-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathJenkinsfile
100 lines (67 loc) · 2.36 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
def COLOR_MAP = [
'SUCCESS': 'good',
'FAILURE': 'danger',
]
pipeline {
agent any
stages {
stage('Git checkout') {
steps {
echo 'Cloning project codebase...'
git branch: 'main', url: 'https://github.com/SheyNjila1/devops-fully-automated-infra.git'
sh 'ls'
}
}
stage('Verify Terraform Version') {
steps {
echo 'verifying the terrform version...'
sh 'terraform --version'
}
}
stage('Terraform init') {
steps {
echo 'Initiliazing terraform project...'
sh 'sudo terraform init'
}
}
stage('Terraform validate') {
steps {
echo 'Code syntax checking...'
sh 'sudo terraform validate'
}
}
stage('Terraform plan') {
steps {
echo 'Terraform plan for the dry run...'
sh 'sudo terraform plan'
}
}
stage('Checkov scan') {
steps {
sh """
sudo pip3 install checkov
checkov -d .
#checkov -d . --skip-check CKV_AWS_23,CKV_AWS_24,CKV_AWS_126,CKV_AWS_135,CKV_AWS_8,CKV_AWS_23,CKV_AWS_24
#checkov -d . --skip-check CKV_AWS*
"""
}
}
stage('Manual approval') {
steps {
input 'Approval required for deployment'
}
}
stage('Terraform apply') {
steps {
echo 'Terraform apply...'
sh 'sudo terraform apply --auto-approve'
}
}
}
post {
always {
echo 'I will always say Hello again!'
slackSend channel: '#team-devops', color: COLOR_MAP[currentBuild.currentResult], message: "*${currentBuild.currentResult}:* Job ${env.JOB_NAME} build ${env.BUILD_NUMBER} \n More info at: ${env.BUILD_URL}"
}
}
}