diff --git a/Jenkinsfile b/Jenkinsfile
new file mode 100644
index 00000000000..c0a95979271
--- /dev/null
+++ b/Jenkinsfile
@@ -0,0 +1,62 @@
+pipeline {
+  agent any
+
+  stages {
+    stage('Checkout') {
+      steps {
+        git branch: 'main', url: 'https://github.com/greenboy106/8.2CDevSecOps.git'
+      }
+    }
+
+    stage('Install Dependencies') {
+      steps {
+        sh 'npm install'
+      }
+    }
+
+    stage('Run Tests') {
+      steps {
+        sh 'npm test || true'
+      }
+    }
+
+    stage('Generate Coverage Report') {
+      steps {
+        sh 'npm run coverage || true'
+      }
+    }
+
+    stage('NPM Audit (Security Scan)') {
+      steps {
+        sh 'npm audit || true'
+      }
+    }
+  }
+
+  post {
+    always {
+      script {
+        try {
+          emailext(
+            subject: "Jenkins Build - ${env.JOB_NAME} #${env.BUILD_NUMBER}",
+            body: """
+            Hello,
+
+            Jenkins has completed a build for the project: ${env.JOB_NAME}
+            Result: ${currentBuild.currentResult}
+
+            You can view the full console output here:
+            ${env.BUILD_URL}console
+
+            Regards,
+            Jenkins Server
+            """,
+            to: "giabao157248@gmail.com"
+          )
+        } catch (e) {
+          echo "Failed to send email: ${e.message}"
+        }
+      }
+    }
+  }
+}
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 00000000000..d38c974f64f
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,11 @@
+sonar.projectKey=ee115110b80c114a6ebc7d66b5df433b24b0e57c
+sonar.organization=greenboy106
+sonar.host.url=https://sonarcloud.io
+sonar.login=${SONAR_TOKEN}
+
+sonar.sources=.
+sonar.exclusions=node_modules/**,test/**
+sonar.javascript.lcov.reportPaths=coverage/lcov.info
+
+sonar.projectName=NodeJS Goof Vulnerable App
+sonar.sourceEncoding=UTF-8