How to Build a Full CI/CD Pipeline with GitLab, Jenkins, SonarQube, and Tomcat

1. CI/CD Environment Overview

The pipeline runs on three CentOS 7.6 servers:

GitLab (192.168.220.170) – GitLab CE 12.4.2, 2 CPU, 2 GB RAM

Jenkins (192.168.220.172) – Jenkins 2.364, Maven 3.8.6, SonarQube 7.9.6, JDK 11, Git 1.8.3.1, 2 CPU, 2 GB RAM

Tomcat (192.168.220.173) – Tomcat 8.5.82, JDK 1.8.0_342, 2 CPU, 2 GB RAM

Developers push code to GitLab; Jenkins automatically pulls, builds, scans, packages, and deploys to Tomcat.

2. GitLab Installation

yum -y install policycoreutils openssh-server openssh-clients postfix
systemctl enable sshd && systemctl start sshd
systemctl enable postfix && systemctl start postfix
firewall-cmd --add-service=ssh --permanent
firewall-cmd --add-service=http --permanent
firewall-cmd --reload
wget https://mirrors.tuna.tsinghua.edu.cn/gitlab-ce/yum/el6/gitlab-ce-12.4.2-ce.0.el6.x86_64.rpm
rpm -i gitlab-ce-12.4.2-ce.0.el6.x86_64.rpm
vi /etc/gitlab/gitlab.rb   # set external_url 'http://192.168.220.170:82' and nginx['listen_port']=82
gitlab-ctl reconfigure
gitlab-ctl restart
firewall-cmd --zone=public --add-port=82/tcp --permanent
firewall-cmd --reload

After installation, create a group (e.g., itheima_group), a user (e.g., zhangsan), and a project hello-demo. Repository URLs:

http://192.168.220.170:82/itheima_group/hello-demo.git

[email protected]:itheima_group/hello-demo.git

3. Jenkins Installation and Configuration

yum install -y java-11-openjdk*
wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat/jenkins.repo --no-check-certificate
rpm --import https://pkg.jenkins.io/redhat/jenkins.io.key
yum install jenkins
systemctl start jenkins
cat /var/lib/jenkins/secrets/initialAdminPassword   # obtain admin password
# Skip default plugin install (slow from official site)
# Replace update site with Tsinghua mirror
sed -i 's|https://updates.jenkins.io/download|https://mirrors.tuna.tsinghua.edu.cn/jenkins|g' default.json
sed -i 's|https://www.google.com|https://www.baidu.com|g' default.json
# In Jenkins UI, set Update Site URL to https://mirrors.tuna.tsinghua.edu.cn/jenkins/updates/update-center.json

Install required plugins: Pipeline, GitLab, SSH Server, Credentials Binding, Git, Deploy to container.

Add GitLab credentials (username/password or SSH key) in Jenkins' Credentials store.

4. Tomcat Deployment

yum install -y java-1.8.0-openjdk*
# Upload Apache Tomcat 8.5.82 tarball to the server
tar -xzf apache-tomcat-8.5.82.tar.gz
mkdir -p /opt/tomcat
mv apache-tomcat-8.5.82/* /opt/tomcat/
/opt/tomcat/bin/startup.sh

Tomcat is reachable at http://192.168.66.102:8080 (firewall disabled for testing).

5. Integrating Jenkins with Maven, SonarQube, and Tomcat

Maven installation

tar -xzf apache-maven-3.6.2-bin.tar.gz
mkdir -p /opt/maven
mv apache-maven-3.6.2/* /opt/maven/

Set environment variables:

export JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk
export MAVEN_HOME=/opt/maven
export PATH=$PATH:$JAVA_HOME/bin:$MAVEN_HOME/bin

Configure Jenkins global tools to point to the JDK and Maven installations.

Install the Deploy to container plugin and add Tomcat credentials (username/password) in Jenkins.

Configure the Jenkins job:

Source Code Management → Git → repository URL (GitLab)

Build → Invoke Maven → goals clean package Post‑build Actions → SonarQube Scanner (optional)

Post‑build Actions → Deploy war/ear to Tomcat (using the credentials added above)

6. Running the Pipeline

Click “Build Now” in Jenkins. The job automatically:

Pulls the latest code from GitLab using the stored credentials.

Executes Maven to compile, run tests, and package a WAR file.

Runs SonarQube analysis and publishes the results.

Deploys the generated WAR to the Tomcat server.

Successful builds show the WAR file on the Tomcat host and the application is accessible via the Tomcat URL.

All steps together provide a fully automated CI/CD workflow for a Java web project.