๐Ÿ›  How I Built a Full CI/CD Pipeline with Jenkins, Docker, SonarQube, Maven, and Trivy on AWS EC2

Sonica SonawaneSonica Sonawane
3 min read

Recently, I completed an exciting DevOps hands-on project: setting up a CI/CD pipeline from scratch on AWS using Jenkins, Docker, SonarQube, Maven, and Trivy. This blog details the complete journey, including commands, configurations, and screenshots.

๐Ÿ“Œ Prerequisites

  • AWS EC2 instance (Ubuntu t2.medium, 30 GB storage)

  • GitHub & DockerHub account

  • Internet connection ๐Ÿ˜‰

  • Some Linux command line knowledge

๐Ÿ’ก Tip: Use a t2.medium instance instead of t2.micro due to memory and CPU constraints.

๐Ÿ”ง Step-by-Step Setup

Step 1: Launch EC2 Instance

  • Type: t2.medium

  • OS: Ubuntu

  • Storage: 30 GB

  • Region: US-EAST-1

Step 2: Connect & Switch to Root

ssh -i "your-key.pem" ubuntu@<public-ip>
sudo su

Step 3: Install Jenkins

Run the Jenkins installer:

wget https://raw.githubusercontent.com/praveen1994dec/tools_installation_scripts/main/jenkins.sh
bash jenkins.sh

Step 4: Update EC2 Security Group

  • Allow port 8080 for Jenkins UI.

Step 5โ€“8: Access Jenkins & Setup

  • Jenkins UI: http://<EC2_PUBLIC_IP>:8080/

  • Get admin password:

cat /var/lib/jenkins/secrets/initialAdminPassword

  • Install suggested plugins

  • Create first user

Step 9: Create a Pipeline Job

Step 10: Configure Pipeline Script from Git

Use this Git repo:

https://github.com/praveen1994dec/Java_app_3.0.git

Step 11: Install Plugins for Sonar & JFrog

Via Jenkins > Manage Jenkins > Plugins:

  • Sonar Gerrit

  • SonarQube Scanner

  • SonarQube Generic Coverage

  • Sonar Quality Gates

  • Jfrog

  • Artifactory

Step 12: Install Docker

wget https://raw.githubusercontent.com/praveen1994dec/tools_installation_scripts/main/docker.sh
bash docker.sh
docker -v

Step 13: Install SonarQube

wget https://raw.githubusercontent.com/praveen1994dec/tools_installation_scripts/main/sonarqube.sh
bash sonarqube.sh

Start container if needed:

docker ps -a
docker start <containerID>

  • Login: admin / admin

  • Create token under:
    My Account > Security > Create Token

Webhook for Jenkins:

http://<EC2_IP>:8080/sonarqube-webhook/

Step 14: Install Maven

wget https://raw.githubusercontent.com/praveen1994dec/tools_installation_scripts/main/Maven.sh
bash Maven.sh

Step 15: Install Trivy

wget https://raw.githubusercontent.com/praveen1994dec/tools_installation_scripts/main/trivy.sh
bash trivy.sh

Step 16: Integrate SonarQube with Jenkins

  • Jenkins > Manage Jenkins > Configure System

  • Under SonarQube servers:

    • Add URL and token (use Secret Text)

    • Token ID: sonarqube-api

Step 17: Add DockerHub Credentials

  • Jenkins > Manage Jenkins > Credentials > Global

    • ID: docker

Step 18: Add Jenkins Shared Library

Name: my-shared-library
Default Version: main
Git Repo: https://github.com/praveen1994dec/jenkins_shared_lib.git

โœ… Step 19: Run the Pipeline & Validate

Check:

  • Jenkins build logs

  • Trivy vulnerability reports

  • SonarQube code quality dashboard

๐Ÿ™ Special Thanks

Huge thanks to Praveen Singampalli for the practical and engaging DevOps session. Your instructions helped me gain hands-on experience with real-world tools and pipelines.

๐Ÿ Conclusion

This project helped me understand how various DevOps tools come together in a real CI/CD workflow. Let me know if you'd like a follow-up blog on Kubernetes deployment next!

0
Subscribe to my newsletter

Read articles from Sonica Sonawane directly inside your inbox. Subscribe to the newsletter, and don't miss out.

DevopsDevops articlesAWSci-cdJenkins Jenkins, DevOpsDockersonarqubetrivyec2

Written by

Sonica Sonawane
Sonica Sonawane

Hi, I'm Sonica! ๐Ÿ‘‹ Iโ€™m currently diving into the world of DevOps, focusing on AWS, Docker, Kubernetes, Linux, and GitHub. My passion lies in automating systems, building cloud infrastructure, and optimizing workflows. Iโ€™m committed to continuous learning, hands-on projects, and sharing my journey with others in the tech community. Before shifting to DevOps, I worked in IT Sales, where I gained valuable skills in client communication, requirement gathering, and problem-solving. This experience taught me how to connect technical solutions to business needs, which has been instrumental as I transition into DevOps, where technical expertise and problem-solving go hand in hand. Now, Iโ€™m eager to apply my sales experience alongside my growing technical skills in cloud engineering and DevOps. Join me as I explore the latest trends, challenges, and solutions in the world of cloud computing!