https://github.com/codewithmuh/jenkins-dockerhub-aws-ecr
Multi-Registry(dockerhub + ECR) Docker CI/CD Pipeline with Jenkins
https://github.com/codewithmuh/jenkins-dockerhub-aws-ecr
aws docker dockerhub github jenkins
Last synced: 2 months ago
JSON representation
Multi-Registry(dockerhub + ECR) Docker CI/CD Pipeline with Jenkins
- Host: GitHub
- URL: https://github.com/codewithmuh/jenkins-dockerhub-aws-ecr
- Owner: codewithmuh
- License: mit
- Created: 2025-06-05T10:21:52.000Z (12 months ago)
- Default Branch: main
- Last Pushed: 2025-06-05T10:49:25.000Z (12 months ago)
- Last Synced: 2025-06-28T06:36:45.878Z (11 months ago)
- Topics: aws, docker, dockerhub, github, jenkins
- Language: Python
- Homepage:
- Size: 9.77 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# ๐ณ Jenkins Docker CI/CD Pipeline โ Multi-Registry + Trivy Scan
This project demonstrates a **Jenkins-based CI/CD pipeline** to:
- โ
Build Docker images
- ๐ฆ Push to **DockerHub** and **AWS ECR**
- ๐ Scan images using **Trivy**
- ๐ง Send email notifications with scan reports
---
---
## โ
Prerequisites
Make sure you have the following:
- Jenkins installed with Docker on the same host
- Jenkins user added to the `docker` group
- AWS CLI installed on Jenkins machine
- Jenkins plugins:
- Pipeline
- Docker Pipeline
- Email Extension
- Jenkins Credentials:
- `dockerhub-creds`: DockerHub username/password
- `aws-access-key`, `aws-secret-key`
- `smtp-email` (for sending scan reports)
---
## ๐งช Jenkinsfile Pipeline
```groovy
pipeline {
agent any
environment {
IMAGE_NAME = "myapp"
IMAGE_TAG = ""
AWS_REGION = "us-east-1"
ECR_REPO = ".dkr.ecr.${AWS_REGION}.amazonaws.com/myapp"
}
stages {
stage('Checkout') {
steps {
checkout scm
script {
IMAGE_TAG = sh(script: "git rev-parse --short HEAD", returnStdout: true).trim()
}
}
}
stage('Build Docker Image') {
steps {
sh """
docker build -t ${IMAGE_NAME}:${IMAGE_TAG} .
"""
}
}
stage('Push to DockerHub') {
steps {
withCredentials([usernamePassword(credentialsId: 'dockerhub-creds', usernameVariable: 'DOCKER_USER', passwordVariable: 'DOCKER_PASS')]) {
sh """
echo "${DOCKER_PASS}" | docker login -u "${DOCKER_USER}" --password-stdin
docker tag ${IMAGE_NAME}:${IMAGE_TAG} ${DOCKER_USER}/${IMAGE_NAME}:${IMAGE_TAG}
docker push ${DOCKER_USER}/${IMAGE_NAME}:${IMAGE_TAG}
"""
}
}
}
stage('Push to AWS ECR') {
steps {
withCredentials([
string(credentialsId: 'aws-access-key', variable: 'AWS_ACCESS_KEY_ID'),
string(credentialsId: 'aws-secret-key', variable: 'AWS_SECRET_ACCESS_KEY')
]) {
sh """
aws configure set aws_access_key_id ${AWS_ACCESS_KEY_ID}
aws configure set aws_secret_access_key ${AWS_SECRET_ACCESS_KEY}
aws configure set default.region ${AWS_REGION}
aws ecr get-login-password --region ${AWS_REGION} | \
docker login --username AWS --password-stdin ${ECR_REPO}
docker tag ${IMAGE_NAME}:${IMAGE_TAG} ${ECR_REPO}:${IMAGE_TAG}
docker push ${ECR_REPO}:${IMAGE_TAG}
"""
}
}
}
stage('Scan Image with Trivy') {
steps {
sh """
apt-get update && apt-get install wget apt-transport-https gnupg lsb-release -y
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | apt-key add -
echo "deb https://aquasecurity.github.io/trivy-repo/deb \$(lsb_release -sc) main" | \
tee -a /etc/apt/sources.list.d/trivy.list
apt-get update && apt-get install trivy -y
docker pull ${IMAGE_NAME}:${IMAGE_TAG}
trivy image --format json -o trivy-report.json ${IMAGE_NAME}:${IMAGE_TAG}
"""
}
}
stage('Send Email Report') {
steps {
mail bcc: '',
body: 'Docker image scan report attached.',
from: 'jenkins@example.com',
replyTo: '',
subject: "Trivy Scan Report: ${IMAGE_NAME}:${IMAGE_TAG}",
to: 'your-team@example.com',
attachmentsPattern: 'trivy-report.json'
}
}
}
post {
always {
cleanWs()
}
}
}