This project demonstrates a complete DevSecOps pipeline built with a focus on security, automation, and observability. It includes continuous integration, security scanning, containerization, deployment to AWS, and full monitoring of both the application and the CI/CD pipeline.
- ✅ CI/CD Pipeline: Implemented using Jenkins
- 🐳 Containerization: Docker used for building and packaging the application
- 🔐 Security Integration:
- SonarQube – Static code analysis and code quality checks
- OWASP Dependency-Check – Detect vulnerable dependencies
- Trivy – Vulnerability scanning of file systems and container images
- ☁️ Deployment: Application and Jenkins hosted on AWS EC2
- 📈 Monitoring:
- Prometheus – Collects metrics from the application and Jenkins
- Grafana – Visualizes system and pipeline metrics for real-time insights
- Code Push to Git
- Jenkins Triggers Pipeline
- Code Quality Checks (SonarQube)
- Dependency Scanning (OWASP)
- File System and Image Scans (Trivy)
- Docker Build & Push
- Deployment to AWS EC2
- Prometheus + Grafana Monitoring
- Prometheus scrapes metrics from:
- Application endpoints
- Jenkins server
- Grafana displays:
- Application health metrics
- CI/CD pipeline metrics (build time, failures, etc.)
- Docker & Docker Compose
- Jenkins installed
- AWS EC2 instance with ports open for:
- Jenkins (8080)
- SonarQube (9000)
- Prometheus (9090)
- Grafana (3000)
- Git & basic shell scripting knowledge