Streamlining Node.js CI/CD Pipeline with Jenkins, Docker, Trivy, and DockerHub ๐Ÿ› ๏ธ๐Ÿš€

Sagar Shah's photo
Sagar Shah
ยท

3 min read

Streamlining Node.js CI/CD Pipeline with Jenkins, Docker, Trivy, and DockerHub ๐Ÿ› ๏ธ๐Ÿš€

Introduction:

In today's fast-paced development environment, establishing a robust CI/CD pipeline is essential for delivering high-quality software. This blog post will guide you through setting up and configuring a Node.js CI/CD pipeline using Jenkins, Docker, Trivy for image scanning, and DockerHub for seamless container management.

Before You Begin: Make sure to install Jenkins by following the steps outlined here. ๐Ÿš€

Prerequisites: Before diving into the pipeline setup, ensure you have the following components installed:

Docker: ๐Ÿณ

Additionally, add a Jenkins user to the Docker group and reboot the system for changes to take effect.

sudo apt-get update
sudo apt-get install -y docker.io
sudo systemctl start docker
sudo systemctl enable docker
sudo usermod -aG docker jenkins
sudo reboot

Docker Compose: ๐Ÿณ

sudo apt-get update
sudo apt-get install -y docker-compose

Trivy: ๐Ÿ•ต๏ธ

sudo apt-get install -y wget apt-transport-https gnupg lsb-release
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo "deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install -y trivy

Jenkins Project Setup:

  1. Create a Jenkins project named "node-todo-cicd" with a pipeline configuration.

  2. Utilize the provided Jenkinsfile, which orchestrates the following stages.

Pipeline Stages:

1. Code:

stage("Code") {
    steps {
        git url: "https://github.com/SagarOps/node-todo-cicd.git", branch: "master"
        echo '๐Ÿ‘จโ€๐Ÿ’ป bhaiya code clone ho gaya'
    }
}

  • Clone the Node.js project from the specified GitHub repository.

  • A log message indicates the completion of the code cloning process.

2. Build & Test:

stage("Build & Test") {
    steps {
        sh "docker build -t node-app-test-new ."
        echo '๐Ÿšง bhaiya code build & test'
    }
}

  • Build the Docker image named "node-app-test-new" from the current directory.

  • Execute tests on the Node.js application.

  • The log message indicates the completion of the build and test process.

3. Image Scan:

stage("Image scan") {
    steps {
        sh "trivy image node-app-test-new:latest --scanners vuln"
        echo "๐Ÿ” bhaiya image scan ho gyi"
    }
}

  • Use Trivy to perform a security scan on the Docker image.

  • The log message indicates the completion of the image scan.

4. Push to Docker Hub:

stage("Push to Docker Hub") {
    steps {
        withCredentials([usernamePassword(credentialsId: "DockerId", passwordVariable: "DockerHubPass", usernameVariable: "DockerHubUser")]) {
            sh "docker login -u ${env.DockerHubUser} -p ${env.DockerHubPass}"
            sh "docker tag node-app-test-new:latest ${env.DockerHubUser}/node-app-test-new:latest"
            sh "docker push ${env.DockerHubUser}/node-app-test-new:latest"
            echo '๐Ÿš€ bhaiya code push ho gaya'
        }
    }
}

  • โš ๏ธ Before running the pipeline, make sure to securely configure DockerHub credentials in Jenkins

  • Retrieve Docker Hub credentials securely from Jenkins.

  • Log in to Docker Hub and push the tagged Docker image.

  • The log message indicates the completion of the code push to Docker Hub.

5. Deploy:

stage("Deploy") {
    steps {
        sh "docker-compose down && docker-compose up -d"
        echo '๐Ÿš€ bhaiya code deploy ho gaya'
    }
}

  • Bring down existing Docker containers and deploy using Docker Compose.

  • The log message indicates the completion of the deployment.

Ensure to allow inbound traffic on port 8000 in your EC2 security group to enable seamless access to your Node.js application.

SCM Benefits: Running the pipeline via Source Code Management (SCM) from GitHub ensures the safety of Jenkins code, even in the event of a server crash. The code remains intact on GitHub, reducing risks associated with server failures.

Project Enhancement: Fork the Node.js project to make necessary modifications. Update the docker-compose.yml file with your Docker Hub username. ๐Ÿ› ๏ธ

version: '3.9'

services:
  web:
    image: "yourusername/node-app-test-new:latest"
    ports:
      - "8000:8000"

Special thanks to TrainWithShubham (TWS), our DevOps wale bhaiya, for sharing valuable insights and expertise in the world of DevOps. Your guidance is truly appreciated! ๐Ÿ™Œ

Conclusion: In conclusion, this streamlined Node.js CI/CD pipeline empowers you to efficiently develop, test, scan, and deploy your applications. Embrace automation and DevOps best practices for a smoother development experience. ๐Ÿš€

Did you find this article valuable?

Support SagarOps by becoming a sponsor. Any amount is appreciated!

Node.jsJenkinsDockerCI/CDtrivy
ย