Pipeline

CICD/Jenkins/image.png

#!/bin/bash
set -e

# Configuration
ECR_REPO="formify-be"
ENVIRONMENT="staging"
AWS_REGION="ap-south-1"
AWS_ACCOUNT_ID="3AWS-Account-ID-NO5"

GIT_COMMIT_SHORT=$(git rev-parse --short HEAD)
IMAGE_TAG="${GIT_COMMIT_SHORT}"
ECR_URI="${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/erp-apps/${ECR_REPO}:${IMAGE_TAG}"

echo "Building ${ECR_REPO}:${IMAGE_TAG}"

# Build and push
aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin ${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com
docker buildx build --platform linux/arm64 -t $ECR_URI --push .

echo "✅ Image pushed: ${ECR_URI}"


# Trivy Scan High and Critical vulnerabilities
trivy image --severity HIGH,CRITICAL --quiet $ECR_URI

# Update GitOps
rm -rf gitops-temp
git clone -b gitops "$GITOPS_REPO_URL" gitops-temp
cd gitops-temp

PATCH_FILE="erp-apps/overlays/${ENVIRONMENT}/${ECR_REPO}-patch.yaml"

echo "Before update:"
grep "image:" "$PATCH_FILE"

# Fixed sed pattern - matches erp-apps/ path
sed -i.bak "s|image: ${AWS_ACCOUNT_ID}\.dkr\.ecr\.${AWS_REGION}\.amazonaws\.com/erp-apps/${ECR_REPO}:.*|image: ${ECR_URI}|g" "$PATCH_FILE"
rm -f "${PATCH_FILE}.bak"

echo "After update:"
grep "image:" "$PATCH_FILE"

git config user.name "Jenkins CI"
git config user.email "jenkins@ahmadraza.in"
git add "$PATCH_FILE"

if git diff --cached --quiet; then
  echo "⚠️ No changes needed"
  cd ..
  rm -rf gitops-temp
  exit 0
fi

git commit -m "[CI] Update ${ECR_REPO} ${ENVIRONMENT} to ${IMAGE_TAG}"

# Retry push with pull --rebase
for i in {1..5}; do
  git pull --rebase origin gitops && git push origin gitops && break
  echo "⚠️ Retry $i/5..."
  sleep 2
done

cd ..
rm -rf gitops-temp

echo "✅ Completed"
ArgoCD

CI/CD

Helm

Kustomise

Jenkins ECR Push

Pipeline

CICD/Jenkins/image.png

ArgoCD

CI/CD

Helm

Kustomise

​Pipeline

​CICD/Jenkins/image.png

Pipeline

CICD/Jenkins/image.png
