Comment on page
Lab 1 Pipeline
Jenkins-SAST-SCA-Kubernetes-DAST Pipeline
Connect via the console ad run this command to retrieve password
sudo cat /var/lib/jenkins/secrets/initialAdminPassword
Or remotely connect to this instance like this:
chmod 400 <keypair>
ssh -i <keypair> ec2-user@<public_dns>
sudo cat /var/lib/jenkins/secrets/initialAdminPassword
Step 2a1: Enter the requested password into the Jenkins given by AWS
The Jenkins instance is at the Public DNS URL created for this instance and click
Continue
Step 2a2: Click
Install Suggested Plugins
Step 3a2: Create Admin User information or click
Skip and continue as admin
Step 4a2: Document Jenkins URL and click
Save and Finish
Step 5a2: Click
Start Using Jenkins
Step 2b1: Click
Manage Jenkins
Step 2b2: Click
Global Tool Configuration
Step 2b3: Scroll to Maven section and click
Add Maven
Step 2b4: Name Installation - Example from lab
Maven_3_5_2
Step 2b5: Deselect Install Automatically to provide MAVEN_HOME path manually
Step 2b6: Get the Maven installation path by going to the ec2 instance command line and typing
mvn -version
Step 2b7: Apply and Save Changes
Step 2c1: Go to the search bar to search and select the following plugins:
- CloudBees AWS Credentials
- Kubernetes CLI
- Amazon ECR
- Docker Pipeline
Step 2c2: Click
Install without Restart
Step 1: Connect to EC2 instance via command line by using the AWS Connect or SSH
Step 2: Run the
eksctl
command to create a cluster with 2 nodes- Example command from training lab creating 2 medium nodes
eksctl create cluster --name kubernetes-cluster --version 1.23 --region us-east-1 --nodegroup-name linux-nodes --node-type t2.medium --nodes 2
Step 3: wait 15-20 minutes for cluster to be created successfully
Step 1: Login to SonarCloud account
Step 2: Click
Create new organization
and Create an organization manually
Step 3: Type in a organization key for this lab and click continue
Step 5: Select Plan and Click
create organization
Step 6: Click
Analyze new Project
Step 7: Select Organization and create project key and display name (using all the same as the example did with
bwa
is okay as well)Step 8: Click the setup button
Step 9: Take the project and organization key and paste into Line #9 of of your repo's Jenkinsfile
Step 10: Go to SonarCloud myAccount section
Step 11: Go to Security tab and generate a Sonar token
IMPORTANT!: This token only shows up once. Copy it and save it in a secure location for later use.
Step 12: Paste Sonar token into Line #9 of your repo's Jenkinsfile
Step 1: Login to Snyk Account
Step 2: Go to Account setting and copy Auth token
Step 3: Go to
Dashboard>Manage Jenkins>Credentials>System Global credentials (unrestricted)
and click Add Credentials
Step 4: Open the Kind Dropdown menu and select
Secret Text
Step 5: Paste the AUTH Token from Snyk in the Secret field
Step 6: Ensure that the ID field here matches the corresponding field in line 5 of your repo's Jenkins file
Step 1: Got AWS Elastic Conatiner Registry (ECR) Dashboard
Step 2: Click
Create repository
Step 3: Name repository
Step 4: Copy the supplied URL
Step 4: Paste the URL into line 34 the Jenkins file of your forked repo
Step 5:
Step 1: Connect to EC2 via AWS or SSH
Step 2: Display the contents of the config file with the below command:
cat /home/ec2-user/.kube/config
Step 3: Copy the contents of the config file and paste them into a blank file without file extension
Step 4: Name it kubelogin, save the file to your local machine and note the location
Step 5: Go to the Jenkins credential manager
Step 6: in the Kind dropdown menu select
secret file
Step 7: Upload the Kubernetes config file and use for
kubelogin
credential
#To get context information of kubernetes cluster
cat /home/ec2-user/.kube/config
#To create namespace in kubernetes cluster
kubectl create namespace test
#To get deployments in a namespace in kubernetes cluster
kubectl get deployments --namespace=test
#To get services in a namespace in kubernetes cluster
kubectl get svc --namespace=test
#To delete everything in a namespace in kubernetes cluster
kubectl delete all --all -n test
#To delete unused docker images to cleanup memeory on system
docker system prune
#To delete a docker image
docker image rm imagename
#To Create EKS cluster
eksctl create cluster --name kubernetes-cluster --version 1.23 --region us-east-1 --nodegroup-name linux-nodes --node-type t2.medium --nodes 2
#To Delete EKS cluster
eksctl delete cluster --region=us-west-2 --name=kubernetes-cluster #delete eks cluster
aws iam delete-role --role-name test_role
aws --region=us-east-1 iam delete-instance-profile --instance-profile-name test_profile
aws ec2 delete-security-group --group-name jenkins_sg
terraform destroy -var-file="vars/dev-east-1.tfvars"
Last modified 3mo ago