Use Terraform to provision AWS services, including VPC, EC2 instances, subnets, security groups, and elastic IPs. I also setup S3 bucket and DynamoDB for remote work and state lock !
Infrastructure setup includes:
5 EC2 instances: Jenkins, Monitoring Server, Database Server, Sonarqube and Redis
1 VPC
Networking components: Subnets, Security Groups, and Elastic IPs
Integrate SonarQube into the Jenkins pipeline using a token-based credential. Additionally, install the Dependency-Check plugin on the Jenkins Master and Trivy on the Jenkins Slave for security scanning.
-
DAST: OWASP ZAP
-
SAST: Sonarqube
-
Docker Image: Trivy
-
Dependency: OWASP Dependency-Check
Deploy the Datadog Agent as a Docker container to collect logs and metrics from all Docker containers within the same Docker socket. Configure Prometheus to scrape metrics from 5 instances and Jenkins's work, which is exposed via the Prometheus plugin.
