This project is a Swiggy clone 🍔 built with DevOps practices for scalability and security. It leverages AWS for cloud hosting and Terraform for managing infrastructure. Jenkins automates the CI/CD pipeline, while SonarQube ensures code quality. Security is prioritized using tools like OWASP and Trivy, and Docker is used to containerize the application for easier deployment and scaling.
- Terraform
- GitHub
- Jenkins
- SonarQube
- OWASP
- Trivy
- Docker & DockerHub
git clone https://github.com/deepeshmlgupta/DevOps_Swiggy.gitTerraform Installation
sudo apt-get update && sudo apt-get install -y gnupg software-properties-common
wget -O- https://apt.releases.hashicorp.com/gpg | \
gpg --dearmor | \
sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg > /dev/null
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] \
https://apt.releases.hashicorp.com $(lsb_release -cs) main" | \
sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update
sudo apt-get install terraformAWS CLI
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
aws --versionConnect Your AWS to Virtual Machine Now, connect you VM to you AWS account
aws configureAWS Access Key ID = <access key>
AWS Secret Access Key = <secret access key> 
Now your AWS is connected with the VM but terrafrom will also connect the the AWS to run these command
export AWS_ACCESS_KEY_ID = <access key>
export AWS_SECRET_ACCESS_KEY = <secret access key> cd TerraformThis command will initlize the terrafrom script in the Virtal Machine
terraform init
This command will show you what all action your terraform script will perform on to your AWS Account
terraform plan After Checking the plan of terraform if all thing gos well then apply it
terraform apply -auto-approve
- Let's first execute this project through Docker:
- Provide permission to docker socket so that docker build and push command do not fail
chmod 777 /var/run/docker.sock
- Now, build the Dockerfile
docker build -t Swiggy:latest . --no-cache - After the image is build successfully now run the docker container
docker run -d --name swiggy -p 3000:3000 deepeshmlgupta/swiggy:latest
- Provide permission to docker socket so that docker build and push command do not fail
Note
Before running the jenkins pipeline you should make sure that you stop the current Docker Container
- After the image is build successfully now run the docker container
bash docker stop <container_ID>
- Go to Jenkins Master and click on Manage Jenkins --> Plugins --> Available plugins install the below plugins:
- OWASP
- SonarQube Scanner
- Docker
- Pipeline: Stage View
- BlueOcean
-
Configure OWASP, move to Manage Jenkins --> Plugins --> Available plugins (Jenkins Worker)
-
After OWASP plugin is installed, Now move to Manage jenkins --> Tools (Jenkins Worker)
- Login to SonarQube server and create the credentials for jenkins to integrate with SonarQube
- Navigate to Administration --> Security --> Users --> Token
- Navigate to Administration --> Security --> Users --> Token
- Now, go to Manage Jenkins --> credentials and add Sonarqube credentials:
- Go to Manage Jenkins --> Tools and search for SonarQube Scanner installations:
- Go to Manage Jenkins --> System and search for SonarQube installations:
-Sonar Webhook
- Login to SonarQube server, go to Administration --> Webhook and click on create
- Github Webhook
- Go to your github Repo, Setting --> Webhook and click on create
- Go to your github Repo, Setting --> Webhook and click on create
- Create a pipeline Swiggy-CICD
- Now Click, Apply --> Save and click on Build Now
Deepesh Gupta
