Рет қаралды 7,664
Pre-Requisites:
#####################
Install Git
Install ApacheMaven
Install Java
Install docker
Install Jenkins
Hashicorp Vault
• Install Java,Apache Ma...
Hashicorp Vault:
####################
wget releases.hashicorp.com/vault/...
unzip vault_1.4.0_linux_amd64.zip
cp vault /usr/bin
mkdir /etc/vault
mkdir /opt/vault-data
mkdir -p /logs/vault
vi /etc/vault/config.json
{
"listener": [{
"tcp": {
"address" : "0.0.0.0:8200",
"tls_disable" : 1
}
}],
"api_addr": "34.235.163.240:8200",
"storage": {
"file": {
"path" : "/opt/vault-data"
}
},
"max_lease_ttl": "10h",
"default_lease_ttl": "10h",
"ui":true
}
vi /etc/systemd/system/vault.service
--------------------------------------------------------------
[Unit]
Description=vault service
Requires=network-online.target
After=network-online.target
ConditionFileNotEmpty=/etc/vault/config.json
[Service]
EnvironmentFile=-/etc/sysconfig/vault
Environment=GOMAXPROCS=2
Restart=on-failure
ExecStart=/usr/bin/vault server -config=/etc/vault/config.json
StandardOutput=/logs/vault/output.log
StandardError=/logs/vault/error.log
LimitMEMLOCK=infinity
ExecReload=/bin/kill -HUP $MAINPID
KillSignal=SIGTERM
[Install]
WantedBy=multi-user.target
----------------------------------------------------------------
systemctl start vault.service
systemctl status vault.service
systemctl enable vault.servicevi /etc/systemd/system/vault.service
--------------------------------------------------------------
[Unit]
Description=vault service
Requires=network-online.target
After=network-online.target
ConditionFileNotEmpty=/etc/vault/config.json
[Service]
EnvironmentFile=-/etc/sysconfig/vault
Environment=GOMAXPROCS=2
Restart=on-failure
ExecStart=/usr/bin/vault server -config=/etc/vault/config.json
StandardOutput=/logs/vault/output.log
StandardError=/logs/vault/error.log
LimitMEMLOCK=infinity
ExecReload=/bin/kill -HUP $MAINPID
KillSignal=SIGTERM
[Install]
WantedBy=multi-user.target
----------------------------------------------------------------
systemctl start vault.service
systemctl status vault.service
systemctl enable vault.service
Open vault in webUI:
ec2ipaddress:8200
node {
stage ('GIT CheckOut') {
git 'github.com/VamsiTechTuts/java...
}
stage ('Build Artifact') {
dir('demoweb') {
def MAVEN_HOME = tool name: 'maven3', type: 'maven'
def MAVEN_CMD = "${MAVEN_HOME}/bin/mvn"
sh "${MAVEN_CMD} clean package"
}
}
stage("Docker Build"){
dir('demoweb') {
sh 'docker build -t vamsitechtuts/demoweb .'
}
}
stage("Docker Push") {
withVault(configuration: [timeout: 60, vaultCredentialId: 'vault-token', vaultUrl: '34.235.163.240:8200'], vaultSecrets: [[path: 'secret/dockerhub', secretValues: [[vaultKey: 'username'], [vaultKey: 'password']]]]) {
sh 'docker login -u $username -p $password'
}
sh 'docker push vamsitechtuts/demoweb'
}
}