diff --git a/.vscode/settings.json b/.vscode/settings.json
new file mode 100644
index 000000000..5d71af861
--- /dev/null
+++ b/.vscode/settings.json
@@ -0,0 +1,3 @@
+{
+ "ansible.python.interpreterPath": "/bin/python3"
+}
\ No newline at end of file
diff --git a/Jenkinsfile b/Jenkinsfile
index be7508be5..ce4f29b55 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -1,67 +1,71 @@
pipeline {
-
- agent any
-/*
- tools {
- maven "maven3"
+ // Agent we will use any Agent Node in the Jenkins to run this pipeline
+ agent any
+
+ tools {
+ // Mention the Tool configured in the Jenkins Server like Java, Maven, Git
+ maven 'Maven_Tool'
+ jdk 'Java_Tool'
}
-*/
+
+ // Set Environment Variable for the Nexus to interact to download the dependencies and upload artifacts in the Nexus
environment {
- NEXUS_VERSION = "nexus3"
- NEXUS_PROTOCOL = "http"
- NEXUS_URL = "172.31.40.209:8081"
- NEXUS_REPOSITORY = "vprofile-release"
- NEXUS_REPO_ID = "vprofile-release"
- NEXUS_CREDENTIAL_ID = "nexuslogin"
- ARTVERSION = "${env.BUILD_ID}"
+
+ NEXUS_USER = 'admin'
+ NEXUS_PASS = 'admin'
+ RELEASE_REPO = 'vprofile-release'
+ CENTRAL_REPO = 'vprofile-maven-central'
+ SNAP_REPO = 'vprofile-snapshot'
+ NEXUS_GRP_REPO = 'vprofile-maven-group'
+ NEXUSIP = '172.31.32.231'
+ NEXUSPORT = '8081'
+ NEXUS_LOGIN = 'NEXUS_CREDENTIALS'
+ SONAR_SCANNER = 'sonarqubescanner'
+ SONAR_SERVER_LOGIN = 'sonarserver'
+ NEXUS_CRED = credentials('Nexus_Login')
+
}
-
- stages{
-
- stage('BUILD'){
+
+ stages {
+ stage('Build Applications') {
steps {
- sh 'mvn clean install -DskipTests'
+ sh 'mvn -s settings.xml -DskipTests install' // Run Install and use setting.xml file and skip unit test
}
post {
success {
- echo 'Now Archiving...'
- archiveArtifacts artifacts: '**/target/*.war'
+ echo 'Now Archiving'
+ archiveArtifacts artifacts: '**/*.war'
}
}
}
- stage('UNIT TEST'){
+ // Test Application
+ stage('Test Application') {
steps {
sh 'mvn test'
}
}
- stage('INTEGRATION TEST'){
- steps {
- sh 'mvn verify -DskipUnitTests'
- }
- }
-
- stage ('CODE ANALYSIS WITH CHECKSTYLE'){
+ // Check Style Application for Vulnerability scan
+ stage('CheckStyle for the Application') {
steps {
sh 'mvn checkstyle:checkstyle'
}
- post {
- success {
- echo 'Generated Analysis Result'
- }
- }
}
- stage('CODE ANALYSIS with SONARQUBE') {
-
- environment {
- scannerHome = tool 'sonarscanner4'
- }
+ // Upload Report to the Sonar Server to check the Vulnerability. Refer Documentation for code
+ stage('Sonar Qube Analysis') {
+ environment {
+ scannerhome = tool "${SONAR_SCANNER}" // Mention the name used while configuring sonarscanner in the jenkins tools
+ // ADD THIS LINE BELOW to fix the Java 17 error
+
+ SONAR_SCANNER_OPTS = "--add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/java.lang.reflect=ALL-UNNAMED"
+ }
- steps {
- withSonarQubeEnv('sonar-pro') {
- sh '''${scannerHome}/bin/sonar-scanner -Dsonar.projectKey=vprofile \
+
+ steps {
+ withSonarQubeEnv("${SONAR_SERVER_LOGIN}") {
+ sh '''${scannerhome}/bin/sonar-scanner -Dsonar.projectKey=vprofile \
-Dsonar.projectName=vprofile-repo \
-Dsonar.projectVersion=1.0 \
-Dsonar.sources=src/ \
@@ -69,53 +73,78 @@ pipeline {
-Dsonar.junit.reportsPath=target/surefire-reports/ \
-Dsonar.jacoco.reportsPath=target/jacoco.exec \
-Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml'''
+ }
}
-
- timeout(time: 10, unit: 'MINUTES') {
- waitForQualityGate abortPipeline: true
+ }
+ stage('Validate Quality Gates') {
+ steps {
+ //timeout is 1 hrs
+ timeout(time: 1, unit: 'HOURS') {
+ waitForQualityGate abortPipeline: true
+ }
}
- }
}
- stage("Publish to Nexus Repository Manager") {
+ // Upload Artifacts to the Nexus Repos
+ stage('Upload Artifacts') {
steps {
- script {
- pom = readMavenPom file: "pom.xml";
- filesByGlob = findFiles(glob: "target/*.${pom.packaging}");
- echo "${filesByGlob[0].name} ${filesByGlob[0].path} ${filesByGlob[0].directory} ${filesByGlob[0].length} ${filesByGlob[0].lastModified}"
- artifactPath = filesByGlob[0].path;
- artifactExists = fileExists artifactPath;
- if(artifactExists) {
- echo "*** File: ${artifactPath}, group: ${pom.groupId}, packaging: ${pom.packaging}, version ${pom.version} ARTVERSION";
- nexusArtifactUploader(
- nexusVersion: NEXUS_VERSION,
- protocol: NEXUS_PROTOCOL,
- nexusUrl: NEXUS_URL,
- groupId: pom.groupId,
- version: ARTVERSION,
- repository: NEXUS_REPOSITORY,
- credentialsId: NEXUS_CREDENTIAL_ID,
- artifacts: [
- [artifactId: pom.artifactId,
- classifier: '',
- file: artifactPath,
- type: pom.packaging],
- [artifactId: pom.artifactId,
- classifier: '',
- file: "pom.xml",
- type: "pom"]
- ]
- );
- }
- else {
- error "*** File: ${artifactPath}, could not be found";
- }
- }
+ nexusArtifactUploader(
+ nexusVersion: 'nexus3',
+ protocol: 'http',
+ nexusUrl: "${NEXUSIP}:${NEXUSPORT}",
+ groupId: 'QA',
+ version: "${env.BUILD_ID}-${env.BUILD_TIMESTAMP}",
+ repository: "${RELEASE_REPO}",
+ credentialsId: "${NEXUS_LOGIN}",
+ artifacts: [
+ [artifactId: 'vproapp',
+ classifier: '',
+ file: 'target/vprofile-v2.war',
+ type: 'war']
+ ]
+ )
}
}
+ stage('Ansible Deployment in App Stagging Server') {
+ steps {
+ ansiblePlaybook(
+ playbook: 'ansible/site.yml', // In this File we have used Import command to import the other playbooks
+ inventory: 'ansible/inventory',
+ credentialsId: 'SSHKEY_APP_STAG', // Cred ID of the SSH Key used to connect to the app stagging server
+ colorized: true,
+ installation: 'ansible',
+ disableHostKeyChecking: true, // Means Jenkins will not check for the host key verification while connecting to the server
+ extraVars:
+ [
+ USER: 'admin',
+ PASS: "${NEXUS_CRED}",
+ nexusip: "${NEXUSIP}",
+ reponame: 'vprofile-release',
+ groupid: 'QA',
+ time: "${env.BUILD_TIMESTAMP}",
+ build: "${env.BUILD_ID}",
+ vprofile_version: "${env.BUILD_ID}-${env.BUILD_TIMESTAMP}",
+ artifactId: 'vproapp'
+ ]
+ )
+ }
+ }
}
-
-}
+ // Email Notification Of the Status of Pipeline
+ post {
+ always {
+ echo 'Pipeline has been completed Sending Pipeline Status through Email...'
+ emailext (
+ body: """Jenkins Build Status: ${currentBuild.currentResult}
+ Job Name: ${env.JOB_NAME}
+ Build Number: ${env.BUILD_NUMBER}
+ Check console output at: ${env.BUILD_URL}
""",
+ subject: "Jenkins Build ${currentBuild.currentResult}: Job ${env.JOB_NAME} | ${env.BUILD_NUMBER}",
+ to: 'puneethkumar482000@gmail.com'
+ )
+ }
+ }
+}
\ No newline at end of file
diff --git a/README.md b/README.md
index 88fd3cbba..a27be48c6 100644
--- a/README.md
+++ b/README.md
@@ -15,6 +15,7 @@
- Memcached
- Rabbitmq
- ElasticSearch
+
# Database
Here,we used Mysql DB
sql dump file:
@@ -23,3 +24,213 @@ sql dump file:
- > mysql -u -p accounts < db_backup.sql
+---
+
+## Quality Gates
+
+In Sonar Qube, We can create a Quality Gates and add Condition for overall code (Bugs)
+
+Attach the Qualtiy gates to the projects.
+
+- Sonar qube will send result to the jenkins. We need to add webhook in the Sonarqube
+
+- Add Stages for Quality Gates in the Jenkin Pipeline
+
+---
+
+## Publish Artifact to Nexus Repos
+
+We need to upload our application artifact to the nexus repos (vprofile-release) and need to store the file with timestamp and version
+
+- In code we need to apply timestamp of the war file
+
+- Manage Jenkins -> Tool -> Build Timestamp
+
+- Write code to upload artifact to the nexus
+
+- Check in the nexus the code will be available
+
+===
+
+## Tomcat Playbook
+
+- Write a Playbook to install tomcat server in the App Server.
+
+- From Jenkins Master Server, we will execute ansible playbook to install tomat application in the App Server
+
+- Tomcat Playbook Steps
+
+ 1. Store Variable of the Tomcat Binary URL that we need to download from internet
+
+ 2. Install Java in Ubuntu, Centos using ansible module `apt or yum`
+
+ 3. Download Tar file using module `get_url`
+
+ 4. Create a Group called "`TOMCAT`"
+
+ 5. Add Tomcat user and assign home dir and shell has NoLogin
+
+ 6. Create a Dir in the Server to store the tomcat Archive file
+
+ 7. Extract Tomcat file and store in the Dir /usr/local/tomcat. Store the Output in a Variable (Register)
+
+ 8. Synchronize tmp and local user folder for tomcat
+
+ 9. Change Ownership for the `/usr/local/tomcat8` to `Tomcat` User
+
+ 10. Setup Tomcat SVC File for Centos and Ubuntu using module `template`
+
+ 11. Reload the Systemd file for tomcat server using module `systemd`
+
+ 12. Start the Tomcat Server using module `service`
+
+---
+## Deployment Playbook
+
+This Playbook will download and deploy artifacts in the App server
+
+1. Create a `Variable` to get the timestamp and usinmg this timestamp we will create a backupfile_name of the artifacts
+
+2. Using module get_url download artifacts from nexus. Nexus has Dynamic URL. We will get the Jenkins Variables in the ansible playbook
+
+3. Before downloading and deploying artifacts we need to take backup for the existing Application running in the tomcat Server
+
+4. Stop the tomcat Service
+
+5. Try Block to archive and deploy
+
+6. Copy the Tomcat ROOT File in the same dir
+
+7. Delete the Current Artifacts
+
+8. Start the Tomcat Service
+
+
+```yaml
+- name: Setup Tomcat 8 and Deploy Artifacts
+ hosts: appserver
+ become: yes
+
+ vars:
+ timestamp: "{{ ansible_date_time.date }}_{{ ansible_date_time.hour }}_{{ ansible_date_time.minute }}"
+
+ tasks:
+ - name: Download Artifacts from the Nexus Artifacts
+ get_url:
+ url: "http://{{USER}}:{{PASS}}@{{nexusip}}:8081/repository/{{reponame}}/{{groupid}}/{{time}}/{{build}}/{{vprofile_version}}"
+ dest: "/tmp/vproapp-{{ vprofile_version }}"
+ register: wardeploy # Store the result of this task
+ # Add tags:
+ tags:
+ - deploy
+
+ # Task will check if the artifact is already present in the server or not
+ - ansible.builtin.stat:
+ path: "/usr/local/tomcat8/webapps/ROOT"
+ register: artifact_stat
+ tags:
+ - deploy
+
+ # Task will stop the running tomcat service in the server
+ - name: Stop Tomcat service
+ ansible.builtin.service:
+ name: tomcat
+ state: stopped
+ tags:
+ - deploy
+
+ # Using Try will take Backup and deploy the Artifacts
+ - name: Try Backup and deploy
+ block:
+ - name: Archive Root Directory with timestamp
+ ansible.builtin.archive:
+ path: "/usr/local/tomcat8/webapps/ROOT"
+ dest: "/opt/ROOT_{{ timestamp }}.tqz"
+ when: artifact_stat.stat.exists # This task will only run if the artifact already exist in the server
+ register: archive_info
+ tags:
+ - deploy
+
+ - name: Copy ROOT Directory with OLD_Root directory
+ ansible.builtin.shell:
+ cmd: cp -r ROOT old_ROOT
+ chdir: /usr/local/tomcat8/webapps/
+
+ - name: Delete the Current Artifacts
+ ansible.builtin.file:
+ path: "{{ item }}"
+ state: absent
+ when: archive_info.changed
+ loop:
+ - /usr/local/tomcat8/webapps/ROOT
+ - /usr/local/tomcat8/webapps/ROOT.war
+ tags:
+ - deploy
+
+ - name: Try Deploy artifact else restore from previous old root
+ block:
+ - name: Deploy Vprofile Artifacts
+ copy:
+ src: "/tmp/vproapp-{{ vprofile_version }}"
+ dest: /usr/local/tomcat8/webapps/ROOT.war
+ remote_src: yes # Source file is present in the remote server
+ register: deploy_info
+ tags:
+ - deploy
+ rescue:
+ - name: Restore From previous Old Root
+ shell: cp -r old_ROOT ROOT
+ args:
+ chdir: /usr/local/tomcat8/webapps/
+ rescue:
+ - name: Start Tomcat server
+ ansible.builtin.service:
+ name: tomcat
+ state: started
+
+ - name: Start tomcat svc
+ service:
+ name: tomcat
+ state: started
+ when: deploy_info.changed
+ tags:
+ - deploy
+
+ - name: Wait until ROOT.war is extracted to ROOT Directory
+ ansible.builtin.wait_for:
+ path: /usr/local/tomcat8/webapps/ROOT
+ tags:
+ - deploy
+
+
+```
+
+---
+
+## Jenkins File and Inventory
+
+Write a Jenkins File code to run the playbook
+
+- Add Stage for Ansible
+
+- Create an Inventory File to store the information of the host mentioned in the Playbook
+
+- Paste the Record of the Route Table for App Server
+
+- Store the Nexus Credentials in the Jenkins and use the credentials in the Jenkins File
+
+- Allow the SG for the Nexus Server to allow traffic from the App Server SG
+
+---
+
+## JenkinsFile For Prod
+
+- Update the Github Weebhook with the new Jenkins URL
+
+- Add a new host Name in the Inventory File
+
+- We need to delete Stage like Build, Test, Upload Artifact. Here, we will provide user input has parameter to download artifact from the Nexus Repository
+
+- In Ansible Deploy Stage add a Variable to get the input from user
+
+- Create a new Job in the Jenkins and mention the JenkinsFile Path in the Git
\ No newline at end of file
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
index 6d2dcd6a9..e9c119cf3 100644
--- a/ansible/ansible.cfg
+++ b/ansible/ansible.cfg
@@ -1,3 +1,3 @@
[defaults]
host_key_checking = False
-timeout = 30
+timeout = 35
diff --git a/ansible/inventory b/ansible/inventory
new file mode 100644
index 000000000..e43cab1c7
--- /dev/null
+++ b/ansible/inventory
@@ -0,0 +1,2 @@
+[appsrvgrp]
+vprofileapp.stag.awesomegoshling
\ No newline at end of file
diff --git a/ansible/vpro-app-setup.yml b/ansible/vpro-app-setup.yml
index 0c3f5d4a5..21555746b 100644
--- a/ansible/vpro-app-setup.yml
+++ b/ansible/vpro-app-setup.yml
@@ -7,8 +7,8 @@
tasks:
- name: Download latest VProfile.war from nexus
get_url:
- url: "http://{{USER}}:{{PASS}}@{{nexusip}}:8081/repository/{{reponame}}/{{groupid}}/{{time}}/{{build}}/{{vprofile_version}}"
- dest: "/tmp/vproapp-{{vprofile_version}}"
+ url: "http://{{USER}}:{{PASS}}@{{nexusip}}:8081/repository/{{reponame}}/{{groupid}}/{{artifactId}}/{{vprofile_version}}/{{artifactId}}-{{vprofile_version}}.war"
+ dest: "/tmp/vproapp-{{ vprofile_version }}"
register: wardeploy
tags:
- deploy
@@ -57,7 +57,7 @@
block:
- name: Deploy vprofile artifact
copy:
- src: "/tmp/vproapp-{{vprofile_version}}"
+ src: "/tmp/vproapp-{{ vprofile_version }}"
dest: /usr/local/tomcat8/webapps/ROOT.war
remote_src: yes
register: deploy_info
diff --git a/pom.xml b/pom.xml
index 03bba333b..9579838c0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -13,7 +13,7 @@
1.8.2.RELEASE
4.3.11.Final
5.2.1.Final
- 8.0.32
+ 8.0.22
1.4
1.2
4.10
@@ -208,4 +208,10 @@
+
+
+ ${NEXUS-GRP-REPO}
+ http://${NEXUSIP}:${NEXUSPORT}/repository/${NEXUS-GRP-REPO}/
+
+
diff --git a/practise_playbook/deployment.yml b/practise_playbook/deployment.yml
new file mode 100644
index 000000000..9edded1ec
--- /dev/null
+++ b/practise_playbook/deployment.yml
@@ -0,0 +1,95 @@
+- name: Setup Tomcat 8 and Deploy Artifacts
+ hosts: appserver
+ become: yes
+
+ vars:
+ timestamp: "{{ ansible_date_time.date }}_{{ ansible_date_time.hour }}_{{ ansible_date_time.minute }}"
+
+ tasks:
+ - name: Download Artifacts from the Nexus Artifacts
+ get_url:
+ url: "http://{{USER}}:{{PASS}}@{{nexusip}}:8081/repository/{{reponame}}/{{groupid}}/{{time}}/{{build}}/{{vprofile_version}}"
+ dest: "/tmp/vproapp-{{ vprofile_version }}"
+ register: wardeploy # Store the result of this task
+ # Add tags:
+ tags:
+ - deploy
+
+ # Task will check if the artifact is already present in the server or not
+ - ansible.builtin.stat:
+ path: "/usr/local/tomcat8/webapps/ROOT"
+ register: artifact_stat
+ tags:
+ - deploy
+
+ # Task will stop the running tomcat service in the server
+ - name: Stop Tomcat service
+ ansible.builtin.service:
+ name: tomcat
+ state: stopped
+ tags:
+ - deploy
+
+ # Using Try will take Backup and deploy the Artifacts
+ - name: Try Backup and deploy
+ block:
+ - name: Archive Root Directory with timestamp
+ ansible.builtin.archive:
+ path: "/usr/local/tomcat8/webapps/ROOT"
+ dest: "/opt/ROOT_{{ timestamp }}.tqz"
+ when: artifact_stat.stat.exists # This task will only run if the artifact already exist in the server
+ register: archive_info
+ tags:
+ - deploy
+
+ - name: Copy ROOT Directory with OLD_Root directory
+ ansible.builtin.shell:
+ cmd: cp -r ROOT old_ROOT
+ chdir: /usr/local/tomcat8/webapps/
+
+ - name: Delete the Current Artifacts
+ ansible.builtin.file:
+ path: "{{ item }}"
+ state: absent
+ when: archive_info.changed
+ loop:
+ - /usr/local/tomcat8/webapps/ROOT
+ - /usr/local/tomcat8/webapps/ROOT.war
+ tags:
+ - deploy
+
+ - name: Try Deploy artifact else restore from previous old root
+ block:
+ - name: Deploy Vprofile Artifacts
+ copy:
+ src: "/tmp/vproapp-{{ vprofile_version }}"
+ dest: /usr/local/tomcat8/webapps/ROOT.war
+ remote_src: yes # Source file is present in the remote server
+ register: deploy_info
+ tags:
+ - deploy
+ rescue:
+ - name: Restore From previous Old Root
+ shell: cp -r old_ROOT ROOT
+ args:
+ chdir: /usr/local/tomcat8/webapps/
+ rescue:
+ - name: Start Tomcat server
+ ansible.builtin.service:
+ name: tomcat
+ state: started
+
+ - name: Start tomcat svc
+ service:
+ name: tomcat
+ state: started
+ when: deploy_info.changed
+ tags:
+ - deploy
+
+ - name: Wait until ROOT.war is extracted to ROOT Directory
+ ansible.builtin.wait_for:
+ path: /usr/local/tomcat8/webapps/ROOT
+ tags:
+ - deploy
+
\ No newline at end of file
diff --git a/practise_playbook/tomcat_setup.yml b/practise_playbook/tomcat_setup.yml
new file mode 100644
index 000000000..415213769
--- /dev/null
+++ b/practise_playbook/tomcat_setup.yml
@@ -0,0 +1,97 @@
+- name: Configure Tomcat Server
+ hosts: appserver
+ become: yes # Enable Sudo privileges for the Playbook
+ vars:
+ tomcat_url: https://dlcdn.apache.org/tomcat/tomcat-9/v9.0.115/bin/apache-tomcat-9.0.115.tar.gz
+
+ tasks:
+ - name: Install JDK in ubuntu
+ apt:
+ name: opennjdk-8-jdk
+ state: present
+ update_cache: yes
+ when: ansible_distribution == 'Ubuntu'
+
+ - name: Install JDK in Centos
+ yum:
+ name: java-1.8.0-openjdk.x86_64
+ state: present
+ when: ansible_distribution == 'Centos'
+
+ # Download Tomcat Tar Binaries
+ - name: Download Tar Binaries
+ ansible.builtin.get_url:
+ url: "{{ tomcat_url }}" # Used Variable to get the url
+ dest: /tmp/tomcat-8.tar.gz
+
+ # ADD Tomcat group
+ - name: Create a Tomcat group
+ ansible.builtin.group:
+ name: tomcat
+ state: present
+
+ # Add Tomcat user
+ - name: Create a tomcat user
+ ansible.builtin.user:
+ name: tomcat
+ group: tomcat
+ shell: /bin/nologin # NoLogin means user cannot login to the servers
+ home: /usr/local/tomcat8.
+
+ - ansible.builtin.file:
+ path: /tmp/tomcat8
+ state: directory
+
+ # extract Tomcat Tar file
+ - name: Extract Tomcat 8
+ ansible.builtin.unarchive:
+ src: /tmp/tomcat-8.tar.gz
+ dest: /tmp/tomcat8/
+ remote_src: yes # Tar file present in the same remote servers
+ list_files: yes
+ register: unarchive_info # Store the Output of the Unarchive tasks:
+
+ - ansible.builtin.debug:
+ msg: "{{ unarchive_info.files[0].split('/')[0] }}"
+
+ # Synchronize the extracted files to the desired loacation
+
+ - name: Synchronize /tmp/tomcat8/ to /usr/local/tomcat8
+ ansible.posix.synchronize:
+ src: "/tmp/tomcat8/{{ unarchive_info.files[0].split('/')[0] }}/"
+ dest: /usr/local/tomcat8/
+ delegate_to: "{{ inventory_hostname }}" # Run the synchronize module on the remote server itself
+
+ # Setup Tomcat Server SVC
+ - name: Setup tomcat SVC file on ubuntu 16 and 18
+ ansible.builtin.template:
+ src: templates/ubuntu16-svcfile.j2
+ dest: /etc/systemd/system/tomcat.service
+ mode: "a+x"
+ when: ansible_distribution == 'Ubuntu' and ansible_distribution_major_version >= 16
+
+ - name: Setup tomcat SVC file on Centos 6
+ template:
+ src: templates/epel6-svcfile.j2
+ dest: /etc/init.d/tomcat
+ mode: "a+x"
+ when: ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6'
+
+
+ # Reload the systemctl daemon to apply the changes
+ - name: Reload Daemon for the changes in the SVC
+ ansible.builtin.systemd:
+ daemon_reload: yes
+ when: ansible_distribution == 'Ubuntu' and ansible_distribution_major_version >= 16
+
+ - name: Reload tomcat svc config in Centos 6
+ command: chkconfig --add tomcat
+ when: ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6'
+
+ # Restart the Tomcat Server
+ - Name: Start and Enable the Tomcat Server
+ ansible.builtin.service:
+ name: tomcat
+ state: started
+ enabled: yes
+
\ No newline at end of file
diff --git a/settings.xml b/settings.xml
new file mode 100644
index 000000000..33737b513
--- /dev/null
+++ b/settings.xml
@@ -0,0 +1,38 @@
+
+
+
+
+
+ ${SNAP_REPO}
+ ${NEXUS_USER}
+ ${NEXUS_PASS}
+
+
+ ${RELEASE_REPO}
+ ${NEXUS_USER}
+ ${NEXUS_PASS}
+
+
+ ${CENTRAL_REPO}
+ ${NEXUS_USER}
+ ${NEXUS_PASS}
+
+
+ ${NEXUS_GRP_REPO}
+ ${NEXUS_USER}
+ ${NEXUS_PASS}
+
+
+
+
+
+ ${CENTRAL_REPO}
+ ${CENTRAL_REPO}
+ http://${NEXUSIP}:${NEXUSPORT}/repository/${NEXUS_GRP_REPO}/
+ *
+
+
+
+
\ No newline at end of file
diff --git a/userdata/jenkins-setup.sh b/userdata/jenkins-setup.sh
new file mode 100644
index 000000000..554c539e4
--- /dev/null
+++ b/userdata/jenkins-setup.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+sudo apt update
+
+sudo apt install openjdk-17-jdk -y
+
+sudo wget -O /usr/share/keyrings/jenkins-keyring.asc \
+https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key
+
+echo "deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc]" \
+https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
+/etc/apt/sources.list.d/jenkins.list > /dev/null
+
+sudo apt-get update
+
+sudo apt-get install jenkins -y
diff --git a/userdata/nexus-setup.sh b/userdata/nexus-setup.sh
new file mode 100644
index 000000000..c6477971f
--- /dev/null
+++ b/userdata/nexus-setup.sh
@@ -0,0 +1,43 @@
+#!/bin/bash
+
+sudo rpm --import https://yum.corretto.aws/corretto.key
+sudo curl -L -o /etc/yum.repos.d/corretto.repo https://yum.corretto.aws/corretto.repo
+
+sudo yum install -y java-17-amazon-corretto-devel wget -y
+
+mkdir -p /opt/nexus/
+mkdir -p /tmp/nexus/
+cd /tmp/nexus/
+NEXUSURL="https://download.sonatype.com/nexus/3/nexus-unix-x86-64-3.78.0-14.tar.gz"
+wget $NEXUSURL -O nexus.tar.gz
+sleep 10
+EXTOUT=`tar xzvf nexus.tar.gz`
+NEXUSDIR=`echo $EXTOUT | cut -d '/' -f1`
+sleep 5
+rm -rf /tmp/nexus/nexus.tar.gz
+cp -r /tmp/nexus/* /opt/nexus/
+sleep 5
+useradd nexus
+chown -R nexus.nexus /opt/nexus
+cat <> /etc/systemd/system/nexus.service
+[Unit]
+Description=nexus service
+After=network.target
+
+[Service]
+Type=forking
+LimitNOFILE=65536
+ExecStart=/opt/nexus/$NEXUSDIR/bin/nexus start
+ExecStop=/opt/nexus/$NEXUSDIR/bin/nexus stop
+User=nexus
+Restart=on-abort
+
+[Install]
+WantedBy=multi-user.target
+
+EOT
+
+echo 'run_as_user="nexus"' > /opt/nexus/$NEXUSDIR/bin/nexus.rc
+systemctl daemon-reload
+systemctl start nexus
+systemctl enable nexus
diff --git a/userdata/sonar-analysis-properties b/userdata/sonar-analysis-properties
new file mode 100644
index 000000000..8751fe7fd
--- /dev/null
+++ b/userdata/sonar-analysis-properties
@@ -0,0 +1,10 @@
+sonar.projectKey=vprofile
+sonar.projectName=vprofile-repo
+sonar.projectVersion=1.0
+sonar.sources=src/
+sonar.java.binaries=target/test-classes/com/visualpathit/account/controllerTest/
+sonar.junit.reportsPath=target/surefire-reports/
+sonar.jacoco.reportsPath=target/jacoco.exec
+sonar.java.checkstyle.reportPaths=target/checkstyle-result.xml
+
+
diff --git a/userdata/sonar-setup.sh b/userdata/sonar-setup.sh
new file mode 100644
index 000000000..99a3a78b7
--- /dev/null
+++ b/userdata/sonar-setup.sh
@@ -0,0 +1,119 @@
+#!/bin/bash
+cp /etc/sysctl.conf /root/sysctl.conf_backup
+cat < /etc/sysctl.conf
+vm.max_map_count=262144
+fs.file-max=65536
+ulimit -n 65536
+ulimit -u 4096
+EOT
+cp /etc/security/limits.conf /root/sec_limit.conf_backup
+cat < /etc/security/limits.conf
+sonarqube - nofile 65536
+sonarqube - nproc 409
+EOT
+
+sudo apt-get update -y
+sudo apt-get install openjdk-11-jdk -y
+sudo update-alternatives --config java
+
+java -version
+
+sudo apt update
+wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -
+
+sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
+sudo apt install postgresql postgresql-contrib -y
+#sudo -u postgres psql -c "SELECT version();"
+sudo systemctl enable postgresql.service
+sudo systemctl start postgresql.service
+sudo echo "postgres:admin123" | chpasswd
+runuser -l postgres -c "createuser sonar"
+sudo -i -u postgres psql -c "ALTER USER sonar WITH ENCRYPTED PASSWORD 'admin123';"
+sudo -i -u postgres psql -c "CREATE DATABASE sonarqube OWNER sonar;"
+sudo -i -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE sonarqube to sonar;"
+systemctl restart postgresql
+#systemctl status -l postgresql
+netstat -tulpena | grep postgres
+sudo mkdir -p /sonarqube/
+cd /sonarqube/
+sudo curl -O https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.3.0.34182.zip
+sudo apt-get install zip -y
+sudo unzip -o sonarqube-8.3.0.34182.zip -d /opt/
+sudo mv /opt/sonarqube-8.3.0.34182/ /opt/sonarqube
+sudo groupadd sonar
+sudo useradd -c "SonarQube - User" -d /opt/sonarqube/ -g sonar sonar
+sudo chown sonar:sonar /opt/sonarqube/ -R
+cp /opt/sonarqube/conf/sonar.properties /root/sonar.properties_backup
+cat < /opt/sonarqube/conf/sonar.properties
+sonar.jdbc.username=sonar
+sonar.jdbc.password=admin123
+sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube
+sonar.web.host=0.0.0.0
+sonar.web.port=9000
+sonar.web.javaAdditionalOpts=-server
+sonar.search.javaOpts=-Xmx512m -Xms512m -XX:+HeapDumpOnOutOfMemoryError
+sonar.log.level=INFO
+sonar.path.logs=logs
+EOT
+
+cat < /etc/systemd/system/sonarqube.service
+[Unit]
+Description=SonarQube service
+After=syslog.target network.target
+
+[Service]
+Type=forking
+
+ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
+ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
+
+User=sonar
+Group=sonar
+Restart=always
+
+LimitNOFILE=65536
+LimitNPROC=4096
+
+
+[Install]
+WantedBy=multi-user.target
+EOT
+
+systemctl daemon-reload
+systemctl enable sonarqube.service
+#systemctl start sonarqube.service
+#systemctl status -l sonarqube.service
+apt-get install nginx -y
+rm -rf /etc/nginx/sites-enabled/default
+rm -rf /etc/nginx/sites-available/default
+cat < /etc/nginx/sites-available/sonarqube
+server{
+ listen 80;
+ server_name sonarqube.groophy.in;
+
+ access_log /var/log/nginx/sonar.access.log;
+ error_log /var/log/nginx/sonar.error.log;
+
+ proxy_buffers 16 64k;
+ proxy_buffer_size 128k;
+
+ location / {
+ proxy_pass http://127.0.0.1:9000;
+ proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+ proxy_redirect off;
+
+ proxy_set_header Host \$host;
+ proxy_set_header X-Real-IP \$remote_addr;
+ proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto http;
+ }
+}
+EOT
+ln -s /etc/nginx/sites-available/sonarqube /etc/nginx/sites-enabled/sonarqube
+systemctl enable nginx.service
+#systemctl restart nginx.service
+sudo ufw allow 80,9000,9001/tcp
+
+echo "System reboot in 30 sec"
+sleep 30
+reboot