Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
17 views15 pages

DevOps Project Report

The DevOps Project Report outlines the creation of a CI/CD pipeline using AWS CodePipeline and Terraform, automating deployment workflows and infrastructure provisioning. It also details the integration of DevSecOps practices using GitHub Actions, incorporating security scanning tools and secret management with Sealed Secrets. The project aims to establish a reliable and scalable DevSecOps pipeline, enhancing code validation and secure deployment processes.

Uploaded by

goraisneha191
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
17 views15 pages

DevOps Project Report

The DevOps Project Report outlines the creation of a CI/CD pipeline using AWS CodePipeline and Terraform, automating deployment workflows and infrastructure provisioning. It also details the integration of DevSecOps practices using GitHub Actions, incorporating security scanning tools and secret management with Sealed Secrets. The project aims to establish a reliable and scalable DevSecOps pipeline, enhancing code validation and secure deployment processes.

Uploaded by

goraisneha191
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 15

DevOps Project Report

Task 1: AWS CodePipeline Using Terraform


Build a complete CI/CD pipeline using AWS services and Terraform, with proper
validation through Terratest. The goal is to automate deployment workflows and
infrastructure provisioning, ensuring repeatability and reliability across
environments.

Overview of Pipeline Flow


1. Source Stage: GitHub repo triggers the pipeline.
2. Build Stage: AWS CodeBuild compiles and tests the code.
3. Deploy Stage: EC2 instance receives and runs the deployed application.
4. Validation: Terratest tests the pipeline setup and infrastructure
correctness.
This setup allows seamless automation—from commit to deployment—without
manual intervention

1.CREATING CONNECTION :
2.installing GO :

3 . Defined Terraform configuration files: `main.tf`, `provider.tf`,


`variables.tf`, and `outputs.tf`.
Simplified Structure to Overview

C odepipeline-via-terraform/
 ├── terraform/
 │ ├── main.tf
 │ ├── iam.tf
 │ ├── variables.tf
 │ ├── terraform.tfvars
 │ ├── outputs.tf
 ├── app/
 │ ├── index.html
 │ └── scripts/
 │ ├── restart_apache.sh
 │ └── start_server.sh
 ├── .github/workflows/
 │ └── trigger-pipeline.yml
 ├── test/
 │ └── pipeline_test.go
 ├── appspec.yml
 └── .gitignore

SYSTEM ARCHITECTURAL DIAGRAM


Configured the Terraform files to define:
- Source Stage connected to GitHub repository
- Build stage using AWS CodeBuild
- Deploy stage using AWS CodeDeploy
- S3 bucket for storing artifacts
- IAM roles and policies for CodeBuild, CodePipeline, and EC2

MY GITHUB REPOSITORY LINK TO ACCESS:

.. GitHub - SuchitaPradhan/Codepipeline-via-terraform
Completing End-to-End CI/CD Pipeline Automation with
Terraform
app/index.html
Glossary of Key Terms

Term Meaning

CI/CD Continuous Integration/Delivery –


automatic code testing and
deployment

Terraform IaC tool for declaratively


provisioning cloud infrastructure

CodePipeline AWS CI/CD tool to manage and


automate release workflows

EC2 Virtual server hosting your deployed


web application

Terratest Go-based tool for testing Terraform


infrastructure
Task 2: DevSecOps Integration using GitHub

Actions and Sealed Secrets

Objective
Automate a secure CI/CD workflow using GitHub Actions by

integrating security scanning tools and managing secrets safely

with Sealed Secrets before deploying workloads to Kubernetes.

Workflow Overview

Step Action Description

1
1️⃣ Code Push Whenever code is pushed to the repo, the workflow is
triggered

2️⃣ Security Run security checks using tfsec (for Terraform) and Trivy
Scan (for Docker images)

3️⃣ Secrets Use Bitnami’s Sealed Secrets to safely encrypt and apply
Handling secrets

4️⃣ Deployment Deploy workloads to Kubernetes or update infrastructure


via Terraform
Creates a Docker image from your app's source code and a Dockerfile

docker build -t flask-app:latest .


my git repository link :GitHub - SuchitaPradhan/Terraform-k8s-DevSecOps
Simplified Structure to Overview
Terraform-k8s-DevSecOps/

 ├── app.py # Python application entry point (likely the main app logic)
 ├── Dockerfile # Docker build instructions for containerizing the app
 ├── requirements.txt # Python dependencies for the app
 ├── README.md # Project documentation
 │
 ├── k8s/ # Kubernetes manifests for deploying the app
 │ ├── deployments/
 │ │ └── app-deployment.yaml # Deployment resource for the app
 │ ├── services/
 │ │ └── app-service.yaml # Service resource for exposing the app
 │ └── sealed-secrets/
 │ ├── mysealedsecret.yaml # Encrypted secret for secure config
 │ └── README.txt # Info about sealed secrets usage
 │
 └── terraform/ # Terraform IaC for provisioning infrastructure
 ├── main.tf # Main Terraform configuration
 └── versions.tf # Terraform provider and version constraints

SYSTEM ARCHITECTURAL DIAGRAM


Through this project, I successfully built and integrated a complete DevOps and
DevSecOps pipeline using widely adopted industry tools.

 Task 1 focused on infrastructure automation using Terraform to provision a robust AWS


CodePipeline setup. This pipeline seamlessly handled source retrieval, build execution,
and application deployment across GitHub, CodeBuild, and CodeDeploy.

 Task 2 extended the pipeline into the realm of DevSecOps by implementing CI/CD
automation via GitHub Actions. I integrated tfsec for Terraform security scanning, Trivy
for Docker image vulnerability checks, and managed sensitive data securely using
Bitnami Sealed Secrets. The workflow is designed to trigger on every code push, ensuring
continuous code validation, secure secret handling, and deployment to Kubernetes.

This end-to-end implementation provided hands-on experience in automating


infrastructure, embedding security checks early in the delivery lifecycle, and
managing secrets effectively—resulting in a reliable and scalable DevSecOps pipeline
that reflects best practices in modern cloud workflows.

I hope these tasks contribute a lot in building a strong fundamental for Coud-

Computing integrated programs and diving into Devops.

Implemented and submitted by: Suchita Pradhan


sic : 23bcsg93
e-mail: [email protected]
contact: 8455088717

You might also like