The project aims to showcase the seamless automation of a CI/CD pipeline for deploying microservices applications, demonstrating best practices in efficient and reliable software delivery.
Fork this GitHub Repository by using the existing repo (
- Go to GitHub (
- Login to your GitHub Account
- Fork repository "Complete-Microservice-App-CICD-Pipeline" (
- Clone your newly created repo to your local
- Create an Amazon Linux 2 VM instance and call it "Jenkins" !!! Do not use a linux2023 AMI
- Instance type: t2.large
- Security Group (Open): 8080, 9100 and 22 to
- Key pair: Select or create a new keypair
- Attach Jenkins server with IAM role having "AdministratorAccess"
- User data (Copy the following user data):
- Launch Instance
- After launching this Jenkins server, attach a tag as Key=Application, value=jenkins
- Create an Create an Ubuntu 20.04 VM instance and call it "SonarQube"
- Instance type: t2.medium
- Security Group (Open): 9000, 9100 and 22 to
- Key pair: Select or create a new keypair
- User data (Copy the following user data):
- Launch Instance
- Create an Amazon Linux 2 VM instance and call it "Nexus" !!! Do not use a linux2023 AMI
- Instance type: t2.medium
- Security Group (Open): 8081, 9100 and 22 to
- Key pair: Select or create a new keypair
- User data (Copy the following user data):
- Launch Instance
- create s3 bucket and dynamodb table for terraform backend. Partition key for dynamo db must be "LockID"
- Replace values for s3 and dynamodb in file ln 4-12
Copy your Jenkins Public IP Address and paste on the browser = ExternalIP:8080
- Login to your Jenkins instance using your Shell (GitBash or your Mac Terminal)
- Copy the Path from the Jenkins UI to get the Administrator Password
- Run:
sudo cat /var/lib/jenkins/secrets/initialAdminPassword
- Copy the password and login to Jenkins
- Run:
- Plugins: Choose Install Suggested Plugings
- Provide
- Username: admin
- Password: admin
- Name and Email can also be admin. You can use
all, as its a poc.
- Continue and Start using Jenkins
Click on "Manage Jenkins"
Click on "Plugin Manager"
Click "Available"
Search and Install the following Plugins "Install Without Restart"
- SonarQube Scanner
- maven Integration
- Terraform
- ssh pipeline
Once all plugins are installed, select Restart Jenkins when installation is complete and no jobs are running
- Click on New Item
- Enter an item name: app-cicd-pipeline & select the category as Pipeline
- Now scroll-down and in the Pipeline section --> Definition --> Select Pipeline script from SCM
- SCM: Git
- Repositories
- Repository URL: FILL YOUR OWN REPO URL (that we created by importing in the first step)
- Branch Specifier (blank for 'any'): */main
- Script Path: spring-boot-app/JenkinsFile
- Save
Click on Manage Jenkins --> Global Tool Configuration
JDK --> Add JDK --> Make sure Install automatically is enabled -->
Note: By default the Install Oracle Java SE Development Kit from the website make sure to close that option by clicking on the image as shown below.
- Click on Add installer
- Select Extract .zip/.tar.gz --> Fill the below values
- Name: localJdk
- Download URL for binary archive:
- Subdirectory of extracted archive: jdk-11.0.1
Maven --> Add Maven --> Make sure Install automatically is enabled --> Install from Apache --> Fill the below values
- Name: localMaven
- Version: Keep the default version as it is
Terraform --> Add Terraform --> Make sure Install automatically is enabled --> Install from --> Fill the below values:
- Name: terraform
- Version: Leabve it to default and change to linux (amd64)
- click on save
Click on Manage Jenkins --> Manage Credentials --> Global credentials (unrestricted) --> Add Credentials
- Kind: Secret text : Generating SonarQube secret token - Login to your SonarQube server (http://sonarserver-public-ip:9000, with the credentials username: admin & password: admin) - Click on profile --> My Account --> Security --> Tokens - Generate Tokens: Fill jenkins-token - Click on Generate - Copy the token
- Secret: Fill the secret token value that we have created on the SonarQube server
- ID: sonarqube-token
- Description: sonarqube-token
- Click on Create
- Kind: Username with password
- Username: admin
- Enable Treat username as secret
- Password: admin
- ID: nexus-credentials
- Description: nexus-credentials
- Click on Create
1) - Click on Manage Jenkins --> System - Go to section SonarQube servers --> **Add SonarQube ** - Name: **SonarQube** - Server URL: http://REPLACE-WITH-SONARQUBE-SERVER-PRIVATE-IP:9000 (replace SonarQube privat IP here) - Server authentication token --> replace with sonarqube token credendtials configured in previous step - Click on Save
Copy your SonarQube Public IP Address and paste on the browser = ExternalIP:9000
- Login into SonarQube
- Go to Administration --> Configuration --> Webhooks --> Click on Create
- Name: Jenkins-Webhook
- URL: http://REPLACE-WITH-JENKINS-PRIVATE-IP:8080/sonarqube-webhook/ (replace Jenkins private IP here)
- Click on Create
Copy your Nexus Public IP Address and paste on the browser = http:://NexusServerExternalIP:8081
- SSH into Nexus server
- Execute
sudo cat /opt/nexus/sonatype-work/nexus3/admin.password
- Copy the default password
- Now login into Nexus console with the username: admin & password (copied from the SSH above)
- Once signed in fill the below details in the setup wizard
- New password: admin
- Confirm password: admin
- Configure anonymus access: Select Disable anonymus access
- Click on Finish
- Once login to the Nexus server, click on Settings icon --> Repository --> Repositories
- Click on Create repository
- Select maven2(group)
- Name: maven_project
- Scroll-down to Group section & select all the available repositories (maven-snapshots, maven-public, maven-releases, maven-central) as members Hint: You can select one repo at a time and click on > symbol to add the repo as group member.
- Once all the repositories are added to the group, click on Create repository
- Access your repo jjtech-ci-cd-pipeline-project-k8s on github
- Goto Settings --> Webhooks --> Click on Add webhook
- Payload URL: http://REPLACE-JENKINS-SERVER-PUBLIC-IP:8080/github-webhook/ (Note: The IP should be public as GitHub is outside of the AWS VPC where Jenkins server is hosted)
- Click on Add webhook
- Access your jenkins server, pipeline app-cicd-pipeline
- Once pipeline is accessed --> Click on Configure --> In the General section --> Select GitHub project checkbox and fill your repo URL of the project jjtech-ci-cd-pipeline-project-k8s.
- Scroll down --> In the Build Triggers section --> Select GitHub hook trigger for GITScm polling checkbox
Once both the above steps are done click on Save.
Go back to your local, open your "jjtech-ci-cd-pipeline-project-k8s" project on VSCODE
Open "Jenkinsfile" & Replace the SonarQube server private ip on line number 92 (where you have SONAR_URL)
Save the changes in both files
Finally push changes to repo
git add .
git commit -m "relevant commit message"
git push
Go back to your local, open your "jjtech-ci-cd-pipeline-project-k8s" project on VSCODE
Open "pom.xml" & Replace the nexus server private ip on line numbers 60 & 64
Open nexus-setup/settings.xml & Replace the nexus server private ip on line numbers 21
Save the changes in both files
Finally push changes to repo
git add .
git commit -m "relevant commit message"
git push
- Navigate to AWS and search for ECR service
- click to create repository (private) --> Provide repo name (jjtech-demo) --> create repo
- click on view push commands to get username and password to push images to repo
- ssh into jenkins server and query version of aws cli by running "aws --version", if version 1, update with below commands
- curl "" -o ""
- unzip -sudo ./aws/install --update
- update values in stage "Build and Push Docker Image" with account ID, Repository name, region,
- Navigate to ec2 in AWS management console
- Get public of workernode serves for cluster
- modify security group to allow all inbound traffic from everywhere
- copy pulic ip and run on browser e.g http://example_ip:30080