DevSecOps End to End CICD Project
π Building an End-to-End DevSecOps CI/CD Pipeline | SonarQube + OWASP + Trivy + Docker + Jenkins
successfully implemented a comprehensive CI/CD pipeline for Wanderlust, a travel blogging application, demonstrating modern DevOps practices that ensure code quality, security, and seamless deployment. Here's how I transformed the development workflow from manual processes to fully automated pipeline.
What is DevSecOps ?
DevSecOps is a software development approach that integrates security practices directly into the DevOps process. DevSecOps means building security into every step of software development, instead of adding it later. It brings together Development, Security, and Operations so everyone shares responsibility for keeping things safe from start to finish.
πΉ Tech Stack : -
Version Control: GitHub
CI/CD: Jenkins
Security Tools:
SonarQube β Code Quality & Security Hotspot analysis
Trivy β Container & dependency vulnerability scanning
OWASP Dependency-Check β Dependency vulnerabilities
Containerization: Docker
AWS :-
Setting up Jenkins :-
Install Jenkins
sudo apt update -y sudo apt install fontconfig openjdk-17-jre -y
sudo wget -O /usr/share/keyrings/jenkins-keyring.asc
https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key
echo "deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc]"
https://pkg.jenkins.io/debian-stable binary/ | sudo tee
/etc/apt/sources.list.d/jenkins.list > /dev/null
sudo apt-get update -y sudo apt-get install jenkins -y
Setting up SonarQube Server :-
docker run -itd --name SonarQube-Server -p 9000:9000 sonarqube:lts-community
Creating Declarative Pipeline
Install Trivy :-
sudo apt-get install wget apt-transport-https gnupg lsb-release -y wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add - echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list sudo apt-get update -y sudo apt-get install trivy -y
Creating Declarative Pipeline :-
Output :-
