This robust pipeline covers everything from code checkout to deployment, ensuring our applications are built, tested, and deployed seamlessly.
Hereโs a quick rundown of the stages:
๐๐ถ๐ ๐๐ต๐ฒ๐ฐ๐ธ๐ผ๐๐ - Fetching the latest code.
๐๐ป๐๐๐ฎ๐น๐น ๐๐ฒ๐ฝ๐ฒ๐ป๐ฑ๐ฒ๐ป๐ฐ๐ถ๐ฒ๐ - Setting up the build environment.
๐ฅ๐๐ป ๐ง๐ฒ๐๐ ๐๐ฎ๐๐ฒ๐ - Ensuring code quality.
๐ฆ๐ผ๐ป๐ฎ๐ฟ ๐๐ป๐ฎ๐น๐๐๐ถ๐ - Code quality checks.
๐ง๐ฟ๐ถ๐๐ ๐๐ฆ ๐ฆ๐ฐ๐ฎ๐ป - Security scanning for dependencies.
๐๐๐ถ๐น๐ฑ ๐๐ฝ๐ฝ๐น๐ถ๐ฐ๐ฎ๐๐ถ๐ผ๐ป - Compiling the application.
๐๐๐ถ๐น๐ฑ & ๐ง๐ฎ๐ด ๐๐ผ๐ฐ๐ธ๐ฒ๐ฟ ๐๐บ๐ฎ๐ด๐ฒ - Dockerizing the application.
๐ฆ๐ฐ๐ฎ๐ป ๐๐ผ๐ฐ๐ธ๐ฒ๐ฟ ๐๐บ๐ฎ๐ด๐ฒ ๐จ๐๐ถ๐ป๐ด ๐ง๐ฟ๐ถ๐๐ - Ensuring image security.
๐ฃ๐๐๐ต ๐๐ผ๐ฐ๐ธ๐ฒ๐ฟ ๐๐บ๐ฎ๐ด๐ฒ - Uploading to Docker registry.
๐๐ฒ๐ฝ๐น๐ผ๐ ๐๐ฝ๐ฝ๐น๐ถ๐ฐ๐ฎ๐๐ถ๐ผ๐ป ๐๐ผ ๐๐๐ฏ๐ฒ๐ฟ๐ป๐ฒ๐๐ฒ๐ using ARGO CD operator - Orchestrating deployment.
Once a user commit the code chages to github, webhook trigger the jenkins pipeline, it is breaks into various stages like
Checkout -> checkout from git repo
Code Build -> clean and build the code
Code Scan -> Sonaqube analysis , code quality check and valnurability
Test -> Check test cases
File System Scan -> Trivy Scan , check full filesystem vulnurability
Build Image
Scan imgge using trivy for security reason
Upload image in repository
deploy it in k8s cluster using ArgoCD operator.
Why use ArgoCD operator :
there are several reason ,
Security
Github is a single source of truth i.e if any malicious user changes the deploment file manually , it will not update the state, it says the someone change want to changes the file but dont worry, it will remin same, the main thing is it will check actual state and desired state equal or not.
Not required any extra configuration in pipeline.
github : https://github.com/soumen321/Devsecops-Project1.git