-
Notifications
You must be signed in to change notification settings - Fork 0
/
Jenkinsfile
59 lines (56 loc) · 2.34 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
pipeline {
agent any
stages {
stage('Pulling Github Repo') {
steps {
dir('/home/jenkins/jenkins_dir/bankwebapp') {
echo 'Removing current bankweb directory'
sh 'rm -fr bankweb'
echo 'Pulling latest commit from Github repository'
sh 'git clone https://github.com/jeffreymik/bankweb.git'
}
}
}
stage('Building new docker image') {
steps {
dir('/home/jenkins/jenkins_dir') {
echo 'Creating a new docker image using Dockerfile and copying newly pulled data from Github repository'
sh 'sudo docker build -t webserver:latest .'
echo 'Starting up a new docker container running the website'
sh 'sudo docker run --name webserver -d -p 80:80 webserver:latest'
}
}
}
stage('Scanning website on vulnerabilities') {
steps {
echo 'Running Nikto to actively scan the docker container on vulnerabilities'
script {
def scanResult = sh(script: 'nikto -h localhost', returnStatus: true)
if (scanResult == 0) {
echo 'No vulnerabilities found. Proceeding to deploy files.'
currentBuild.result = 'SUCCESS'
} else {
sh 'sudo docker stop webserver'
sh 'sudo docker rm webserver'
sh 'sudo docker image rm webserver:latest'
error('Vulnerabilities found. Build marked as failed.')
}
}
}
}
stage('Deploy Files If No Vulnerabilities') {
when {
expression { currentBuild.resultIsBetterOrEqualTo('SUCCESS') }
}
steps {
echo 'Copying files to the remote host'
script {
sh 'sudo docker stop webserver'
sh 'sudo docker rm webserver'
sh 'sudo docker image rm webserver:latest'
sh 'scp -r /home/jenkins/jenkins_dir/bankwebapp/bankweb/* [email protected]:/var/www/html'
}
}
}
}
}