whenever a new commit is pushed to the GitHub repository. Configuration: Set up webhooks in your GitHub repository settings, pointing to your Jenkins instance. Nexus Repository Purpose: Stores the build artifacts (e.g., WAR files) generated by Jenkins. Configuration: Set up repositories in Nexus to store snapshots and releases. SonarQube Quality Gates Purpose: Ensures code quality meets defined thresholds before allowing the pipeline to proceed. Configuration: Integrate SonarQube with Jenkins to run quality checks on the code. Slack Notifications Purpose: Sends real-time notifications to a Slack channel about the status of the CI/CD pipeline. Configuration: Use the Slack Jenkins plugin to send notifications about the build and deployment status to a designated Slack channel. Notifications can include success, failure, and quality gate results.