Jenkins pipelines

README.md

@@ -45,10 +45,11 @@ Make migrations and migrate
 ```bash
   python manage.py makemigrations
   python manage.py migrate
+  python manage.py loaddata api/fixtures/herbs.json
 ```
 Run application
 ```
-  python manage.py runserver localhost:8080
+  python manage.py runserver 0.0.0.0:8080
 ```
 Once the application is running, you can access it locally by navigating to http://localhost:8080.
 
@@ -70,13 +71,27 @@ Run the Development Server
 ```
 This will start the development server, and you can access the application at http://localhost:80 in your web browser.
 
+## Important directories and files
+* **.github** - directory that contains GitHub Actions pipelines
+* **aws** - directory that contains AWS cloud architecture for application and it's implementation using IaC practise with Terraform
+* **backend** - directory that contains backend application code
+* **documentation** - directory that contains application design and it's diagrams
+* **frontend** - directory that contains frontend application code
+* **jenkins** - directory that contains local Jenkins configuration files
+* **k8s** - directory that contains raw Kubernetes manifests and Helm charts for application, also contains some utility bash scripts
+* **.gitlab-ci.yml** - main GitLab CI/CD pipeline, which uses gitlab-ci-local, that triggers child pipelines located in backend, frontend and k8s subdirectories
+* **docker-compose-local.yml** - docker-compose file that allows running application locally
+
 ## Roadmap
-- [x] build project diagrams
-- [x] build backend application
-- [x] build frontend application
-- [x] build docker deployment
-- [ ] build github workflow cicd
+- [x] prepare project design
+- [x] create backend application
+- [x] create frontend application
+- [x] create Docker images
+- [x] create Kubernetes (raw + Helm) deployment
+- [x] prepare AWS cloud architecture
+- [x] create example unit, integration, e2e and performance tests
+- [x] create IaC Terraform configuration for application's AWS cloud
+- [x] create GitHub Actions, GitLab CI/CD (gitlab-ci-local) and Jenkins CI/CD pipelines
 - [x] complete final README
-- [x] deploy application
 ## Authors
 - [@WallyS02](https://github.com/WallyS02) everything

backend/the_plug_backend_django/Dockerfile

@@ -48,6 +48,9 @@ RUN sed -i 's/\r$//' ./entrypoint.sh  && \
         chmod +x ./test-entrypoint.sh
 
 RUN addgroup -S user && adduser -S user -G user
+
+RUN chmod -R 700 . && chown -R user:user .
+
 USER user
 
 EXPOSE 8080

backend/the_plug_backend_django/Jenkinsfile

@@ -0,0 +1,235 @@
+pipeline {
+    agent any
+
+    environment {
+        SONAR_TOKEN_BACKEND = credentials('sonar-token-backend')
+        DB_PASSWORD = credentials('db-password')
+        DB_USER = 'admin'
+        DB_NAME = 'postgres'
+        DB_HOST = 'localhost:5432'
+        EMAIL_HOST_PASSWORD = credentials('email-host-password')
+        EMAIL_HOST_USER = credentials('email-host-user')
+        SECRET_KEY = credentials('secret-key')
+        PGADMIN_DEFAULT_EMAIL = 'admin@admin.com'
+        PGADMIN_DEFAULT_PASSWORD = credentials('pgadmin-default-password')
+        ALLOWED_HOSTS = '*'
+        DEBUG = '1'
+        CACHE_ENDPOINT = 'no'
+        CACHE_PASSWORD = 'no'
+        USE_CACHE = '0'
+        DOCKER_REGISTRY = 'https://index.docker.io/v1/'
+        BACKEND_IMAGE = 'wallys02/the-plug-backend:latest'
+        PIP_CACHE_DIR = "${env.HOME}/.cache/pip"
+        NPM_CONFIG_CACHE = "${env.HOME}/.cache/npm"
+        KUBECONFIG = "${env.HOME}/.kube/config"
+        BACKEND_DIR = 'backend/the_plug_backend_django'
+        FRONTEND_DIR = 'frontend/the_plug_svelte_frontend'
+        CHANGESET_DIR = 'backend/**'
+    }
+
+    triggers {
+        pollSCM '* * * * *'
+    }
+
+    stages {
+        stage('SonarQube Analysis') {
+            when {
+                changeset "${CHANGESET_DIR}"
+            }
+
+            environment {
+                SCANNER_HOME = tool 'sonar-scanner-7'
+            }
+
+            steps {
+                dir("${BACKEND_DIR}") {
+                    withSonarQubeEnv('sonar-backend') {
+                        sh('$SCANNER_HOME/bin/sonar-scanner -Dsonar.projectBaseDir=. -Dsonar.token=$SONAR_TOKEN_BACKEND')
+                    }
+                }
+            }
+        }
+
+        stage('Backend Tests') {
+            when {
+                changeset "${CHANGESET_DIR}"
+            }
+
+            steps {
+                dir("${BACKEND_DIR}") {
+                    catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE') {
+                        sh '''
+                            python3 -m pip install --upgrade pip --break-system-packages
+                            pip install -r requirements.txt --break-system-packages
+                            python3 manage.py makemigrations api
+                            python3 manage.py test
+                        '''
+                    }
+                }
+            }
+        }
+
+        stage('Setup Docker Network') {
+            when {
+                changeset "${CHANGESET_DIR}"
+            }
+
+            steps {
+                catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE') {
+                    sh 'docker network create test'
+                }
+            }
+        }
+
+        stage('Run Services') {
+            when {
+                changeset "${CHANGESET_DIR}"
+            }
+
+            steps {
+                dir("${BACKEND_DIR}") {
+                    script {
+                        docker.build('wallys02/the-plug-backend:latest').run(
+                            '--name backend-service --rm --network test --entrypoint ./test-entrypoint.sh ' +
+                            '-e "DB_PASSWORD=$DB_PASSWORD" ' +
+                            '-e "DB_USER=$DB_USER" ' +
+                            '-e "DB_NAME=$DB_NAME" ' +
+                            '-e "DB_HOST=$DB_HOST" ' +
+                            '-e "EMAIL_HOST_PASSWORD=$EMAIL_HOST_PASSWORD" ' +
+                            '-e "EMAIL_HOST_USER=$EMAIL_HOST_USER" ' +
+                            '-e "SECRET_KEY=$SECRET_KEY" ' +
+                            '-e "ALLOWED_HOSTS=$ALLOWED_HOSTS" ' +
+                            '-e "DEBUG=$DEBUG" ' +
+                            '-e "CACHE_ENDPOINT=$CACHE_ENDPOINT" ' +
+                            '-e "CACHE_PASSWORD=$CACHE_PASSWORD" ' +
+                            '-e "USE_CACHE=$USE_CACHE"'
+                        )
+                    }
+                }
+
+                dir("${FRONTEND_DIR}") {
+                    script {
+                        docker.build('wallys02/the-plug-frontend:latest').run('--name frontend --rm --network test')
+                    }
+                }
+            }
+        }
+
+        stage('E2E Tests') {
+            when {
+                changeset "${CHANGESET_DIR}"
+            }
+
+            agent {
+                docker {
+                    image 'cypress/included:14.3.3'
+                    args '--name cypress --network test -u root:root -e "CYPRESS_BASE_URL=http://frontend:8080" --entrypoint=""'
+                }
+            }
+
+            steps {
+                dir("${FRONTEND_DIR}") {
+                    catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE') {
+                        sh '''
+                            npm ci
+                            cypress run --config-file cypress.config.ts --browser chrome --env apiUrl=http://backend-service:8080/api
+                        '''
+                    }
+                }
+            }
+        }
+
+        stage('Performance Tests') {
+            when {
+                changeset "${CHANGESET_DIR}"
+            }
+
+            agent {
+                docker {
+                    image 'locustio/locust:latest'
+                    args '--name locust --network test --entrypoint=""'
+                }
+            }
+
+            steps {
+                dir("${BACKEND_DIR}") {
+                    catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE') {
+                        sh '''
+                            locust -f locustfile.py --headless -u 100 -r 10 -t 3m --host http://backend-service:8080/api
+                        '''
+                    }
+                }
+            }
+        }
+
+        stage('DAST Tests') {
+            when {
+                changeset "${CHANGESET_DIR}"
+            }
+
+            agent {
+                docker {
+                    image 'ghcr.io/zaproxy/zaproxy:stable'
+                    args '--name dast --network test'
+                }
+            }
+
+            steps {
+                catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE') {
+                    sh '''
+                        zap-full-scan.py -t http://backend-service:8080/api/
+                    '''
+                }
+            }
+        }
+
+        stage('Cleanup') {
+            when {
+                changeset "${CHANGESET_DIR}"
+            }
+
+            steps {
+                sh '''
+                    docker stop frontend
+                    docker stop backend-service
+                '''
+            }
+        }
+
+        stage('Docker Login & Push') {
+            when {
+                changeset "${CHANGESET_DIR}"
+            }
+
+            steps {
+                script {
+                    docker.withRegistry("${DOCKER_REGISTRY}", 'dockerhub-creds') {
+                        docker.image("${BACKEND_IMAGE}").push()
+                    }
+                }
+            }
+        }
+
+        stage('Helm Deployment') {
+            when {
+                changeset "${CHANGESET_DIR}"
+            }
+
+            steps {
+                dir('k8s/helm/the-plug') {
+                    sh '''
+                        chmod +x ./run-helm.sh
+                        ./run-helm.sh
+                        kubectl rollout restart deployment/backend --namespace plug-namespace
+                    '''
+                }
+            }
+        }
+    }
+
+    post {
+        always {
+            cleanWs()
+        }
+    }
+}