Skip to content

Kubes1598/devsecops-pipeline

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
k8s
k8s
 
 
monitoring
monitoring
 
 
Dockerfile
Dockerfile
 
 
Jenkinsfile
Jenkinsfile
 
 
README.md
README.md
 
 
docker-compose.infra.yml
docker-compose.infra.yml
 
 

Repository files navigation

End-to-End DevSecOps Pipeline

A complete CI/CD pipeline with security gates and day-one observability — build, SAST, container security scan, deploy to Kubernetes, Prometheus + Grafana monitoring.

Pipeline Stages

Checkout → Build → SAST (SonarQube) → Docker Build → Trivy Scan → Push → Deploy (K8s) → Smoke Test

Security gates are hard failures — CRITICAL CVEs and SonarQube quality gate failures block the pipeline.

Quick Start

# Start SonarQube + supporting infra
docker compose -f docker-compose.infra.yml up -d

# Configure Jenkins with the Jenkinsfile
# Point it at this repo

Stack

Jenkins · SonarQube · Trivy · Docker · Kubernetes · Prometheus · Grafana

Results

Metric Value
Pipeline stages 8
Security gates SonarQube + Trivy
CRITICAL CVE policy Hard fail
Commit to monitored deploy < 12 minutes

About

DevOps — end-to-end CI/CD pipeline with SonarQube, Trivy, Kubernetes deploy, and Prometheus monitoring

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages