Brief Explanation of the CI/CD Pipeline Project
This project demonstrates how to build a complete CI/CD pipeline on AWS using Jenkins, Git, Maven, Docker, Amazon Elastic Container Registry (Amazon ECR), and SonarQube. The pipeline automates the process of building, analyzing, packaging, and deploying a Java application using Docker containers.
The workflow consists of the following steps:
- Provision an Ubuntu EC2 instance using the AWS Management Console.
- Install and configure Jenkins, Git, Maven, Docker, and SonarQube on the EC2 instance.
- Configure a Jenkins pipeline to retrieve source code from a GitHub repository.
- Build the application using Maven.
- Perform code quality analysis using SonarQube.
- Build a Docker image for the application.
- Push the Docker image to Amazon Elastic Container Registry (Amazon ECR).
- Pull the Docker image from Amazon ECR.
- Deploy the application as a Docker container.
This automated workflow streamlines software delivery by integrating source control, build automation, code quality analysis, containerization, and deployment into a single CI/CD pipeline.
Note: Include only the overall CI/CD pipeline architecture diagram in this section. It provides readers with a clear understanding of the complete workflow.
Phase 1: Infrastructure Setup
In this phase, you'll provision an Ubuntu EC2 instance on AWS. This instance serves as the foundation for the CI/CD environment and will host Jenkins, Git, Maven, Docker, and SonarQube.
Note: Routine AWS Console screenshots have been intentionally omitted to keep the documentation lightweight. The written steps are sufficient for following the setup process.
Step 1: Sign In to the AWS Management Console
- Open the AWS Management Console.
- Sign in using your AWS account credentials.
AWS Management Console:
https://aws.amazon.com/console/
Step 2: Navigate to Amazon EC2
- Search for EC2 using the AWS Console search bar.
- Alternatively, navigate to:
Services → Compute → EC2
This opens the Amazon EC2 Dashboard, where you can launch and manage virtual machines.
Step 3: Launch an EC2 Instance
- Select Instances from the left navigation pane.
- Click Launch Instance.
Step 4: Choose an Amazon Machine Image (AMI)
Select an Ubuntu Server image.
Recommended image:
- Ubuntu Server 22.04 LTS
Step 5: Select or Create a Key Pair
AWS uses key pairs for secure SSH authentication.
You can:
- Select an existing key pair.
- Create a new key pair.
Download the generated .pem file and store it securely on your local machine.
Important: AWS allows the private key to be downloaded only once.
Step 6: Configure Instance Details
Configure the EC2 instance according to your project requirements.
Typical settings include:
- VPC
- Subnet
- Auto-assign Public IP
- IAM Role
- Network Settings
For a basic learning environment, the default configuration is sufficient.
Step 7: Configure the Security Group
Create or select a Security Group with the required inbound rules.
At a minimum, allow SSH access.
| Protocol | Port | Source |
|---|---|---|
| SSH | 22 | Your Public IP |
Additional ports (such as 8080 for Jenkins and 9000 for SonarQube) can be added later during the setup.
Step 8: Configure Storage
Specify the root volume size for the EC2 instance.
The default storage allocation is generally sufficient for testing and learning. Increase the volume size if additional storage is required.
Step 9: Review and Launch
Before launching the instance:
- Review the selected AMI.
- Verify the instance type.
- Confirm the key pair selection.
- Review networking and security group settings.
- Click Launch Instance.
Step 10: Connect to the EC2 Instance
After the instance reaches the Running state:
- Copy the Public IPv4 Address or Public DNS.
- Open an SSH client such as MobaXterm, PuTTY, or the native Linux/macOS terminal.
- Connect to the instance using the downloaded
.pemkey.
Store the .pem file securely on your local machine, as it will be required for future SSH access.
Once connected successfully, you should see the Ubuntu terminal prompt, confirming that the EC2 instance is ready for installing Jenkins, Git, Maven, Docker, and SonarQube.
Result: The Ubuntu EC2 instance has been successfully provisioned and is ready for the remaining CI/CD environment setup.
Install and Configure Java, Jenkins, Git, Maven, Docker, and SonarQube
With the Ubuntu EC2 instance provisioned, the next step is to install and configure the tools required for the CI/CD pipeline. In this phase, you'll set up Java, Jenkins, Git, Maven, Docker, SonarQube, and SonarScanner to create a complete development environment.
Note: To keep this documentation lightweight, routine installation screenshots have been omitted. The commands and explanations below are sufficient to complete the setup.
Install OpenJDK 17
Jenkins requires Java to run. Begin by updating the package index and installing OpenJDK 17.
Update the Package Repository
sudo apt update
Note:
apt(Advanced Package Tool) is the package manager used by Debian-based Linux distributions such as Ubuntu. Runningapt updaterefreshes the local package index with the latest package information from the configured repositories.
Install OpenJDK 17
sudo apt install fontconfig openjdk-17-jre
This installs:
- OpenJDK 17 JRE – Required to run Jenkins.
- fontconfig – Provides font configuration support for Java applications.
Verify the Installation
java --version
If Java has been installed successfully, the command displays the installed OpenJDK version.
Install Jenkins (Version 2.440.2)
Add the Jenkins Repository Key
Download the official Jenkins repository signing key.
sudo wget -O /usr/share/keyrings/jenkins-keyring.asc \
https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key
Add the Jenkins Repository
Register the Jenkins repository with APT.
echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] \
https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
/etc/apt/sources.list.d/jenkins.list > /dev/null
Refresh the Package Index
sudo apt-get update
Install Jenkins
sudo apt-get install jenkins
Start the Jenkins Service
Enable Jenkins to start automatically during system boot.
sudo systemctl enable jenkins
sudo systemctl start jenkins
sudo systemctl status jenkins
If the installation is successful, the service status should display active (running).
Access Jenkins
By default, Jenkins listens on port 8080.
Before accessing Jenkins, update the EC2 Security Group to allow inbound traffic on TCP port 8080.
Open Jenkins in your browser:
http://\<EC2-Public-IP>:8080
Configure Jenkins
Unlock Jenkins
Retrieve the initial administrator password.
sudo cat /var/lib/jenkins/secrets/initialAdminPassword
Copy the generated password and paste it into the Jenkins setup page.
Install Recommended Plugins
Choose:
- Install Suggested Plugins (Recommended)
Jenkins automatically installs the plugins required for most CI/CD workflows.
Create the Administrator Account
After the plugins are installed:
- Create the first administrator user.
- Configure the username and password.
- Click Save and Finish.
Result: Jenkins is now ready for creating build pipelines.
Install Git
Git is required for Jenkins to clone source code from Git repositories.
sudo apt update
sudo apt install git
Git is a distributed version control system used to manage source code and collaborate with other developers.
Install Apache Maven
Apache Maven is used to build Java applications.
Install Maven using Ubuntu's package manager.
sudo apt update
sudo apt install maven
Maven automates:
- Dependency management
- Project compilation
- Unit testing
- Packaging
- Build lifecycle management
Install Docker
Docker is used to package applications into portable containers for deployment.
Install Docker Dependencies
sudo apt update
sudo apt install apt-transport-https ca-certificates curl software-properties-common
Add the Docker Repository
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
Install Docker Engine
sudo apt update
sudo apt install docker-ce
sudo docker --version
Configure Docker Permissions
Allow the current user to execute Docker commands without requiring sudo.
sudo usermod -aG docker $USER
Verify the user's group membership.
groups $USER
Enable and start the Docker service.
sudo systemctl enable docker
sudo systemctl start docker
sudo systemctl status docker
Install and Configure SonarQube
SonarQube performs static code analysis to measure code quality, identify bugs, vulnerabilities, and code smells during the CI/CD process.
Install OpenJDK 17
sudo apt-get install openjdk-17-jdk -y
Install PostgreSQL
Add the PostgreSQL repository.
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
Install PostgreSQL.
sudo apt install postgresql postgresql-contrib -y
Enable and start PostgreSQL.
sudo systemctl enable postgresql
sudo systemctl start postgresql
Configure the SonarQube Database
Switch to the PostgreSQL user.
sudo passwd postgres
su - postgres
Create the SonarQube database user.
createuser sonar
Open PostgreSQL.
psql
Create the database and assign permissions.
ALTER USER sonar WITH ENCRYPTED PASSWORD 'yourPassword';
CREATE DATABASE sonarqube OWNER sonar;
GRANT ALL PRIVILEGES ON DATABASE sonarqube TO sonar;
Exit PostgreSQL.
\q
Return to your normal user.
exit
Install SonarQube
Install the ZIP utility.
sudo apt-get install zip -y
Download SonarQube 9.9 LTS.
sudo wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-9.9.4.87374.zip
Extract the archive.
sudo unzip sonarqube-9.9.4.87374.zip
Move it into the installation directory.
sudo mv sonarqube-9.9.4.87374 /opt/sonarqube
Create the SonarQube user and group.
sudo groupadd sonar
sudo useradd -d /opt/sonarqube -g sonar sonar
sudo chown sonar:sonar /opt/sonarqube -R
Configure SonarQube
Edit the configuration file.
sudo nano /opt/sonarqube/conf/sonar.properties
Configure the database connection.
sonar.jdbc.username=sonar
sonar.jdbc.password=yourPassword
sonar.jdbc.url=jdbc:postgresql://localhost:5432/sonarqube
Save the file and exit.
Configure SonarQube as a System Service
Create a systemd service file.
sudo nano /etc/systemd/system/sonar.service
Add the SonarQube service configuration from the official documentation.
Enable and start the service.
sudo systemctl enable sonar
sudo systemctl start sonar
sudo systemctl status sonar
Configure Kernel Parameters
Edit the system configuration.
sudo nano /etc/sysctl.conf
Add:
vm.max_map_count=262144
fs.file-max=65536
Apply the changes by rebooting the server.
sudo reboot
Access SonarQube
Open SonarQube in your browser.
http://\<EC2-Public-IP>:9000
Default credentials:
| Username | Password |
|---|---|
| admin | admin |
After signing in for the first time, change the default administrator password.
Install SonarScanner
Download SonarScanner.
sudo wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006-linux.zip
Extract the archive.
sudo unzip sonar-scanner-cli-5.0.1.3006-linux.zip -d /opt
Configure the environment variables.
echo "export PATH=\$PATH:/opt/sonar-scanner-5.0.1.3006-linux/bin" >> ~/.bashrc
echo "export SONAR_SCANNER_HOME=/opt/sonar-scanner-5.0.1.3006-linux" >> ~/.bashrc
source ~/.bashrc
Verify the installation.
sonar-scanner -v
Optional: Include a single screenshot of the SonarQube dashboard or the
sonar-scanner -voutput if you want readers to verify a successful installation.
Phase 1 Complete
Congratulations!
You have successfully completed Phase 1 by provisioning the infrastructure and installing all the tools required for the CI/CD pipeline:
- Ubuntu EC2 Instance
- OpenJDK 17
- Jenkins
- Git
- Apache Maven
- Docker
- PostgreSQL
- SonarQube
- SonarScanner
Your environment is now ready for Phase 2, where you'll configure a Jenkins pipeline, integrate GitHub, build the application with Maven, perform code quality analysis using SonarQube, build Docker images, push them to Amazon ECR, and deploy the application using Docker containers.