From c25c9630347ab80598fd2321d91dbea5907015b8 Mon Sep 17 00:00:00 2001 From: Imran Teli Date: Sat, 1 Jul 2023 13:08:45 +0530 Subject: [PATCH 01/27] jenkins userdata --- Jenkinsfile | 4 +- userdata/jenkins-setup.sh | 15 ++++ userdata/nexus-setup.sh | 35 +++++++++ userdata/sonar-analysis-properties | 10 +++ userdata/sonar-setup.sh | 119 +++++++++++++++++++++++++++++ 5 files changed, 181 insertions(+), 2 deletions(-) create mode 100644 userdata/jenkins-setup.sh create mode 100644 userdata/nexus-setup.sh create mode 100644 userdata/sonar-analysis-properties create mode 100644 userdata/sonar-setup.sh diff --git a/Jenkinsfile b/Jenkinsfile index be7508be5..969d00c6e 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -11,7 +11,7 @@ pipeline { NEXUS_PROTOCOL = "http" NEXUS_URL = "172.31.40.209:8081" NEXUS_REPOSITORY = "vprofile-release" - NEXUS_REPO_ID = "vprofile-release" + NEXUS_REPOGRP_ID = "vprofile-grp-repo" NEXUS_CREDENTIAL_ID = "nexuslogin" ARTVERSION = "${env.BUILD_ID}" } @@ -91,7 +91,7 @@ pipeline { nexusVersion: NEXUS_VERSION, protocol: NEXUS_PROTOCOL, nexusUrl: NEXUS_URL, - groupId: pom.groupId, + groupId: NEXUS_REPOGRP_ID, version: ARTVERSION, repository: NEXUS_REPOSITORY, credentialsId: NEXUS_CREDENTIAL_ID, diff --git a/userdata/jenkins-setup.sh b/userdata/jenkins-setup.sh new file mode 100644 index 000000000..7c849fc68 --- /dev/null +++ b/userdata/jenkins-setup.sh @@ -0,0 +1,15 @@ +#!/bin/bash +sudo apt update +sudo apt install openjdk-11-jdk -y +sudo apt install maven wget unzip -y + +curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee \ + /usr/share/keyrings/jenkins-keyring.asc > /dev/null + +echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \ + https://pkg.jenkins.io/debian-stable binary/ | sudo tee \ + /etc/apt/sources.list.d/jenkins.list > /dev/null + +sudo apt-get update +sudo apt-get install jenkins -y +### diff --git a/userdata/nexus-setup.sh b/userdata/nexus-setup.sh new file mode 100644 index 000000000..f3fadecc6 --- /dev/null +++ b/userdata/nexus-setup.sh @@ -0,0 +1,35 @@ +#!/bin/bash +yum install java-1.8.0-openjdk.x86_64 wget -y +mkdir -p /opt/nexus/ +mkdir -p /tmp/nexus/ +cd /tmp/nexus/ +NEXUSURL="https://download.sonatype.com/nexus/3/latest-unix.tar.gz" +wget $NEXUSURL -O nexus.tar.gz +EXTOUT=`tar xzvf nexus.tar.gz` +NEXUSDIR=`echo $EXTOUT | cut -d '/' -f1` +rm -rf /tmp/nexus/nexus.tar.gz +rsync -avzh /tmp/nexus/ /opt/nexus/ +useradd nexus +chown -R nexus.nexus /opt/nexus +cat <> /etc/systemd/system/nexus.service +[Unit] +Description=nexus service +After=network.target + +[Service] +Type=forking +LimitNOFILE=65536 +ExecStart=/opt/nexus/$NEXUSDIR/bin/nexus start +ExecStop=/opt/nexus/$NEXUSDIR/bin/nexus stop +User=nexus +Restart=on-abort + +[Install] +WantedBy=multi-user.target + +EOT + +echo 'run_as_user="nexus"' > /opt/nexus/$NEXUSDIR/bin/nexus.rc +systemctl daemon-reload +systemctl start nexus +systemctl enable nexus diff --git a/userdata/sonar-analysis-properties b/userdata/sonar-analysis-properties new file mode 100644 index 000000000..8751fe7fd --- /dev/null +++ b/userdata/sonar-analysis-properties @@ -0,0 +1,10 @@ +sonar.projectKey=vprofile +sonar.projectName=vprofile-repo +sonar.projectVersion=1.0 +sonar.sources=src/ +sonar.java.binaries=target/test-classes/com/visualpathit/account/controllerTest/ +sonar.junit.reportsPath=target/surefire-reports/ +sonar.jacoco.reportsPath=target/jacoco.exec +sonar.java.checkstyle.reportPaths=target/checkstyle-result.xml + + diff --git a/userdata/sonar-setup.sh b/userdata/sonar-setup.sh new file mode 100644 index 000000000..99a3a78b7 --- /dev/null +++ b/userdata/sonar-setup.sh @@ -0,0 +1,119 @@ +#!/bin/bash +cp /etc/sysctl.conf /root/sysctl.conf_backup +cat < /etc/sysctl.conf +vm.max_map_count=262144 +fs.file-max=65536 +ulimit -n 65536 +ulimit -u 4096 +EOT +cp /etc/security/limits.conf /root/sec_limit.conf_backup +cat < /etc/security/limits.conf +sonarqube - nofile 65536 +sonarqube - nproc 409 +EOT + +sudo apt-get update -y +sudo apt-get install openjdk-11-jdk -y +sudo update-alternatives --config java + +java -version + +sudo apt update +wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add - + +sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list' +sudo apt install postgresql postgresql-contrib -y +#sudo -u postgres psql -c "SELECT version();" +sudo systemctl enable postgresql.service +sudo systemctl start postgresql.service +sudo echo "postgres:admin123" | chpasswd +runuser -l postgres -c "createuser sonar" +sudo -i -u postgres psql -c "ALTER USER sonar WITH ENCRYPTED PASSWORD 'admin123';" +sudo -i -u postgres psql -c "CREATE DATABASE sonarqube OWNER sonar;" +sudo -i -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE sonarqube to sonar;" +systemctl restart postgresql +#systemctl status -l postgresql +netstat -tulpena | grep postgres +sudo mkdir -p /sonarqube/ +cd /sonarqube/ +sudo curl -O https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.3.0.34182.zip +sudo apt-get install zip -y +sudo unzip -o sonarqube-8.3.0.34182.zip -d /opt/ +sudo mv /opt/sonarqube-8.3.0.34182/ /opt/sonarqube +sudo groupadd sonar +sudo useradd -c "SonarQube - User" -d /opt/sonarqube/ -g sonar sonar +sudo chown sonar:sonar /opt/sonarqube/ -R +cp /opt/sonarqube/conf/sonar.properties /root/sonar.properties_backup +cat < /opt/sonarqube/conf/sonar.properties +sonar.jdbc.username=sonar +sonar.jdbc.password=admin123 +sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube +sonar.web.host=0.0.0.0 +sonar.web.port=9000 +sonar.web.javaAdditionalOpts=-server +sonar.search.javaOpts=-Xmx512m -Xms512m -XX:+HeapDumpOnOutOfMemoryError +sonar.log.level=INFO +sonar.path.logs=logs +EOT + +cat < /etc/systemd/system/sonarqube.service +[Unit] +Description=SonarQube service +After=syslog.target network.target + +[Service] +Type=forking + +ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start +ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop + +User=sonar +Group=sonar +Restart=always + +LimitNOFILE=65536 +LimitNPROC=4096 + + +[Install] +WantedBy=multi-user.target +EOT + +systemctl daemon-reload +systemctl enable sonarqube.service +#systemctl start sonarqube.service +#systemctl status -l sonarqube.service +apt-get install nginx -y +rm -rf /etc/nginx/sites-enabled/default +rm -rf /etc/nginx/sites-available/default +cat < /etc/nginx/sites-available/sonarqube +server{ + listen 80; + server_name sonarqube.groophy.in; + + access_log /var/log/nginx/sonar.access.log; + error_log /var/log/nginx/sonar.error.log; + + proxy_buffers 16 64k; + proxy_buffer_size 128k; + + location / { + proxy_pass http://127.0.0.1:9000; + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header Host \$host; + proxy_set_header X-Real-IP \$remote_addr; + proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto http; + } +} +EOT +ln -s /etc/nginx/sites-available/sonarqube /etc/nginx/sites-enabled/sonarqube +systemctl enable nginx.service +#systemctl restart nginx.service +sudo ufw allow 80,9000,9001/tcp + +echo "System reboot in 30 sec" +sleep 30 +reboot From 1dc4db65f882750c0ba4a7b50d7563e9a75a1b0a Mon Sep 17 00:00:00 2001 From: hkhcoder <137309866+hkhcoder@users.noreply.github.com> Date: Sat, 1 Jul 2023 14:01:42 +0530 Subject: [PATCH 02/27] Update nexus-setup.sh --- userdata/nexus-setup.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/userdata/nexus-setup.sh b/userdata/nexus-setup.sh index f3fadecc6..4d0c48fc4 100644 --- a/userdata/nexus-setup.sh +++ b/userdata/nexus-setup.sh @@ -5,10 +5,13 @@ mkdir -p /tmp/nexus/ cd /tmp/nexus/ NEXUSURL="https://download.sonatype.com/nexus/3/latest-unix.tar.gz" wget $NEXUSURL -O nexus.tar.gz +sleep 10 EXTOUT=`tar xzvf nexus.tar.gz` NEXUSDIR=`echo $EXTOUT | cut -d '/' -f1` +sleep 5 rm -rf /tmp/nexus/nexus.tar.gz -rsync -avzh /tmp/nexus/ /opt/nexus/ +cp -r /tmp/nexus/* /opt/nexus/ +sleep 5 useradd nexus chown -R nexus.nexus /opt/nexus cat <> /etc/systemd/system/nexus.service From c757e03a6292fc2ff8a457e59ab482c31dc8ce7b Mon Sep 17 00:00:00 2001 From: hkhcoder <137309866+hkhcoder@users.noreply.github.com> Date: Mon, 16 Oct 2023 11:04:18 +0400 Subject: [PATCH 03/27] Update pom.xml --- pom.xml | 139 ++++++++++++++++++++------------------------------------ 1 file changed, 49 insertions(+), 90 deletions(-) diff --git a/pom.xml b/pom.xml index 03bba333b..b67647827 100644 --- a/pom.xml +++ b/pom.xml @@ -13,7 +13,7 @@ 1.8.2.RELEASE 4.3.11.Final 5.2.1.Final - 8.0.32 + 5.1.36 1.4 1.2 4.10 @@ -28,13 +28,13 @@ spring-web ${spring.version} - + org.springframework spring-webmvc ${spring.version} - + org.springframework.security spring-security-web @@ -90,82 +90,36 @@ test - org.mockito - mockito-core - 1.9.5 - test - - - org.springframework - spring-test - 3.2.3.RELEASE - test - - - javax.servlet - javax.servlet-api - 3.1.0 - provided - + org.mockito + mockito-core + 1.9.5 + test + + + org.springframework + spring-test + 3.2.3.RELEASE + test + + + javax.servlet + javax.servlet-api + 3.1.0 + provided + ch.qos.logback logback-classic ${logback.version} - org.hamcrest - hamcrest-all - 1.3 - test - - - commons-fileupload - commons-fileupload - 1.3.1 - - - - net.spy - spymemcached - 2.12.3 - - - commons-io - commons-io - 2.4 - - - - org.springframework.amqp - spring-rabbit - 1.7.1.RELEASE - - - - com.rabbitmq - amqp-client - 4.0.2 - - - - org.elasticsearch - elasticsearch - 5.6.4 - - - - org.elasticsearch.client - transport - 5.6.4 - - - - com.google.code.gson - gson - 2.8.2 + org.hamcrest + hamcrest-all + 1.3 + test - + org.eclipse.jetty @@ -179,7 +133,7 @@ - + org.apache.maven.plugins maven-war-plugin 3.2.2 @@ -188,24 +142,29 @@ org.jacoco jacoco-maven-plugin 0.8.4 - - - jacoco-initialize - process-resources - - prepare-agent - - - - jacoco-site - post-integration-test - - report - - - - - + + + jacoco-initialize + process-resources + + prepare-agent + + + + jacoco-site + post-integration-test + + report + + + + + + + ${NEXUS-GRP-REPO} + http://${NEXUSIP}:${NEXUSPORT}/repository/${NEXUS-GRP-REPO}/ + + From d98cb9e3134bfbb592b098b5d39294d25b6f9ce7 Mon Sep 17 00:00:00 2001 From: hkhcoder <137309866+hkhcoder@users.noreply.github.com> Date: Mon, 16 Oct 2023 11:04:50 +0400 Subject: [PATCH 04/27] Create settings.xml --- settings.xml | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 settings.xml diff --git a/settings.xml b/settings.xml new file mode 100644 index 000000000..eb788f017 --- /dev/null +++ b/settings.xml @@ -0,0 +1,38 @@ + + + + + + ${SNAP-REPO} + ${NEXUS-USER} + ${NEXUS-PASS} + + + ${RELEASE-REPO} + ${NEXUS-USER} + ${NEXUS-PASS} + + + ${CENTRAL-REPO} + ${NEXUS-USER} + ${NEXUS-PASS} + + + ${NEXUS-GRP-REPO} + ${NEXUS-USER} + ${NEXUS-PASS} + + + + + + ${CENTRAL-REPO} + ${CENTRAL-REPO} + http://${NEXUSIP}:${NEXUSPORT}/repository/${NEXUS-GRP-REPO}/ + * + + + + From 0f8fd84d4485c574035f576740403ec3405d1a87 Mon Sep 17 00:00:00 2001 From: hkhcoder <137309866+hkhcoder@users.noreply.github.com> Date: Fri, 3 Nov 2023 09:31:14 +0400 Subject: [PATCH 05/27] Update pom.xml --- pom.xml | 135 ++++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 91 insertions(+), 44 deletions(-) diff --git a/pom.xml b/pom.xml index b67647827..b9640ea63 100644 --- a/pom.xml +++ b/pom.xml @@ -13,7 +13,7 @@ 1.8.2.RELEASE 4.3.11.Final 5.2.1.Final - 5.1.36 + 8.0.22 1.4 1.2 4.10 @@ -28,13 +28,13 @@ spring-web ${spring.version} - + org.springframework spring-webmvc ${spring.version} - + org.springframework.security spring-security-web @@ -90,36 +90,82 @@ test - org.mockito - mockito-core - 1.9.5 - test - - - org.springframework - spring-test - 3.2.3.RELEASE - test - - - javax.servlet - javax.servlet-api - 3.1.0 - provided - + org.mockito + mockito-core + 1.9.5 + test + + + org.springframework + spring-test + 3.2.3.RELEASE + test + + + javax.servlet + javax.servlet-api + 3.1.0 + provided + ch.qos.logback logback-classic ${logback.version} - org.hamcrest - hamcrest-all - 1.3 - test + org.hamcrest + hamcrest-all + 1.3 + test + + + commons-fileupload + commons-fileupload + 1.3.1 + + + + net.spy + spymemcached + 2.12.3 + + + commons-io + commons-io + 2.4 + + + + org.springframework.amqp + spring-rabbit + 1.7.1.RELEASE + + + + com.rabbitmq + amqp-client + 4.0.2 + + + + org.elasticsearch + elasticsearch + 5.6.4 + + + + org.elasticsearch.client + transport + 5.6.4 + + + + com.google.code.gson + gson + 2.8.2 - + org.eclipse.jetty @@ -133,7 +179,7 @@ - + org.apache.maven.plugins maven-war-plugin 3.2.2 @@ -142,29 +188,30 @@ org.jacoco jacoco-maven-plugin 0.8.4 - - - jacoco-initialize - process-resources - - prepare-agent - - - - jacoco-site - post-integration-test - - report - - - - + + + jacoco-initialize + process-resources + + prepare-agent + + + + jacoco-site + post-integration-test + + report + + + + + ${NEXUS-GRP-REPO} - http://${NEXUSIP}:${NEXUSPORT}/repository/${NEXUS-GRP-REPO}/ + http://${NEXUSIP}:${NEXUSPORT}/repository/${NEXUS_GRP_REPO}/ From cd1439122336b16de4c89c81a704474975deac76 Mon Sep 17 00:00:00 2001 From: hkhcoder <137309866+hkhcoder@users.noreply.github.com> Date: Fri, 3 Nov 2023 09:31:33 +0400 Subject: [PATCH 06/27] Update pom.xml --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index b9640ea63..9579838c0 100644 --- a/pom.xml +++ b/pom.xml @@ -211,7 +211,7 @@ ${NEXUS-GRP-REPO} - http://${NEXUSIP}:${NEXUSPORT}/repository/${NEXUS_GRP_REPO}/ + http://${NEXUSIP}:${NEXUSPORT}/repository/${NEXUS-GRP-REPO}/ From 55e76b9da4e186f112a49aa0322fcdf9c3eca3fd Mon Sep 17 00:00:00 2001 From: hkhcoder <137309866+hkhcoder@users.noreply.github.com> Date: Mon, 19 Aug 2024 10:03:30 +0530 Subject: [PATCH 07/27] Update nexus-setup.sh with jdk17 --- userdata/nexus-setup.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/userdata/nexus-setup.sh b/userdata/nexus-setup.sh index 4d0c48fc4..b8069b223 100644 --- a/userdata/nexus-setup.sh +++ b/userdata/nexus-setup.sh @@ -1,5 +1,10 @@ #!/bin/bash -yum install java-1.8.0-openjdk.x86_64 wget -y + +sudo rpm --import https://yum.corretto.aws/corretto.key +sudo curl -L -o /etc/yum.repos.d/corretto.repo https://yum.corretto.aws/corretto.repo + +sudo yum install -y java-17-amazon-corretto-devel wget -y + mkdir -p /opt/nexus/ mkdir -p /tmp/nexus/ cd /tmp/nexus/ From 6dde3d2417c4a08121f015c209b3bb2002c64e53 Mon Sep 17 00:00:00 2001 From: hkhcoder <137309866+hkhcoder@users.noreply.github.com> Date: Thu, 16 Jan 2025 09:24:14 +0530 Subject: [PATCH 08/27] Update jenkins-setup.sh --- userdata/jenkins-setup.sh | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/userdata/jenkins-setup.sh b/userdata/jenkins-setup.sh index 7c849fc68..554c539e4 100644 --- a/userdata/jenkins-setup.sh +++ b/userdata/jenkins-setup.sh @@ -1,15 +1,15 @@ #!/bin/bash sudo apt update -sudo apt install openjdk-11-jdk -y -sudo apt install maven wget unzip -y - -curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee \ - /usr/share/keyrings/jenkins-keyring.asc > /dev/null - -echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \ - https://pkg.jenkins.io/debian-stable binary/ | sudo tee \ - /etc/apt/sources.list.d/jenkins.list > /dev/null - + +sudo apt install openjdk-17-jdk -y + +sudo wget -O /usr/share/keyrings/jenkins-keyring.asc \ +https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key + +echo "deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc]" \ +https://pkg.jenkins.io/debian-stable binary/ | sudo tee \ +/etc/apt/sources.list.d/jenkins.list > /dev/null + sudo apt-get update + sudo apt-get install jenkins -y -### From 32b4f26ee066f39bdf3d4b9b120eb7d91a2bf1c9 Mon Sep 17 00:00:00 2001 From: hkhcoder <137309866+hkhcoder@users.noreply.github.com> Date: Wed, 5 Mar 2025 19:57:41 +0530 Subject: [PATCH 09/27] Update nexus-setup.sh --- userdata/nexus-setup.sh | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/userdata/nexus-setup.sh b/userdata/nexus-setup.sh index b8069b223..c6477971f 100644 --- a/userdata/nexus-setup.sh +++ b/userdata/nexus-setup.sh @@ -5,10 +5,10 @@ sudo curl -L -o /etc/yum.repos.d/corretto.repo https://yum.corretto.aws/corretto sudo yum install -y java-17-amazon-corretto-devel wget -y -mkdir -p /opt/nexus/ -mkdir -p /tmp/nexus/ +mkdir -p /opt/nexus/ +mkdir -p /tmp/nexus/ cd /tmp/nexus/ -NEXUSURL="https://download.sonatype.com/nexus/3/latest-unix.tar.gz" +NEXUSURL="https://download.sonatype.com/nexus/3/nexus-unix-x86-64-3.78.0-14.tar.gz" wget $NEXUSURL -O nexus.tar.gz sleep 10 EXTOUT=`tar xzvf nexus.tar.gz` @@ -18,22 +18,22 @@ rm -rf /tmp/nexus/nexus.tar.gz cp -r /tmp/nexus/* /opt/nexus/ sleep 5 useradd nexus -chown -R nexus.nexus /opt/nexus +chown -R nexus.nexus /opt/nexus cat <> /etc/systemd/system/nexus.service -[Unit] -Description=nexus service -After=network.target - -[Service] -Type=forking -LimitNOFILE=65536 -ExecStart=/opt/nexus/$NEXUSDIR/bin/nexus start -ExecStop=/opt/nexus/$NEXUSDIR/bin/nexus stop -User=nexus -Restart=on-abort - -[Install] -WantedBy=multi-user.target +[Unit] +Description=nexus service +After=network.target + +[Service] +Type=forking +LimitNOFILE=65536 +ExecStart=/opt/nexus/$NEXUSDIR/bin/nexus start +ExecStop=/opt/nexus/$NEXUSDIR/bin/nexus stop +User=nexus +Restart=on-abort + +[Install] +WantedBy=multi-user.target EOT From 2afe12bc0fbfeba0e5d32d8030da2155d258876e Mon Sep 17 00:00:00 2001 From: punee48 Date: Thu, 5 Feb 2026 17:25:51 +0600 Subject: [PATCH 10/27] Upgraded Jenkins File --- Jenkinsfile | 133 +++++++++++++++++----------------------------------- 1 file changed, 44 insertions(+), 89 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 969d00c6e..627c18df7 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,67 +1,66 @@ pipeline { - - agent any -/* - tools { - maven "maven3" + // Agent we will use any Agent Node in the Jenkins to run this pipeline + agent any + + + tools { + // Mention the Tool configured in the Jenkins Server like Java, Maven, Git + maven 'Maven_Tool' + jdk 'Java_Tool' } -*/ + + // Set Environment Variable for the Nexus to interact to download the dependencies and upload artifacts in the Nexus environment { - NEXUS_VERSION = "nexus3" - NEXUS_PROTOCOL = "http" - NEXUS_URL = "172.31.40.209:8081" - NEXUS_REPOSITORY = "vprofile-release" - NEXUS_REPOGRP_ID = "vprofile-grp-repo" - NEXUS_CREDENTIAL_ID = "nexuslogin" - ARTVERSION = "${env.BUILD_ID}" + + NEXUS_USER = 'admin' + NEXUS_PASS = 'admin' + RELEASE_REPO = 'vprofile-release' + CENTRAL_REPO = 'vprofile-maven-central' + SNAP_REPO = 'vprofile-snapshot' + NEXUS_GRP_REPO = 'vprofile-maven-group' + NEXUSIP = '172.31.32.231' + NEXUSPORT = '8081' + NEXUS_LOGIN = 'NEXUS_CREDENTIALS' + SONAR_SCANNER = 'sonarscanner' + SONAR_SERVER_LOGIN = 'sonarserver' + } - - stages{ - - stage('BUILD'){ + + stages { + stage ('Build Applications') { steps { - sh 'mvn clean install -DskipTests' + sh 'mvn -s settings.xml -DskipTests install' // Run Install and use setting.xml file and skip unit test } post { success { - echo 'Now Archiving...' - archiveArtifacts artifacts: '**/target/*.war' + echo 'Now Archiving' + archiveArtifacts artifacts: '**/*.war' } } } - stage('UNIT TEST'){ - steps { + // Test Application + stage ('Test Application') { + step sh 'mvn test' } } - stage('INTEGRATION TEST'){ - steps { - sh 'mvn verify -DskipUnitTests' - } - } - - stage ('CODE ANALYSIS WITH CHECKSTYLE'){ + // Check Style Application for Vulnerability scan + stage ('CheckStyle for the Application') { steps { sh 'mvn checkstyle:checkstyle' } - post { - success { - echo 'Generated Analysis Result' - } - } } - stage('CODE ANALYSIS with SONARQUBE') { - - environment { - scannerHome = tool 'sonarscanner4' - } - - steps { - withSonarQubeEnv('sonar-pro') { - sh '''${scannerHome}/bin/sonar-scanner -Dsonar.projectKey=vprofile \ + // Upload Report to the Sonar Server to check the Vulnerability. Refer Documentation for code + stage ('Sonar Qube Analysis') { + environment { + scannerhome = tool "${SONAR_SCANNER}" // Mention the name used while configuring sonarscanner in the jenkins tools + } + steps { + withSonarQubeEnv("${SONAR_SERVER_LOGIN}") { + sh '''${scannerhome}/bin/sonar-scanner -Dsonar.projectKey=vprofile \ -Dsonar.projectName=vprofile-repo \ -Dsonar.projectVersion=1.0 \ -Dsonar.sources=src/ \ @@ -69,53 +68,9 @@ pipeline { -Dsonar.junit.reportsPath=target/surefire-reports/ \ -Dsonar.jacoco.reportsPath=target/jacoco.exec \ -Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml''' + } } - - timeout(time: 10, unit: 'MINUTES') { - waitForQualityGate abortPipeline: true - } - } } - stage("Publish to Nexus Repository Manager") { - steps { - script { - pom = readMavenPom file: "pom.xml"; - filesByGlob = findFiles(glob: "target/*.${pom.packaging}"); - echo "${filesByGlob[0].name} ${filesByGlob[0].path} ${filesByGlob[0].directory} ${filesByGlob[0].length} ${filesByGlob[0].lastModified}" - artifactPath = filesByGlob[0].path; - artifactExists = fileExists artifactPath; - if(artifactExists) { - echo "*** File: ${artifactPath}, group: ${pom.groupId}, packaging: ${pom.packaging}, version ${pom.version} ARTVERSION"; - nexusArtifactUploader( - nexusVersion: NEXUS_VERSION, - protocol: NEXUS_PROTOCOL, - nexusUrl: NEXUS_URL, - groupId: NEXUS_REPOGRP_ID, - version: ARTVERSION, - repository: NEXUS_REPOSITORY, - credentialsId: NEXUS_CREDENTIAL_ID, - artifacts: [ - [artifactId: pom.artifactId, - classifier: '', - file: artifactPath, - type: pom.packaging], - [artifactId: pom.artifactId, - classifier: '', - file: "pom.xml", - type: "pom"] - ] - ); - } - else { - error "*** File: ${artifactPath}, could not be found"; - } - } - } - } - - } - - -} +} \ No newline at end of file From 976f94dc3438ce11bf8eccc3b373d6d3137fa0a6 Mon Sep 17 00:00:00 2001 From: punee48 Date: Thu, 5 Feb 2026 17:33:06 +0600 Subject: [PATCH 11/27] Refactor Jenkinsfile for improved formatting and consistency --- Jenkinsfile | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 627c18df7..c4d0c8e03 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -2,7 +2,6 @@ pipeline { // Agent we will use any Agent Node in the Jenkins to run this pipeline agent any - tools { // Mention the Tool configured in the Jenkins Server like Java, Maven, Git maven 'Maven_Tool' @@ -27,7 +26,7 @@ pipeline { } stages { - stage ('Build Applications') { + stage('Build Applications') { steps { sh 'mvn -s settings.xml -DskipTests install' // Run Install and use setting.xml file and skip unit test } @@ -40,22 +39,22 @@ pipeline { } // Test Application - stage ('Test Application') { - step + stage('Test Application') { + steps { sh 'mvn test' } } // Check Style Application for Vulnerability scan - stage ('CheckStyle for the Application') { + stage('CheckStyle for the Application') { steps { sh 'mvn checkstyle:checkstyle' } } // Upload Report to the Sonar Server to check the Vulnerability. Refer Documentation for code - stage ('Sonar Qube Analysis') { - environment { + stage('Sonar Qube Analysis') { + environment { scannerhome = tool "${SONAR_SCANNER}" // Mention the name used while configuring sonarscanner in the jenkins tools } steps { @@ -71,6 +70,5 @@ pipeline { } } } - } } \ No newline at end of file From 94acfcb895d71d3e1bbf14c0f8e9166602c9dd13 Mon Sep 17 00:00:00 2001 From: punee48 Date: Thu, 5 Feb 2026 17:37:51 +0600 Subject: [PATCH 12/27] Fix formatting of repository IDs in settings.xml for consistency --- settings.xml | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/settings.xml b/settings.xml index eb788f017..33737b513 100644 --- a/settings.xml +++ b/settings.xml @@ -5,34 +5,34 @@ - ${SNAP-REPO} - ${NEXUS-USER} - ${NEXUS-PASS} + ${SNAP_REPO} + ${NEXUS_USER} + ${NEXUS_PASS} - ${RELEASE-REPO} - ${NEXUS-USER} - ${NEXUS-PASS} + ${RELEASE_REPO} + ${NEXUS_USER} + ${NEXUS_PASS} - ${CENTRAL-REPO} - ${NEXUS-USER} - ${NEXUS-PASS} + ${CENTRAL_REPO} + ${NEXUS_USER} + ${NEXUS_PASS} - ${NEXUS-GRP-REPO} - ${NEXUS-USER} - ${NEXUS-PASS} + ${NEXUS_GRP_REPO} + ${NEXUS_USER} + ${NEXUS_PASS} - ${CENTRAL-REPO} - ${CENTRAL-REPO} - http://${NEXUSIP}:${NEXUSPORT}/repository/${NEXUS-GRP-REPO}/ + ${CENTRAL_REPO} + ${CENTRAL_REPO} + http://${NEXUSIP}:${NEXUSPORT}/repository/${NEXUS_GRP_REPO}/ * - + \ No newline at end of file From 495d763e2e9d8e0592587fcee29305bee6f509be Mon Sep 17 00:00:00 2001 From: punee48 Date: Thu, 5 Feb 2026 17:41:46 +0600 Subject: [PATCH 13/27] Fix typo in SONAR_SCANNER environment variable name in Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index c4d0c8e03..1a80e17a0 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -20,7 +20,7 @@ pipeline { NEXUSIP = '172.31.32.231' NEXUSPORT = '8081' NEXUS_LOGIN = 'NEXUS_CREDENTIALS' - SONAR_SCANNER = 'sonarscanner' + SONAR_SCANNER = 'sonarqubescanner' SONAR_SERVER_LOGIN = 'sonarserver' } From 147c040d946d2088f6df033330e72f9f0b561594 Mon Sep 17 00:00:00 2001 From: punee48 Date: Thu, 5 Feb 2026 19:10:27 +0600 Subject: [PATCH 14/27] Add SONAR_SCANNER_OPTS to resolve Java 17 compatibility issues --- Jenkinsfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 1a80e17a0..e8b03ae4f 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -57,6 +57,8 @@ pipeline { environment { scannerhome = tool "${SONAR_SCANNER}" // Mention the name used while configuring sonarscanner in the jenkins tools } + // ADD THIS LINE BELOW to fix the Java 17 error + SONAR_SCANNER_OPTS = "--add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/java.lang.reflect=ALL-UNNAMED" steps { withSonarQubeEnv("${SONAR_SERVER_LOGIN}") { sh '''${scannerhome}/bin/sonar-scanner -Dsonar.projectKey=vprofile \ From 5911c0d56a3aa25e929c2c5f983628f87b2dff92 Mon Sep 17 00:00:00 2001 From: punee48 Date: Thu, 5 Feb 2026 19:14:16 +0600 Subject: [PATCH 15/27] Add SONAR_SCANNER_OPTS to resolve Java 17 compatibility issues in Sonar Qube Analysis stage --- Jenkinsfile | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index e8b03ae4f..86a14750e 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -56,9 +56,12 @@ pipeline { stage('Sonar Qube Analysis') { environment { scannerhome = tool "${SONAR_SCANNER}" // Mention the name used while configuring sonarscanner in the jenkins tools + // ADD THIS LINE BELOW to fix the Java 17 error + + SONAR_SCANNER_OPTS = "--add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/java.lang.reflect=ALL-UNNAMED" } - // ADD THIS LINE BELOW to fix the Java 17 error - SONAR_SCANNER_OPTS = "--add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/java.lang.reflect=ALL-UNNAMED" + + steps { withSonarQubeEnv("${SONAR_SERVER_LOGIN}") { sh '''${scannerhome}/bin/sonar-scanner -Dsonar.projectKey=vprofile \ From 394ecbdc3f215f402883ecbb3d024a4ed014a124 Mon Sep 17 00:00:00 2001 From: punee48 Date: Thu, 5 Feb 2026 19:30:21 +0600 Subject: [PATCH 16/27] Add Quality Gates stage to Jenkins pipeline and update README with Quality Gates information --- Jenkinsfile | 8 ++++++++ README.md | 11 +++++++++++ 2 files changed, 19 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 86a14750e..95c5ea9d4 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -75,5 +75,13 @@ pipeline { } } } + stage('Validate Quality Gates') { + steps { + //timeout is 1 hrs + timeout(time: 1, unit: 'HOURS') { + waitForQualityGate abortPipeline: true + } + } + } } } \ No newline at end of file diff --git a/README.md b/README.md index 88fd3cbba..8edf46b86 100644 --- a/README.md +++ b/README.md @@ -23,3 +23,14 @@ sql dump file: - > mysql -u -p accounts < db_backup.sql +--- + +## Quality Gates + +In Sonar Qube, We can create a Quality Gates and add Condition for overall code (Bugs) + +Attach the Qualtiy gates to the projects. + +- Sonar qube will send result to the jenkins. We need to add webhook in the Sonarqube + +- Add Stages for Quality Gates in the Jenkin Pipeline \ No newline at end of file From aeb945a894f631e48b1dc4c1a3a909452fc1846c Mon Sep 17 00:00:00 2001 From: punee48 Date: Thu, 5 Feb 2026 19:54:23 +0600 Subject: [PATCH 17/27] Add stage to upload artifacts to Nexus and update README with artifact publishing instructions --- Jenkinsfile | 21 +++++++++++++++++++++ README.md | 16 +++++++++++++++- 2 files changed, 36 insertions(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 95c5ea9d4..a1ddb7af5 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -83,5 +83,26 @@ pipeline { } } } + + // Upload Artifacts to the Nexus Repos + stage('Upload Artifacts') { + steps { + nexusArtifactUploader( + nexusVersion: 'nexus3', + protocol: 'http', + nexusUrl: "${NEXUSIP}:${NEXUSPORT}", + groupId: 'QA', + version: "${env.BUILD_ID}-${env.BUILD_TIMESTAMP}", + repository: "${RELEASE_REPO}", + credentialsId: "${NEXUS_LOGIN}", + artifacts: [ + [artifactId: 'vproapp', + classifier: '', + file: 'target/vprofile-v2.war', + type: 'war'] + ] + ) + } + } } } \ No newline at end of file diff --git a/README.md b/README.md index 8edf46b86..9d6326288 100644 --- a/README.md +++ b/README.md @@ -33,4 +33,18 @@ Attach the Qualtiy gates to the projects. - Sonar qube will send result to the jenkins. We need to add webhook in the Sonarqube -- Add Stages for Quality Gates in the Jenkin Pipeline \ No newline at end of file +- Add Stages for Quality Gates in the Jenkin Pipeline + +--- + +## Publish Artifact to Nexus Repos + +We need to upload our application artifact to the nexus repos (vprofile-release) and need to store the file with timestamp and version + +- In code we need to apply timestamp of the war file + +- Manage Jenkins -> Tool -> Build Timestamp + +- Write code to upload artifact to the nexus + +- Check in the nexus the code will be available \ No newline at end of file From 2da0efea7414a7f500adbc11d48abd4624bff20d Mon Sep 17 00:00:00 2001 From: punee48 Date: Thu, 5 Feb 2026 20:21:17 +0600 Subject: [PATCH 18/27] Add email notification for pipeline completion status --- Jenkinsfile | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index a1ddb7af5..26e48c827 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -105,4 +105,19 @@ pipeline { } } } + + // Email Notification Of the Status of Pipeline + post { + always { + echo 'Pipeline has been completed Sending Pipeline Status through Email...' + emailext ( + body: """

Jenkins Build Status: ${currentBuild.currentResult}

+

Job Name: ${env.JOB_NAME}

+

Build Number: ${env.BUILD_NUMBER}

+

Check console output at: ${env.BUILD_URL}

""" + subject: "Jenkins Build ${currentBuild.currentResult}: Job ${env.JOB_NAME} | ${env.BUILD_NUMBER}", + to: 'puneethkumar482000@gmail.com' + ) + } + } } \ No newline at end of file From fb4fab40037656c782ecd25fd128c6709460ebe8 Mon Sep 17 00:00:00 2001 From: punee48 Date: Thu, 5 Feb 2026 20:22:19 +0600 Subject: [PATCH 19/27] Update email notification to include build status and job details --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 26e48c827..137140153 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -114,7 +114,7 @@ pipeline { body: """

Jenkins Build Status: ${currentBuild.currentResult}

Job Name: ${env.JOB_NAME}

Build Number: ${env.BUILD_NUMBER}

-

Check console output at: ${env.BUILD_URL}

""" +

Check console output at: ${env.BUILD_URL}

""", subject: "Jenkins Build ${currentBuild.currentResult}: Job ${env.JOB_NAME} | ${env.BUILD_NUMBER}", to: 'puneethkumar482000@gmail.com' ) From 45247acb375a4059c58cbbd8f947997a7f4ae798 Mon Sep 17 00:00:00 2001 From: punee48 Date: Thu, 5 Feb 2026 21:25:28 +0600 Subject: [PATCH 20/27] Increase timeout value in ansible configuration from 30 to 35 seconds --- ansible/ansible.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg index 6d2dcd6a9..e9c119cf3 100644 --- a/ansible/ansible.cfg +++ b/ansible/ansible.cfg @@ -1,3 +1,3 @@ [defaults] host_key_checking = False -timeout = 30 +timeout = 35 From 3aa2213d3a67774636f4d7cd7ff1eee0fb36902d Mon Sep 17 00:00:00 2001 From: punee48 Date: Mon, 9 Feb 2026 20:18:54 +0600 Subject: [PATCH 21/27] Add Ansible deployment stage and update README with deployment instructions --- .vscode/settings.json | 3 + Jenkinsfile | 27 +++++ README.md | 174 ++++++++++++++++++++++++++++- ansible/inventory | 2 + practise_playbook/deployment.yml | 95 ++++++++++++++++ practise_playbook/tomcat_setup.yml | 97 ++++++++++++++++ 6 files changed, 397 insertions(+), 1 deletion(-) create mode 100644 .vscode/settings.json create mode 100644 ansible/inventory create mode 100644 practise_playbook/deployment.yml create mode 100644 practise_playbook/tomcat_setup.yml diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 000000000..5d71af861 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,3 @@ +{ + "ansible.python.interpreterPath": "/bin/python3" +} \ No newline at end of file diff --git a/Jenkinsfile b/Jenkinsfile index 137140153..a8947c4cd 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -22,6 +22,7 @@ pipeline { NEXUS_LOGIN = 'NEXUS_CREDENTIALS' SONAR_SCANNER = 'sonarqubescanner' SONAR_SERVER_LOGIN = 'sonarserver' + NEXUS_CRED = credentials('Nexus_Login') } @@ -104,6 +105,32 @@ pipeline { ) } } + + stage('Ansible Deployment in App Stagging Server') { + steps { + ansiblePlaybook( + playbook: 'ansible/site.yml', // In this File we have used Import command to import the other playbooks + inventory: 'ansible/inventory', + credentialsId: 'SSHKEY_APP_STAG', // Cred ID of the SSH Key used to connect to the app stagging server + colorized: true, + installation: 'ansible', + disableHostKeyChecking: true // Means Jenkins will not check for the host key verification while connecting to the server + extraVars: + [ + USER: 'admin', + PASS: "${NEXUS_CRED}", + nexusip: "${NEXUSIP}", + reponame: "${RELEASE_REPO}", + groupid: 'QA', + time: "${env.BUILD_TIMESTAMP}", + build: "${env.BUILD_ID}", + vprofile_version: "${env.BUILD_ID}-${env.BUILD_TIMESTAMP}", + artifactId: 'vproapp' + + ] + ) + } + } } // Email Notification Of the Status of Pipeline diff --git a/README.md b/README.md index 9d6326288..8f5d6c9b6 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,7 @@ - Memcached - Rabbitmq - ElasticSearch + # Database Here,we used Mysql DB sql dump file: @@ -47,4 +48,175 @@ We need to upload our application artifact to the nexus repos (vprofile-release) - Write code to upload artifact to the nexus -- Check in the nexus the code will be available \ No newline at end of file +- Check in the nexus the code will be available + +=== + +## Tomcat Playbook + +- Write a Playbook to install tomcat server in the App Server. + +- From Jenkins Master Server, we will execute ansible playbook to install tomat application in the App Server + +- Tomcat Playbook Steps + + 1. Store Variable of the Tomcat Binary URL that we need to download from internet + + 2. Install Java in Ubuntu, Centos using ansible module `apt or yum` + + 3. Download Tar file using module `get_url` + + 4. Create a Group called "`TOMCAT`" + + 5. Add Tomcat user and assign home dir and shell has NoLogin + + 6. Create a Dir in the Server to store the tomcat Archive file + + 7. Extract Tomcat file and store in the Dir /usr/local/tomcat. Store the Output in a Variable (Register) + + 8. Synchronize tmp and local user folder for tomcat + + 9. Change Ownership for the `/usr/local/tomcat8` to `Tomcat` User + + 10. Setup Tomcat SVC File for Centos and Ubuntu using module `template` + + 11. Reload the Systemd file for tomcat server using module `systemd` + + 12. Start the Tomcat Server using module `service` + +--- +## Deployment Playbook + +This Playbook will download and deploy artifacts in the App server + +1. Create a `Variable` to get the timestamp and usinmg this timestamp we will create a backupfile_name of the artifacts + +2. Using module get_url download artifacts from nexus. Nexus has Dynamic URL. We will get the Jenkins Variables in the ansible playbook + +3. Before downloading and deploying artifacts we need to take backup for the existing Application running in the tomcat Server + +4. Stop the tomcat Service + +5. Try Block to archive and deploy + +6. Copy the Tomcat ROOT File in the same dir + +7. Delete the Current Artifacts + +8. Start the Tomcat Service + + +```yaml +- name: Setup Tomcat 8 and Deploy Artifacts + hosts: appserver + become: yes + + vars: + timestamp: "{{ ansible_date_time.date }}_{{ ansible_date_time.hour }}_{{ ansible_date_time.minute }}" + + tasks: + - name: Download Artifacts from the Nexus Artifacts + get_url: + url: "http://{{USER}}:{{PASS}}@{{nexusip}}:8081/repository/{{reponame}}/{{groupid}}/{{time}}/{{build}}/{{vprofile_version}}" + dest: "/tmp/vproapp-{{ vprofile_version }}" + register: wardeploy # Store the result of this task + # Add tags: + tags: + - deploy + + # Task will check if the artifact is already present in the server or not + - ansible.builtin.stat: + path: "/usr/local/tomcat8/webapps/ROOT" + register: artifact_stat + tags: + - deploy + + # Task will stop the running tomcat service in the server + - name: Stop Tomcat service + ansible.builtin.service: + name: tomcat + state: stopped + tags: + - deploy + + # Using Try will take Backup and deploy the Artifacts + - name: Try Backup and deploy + block: + - name: Archive Root Directory with timestamp + ansible.builtin.archive: + path: "/usr/local/tomcat8/webapps/ROOT" + dest: "/opt/ROOT_{{ timestamp }}.tqz" + when: artifact_stat.stat.exists # This task will only run if the artifact already exist in the server + register: archive_info + tags: + - deploy + + - name: Copy ROOT Directory with OLD_Root directory + ansible.builtin.shell: + cmd: cp -r ROOT old_ROOT + chdir: /usr/local/tomcat8/webapps/ + + - name: Delete the Current Artifacts + ansible.builtin.file: + path: "{{ item }}" + state: absent + when: archive_info.changed + loop: + - /usr/local/tomcat8/webapps/ROOT + - /usr/local/tomcat8/webapps/ROOT.war + tags: + - deploy + + - name: Try Deploy artifact else restore from previous old root + block: + - name: Deploy Vprofile Artifacts + copy: + src: "/tmp/vproapp-{{ vprofile_version }}" + dest: /usr/local/tomcat8/webapps/ROOT.war + remote_src: yes # Source file is present in the remote server + register: deploy_info + tags: + - deploy + rescue: + - name: Restore From previous Old Root + shell: cp -r old_ROOT ROOT + args: + chdir: /usr/local/tomcat8/webapps/ + rescue: + - name: Start Tomcat server + ansible.builtin.service: + name: tomcat + state: started + + - name: Start tomcat svc + service: + name: tomcat + state: started + when: deploy_info.changed + tags: + - deploy + + - name: Wait until ROOT.war is extracted to ROOT Directory + ansible.builtin.wait_for: + path: /usr/local/tomcat8/webapps/ROOT + tags: + - deploy + + +``` + +--- + +## Jenkins File and Inventory + +Write a Jenkins File code to run the playbook + +- Add Stage for Ansible + +- Create an Inventory File to store the information of the host mentioned in the Playbook + +- Paste the Record of the Route Table for App Server + +- Store the Nexus Credentials in the Jenkins and use the credentials in the Jenkins File + +- Allow the SG for the Nexus Server to allow traffic from the App Server SG \ No newline at end of file diff --git a/ansible/inventory b/ansible/inventory new file mode 100644 index 000000000..e43cab1c7 --- /dev/null +++ b/ansible/inventory @@ -0,0 +1,2 @@ +[appsrvgrp] +vprofileapp.stag.awesomegoshling \ No newline at end of file diff --git a/practise_playbook/deployment.yml b/practise_playbook/deployment.yml new file mode 100644 index 000000000..9edded1ec --- /dev/null +++ b/practise_playbook/deployment.yml @@ -0,0 +1,95 @@ +- name: Setup Tomcat 8 and Deploy Artifacts + hosts: appserver + become: yes + + vars: + timestamp: "{{ ansible_date_time.date }}_{{ ansible_date_time.hour }}_{{ ansible_date_time.minute }}" + + tasks: + - name: Download Artifacts from the Nexus Artifacts + get_url: + url: "http://{{USER}}:{{PASS}}@{{nexusip}}:8081/repository/{{reponame}}/{{groupid}}/{{time}}/{{build}}/{{vprofile_version}}" + dest: "/tmp/vproapp-{{ vprofile_version }}" + register: wardeploy # Store the result of this task + # Add tags: + tags: + - deploy + + # Task will check if the artifact is already present in the server or not + - ansible.builtin.stat: + path: "/usr/local/tomcat8/webapps/ROOT" + register: artifact_stat + tags: + - deploy + + # Task will stop the running tomcat service in the server + - name: Stop Tomcat service + ansible.builtin.service: + name: tomcat + state: stopped + tags: + - deploy + + # Using Try will take Backup and deploy the Artifacts + - name: Try Backup and deploy + block: + - name: Archive Root Directory with timestamp + ansible.builtin.archive: + path: "/usr/local/tomcat8/webapps/ROOT" + dest: "/opt/ROOT_{{ timestamp }}.tqz" + when: artifact_stat.stat.exists # This task will only run if the artifact already exist in the server + register: archive_info + tags: + - deploy + + - name: Copy ROOT Directory with OLD_Root directory + ansible.builtin.shell: + cmd: cp -r ROOT old_ROOT + chdir: /usr/local/tomcat8/webapps/ + + - name: Delete the Current Artifacts + ansible.builtin.file: + path: "{{ item }}" + state: absent + when: archive_info.changed + loop: + - /usr/local/tomcat8/webapps/ROOT + - /usr/local/tomcat8/webapps/ROOT.war + tags: + - deploy + + - name: Try Deploy artifact else restore from previous old root + block: + - name: Deploy Vprofile Artifacts + copy: + src: "/tmp/vproapp-{{ vprofile_version }}" + dest: /usr/local/tomcat8/webapps/ROOT.war + remote_src: yes # Source file is present in the remote server + register: deploy_info + tags: + - deploy + rescue: + - name: Restore From previous Old Root + shell: cp -r old_ROOT ROOT + args: + chdir: /usr/local/tomcat8/webapps/ + rescue: + - name: Start Tomcat server + ansible.builtin.service: + name: tomcat + state: started + + - name: Start tomcat svc + service: + name: tomcat + state: started + when: deploy_info.changed + tags: + - deploy + + - name: Wait until ROOT.war is extracted to ROOT Directory + ansible.builtin.wait_for: + path: /usr/local/tomcat8/webapps/ROOT + tags: + - deploy + \ No newline at end of file diff --git a/practise_playbook/tomcat_setup.yml b/practise_playbook/tomcat_setup.yml new file mode 100644 index 000000000..415213769 --- /dev/null +++ b/practise_playbook/tomcat_setup.yml @@ -0,0 +1,97 @@ +- name: Configure Tomcat Server + hosts: appserver + become: yes # Enable Sudo privileges for the Playbook + vars: + tomcat_url: https://dlcdn.apache.org/tomcat/tomcat-9/v9.0.115/bin/apache-tomcat-9.0.115.tar.gz + + tasks: + - name: Install JDK in ubuntu + apt: + name: opennjdk-8-jdk + state: present + update_cache: yes + when: ansible_distribution == 'Ubuntu' + + - name: Install JDK in Centos + yum: + name: java-1.8.0-openjdk.x86_64 + state: present + when: ansible_distribution == 'Centos' + + # Download Tomcat Tar Binaries + - name: Download Tar Binaries + ansible.builtin.get_url: + url: "{{ tomcat_url }}" # Used Variable to get the url + dest: /tmp/tomcat-8.tar.gz + + # ADD Tomcat group + - name: Create a Tomcat group + ansible.builtin.group: + name: tomcat + state: present + + # Add Tomcat user + - name: Create a tomcat user + ansible.builtin.user: + name: tomcat + group: tomcat + shell: /bin/nologin # NoLogin means user cannot login to the servers + home: /usr/local/tomcat8. + + - ansible.builtin.file: + path: /tmp/tomcat8 + state: directory + + # extract Tomcat Tar file + - name: Extract Tomcat 8 + ansible.builtin.unarchive: + src: /tmp/tomcat-8.tar.gz + dest: /tmp/tomcat8/ + remote_src: yes # Tar file present in the same remote servers + list_files: yes + register: unarchive_info # Store the Output of the Unarchive tasks: + + - ansible.builtin.debug: + msg: "{{ unarchive_info.files[0].split('/')[0] }}" + + # Synchronize the extracted files to the desired loacation + + - name: Synchronize /tmp/tomcat8/ to /usr/local/tomcat8 + ansible.posix.synchronize: + src: "/tmp/tomcat8/{{ unarchive_info.files[0].split('/')[0] }}/" + dest: /usr/local/tomcat8/ + delegate_to: "{{ inventory_hostname }}" # Run the synchronize module on the remote server itself + + # Setup Tomcat Server SVC + - name: Setup tomcat SVC file on ubuntu 16 and 18 + ansible.builtin.template: + src: templates/ubuntu16-svcfile.j2 + dest: /etc/systemd/system/tomcat.service + mode: "a+x" + when: ansible_distribution == 'Ubuntu' and ansible_distribution_major_version >= 16 + + - name: Setup tomcat SVC file on Centos 6 + template: + src: templates/epel6-svcfile.j2 + dest: /etc/init.d/tomcat + mode: "a+x" + when: ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6' + + + # Reload the systemctl daemon to apply the changes + - name: Reload Daemon for the changes in the SVC + ansible.builtin.systemd: + daemon_reload: yes + when: ansible_distribution == 'Ubuntu' and ansible_distribution_major_version >= 16 + + - name: Reload tomcat svc config in Centos 6 + command: chkconfig --add tomcat + when: ansible_distribution == 'CentOS' and ansible_distribution_major_version == '6' + + # Restart the Tomcat Server + - Name: Start and Enable the Tomcat Server + ansible.builtin.service: + name: tomcat + state: started + enabled: yes + \ No newline at end of file From 20a0002bafc887d6af096d7cee44dd739aaa6ef8 Mon Sep 17 00:00:00 2001 From: punee48 Date: Mon, 9 Feb 2026 20:26:35 +0600 Subject: [PATCH 22/27] Fix syntax in Ansible deployment stage by adding a comma for clarity --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index a8947c4cd..2121807ce 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -114,7 +114,7 @@ pipeline { credentialsId: 'SSHKEY_APP_STAG', // Cred ID of the SSH Key used to connect to the app stagging server colorized: true, installation: 'ansible', - disableHostKeyChecking: true // Means Jenkins will not check for the host key verification while connecting to the server + disableHostKeyChecking: true, // Means Jenkins will not check for the host key verification while connecting to the server extraVars: [ USER: 'admin', From 14e91c57fd18f1f0cfc702701762e1e558f10026 Mon Sep 17 00:00:00 2001 From: punee48 Date: Mon, 9 Feb 2026 21:29:47 +0600 Subject: [PATCH 23/27] Fix artifact URL in Ansible deployment script to include artifactId for correct download --- Jenkinsfile | 2 +- ansible/vpro-app-setup.yml | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 2121807ce..ce4f29b55 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -120,7 +120,7 @@ pipeline { USER: 'admin', PASS: "${NEXUS_CRED}", nexusip: "${NEXUSIP}", - reponame: "${RELEASE_REPO}", + reponame: 'vprofile-release', groupid: 'QA', time: "${env.BUILD_TIMESTAMP}", build: "${env.BUILD_ID}", diff --git a/ansible/vpro-app-setup.yml b/ansible/vpro-app-setup.yml index 0c3f5d4a5..9a247b136 100644 --- a/ansible/vpro-app-setup.yml +++ b/ansible/vpro-app-setup.yml @@ -7,8 +7,7 @@ tasks: - name: Download latest VProfile.war from nexus get_url: - url: "http://{{USER}}:{{PASS}}@{{nexusip}}:8081/repository/{{reponame}}/{{groupid}}/{{time}}/{{build}}/{{vprofile_version}}" - dest: "/tmp/vproapp-{{vprofile_version}}" + url: "http://{{USER}}:{{PASS}}@{{nexusip}}:8081/repository/{{reponame}}/{{groupid}}/{{artifactId}}/{{vprofile_version}}/{{artifactId}}-{{vprofile_version}}.war" register: wardeploy tags: - deploy From 801aefa4011baa8977b00c5be7fa69a31f67a774 Mon Sep 17 00:00:00 2001 From: punee48 Date: Mon, 9 Feb 2026 21:34:42 +0600 Subject: [PATCH 24/27] Fix destination path for downloading VProfile.war in Ansible setup --- ansible/vpro-app-setup.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/ansible/vpro-app-setup.yml b/ansible/vpro-app-setup.yml index 9a247b136..0595ccb40 100644 --- a/ansible/vpro-app-setup.yml +++ b/ansible/vpro-app-setup.yml @@ -8,6 +8,7 @@ - name: Download latest VProfile.war from nexus get_url: url: "http://{{USER}}:{{PASS}}@{{nexusip}}:8081/repository/{{reponame}}/{{groupid}}/{{artifactId}}/{{vprofile_version}}/{{artifactId}}-{{vprofile_version}}.war" + dest: "/tmp/vproapp-{{ vprofile_version }}" register: wardeploy tags: - deploy From 4711ba288f415bc407fde38bf7d5a9fe12b51de8 Mon Sep 17 00:00:00 2001 From: punee48 Date: Mon, 9 Feb 2026 21:37:07 +0600 Subject: [PATCH 25/27] Fix spacing in source path for deploying VProfile artifact in Ansible setup --- ansible/vpro-app-setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/vpro-app-setup.yml b/ansible/vpro-app-setup.yml index 0595ccb40..f92159469 100644 --- a/ansible/vpro-app-setup.yml +++ b/ansible/vpro-app-setup.yml @@ -57,7 +57,7 @@ block: - name: Deploy vprofile artifact copy: - src: "/tmp/vproapp-{{vprofile_version}}" + src: "/tmp/vproapp-{{ vprofile_version }}" dest: /usr/local/tomcat8/webapps/ROOT.war remote_src: yes register: deploy_info From 221dff97e326dff08f77fe3e464ebbe37a25f6be Mon Sep 17 00:00:00 2001 From: punee48 Date: Mon, 9 Feb 2026 21:39:57 +0600 Subject: [PATCH 26/27] Fix indentation for destination path in Ansible setup for VProfile artifact download --- ansible/vpro-app-setup.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/vpro-app-setup.yml b/ansible/vpro-app-setup.yml index f92159469..21555746b 100644 --- a/ansible/vpro-app-setup.yml +++ b/ansible/vpro-app-setup.yml @@ -8,7 +8,7 @@ - name: Download latest VProfile.war from nexus get_url: url: "http://{{USER}}:{{PASS}}@{{nexusip}}:8081/repository/{{reponame}}/{{groupid}}/{{artifactId}}/{{vprofile_version}}/{{artifactId}}-{{vprofile_version}}.war" - dest: "/tmp/vproapp-{{ vprofile_version }}" + dest: "/tmp/vproapp-{{ vprofile_version }}" register: wardeploy tags: - deploy From 403f73b78af85750556b867ffc434b4e5794ff71 Mon Sep 17 00:00:00 2001 From: punee48 Date: Tue, 10 Feb 2026 00:28:13 +0600 Subject: [PATCH 27/27] Final Update for this Branch --- README.md | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 8f5d6c9b6..a27be48c6 100644 --- a/README.md +++ b/README.md @@ -219,4 +219,18 @@ Write a Jenkins File code to run the playbook - Store the Nexus Credentials in the Jenkins and use the credentials in the Jenkins File -- Allow the SG for the Nexus Server to allow traffic from the App Server SG \ No newline at end of file +- Allow the SG for the Nexus Server to allow traffic from the App Server SG + +--- + +## JenkinsFile For Prod + +- Update the Github Weebhook with the new Jenkins URL + +- Add a new host Name in the Inventory File + +- We need to delete Stage like Build, Test, Upload Artifact. Here, we will provide user input has parameter to download artifact from the Nexus Repository + +- In Ansible Deploy Stage add a Variable to get the input from user + +- Create a new Job in the Jenkins and mention the JenkinsFile Path in the Git \ No newline at end of file