Sold by: YobitelÂ
Deployed on AWS
Free Trial
Automated CICD Jenkins: SonarQube and OWASP Code Testing is a powerful solution for streamlined DevOps automation. With this integrated approach, developers can use our pre-built pipelines meeting dynamic scenarios. Jenkins stack is tightly coupled with SonarQube Scanner ensuring efficient code analysis and application security testing with OWASP ZAP. Experience improved code quality and reduced vulnerabilities with this integrated approach, extending the pipeline favour to automate application stack deployments in ECS Fargate with few clicks.
Overview
The Automated CICD Jenkins: SonarQube & OWASP Code Testing solution caters to teams of all sizes and enables them to foster a culture of continuous integration, continuous deployment. By automating tedious and time-consuming tasks, developers can focus on higher-value activities, driving creativity and productivity by using our pre-built stacks. With real-time quality checks for source code and monitoring provided by SonarQube and OWASP, teams gain valuable insights into code quality and security, enabling them to make informed decisions and take proactive measures.
With Yobitel as your trusted partner, you can focus on driving innovation and achieving your business goals while enjoying the expert guidance and support you need to succeed in the current dynamic market.
Challenges Faced:
Integration Complexity: Setting up seamless integration of Jenkins with SonarQube, and OWASP or any custom required tools can be complex, requiring in-depth knowledge of their configurations and dependencies.
Plugin Compatibility: Ensuring compatibility between different versions of Jenkins, SonarQube, and OWASP plugins can be challenging. It may require troubleshooting and plugin updates to ensure smooth functionality.
Pipeline Configuration: Designing and configuring the CI/CD pipeline for automating infrastructure through IaC and testing stages can be intricate. It involves defining stages, incorporating necessary plugins, and configuring their parameters correctly.
Lack of Expertise: Difficulty in finding or developing the necessary skills and knowledge for IaC stack building or multiple stages of CICD implementation.
Continuous Maintenance: Organisations may lack in-house knowledge and dedicated teams proficient in DevOps methodologies and scalability concerns. Regular updates, patching, and maintenance of the Jenkins and its plugins are essential to keep the automated CICD pipeline secure and up-to-date.
Scaling business with our support:
With our team of experts and continuous support, scaling your business with deploying automated full pack CICD using Jenkins becomes feasible. Our stacks are highly secured, vetted, and production-grade custom-built with IaC, users having the option to select multiple ranges of desired pipelines for every possible requirement to deliver continuous process improvement. Feasibility of using production pipelines without or less-touch human interventions is possible and keeping automation as the key.
Key Deliverables:
Infrastructure setup for Jenkins, SonarQube, and OWASP tools are built as an integrated stack and available to customers for single click AMI.
Jenkins with the necessary plugins and dependencies are enabled to enable seamless CI/CD pipelines and integration with SonarQube and OWASP.
Integration of Jenkins with customers code repositories (such as GitHub) to automatically trigger builds and deployments upon code changes outside.
Multi-stage continuous integration pipelines and custom build automation templates are saved inside Jenkins Template repositories as multiple copies.
Easy choice of adoption to pick necessary templates and quickly activate the automated pipelines to build processes including compiling code, running tests, and creating artifacts.
Appropriate verifications are passed to SonarQube to validate code changes, perform static code analysis, identify code smells, and enforce coding standards and best practices.
Code build with docker, push to ECR or private artifactory and Deploy the stack in minutes to required platforms (ECS, Fargate, EKS) through IaC.
Automated Dependency-Check with OWASP ZAP as a part of Jenkins pipelines to scan for security vulnerabilities in the code.
Monitoring and reporting mechanisms to track build status, code quality metrics, security vulnerabilities, and overall pipeline performance.
Toolsets and Frameworks Used:
Jenkins for CICD, SonarQube Scanner for code check, OWASP ZAP for dependency check.
Prime Service Highlights:
Real-time support from AWS-certified engineers, IaC CloudFormation and DevOps Experts Continuous learning on scalable infrastructure and improvement opportunities for businesses growth
Personalised support tailored to the unique needs of each client with value-added solution integration SLA Coverage and premium support with a dedicated Technical Account Manager.
Highlights
- Managed Stacks: Yobitel cloud-native stacks are regulated with industry metrics for seamless deployment, management and monitoring of cloud-native apps and AMI which includes rolling upgrades & regulated version control, automatic application re-package provisioning & re-deploying, and a full app lifecycle management for stacks.
- Production Grade and Efficient: Yobitel cloud-native stacks maintain ease of procedures with increased infrastructure and application resiliency to meet the high level industry standards for its every stacks, best utilization of AWS & 3rd party resources in the cloud marketplace and available instantly for ready-to-deploy services.
- Services utilise vendor neutral CI/CD tools and Infrastructure as Code (IaC) automation tools like CloudFormation, Terraform and any appropriate tools to help businesses automate the deployment and management of cloud infrastructure resource.
Details
Sold by
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Ubuntu 22.04
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 5 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
t3.large Recommended | $0.03 |
m5d.large | $0.03 |
m5.xlarge | $0.03 |
m3.xlarge | $0.03 |
t2.large | $0.03 |
m6i.large | $0.03 |
c6a.xlarge | $0.03 |
c5a.xlarge | $0.03 |
t2.medium | $0.03 |
m6a.large | $0.03 |
Vendor refund policy
Take advantage of a complimentary 5-day software stack trial period with subsequent pay-as-you-go charges. Please note that refunds will only be issued in the event of identified stack issues. Kindly note that refunds will not be provided for infrastructure failures, downtimes resulting from misconfiguration, or any other issues pertaining to AWS infrastructure.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
We are excited to release Automated CI/CD Jenkins v3.5.01, featuring enhanced plugins like SonarQube, OWASP ZAP, and Dependency Check for improved code quality and security. This update introduces streamlined Docker Build and AWS ECR/ECS Fargate pipelines for efficient container deployment. With a refreshed user interface and optimized performance delivering builds up to 70% faster, this version also resolves key bugs in SonarQube integration and deployment pipelines, ensuring a more reliable CI/CD experience.
Additional details
Usage instructions
While launching AMI, you need to allow the following ports in the security group (8080,9000,587) for Jenkins,SonarQube and Email respectively. After installing AMI, you can run jenkins on http://<public_ip>:8080 with username: admin and password: dc05e43dcb6340d3add94e1d2c01d020. You can create your own pipeline and integrate the pipeline with our pre-build SonarQube and OWASP.
A pre-configured pipeline is available in jenkins dashboard which will test your code regardless of any language, further build docker image and push into ECR repo. Additionally, with an extra template pipeline we have extended the requirements to deploy your application stack residing in ECR to AWS ECS Fargate for continuous deployment and the same deployed stack can be used in the production environment.
To use these pre-configure pipelines, Refer our user manual for Automated CICD Jenkins with pre-built SonarQube and OWASP in step by step methods https://www.yobitel.com/single-post/automated-cicd-jenkins-with-pre-build-sonarqube-and-owaspÂ
Please contact Yobitel customer support incase if you required further assistance. Email: support@yobitel.comÂ
Resources
Vendor resources
Support
Vendor support
We, Yobitel - Cloud-Native Application Stack and Cloud Consulting Services company offer Free Training, Post Migration & Go-Live support, and Enhanced care support with AWS Chime 24/7 support to ensure a smooth transition. Our team of experts is well-versed in AWS Managed Cloud Services and provides businesses with the necessary guidance and support to ensure a successful transition to the cloud.
Learning Resources: Yobitel - Cloud Native Service Provider Resource URL:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
An AWS Security Competency Partner, Drata is a GRC automation solution that allows companies to continuously monitor security and compliance controls, automatically collect evidence needed for an audit, and manage and remediate risk. Drata streamlines common compliance frameworks like SOC 2, ISO 27001, GDPR, and more and allows you to share your real-time compliance posture with prospects and customers to build trust and accelerate growth.
Scrut Automation
By Scrut Automation
Scrut Automation is an automated GRC platform designed to save time, effort, and resources by natively integrating with tools like AWS to automate evidence collection, continuously monitor controls, run daily tests, detect risks, and provide actionable remediation guidance. With out-of the box support for 50+ industry standard frameworks, Scrut helps organizations easily automate key compliance workflows and stay audit-ready at all times.
Ignition Cloud Edition
By Inductive Automation
Ignition Cloud Edition makes it easy to add the power of the cloud to your Ignition on-premise installations. Extend your enterprise operations, leverage elastic architectures that instantly scale up or down, and securely host and deploy solutions on the world's most trusted cloud platforms. All on a pay-as-you-go plan.
Agentic Process Automation System (Now Certified for WorkSpaces)
By Automation Anywhere, Inc.
Automation Anywhere transacts solely through Private Offer, so please contact us at aws.aaimarketplace@automationanywhere.com The pricing below is a sample solution only.
Automation Anywhere is a leader in Agentic AI-powered process automation that puts AI to work across organizations. The company's platform is powered with specialized AI, generative AI and offers process discovery, RPA, end-to-end process orchestration, document processing, and analytics, with a security and governance-first approach. Automation Anywhere empowers organizations worldwide to unleash productivity gains, drive innovation, improve customer service and accelerate business growth.
Deployment Options:
1) Software as a service (SaaS) automation application that is centrally hosted and uniformly managed by AAI
2) Self Managed
3) Now certified for AWS WorkSpaces (recommended by vendor)
Automation Anywhere supports qualified nonprofits through a special nonprofit discounted package via Private Offer.
Use powerful AWS-native automation and deep API integrations to accelerate your AWS Well-Architected Framework and Foundational Technical Reviews in <1 hour, remediate HRIs safely and achieve real-time, continuous compliance.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.