From c8f2f5f92f9ae1c79b0884c6a281fb1ed52a7d57 Mon Sep 17 00:00:00 2001 From: root Date: Sun, 27 Apr 2025 10:45:25 +0700 Subject: [PATCH] Add Kubernetes YAML, Dockerfile, and Jenkinsfile for full CI/CD pipeline --- Dockerfile | 19 +++++++++---- Jenkinsfile | 51 +++++++++++++++++++++++++++++----- k8s/ci3-deployment.yaml | 31 +++++++++++++++++++++ k8s/ci3-nginx-configmap.yaml | 29 +++++++++++++++++++ k8s/ci3-service.yaml | 13 +++++++++ k8s/mysql-deployment.yaml | 22 +++++++++++++++ k8s/mysql-service.yaml | 12 ++++++++ k8s/phpmyadmin-deployment.yaml | 24 ++++++++++++++++ k8s/phpmyadmin-service.yaml | 13 +++++++++ 9 files changed, 202 insertions(+), 12 deletions(-) create mode 100644 k8s/ci3-deployment.yaml create mode 100644 k8s/ci3-nginx-configmap.yaml create mode 100644 k8s/ci3-service.yaml create mode 100644 k8s/mysql-deployment.yaml create mode 100644 k8s/mysql-service.yaml create mode 100644 k8s/phpmyadmin-deployment.yaml create mode 100644 k8s/phpmyadmin-service.yaml diff --git a/Dockerfile b/Dockerfile index 984948a..b722998 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,17 +1,26 @@ -# Base image dari docker registry lokal +# Gunakan base image PHP 7.4 FPM dari registry lokal FROM docker.rri.co.id/php74-fpm:latest -# Install PHP extension tambahan yang dibutuhkan CI3 +# Informasi maintainer (optional) +LABEL maintainer="direktorat_tmb@rri.co.id" +LABEL app="CI3 CSIRT Application" + +# Install PHP Extension yang dibutuhkan RUN docker-php-ext-install mysqli pdo pdo_mysql -# Copy source code aplikasi ke container +# Copy seluruh isi aplikasi CodeIgniter ke dalam container +WORKDIR /var/www/website_csirt COPY . /var/www/website_csirt -# Set permission yang benar +# Ganti ownership supaya webserver bisa akses RUN chown -R www-data:www-data /var/www/website_csirt +# Set permission directory (opsional kalau mau lebih keras security-nya) +RUN find /var/www/website_csirt -type d -exec chmod 755 {} \; && \ + find /var/www/website_csirt -type f -exec chmod 644 {} \; + # Expose port PHP-FPM EXPOSE 9000 -# Jalankan PHP-FPM +# Start PHP-FPM process CMD ["php-fpm"] diff --git a/Jenkinsfile b/Jenkinsfile index 859d765..7bac854 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,39 +1,76 @@ pipeline { agent any + environment { REGISTRY = "docker.rri.co.id" IMAGE_NAME = "ci3-app" IMAGE_TAG = "latest" KUBE_NAMESPACE = "default" - DEPLOYMENT_NAME = "ci3-deployment" + GIT_CREDENTIALS_ID = "1138e92b-d38f-4578-9058-82fc7b6f734b" + DOCKER_CREDENTIALS_ID = "docker-credentials" } + stages { - stage('Checkout') { + + stage('Checkout Source Code') { steps { + echo 'Cloning source code from Gitea...' git branch: 'main', - credentialsId: '1138e92b-d38f-4578-9058-82fc7b6f734b', + credentialsId: "${GIT_CREDENTIALS_ID}", url: 'https://git.rri.co.id/admin/ci3-app.git' } } + stage('Build Docker Image') { steps { + echo 'Building Docker Image...' sh "docker build -t ${REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG} ." } } - stage('Push Docker Image') { + + stage('Push Docker Image to Registry') { steps { - withCredentials([usernamePassword(credentialsId: 'docker-credentials', usernameVariable: 'DOCKER_USER', passwordVariable: 'DOCKER_PASS')]) { + echo 'Pushing Docker Image to Local Registry...' + withCredentials([string(credentialsId: "${DOCKER_CREDENTIALS_ID}", variable: 'DOCKER_PASS')]) { sh """ - echo \$DOCKER_PASS | docker login ${REGISTRY} -u \$DOCKER_USER --password-stdin + echo \$DOCKER_PASS | docker login ${REGISTRY} -u admin --password-stdin docker push ${REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG} """ } } } + stage('Deploy to Kubernetes') { steps { - sh "kubectl set image deployment/${DEPLOYMENT_NAME} php=${REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG} -n ${KUBE_NAMESPACE}" + echo 'Applying Kubernetes YAML Manifests...' + sh """ + kubectl apply -f k8s/ci3-nginx-configmap.yaml + kubectl apply -f k8s/ci3-deployment.yaml + kubectl apply -f k8s/mysql-deployment.yaml + kubectl apply -f k8s/phpmyadmin-deployment.yaml + kubectl apply -f k8s/ci3-service.yaml + kubectl apply -f k8s/mysql-service.yaml + kubectl apply -f k8s/phpmyadmin-service.yaml + """ + } + } + + stage('Verify Deployment') { + steps { + echo 'Checking Pods Status...' + sh "kubectl get pods -n ${KUBE_NAMESPACE} --selector=app=ci3-app" + sh "kubectl get pods -n ${KUBE_NAMESPACE} --selector=app=mysql" + sh "kubectl get pods -n ${KUBE_NAMESPACE} --selector=app=phpmyadmin" } } } + + post { + success { + echo 'Deployment Successful!' + } + failure { + echo 'Deployment Failed. Please Check Jenkins Logs.' + } + } } diff --git a/k8s/ci3-deployment.yaml b/k8s/ci3-deployment.yaml new file mode 100644 index 0000000..5dcd559 --- /dev/null +++ b/k8s/ci3-deployment.yaml @@ -0,0 +1,31 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ci3-deployment + namespace: default +spec: + replicas: 2 + selector: + matchLabels: + app: ci3-app + template: + metadata: + labels: + app: ci3-app + spec: + containers: + - name: php + image: docker.rri.co.id/ci3-app:latest + ports: + - containerPort: 9000 + - name: nginx + image: nginx:1.23 + ports: + - containerPort: 80 + volumeMounts: + - name: nginx-config + mountPath: /etc/nginx/conf.d + volumes: + - name: nginx-config + configMap: + name: ci3-nginx-config diff --git a/k8s/ci3-nginx-configmap.yaml b/k8s/ci3-nginx-configmap.yaml new file mode 100644 index 0000000..7dae526 --- /dev/null +++ b/k8s/ci3-nginx-configmap.yaml @@ -0,0 +1,29 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: ci3-nginx-config + namespace: default +data: + default.conf: | + server { + listen 80; + server_name _; + + root /var/www/website_csirt; + index index.php index.html index.htm; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~ \.php$ { + include fastcgi_params; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + + location ~ /\.ht { + deny all; + } + } diff --git a/k8s/ci3-service.yaml b/k8s/ci3-service.yaml new file mode 100644 index 0000000..a2e0ff4 --- /dev/null +++ b/k8s/ci3-service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: ci3-service + namespace: default +spec: + selector: + app: ci3-app + ports: + - protocol: TCP + port: 80 + targetPort: 80 + type: LoadBalancer diff --git a/k8s/mysql-deployment.yaml b/k8s/mysql-deployment.yaml new file mode 100644 index 0000000..7da93d3 --- /dev/null +++ b/k8s/mysql-deployment.yaml @@ -0,0 +1,22 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mysql + namespace: default +spec: + selector: + matchLabels: + app: mysql + template: + metadata: + labels: + app: mysql + spec: + containers: + - name: mysql + image: mysql:5.7 + env: + - name: MYSQL_ROOT_PASSWORD + value: "Lpprri_@1945" # Ganti dengan password kuatmu + ports: + - containerPort: 3306 diff --git a/k8s/mysql-service.yaml b/k8s/mysql-service.yaml new file mode 100644 index 0000000..9095f4a --- /dev/null +++ b/k8s/mysql-service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: mysql + namespace: default +spec: + selector: + app: mysql + ports: + - protocol: TCP + port: 3306 + targetPort: 3306 diff --git a/k8s/phpmyadmin-deployment.yaml b/k8s/phpmyadmin-deployment.yaml new file mode 100644 index 0000000..f97c463 --- /dev/null +++ b/k8s/phpmyadmin-deployment.yaml @@ -0,0 +1,24 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: phpmyadmin + namespace: default +spec: + selector: + matchLabels: + app: phpmyadmin + template: + metadata: + labels: + app: phpmyadmin + spec: + containers: + - name: phpmyadmin + image: phpmyadmin/phpmyadmin + env: + - name: PMA_HOST + value: mysql + - name: PMA_PORT + value: "3306" + ports: + - containerPort: 80 diff --git a/k8s/phpmyadmin-service.yaml b/k8s/phpmyadmin-service.yaml new file mode 100644 index 0000000..7c16cbc --- /dev/null +++ b/k8s/phpmyadmin-service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: phpmyadmin + namespace: default +spec: + selector: + app: phpmyadmin + ports: + - protocol: TCP + port: 80 + targetPort: 80 + type: LoadBalancer