How to Implement CICD Pipeline using GitLab Yaml | GitLab Actions Tutorials | GitLab CICD Pipeline | Build Java WAR file using GitLab CICD YAML file

Here below is the code for creating GitLab CICD yaml file for Java Web App project to automate build and deployment. 

What is GitLab CICD?

GitLab CI/CD is a continuous integration and continuous deployment solution built into GitLab.

GitLab CI/CD Pipeline Flow

Developer Commit → GitLab Repository → GitLab Runner → Build Stage → Test Stage → Security Scan → Docker Build → Push to Registry → Deploy to Kubernetes/Tomcat/Cloud

What is .gitlab-ci.yml?

The .gitlab-ci.yml file is the heart of GitLab CI/CD pipelines.

It contains:

• Pipeline stages
• Jobs
• Scripts
• Variables
• Artifacts
• Deployment instructions

GitLab automatically reads this file whenever code changes are pushed into the repository.

.gitlab-ci.yml for implementing CICD using GitLab

stages:

  - build

  - deploy

build_war:

  stage: build

  image: maven:3.8.6-eclipse-temurin-11

  script:

    - echo "Building WAR file using Maven"

    - mvn clean install -f MyWebApp/pom.xml

    - echo "Listing target directory"

    - ls -la MyWebApp/target

  artifacts:

    paths:

      - MyWebApp/target/*.war

    expire_in: 1 hour

deploy_to_tomcat:

  stage: deploy

  image: curlimages/curl:latest

  dependencies:

    - build_war

  script:

    - echo "Deploying WAR file to Tomcat running on AWS EC2"

    - |

      curl -v -u ${TOMCAT_USER}:${TOMCAT_PASSWORD} \

      -T MyWebApp/target/MyWebApp.war \

      "http://${TOMCAT_HOST}/manager/text/deploy?path=/MyWebApp&update=true"

DevSecOps and Multi Cloud Bootcamp from Coach AK Schedule for Feb 2026

Fix Found | Error No plugin found for prefix 'sonar' in the current project | Jenkins throws error when Integrating with SonarQube when using Maven goal | Fix Explained

[ERROR] No plugin found for prefix 'sonar' in the current project and in the plugin groups [org.apache.maven.plugins, org.codehaus.mojo] available from the repositories [local (/var/lib/jenkins/.m2/repository), central (https://repo.maven.apache.org/maven2)]

[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] For more information about the errors and possible solutions, please read the following articles: [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/NoPluginFoundForPrefixException

Fix:
In Jenkins: don’t use sonar:sonar in the Maven targets field. Instead, call the Sonar goal with the fully-qualified plugin.

problem command is mvn clean install sonar:sonar

Fixed Code is mvn clean install org.sonarsource.scanner.maven:sonar-maven-plugin:4.0.0.4121:sonar

Jenkins Pipeline Code

     stage ('Code Quality scan')  {
       withSonarQubeEnv('Sonar') {

            sh """

              ${mvnHome}/bin/mvn -f MyWebApp/pom.xml \

             org.sonarsource.scanner.maven:sonar-maven-plugin:4.0.0.4121:sonar \

              -Dsonar.organization=org_key \

              -Dsonar.projectKey=project_key \

              -Dsonar.projectName=MyWebApp

            """

        }
   }

Why this happens 
sonar:sonar relies on Maven “plugin prefix resolution”, which is not always reliable in Jenkins jobs, especially with older Maven/Jenkins integration. Fully qualifying the plugin is the standard CI fix.

Master DevSecOps and Multi Cloud Computing Course by Coach AK | DevSecOps and Cloud Computing Online Classes | Jan 2026 Schedule

 Master DevSecOps and cloud Computing Bootcamp Schedule for Jan 2026

Are you ready to supercharge your career in DevSecOps? Whether you're a beginner or an experienced professional, this hands-on bootcamp will take you from zero to expert with real-world training on the latest DevSecOps tools and practices!

✅ Master Top DevSecOps Tools: Git, GitHub, Bitbucket, Jenkins, SonarQube, Slack, Trivy, Nexus, Terraform, Ansible, Docker, Kubernetes, Helm, Prometheus and more!
✅ Cloud Platforms – AWS & Azure
✅ Live Interactive Sessions – Get personalized guidance from industry experts!
✅ Weekend & Weekday Batches – Flexible schedules to fit your lifestyle!
✅ Weekday Evenings Batch Available! – Perfect for working professionals!
✅ Real-World Projects – Build experience that recruiters love!
✅ 100% Hands-On Training – No boring theory, just practical DevSecOps!
✅ Career Support & Guidance – Resume building, interview prep, and networking!

📅 Weekend Batch Starts: Jan 31st, 2026
🕒 Timings: Saturdays - 09:45 AM to 11:30 AM CST & Sundays - 10:30 AM to 12:30 PM CST

📍 Online – Learn from Anywhere!

🎯 Spots are Limited! Secure your seat now and take the first step toward becoming a DevSecOps pro!

📞 Contact Coach AK Now:
📱 +1 (469) 733-5248 (WhatsApp Available)
📧 devops.coaching@gmail.com

💥 Act Fast! Early Bird Discounts Available! 🚀

👉 Register Today by making payments, contact Coach AK!

📈 Why join this Bootcamp?

✅ Hands-on Training – Work on real-world projects
✅ Learn Top Security Tools - SonarQube, Aqua Trivy, GitHub Advanced Security, Checkov
✅ Expert-Led Live Sessions – Interactive & practical guidance
✅ Career Support – Resume tips, interview prep & certification guidance
✅ Project-Based Learning – Apply skills in real DevOps environments

Master DevSecOps and Multi Cloud Computing Course by Coach AK | DevSecOps and Cloud Computing Online Classes | Jan 2026 Schedule

Master DevSecOps and Cloud Computing Mastery BootCamp Schedule for Jan 2026

Are you ready to supercharge your career in DevSecOps? Whether you're a beginner or an experienced professional, this hands-on bootcamp will take you from zero to expert with real-world training on the latest DevSecOps tools and practices!

✅ Master Top DevSecOps Tools: Git, GitHub, Bitbucket, Jenkins, SonarQube, Slack, Trivy, Nexus, Terraform, Ansible, Docker, Kubernetes, Helm, Prometheus and more!
✅ Cloud Platforms – AWS & Azure
✅ Live Interactive Sessions – Get personalized guidance from industry experts!
✅ Weekend & Weekday Batches – Flexible schedules to fit your lifestyle!
✅ Weekday Evenings Batch Available! – Perfect for working professionals!
✅ Real-World Projects – Build experience that recruiters love!
✅ 100% Hands-On Training – No boring theory, just practical DevSecOps!
✅ Career Support & Guidance – Resume building, interview prep, and networking!

📅 Weekend Batch Starts: Jan 31st, 2026
🕒 Timings: Saturdays - 09:45 AM to 11:30 AM CST & Sundays - 10:30 AM to 12:30 PM CST

📍 Online – Learn from Anywhere!

🎯 Spots are Limited! Secure your seat now and take the first step toward becoming a DevSecOps pro!

📞 Contact Coach AK Now:
📱 +1 (469) 733-5248 (WhatsApp Available)
📧 devops.coaching@gmail.com

💥 Act Fast! Early Bird Discounts Available! 🚀

👉 Register Today by making payments, contact Coach AK!

📈 Why Join this Bootcamp?

✅ Hands-on Training – Work on real-world projects
✅ Learn Top Security Tools - SonarQube, Aqua Trivy, GitHub Advanced Security, Checkov
✅ Expert-Led Live Sessions – Interactive & practical guidance
✅ Career Support – Resume tips, interview prep & certification guidance
✅ Project-Based Learning – Apply skills in real DevOps environments

Master DevSecOps Bootcamp July 2025 Schedule | DevOps & AWS Azure Cloud Coaching by Coach AK | DevSecOps and Cloud Computing Online Classes

 🚀DevSecOps Bootcamp - Master Security in DevOps | July 2025

Are you ready to supercharge your career in DevSecOps? Whether you're a beginner or an experienced professional, this hands-on bootcamp will take you from zero to expert with real-world training on the latest DevSecOps tools and practices!

✅ Master Top DevSecOps Tools: Git, GitHub, Bitbucket, Jenkins, SonarQube, Slack, Trivy, Nexus, Terraform, Ansible, Docker, Kubernetes, Helm, Prometheus and more!
✅ Cloud Platforms – AWS & Azure
✅ Live Interactive Sessions – Get personalized guidance from industry experts!
✅ Weekend & Weekday Batches – Flexible schedules to fit your lifestyle!
✅ Weekday Evenings Batch Available! – Perfect for working professionals!
✅ Real-World Projects – Build experience that recruiters love!
✅ 100% Hands-On Training – No boring theory, just practical DevSecOps!
✅ Career Support & Guidance – Resume building, interview prep, and networking!

📅 Weekend Batch Starts: July 19th, 2025
🕒 Batch Timings:

• Weekend Batch: Saturdays (11:30 AM - 01:30 PM CST) & Sundays (1:00 PM - 3:00 PM CST)

📅 Weekday Evening Batch Starts: July 15th, 2025
🕒 Batch Timings:

• Weekday Evenings Batch: Tuesdays & Thursdays (6:00 PM - 8:00 PM CST)

📍 Online – Learn from Anywhere!

🎯 Spots are Limited! Secure your seat now and take the first step toward becoming a DevSecOps pro!

📞 Contact Coach AK Now:
📱 +1 (469) 733-5248 (WhatsApp Available)
📧 devops.coaching@gmail.com

💥 Act Fast! Early Bird Discounts Available! 🚀

👉 Register Today by making payments, contact Coach AK!

📈 Why Join this Bootcamp?

✅ Hands-on Training – Work on real-world projects
✅ Learn Top Security Tools - SonarQube, Aqua Trivy, GitHub Advanced Security, Checkov
✅ Expert-Led Live Sessions – Interactive & practical guidance
✅ Career Support – Resume tips, interview prep & certification guidance
✅ Project-Based Learning – Apply skills in real DevOps environments