Ansible playbook for AWS S3 bucket creation | How to create S3 bucket using Ansible in AWS Cloud

We will learn how to create new S3 bucket using Ansible playbook and automate the execution using Jenkins Pipeline. 

Pre-requisites:

• Ansible is installed and Boto is also installed on Jenkins instance
• Ansible plug-in is installed in Jenkins. 
• Make sure you create an IAM role with AmazonS3FullAccess policy and attach the role to Jenkins EC2 instance.

• Playbook for creating new S3 bucket needs to be created but you can refer my GitHub Repo

Ansible playbook for AWS S3 bucket creation

Steps:

1. Create Ansible playbook for S3 bucket creation

(Sample playbook is available in my GitHub Repo, you can use that as a reference)

2. Create Jenkins Pipeline 

pipeline {

    agent any

    stages {

        

        stage ("checkout") {

            steps {

                        checkout([$class: 'GitSCM', branches: [[name: '*/master']], extensions: [],                                                     userRemoteConfigs: [[url: 'https://github.com/akannan1087/myAnsibleInfraRepo']]])         

            }

        }

        stage('execute') {

            steps {

                //to suppress warnings when you execute playbook    

                sh "pip install --upgrade requests==2.20.1"

                // execute ansible playbook

                ansiblePlaybook 'create-s3.yml'

            }

        }

    }

}

Execute Pipeline

Pipeline Console output

Playbook for creating S3 for your reference:

create-s3.yml

---

 - name:  provisioning S3 Bucket using Ansible playbook

   hosts: localhost

   connection: local

   gather_facts: False

   tags: provisioning

   tasks:

     - name: create S3 bucket

       s3_bucket:

         name: myansibles3bucket312

         state: present

         region: us-east-1

         versioning: yes

         tags:

           name: myansiblebucket

           type: example

       register: s3_url

     - name: Display s3 url

       debug: var=s3_url

SonarQube server can not be reached Error | Troubleshoot SonarQube Jenkins or Azure DevOps Integration

 Let's see how to resolve SonarQube server can not be reached error.

Root cause and Fix:

When ever you stop EC2 instance and re-start, public DNS name always changes. So you will have to change it every time you restart. 

You need to re-enter new Sonarqube server URL under Jenkins --> Manage Jenkins --> Configure system. scroll down and under sonarQube configuration 


enter updated SonarQube URL. no need to create token again, old token is enough.

After you save, you can run the job in your CI server to integrate with Sonarqube.

How to Create a Docker Image for Springboot App and Push Docker image into Amazon ECR from Azure DevOps Pipelines | Azure DevOps Pipelines to Build and Push a Docker image to AWS ECR

Amazon Elastic Container Registry (ECR) is a fully managed Docker container registry that makes it easy to store, share, and deploy container images. We will learn how to build docker image for a springboot microservices app using Azure DevOps(ADO) build pipeline and push docker image into AWS ECR.

What are we going to do in this lab?

1. Create a Repository in AWS ECR for storing docker images

2. Create an IAM user and AmazonEC2ContainerRegistryFullAccess policy.

3. Create access keys for IAM user in AWS console

4. Create service connection in AzureDevOps to connect to AWS using IAM user access & secret keys.

5. Create Azure DevOps Build pipeline with below tasks:

• maven build for building JAR
• build docker image
• push docker image into ECR

6. Verify if docker image has been pushed to AWS ECR

Pre-requisites:

• Azure DevOps Account setup and project is created in ADO
• Install AWS toolkit for Azure DevOps
• Setup springboot app in GitHub (you can fork this repository)
• Create service connection in ADO to connect to GitHub personal access Token

Watch Steps in YouTube channel:

Step 1 - Create a repo in ECR 

Go to AWS console, type ECR

Click on Create Repository

Enter name for your repo - all lower case and Click create repository

Create an IAM user

Go to AWS console --> IAM --> Add Users

Enter name for the user

Search for EC2 and choose AmazonEC2ContainerRegistryFullAccess

Click on Create User

Create security credentials

Click on user name ecr-user

Click on Security credentials

Create Access key

Create Service connection 

Go to Project settings --> Service Connections

Enter Access keys and Secret keys

Enter Connect name and select Grant access to all pipelines

Click on save

Create a classic Azure Build pipeline

Click on use the classic editor

Select GitHub and choose your spring-boot project and click continue

Choose a template for the pipeline, type docker and select docker container

Click on Apply

Select build Agent for the Pipeline

Choose Ubuntu latest as build agent

Add Pipeline variables

imageName as springboot-app

repoName as my-springboot-repo

Add Maven task for building springboot JAR file

Make sure Maven task is moved up..it should be a first task

enter maven goas as install

Customize build an image Task 

start customizing the task, choose the version as 2.0

Enter $(imageName) as  Container repository 

Select build as command from drop down

Tags as it have shown below

Remove push an image task

Add ECR push task

now configure the task

Select as shown in screenshot

Choose aws service connection from drop down

select region as per your settings.

select Image ID

enter as $(imageName):$(Build.BuildId)

Repo Name as $(repoName)

$(Build.BuildId) as tar repo tag

Save and Queue

Select ubuntu latest as build agent..do NOT select window agents.

Now make sure build is successful.

Verify if Docker image has been pushed into AWS ECR

Now login to AWS console --> Go to ECR--> select your repo. verify if image has been uploaded successfully.

How to Create Azure YAML build pipeline for SonarQube Code Scan | Automate Code Scan using SonarQube in Azure Build YAML Pipelines

Please find steps below for integrating SonarQube with Azure DevOps, Previously known as Visual Studio Team Services:

Pre-requisites:

• Make sure SonarQube is up and running
• Make sure Java Project is setup in Azure Repos
• Make sure you install SonarQube plug-in/Add-on in Azure DevOps using below URL:

https://marketplace.visualstudio.com/acquisition?itemName=SonarSource.sonarqube

Once added SonarQube plug-in, click on proceed to Organization..

How to integrate SonarQube with Azure DevOps:

Create Token in SonarQube to authenticate with Azure DevOps

You need to login to SonarQube using your admin password. admin/admin123 and click on Admin on your top side.

Click on My Account, Security. 

Under Tokens, Give some value for token name and choose Global analysis token, click on generate Tokens. Copy the token value generated.

Create Service Connections in Azure DevOps 

Login to Azure DevOps. Select your project dashboard.

Click on Project settings --> Service connections

click on New service connection

Type SonarQube and Click Next

Enter SonarQube server url and enter Token created 

Give name for service connection and select Grant access permission to all pipelines.

Click on Save.

Create a YAML Build Pipeline in Azure DevOps

1. Login to Azure DevOps. Go to Azure Pipelines. Click on create a new pipeline

2. Choose Azure Repos Git as our Java Web App is configured in Azure Repos

3. Choose mySonarProject as repo

4. Click on Maven

5. Now click on Show Assistant

6. Type SonarQube and select Prepare Analysis configuration task

Select SonarQube from dropdown

Choose Integrate with Maven or Gradle, click on Add

7. Now Modify path of Pom.xml to MyWebApp/pom.xml

8. Change jdkVersionOption to 1.11

9. change maven goal to install sonar:sonar

10. Now click on Save and Run pipeline.

11. Now login to SonarQube dashboard, click on Projects to the code analysis report