Scribd
Upload
162 views12 pages

Mini-Project-DevOps-and-Deployment

Uploaded by

panibep591
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
162 views12 pages

Mini-Project-DevOps-and-Deployment

Uploaded by

panibep591
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

Mini Project DevOps and Deployment

Prepared by:
Mahmoud Hedi Nefzi , Sandra Mourali , Omar Besbes

Project Repository

About our project :


Our project consists of an express js app that is version managed on github, built with
docker, and has ci/cd integrations with github actions, sonarqube, docker and argocd.

Part 1: DevOps
Introduction
The aim of this mini-project was to design and implement a fully automated CI/CD
pipeline adhering to DevOps best practices. The pipeline integrates multiple tools and
techniques to ensure seamless application development, testing, and deployment while
maintaining high security and code quality standards.

Objectives
1. Automate the building, testing, and deployment process for an Express.js
application.
2. Integrate vulnerability scanning tools to identify security flaws early in the
pipeline.
3. Use SonarQube to ensure the code meets high-quality standards and detect
critical issues.
4. Leverage Docker to containerize the application and push the resulting images to
Docker Hub.
5. Deploy the application using a GitOps approach, with ArgoCD managing
Kubernetes cluster configurations.

Key Tools and Technologies


CI/CD Automation: GitHub Actions
Code Quality Analysis: SonarQube
Security Scanning: Trivy
Containerization: Docker
Deployment Orchestration: Kubernetes and ArgoCD
Version Control: GitHub

Pipeline Workflow
The CI/CD pipeline was designed to run automatically on every push to the main
branch, ensuring continuous integration and delivery. The following are the key steps
implemented in the pipeline:

1. Kubernetes Configuration Validation


A linter checks and validates the syntax of the Kubernetes YAML
configuration files.
2. Dockerfile Linting
A linter verifies that Dockerfiles follow best practices, ensuring they are
optimized and error-free.
3. Vulnerability Scanning
The Trivy tool scans the codebase and the built Docker image to detect and
report security vulnerabilities. The pipeline is configured to fail if critical
vulnerabilities are found.
4. Code Quality Analysis
SonarQube is integrated into the pipeline to analyze the codebase for
quality metrics and detect potential vulnerabilities. If critical issues are found,
the pipeline halts the process to ensure high standards.
5. Docker Image Build and Push
A Docker image of the application is built after successful completion of all
prior steps. The image is then pushed to Docker Hub for versioning and
reuse.
6. DORA Metrics Tracking
Metrics such as deployment frequency, lead time for changes, and mean
time to recovery (MTTR) are collected to assess the pipeline’s efficiency and
reliability.

Benefits and Best Practices


Automation: Reduces manual intervention, streamlines processes, and
increases productivity.
Security by Design: Integrating vulnerability scans ensures that any risks are
addressed early.
High Code Quality: SonarQube helps enforce strict quality gates for maintainable
and secure code.
Seamless Rollbacks: Using GitOps principles enables easy rollbacks to previous
versions if issues arise.

SonarQube Configurations:

than generate token on sonarqube. save this token.


GITHUB SECRET
on your repo you need add secret variable to use pipelines.
which registry you use need username password to push docker images. we use also
github push for argocd for this stage we need github PAT.

add sonar URL and token for github yaml via secrets too.

Defining the github action:


Overview of the github action in work:
Part 2: Deployment
Introduction to Deployment
Deployment was handled using a GitOps approach, which emphasizes using Git as
the single source of truth for all deployment configurations. This ensured a robust,
traceable, and automated deployment process with minimal manual intervention.

Solution Architecture
The deployment process involves:

Storing all Kubernetes configurations in a GitHub repository.


Using ArgoCD to sync these configurations with a Kubernetes cluster
automatically.
Automating deployments directly from GitHub through GitHub Actions.

Deployment Workflow
1. ArgoCD Configuration
ArgoCD was set up to monitor the GitHub repository containing Kubernetes
manifests.
Any changes to the manifests in GitHub trigger an automatic synchronization
with the Kubernetes cluster.
2. Continuous Deployment
After each push to the main branch, the pipeline ensures:
Validation of Kubernetes configurations.
Deployment of the latest Docker image to the Kubernetes cluster.
3. Rollback Mechanism
Using GitOps principles, ArgoCD allows seamless rollbacks by reverting to a
previous commit in the Git repository. This ensures stability in case of
deployment failures.
4. Monitoring and Alerts
The system was configured to monitor deployments and send alerts for
failures or performance issues.

GITHUB RUNNER
github repository -> settings -> actions -> runners -> self-hosted runners -> add
runner

mkdir actions-runner && cd actions-runner


curl -o actions-runner-linux-x64-2.308.0.tar.gz -L
https://github.com/actions/runner/releases/download/v2.308.0/actions-
runner-linux-x64-2.308.0.tar.gz
tar xzf ./actions-runner-linux-x64-2.308.0.tar.gz
./config.sh --url https://github.com/your-username/your-repo --token
YOUR_REGISTRATION_TOKEN
sudo ./svc.sh install
sudo ./svc.sh start

KUBERNETES
We created kubernetes cluster, KinD on same machine with github-runner and
sonarqube. by this way runner can reach kubernetes cluster locally. y
This script should install docker and create kind kubernetes.

curl https://raw.githubusercontent.com/alperen-selcuk/kind-
install/main/kind.sh | bash -

After installation you can see KinD cluster IP local and port different. because of docker
network
ARGOCD
We installed argocd on our kubernetes cluster via a simple yaml file. crd and argocd

kubectl apply -k https://github.com/argoproj/argo-cd/manifests/crds\?


ref\=stable
kubectl create namespace argocd
kubectl apply -n argocd -f
https://raw.githubusercontent.com/argoproj/argo-
cd/stable/manifests/install.yaml
kubectl patch svc argocd-server -n argocd -p '{"spec": {"type":
"NodePort"}}'

The password on secret

kubectl -n argocd get secret argocd-initial-admin-secret -o


jsonpath='{.data.password}' | base64 -d
Automated Deployment: The application is deployed automatically upon
successful pipeline execution.
GitOps Best Practices: Deployment processes are version-controlled, auditable,
and reproducible.
High Availability: Kubernetes ensures the application remains highly available,
even during updates.
Easy Rollbacks: Deployments can be reverted quickly and efficiently, minimizing
downtime.

Conclusion
This mini-project demonstrates the implementation of a CI/CD pipeline and deployment
process following industry-standard DevOps practices. It highlights the effective use of
tools like GitHub Actions, Docker, SonarQube, Trivy, and ArgoCD to achieve
automation, security, and scalability.

The project not only ensures efficient and secure application delivery but also provides
a robust framework for future scalability and optimization. As students, this experience
has given us valuable insights into real-world DevOps challenges and solutions.

You might also like