In this project, I worked on a Netflix streaming clone using various DevSecOps practices. The goal was to build, secure, and monitor the application while setting up a continuous integration and continuous delivery (CI/CD) pipeline using Jenkins. I focused heavily on automation and integrating security checks throughout the process.
- Jenkins: CI/CD automation
- Docker: Containerization of the application
- Kubernetes: Orchestration and deployment
- Amazon EKS: Managed Kubernetes service for deployment
- SonarQube: Static code analysis for security checks
- Trivy: Security vulnerability scanning
- Prometheus & Grafana: Monitoring and alerting
- ArgoCD: GitOps for continuous delivery
- Helm: Kubernetes package manager
These tools enabled me to build a fully automated pipeline that ensures security is built into every step, from development to deployment.
The complete workflow and all the stacks tools involved.
First, I provisioned an EC2 instance on AWS running Ubuntu 22.04. Once connected via SSH, I cloned the application code from my GitHub repository. After that, I installed Docker and used it to containerize the Netflix app.
The image is automatically pushed to DockerHub after building the application.
Security was a crucial aspect of the project, so I set up SonarQube and Trivy to scan the code and Docker images for vulnerabilities. SonarQube was integrated into my Jenkins pipeline to check code quality and security issues.
SonarQube confirms that the code passed all quality gates.
Jenkins played a central role in automating the deployment process. I set up a Jenkins pipeline that included multiple stages, including code checkout, quality gate validation, and vulnerability scanning.
Jenkins CI/CD pipeline automatically triggers deployments.
To keep the app monitored, I installed Prometheus and Grafana. Prometheus scrapes metrics from my Kubernetes nodes and monitors the system’s health. Grafana visualizes these metrics for easy monitoring.
Prometheus is scraping metrics from Kubernetes.
Grafana visualizes CPU and memory usage metrics from Kubernetes nodes.
I deployed the app using Kubernetes on AWS EKS (Elastic Kubernetes Service). I also integrated ArgoCD for continuous delivery, which synced my GitHub repository with the Kubernetes cluster.
AWS EKS cluster running the Netflix app.
ArgoCD synchronizing changes from GitHub to the Kubernetes cluster.
Once the deployment was complete, the Netflix streaming clone was fully functional and accessible.
Netflix clone app user interface, streaming "Beetlejuice".
This project gave me hands-on experience with a wide variety of DevSecOps tools and technologies such as Jenkins, SonarQube, Trivy, Prometheus, Grafana, Docker, Kubernetes, and ArgoCD. The emphasis was not just on getting the Netflix clone app up and running but ensuring it was secure and properly monitored.
Check out the full video walkthrough of this project on YouTube:
The image is automatically pushed to DockerHub after building the application.