Welcome to our GitHub organization! This organization hosts repositories for our project titled Implementing a DevSecOps Model for a High Availability CI/CD System in a Microservices Environment. In the next section, you'll find an overview of each repository and its purpose.

Our organization aims to implement a streamlined DevSecOps workflow for high availability and efficiency. Below are the diagrams that illustrate the core processes:

This module automates the setup of cloud resources and server configurations, ensuring a reproducible and scalable environment.

The CI/CD pipeline automates the build, test, security scanning, and deployment process, ensuring rapid and reliable software delivery.

Our application is deployed on Amazon EKS for scalability and high availability.

Our DevSecOps implementation is built around three main workflows:

• Automates infrastructure provisioning using Terraform.
• Implements configuration management with Ansible.
• Uses Checkov for security scanning of infrastructure-as-code.

• Developers commit code to GitHub repositories.
• CI pipeline is automatically triggered upon commit.
• Security scanning:
  • Snyk scans dependencies for vulnerabilities.
  • SonarQube checks code quality and security issues.
• If checks pass, the container image is built and pushed to Harbor Registry.
• Trivy scans the container images for vulnerabilities and reports results.
• FluxCD monitors changes and automatically deploys updates to Kubernetes.
• Manages secrets securely via HashiCorp Vault.

• Applications are deployed on Amazon EKS (Elastic Kubernetes Service).
• Prometheus collects real-time performance metrics.
• Grafana visualizes monitoring data for system insights.
• Loki aggregates logs for debugging and auditing.
• Alerting system via Telegram notifies engineers of anomalies.
• MinIO stores historical logs for long-term analysis.

These repositories contain the source code for the microservices that make up the Class Management application:

1. class-management-FE: Frontend application for the class management system.

2. class-management-auth-service: Authentication service.

3. class-management-student-service: Handles operations related to student management.

4. class-management-lecturer-service: Handles operations related to lecturer management.

5. class-management-class-service: Handles operations related to class management.

These repositories manage the infrastructure and deployment of the application:

👉 terraform-hub

• Description: Contains Terraform scripts for infrastructure provisioning.
• Technologies: Terraform.
• Purpose: Automates the provisioning of cloud resources, including VPCs, subnets, EC2 instances, Amazon EKS, and other AWS services.

👉 ansible-hub

• Description: Houses Ansible playbooks for configuration management.
• Technologies: Ansible.
• Purpose: Automates the configuration of servers, including software installations and environment setups.

👉 kubernetes-hub

• Description: Contains Kubernetes manifests for deploying microservices.
• Technologies: Kubernetes, Helm.
• Purpose: Manages the deployment and scaling of microservices in the Kubernetes cluster.

Report document can be found here.

Below are the official documentation links for the key technologies used in this project:

• Terraform

• Ansible

• Docker

• Kubernetes

• GitHub Actions

• FluxCD

• Checkov

• Snyk

• SonarQube

• Trivy

• HashiCorp Vault

• Harbor Registry

• Prometheus

• Grafana

• Loki

For any questions or issues, please reach out to the team through the repository's Issues section or contact the organization administrators directly.