diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..2f7896d1 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +target/ diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 00000000..91c2a346 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,79 @@ +pipeline { + agent any + tools { + maven 'Maven' + } + stages { + stage ('Initialize') { + steps { + sh ''' + echo "PATH = ${PATH}" + echo "M2_HOME = ${M2_HOME}" + ''' + } + } + + stage ('Check-Git-Secrets') { + steps { + sh 'rm trufflehog.txt || true' + sh 'sudo -S trufflehog git https://github.com/Shubham-Bhingarde/webapp --results=verified > trufflehog.txt' + sh 'cat trufflehog.txt' + } + } + + + + + //Generating BOM +// stage ('Generate BOM') { +// steps { +// sh ''' +// echo "************** Generate BOM ***************" +// ''' +// sh 'mvn org.cyclonedx:cyclonedx-maven-plugin:makeBom' +// } +// } + + +// stage ('publishing report on Dependency-Track'){ +// steps{ +// sh ''' +// echo "************** Dependency tracker ***************" +// ''' +// dependencyTrackPublisher artifact: './target/bom.xml', autoCreateProjects: true, dependencyTrackApiKey: "oOmSDwVk1s5EofGtsZlFxJMacLFNKspj", dependencyTrackFrontendUrl: "http://10.210.12.13:8084", dependencyTrackUrl: "http://10.210.12.13:8083", projectName: '$JOB_NAME', projectVersion: "1.0.0", synchronous: true +// } +// } + + + stage ('SAST') { + steps { + sh "mvn clean verify sonar:sonar -Dsonar.projectKey=DevSecOps -Dsonar.projectName='DevSecOps' -Dsonar.host.url=http://10.210.12.92:9000 -Dsonar.token=sqp_bf397c7f86688af960d4b6b4f8fe3d7193d9e29b" + sh 'cat target/sonar/report-task.txt' + } + } + + stage ('Build') { + steps { + sh 'mvn clean package' + } + } + + stage ('Deploy-To-Tomcat') { + steps { + sshagent(['tomcat']) { + sh 'scp -o StrictHostKeyChecking=no ${WORKSPACE}/target/WebApp.war user1@10.210.12.93:/opt/apache-tomcat-9.0.110/webapps/webapp.war' + } + } + } + + + stage ('DAST') { + steps { + sshagent(['zap']) { + sh 'ssh -o StrictHostKeyChecking=no user1@10.210.12.83 "docker run -t owasp/zap2docker-stable zap-baseline.py -t http://10.210.12.93:8080/webapp/" || true' + } + } + } + + } +} diff --git a/pom.xml b/pom.xml index 3909d5ff..81ae9103 100644 --- a/pom.xml +++ b/pom.xml @@ -17,5 +17,12 @@ WebApp + + + org.apache.maven.plugins + maven-war-plugin + 3.4.0 + +