{"id":27137096,"url":"https://github.com/aymanek24/devsecops_netflix_monitoring-alerting","last_synced_at":"2026-04-10T03:00:45.841Z","repository":{"id":286488721,"uuid":"961554109","full_name":"AymaneK24/DevSecOps_Netflix_Monitoring-Alerting","owner":"AymaneK24","description":"This DevSecOps Project integrates security into the software development lifecycle, automating security measures like vulnerability scanning and compliance checks. It emphasizes secure software delivery through DevOps practices and collaboration between development, security, and operations teams, ensuring continuous monitoring and testin.","archived":false,"fork":false,"pushed_at":"2025-04-07T23:02:08.000Z","size":5953,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-10T00:17:22.142Z","etag":null,"topics":["aws","aws-ec2","cloud","dependecy-check","devops","docker","docker-container","github","grafana","npm-install","prometheus","prometheus-exporter","sonarqube","sonarqube-quality-gates","trigger-events","trivy"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/AymaneK24.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-04-06T18:47:15.000Z","updated_at":"2025-04-08T23:15:10.000Z","dependencies_parsed_at":"2025-04-10T00:16:49.456Z","dependency_job_id":null,"html_url":"https://github.com/AymaneK24/DevSecOps_Netflix_Monitoring-Alerting","commit_stats":null,"previous_names":["aymanek24/devsecops_netflix_monitoring-alerting"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/AymaneK24/DevSecOps_Netflix_Monitoring-Alerting","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AymaneK24%2FDevSecOps_Netflix_Monitoring-Alerting","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AymaneK24%2FDevSecOps_Netflix_Monitoring-Alerting/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AymaneK24%2FDevSecOps_Netflix_Monitoring-Alerting/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AymaneK24%2FDevSecOps_Netflix_Monitoring-Alerting/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/AymaneK24","download_url":"https://codeload.github.com/AymaneK24/DevSecOps_Netflix_Monitoring-Alerting/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/AymaneK24%2FDevSecOps_Netflix_Monitoring-Alerting/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266694573,"owners_count":23969795,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-23T02:00:09.312Z","response_time":66,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-ec2","cloud","dependecy-check","devops","docker","docker-container","github","grafana","npm-install","prometheus","prometheus-exporter","sonarqube","sonarqube-quality-gates","trigger-events","trivy"],"created_at":"2025-04-08T03:46:16.183Z","updated_at":"2026-04-10T03:00:40.795Z","avatar_url":"https://github.com/AymaneK24.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\u003cimg src=\"./public/assets/netflix-logo.png\" alt=\"Logo\" width=\"100\" height=\"32\"\u003e\n\u003c/div\u003e\n\n\n\u003cbr /\u003e\n\u003cdiv align=\"center\"\u003e\n \u003cimg src=\"./public/assets/last1.png\" alt=\"Logo\" width=\"100%\" height=\"100%\" /\u003e\n\u003c/div\u003e\n\n\u003c/br\u003e\n\n\u003cdiv align=\"center\"\u003e\n \u003cimg src=\"./public/assets/home-page.png\" alt=\"Logo\" width=\"100%\" height=\"100%\" /\u003e\n\u003c/div\u003e\n\n# Deploying Netflix Clone on Cloud using Jenkins - DevSecOps Project\n\n---\n\n I Used two EC2 Instances T2Large and T2Meduime in this project, and i installed tools on theme like Jenkins, Grafana, Docker, SonarQube, Prometheuse and Trivy, you can always go the proffessional website of any tool and then read the guides and install \n NB : the OS environnement is Ubuntu 22.02 .\n\n\n## Phase 1: Initial Setup and Deployment - The Dev Step\n\n### Launch EC2 (Ubuntu 22.04) t2.Large\n\n- Provision an EC2 instance on AWS.\n- Allocate Elastic IPv4 for this instance and attach it to it\n- Connect via SSH or via the aws console.\n\n### Clone the Code\nfrom : \n```bash\ngit clone https://github.com/Aj7Ay/Netflix-clone.git\n```\n### Install Docker \u0026 Run the App\n\n```bash\nsudo apt-get install docker.io -y\nsudo usermod -aG docker $USER\nnewgrp docker\nsudo chmod 777 /var/run/docker.sock\n```\n\n**Build and run:**\n\n\n```bash\ndocker build -t netflix .\ndocker run -d --name netflix -p 8081:80 netflix:latest\n```\n\non the browser do `http://\u003cEC2_PUBLIC_IP\u003e:8081/`\n\nMake sure the security groupe of this instance allows this port from the allocated ipv4 for it, if it didn't work change the browser, else the network you using is blocking the access so you may need a vpn in this case.\n\n\n\n\u003cdiv align=\"center\"\u003e\n \u003cimg src=\"public/assets/neflix1.png\" alt=\"Logo\" width=\"100%\" height=\"100%\" /\u003e\n\u003c/div\u003e\n\n### Get TMDB API Key\n\nCreate an account at [TMDB](https://www.themoviedb.org/), and get your own key\n\n\n```bash\ndocker build --build-arg TMDB_V3_API_KEY=\u003cyour-api-key\u003e -t netflix .\n```\n\n\u003cdiv align=\"center\"\u003e\n \u003cimg src=\"public/assets/netflix2.png\" alt=\"Logo\" width=\"100%\" height=\"100%\" /\u003e\n\u003c/div\u003e\n\n---\n\n## Phase 2: Security\n\n### Install SonarQube\ni'ill chose just running a docker container\n\n```bash\ndocker run -d --name sonar -p 9000:9000 sonarqube:lts-community\n```\nAccess at: `http://\u003cEC2_PUBLIC_IP\u003e:9000` (default credentials: admin / admin)\n\u003cdiv align=\"center\"\u003e\n \u003cimg src=\"public/assets/sonar.png\" alt=\"Logo\" width=\"100%\" height=\"100%\" /\u003e\n\u003c/div\u003e\n\n\n\n### Install Trivy\n\nGo see proffessional website\n\n**Scan image:**\n\n```bash\ntrivy image \u003cimageid\u003e\n```\n\n\u003cdiv align=\"center\"\u003e\n \u003cimg src=\"public/assets/trivy.png\" alt=\"Logo\" width=\"100%\" height=\"100%\" /\u003e\n\u003c/div\u003e\n\n\n\n---\n\n## Phase 3: CI/CD Setup with Jenkins\n\n### Install Jenkins\nGo see proffessional website, just follw the instruction and don't forget java version \u003e=17\n\nAccess Jenkins at: `http://\u003cEC2_PUBLIC_IP\u003e:8080`\n\n---\n\n## Jenkins Plugin Installation\n\ninstall this plugins : \n\n- Eclipse Temurin Installer \n- SonarQube Scanner \n- NodeJs Plugin \n- Email Extension Plugin \n- Docker \n- Docker Commons \n- Docker Pipeline \n- Docker API \n- docker-build-step \n- OWASP Dependency-Check \n\n\n\n## Jenkins Configuration\n\n### Global Tool Configuration\n\n- Install:\n - JDK 17\n - NodeJS 16\n - SonarQube Scanner (e.g. `sonar-scanner`)\n - OWASP Dependency Check (e.g. `DP-Check`)\n\n### Credentials\n\n- Add:\n - SonarQube Token (Secret Text → ID: `Sonar-token`)\n - DockerHub Credentials (Secret Text → ID: `docker`)\n\n\n\n## Jenkinsfile (CI/CD Pipeline)\n\n```groovy\npipeline {\n agent any\n tools {\n jdk 'jdk17'\n nodejs 'node16'\n }\n environment {\n SCANNER_HOME = tool 'sonar-scanner'\n }\n stages {\n stage('Clean Workspace') {\n steps {\n cleanWs()\n }\n }\n stage('Checkout from Git') {\n steps {\n git branch: 'main', url: 'https://github.com/N4si/DevSecOps-Project.git'\n }\n }\n stage(\"Sonarqube Analysis\") {\n steps {\n withSonarQubeEnv('sonar-server') {\n sh '''$SCANNER_HOME/bin/sonar-scanner -Dsonar.projectName=Netflix -Dsonar.projectKey=Netflix'''\n }\n }\n }\n stage(\"Quality Gate\") {\n steps {\n script {\n waitForQualityGate abortPipeline: false, credentialsId: 'Sonar-token'\n }\n }\n }\n stage('Install Dependencies') {\n steps {\n sh \"npm install\"\n }\n }\n stage('OWASP FS SCAN') {\n steps {\n dependencyCheck additionalArguments: '--scan ./ --disableYarnAudit --disableNodeAudit', odcInstallation: 'DP-Check'\n dependencyCheckPublisher pattern: '**/dependency-check-report.xml'\n }\n }\n stage('TRIVY FS SCAN') {\n steps {\n sh \"trivy fs . \u003e trivyfs.txt\"\n }\n }\n stage(\"Docker Build \u0026 Push\") {\n steps {\n script {\n withDockerRegistry(credentialsId: 'docker', toolName: 'docker') {\n sh \"docker build --build-arg TMDB_V3_API_KEY=\u003cyourapikey\u003e -t netflix .\"\n sh \"docker tag netflix aymanekh24/netflix:latest\"\n sh \"docker push aymanekh24/netflix:latest\"\n }\n }\n }\n }\n stage(\"TRIVY Image SCAN\") {\n steps {\n sh \"trivy image aymanekh24/netflix:latest \u003e trivyimage.txt\"\n }\n }\n stage('Deploy to Container') {\n steps {\n sh 'docker run -d --name netflix -p 8081:80 aymanekh24/netflix:latest'\n }\n }\n }\n}\n```\n\n\u003cdiv align=\"center\"\u003e\n \u003cimg src=\"public/assets/dock.png\" alt=\"Logo\" width=\"100%\" height=\"100%\" /\u003e\n The Docker image was successfully pushed to the Docker Hub registry. \n\n\u003c/div\u003e\n\n\n\n## You can see log outpout and if you had a docker Errors take this is solution: \n\n**If Docker login fails inside Jenkins pipeline:**\n\n```bash\nsudo su\nudo usermod -aG docker jenkins\nsudo systemctl restart jenkins\n# Then re-run the Jenkins pipeline\n```\n\n# Monitoring \u0026 Notification Setup\n\n ## Monitoring\n\n ### Grafana, Node Exporter, Prometheus\n\nIn this phase, we set up a complete monitoring stack to keep track of system health and CI/CD pipeline performance. We use Prometheus to collect and store metrics from different sources. It runs as a background service and is configured to monitor both the server and Jenkins.\n\nTo gather system-level metrics like CPU, memory, and disk usage, we install Node Exporter on the server. Prometheus then scrapes these metrics at regular intervals.\n\nFor visualization, we use Grafana, a widely-used tool for creating real-time dashboards. It connects to Prometheus and presents the collected data in a clear and interactive format.\n\n\u003cdiv align=\"center\"\u003e\n \u003cimg src=\"public/assets/promo.png\" alt=\"Logo\" width=\"100%\" height=\"100%\" /\u003e\n\u003c/div\u003e\n\u003cdiv align=\"center\"\u003e\n \u003cimg src=\"public/assets/promo2.png\" alt=\"Logo\" width=\"100%\" height=\"100%\" /\u003e\n\u003c/div\u003e\n\n\n\n\n ## Notification\n\nJenkins Notifications : \nYou go first and turn your eamil into 2FA in settings and you go create a password for an app you name netflix in gmail for example.\n\nin jenkins system, you configure settings of email and email extended with `smtp.gmail.com` in the server name , and the rest you know it's easy.\n\nthen you test you should receive an email with test in it.\n\nGo to settings of your piplibe and add post action with your email in it, it's all here.\n\n\n## Contact \n\n`aymanekenbouch@gmail.com`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faymanek24%2Fdevsecops_netflix_monitoring-alerting","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faymanek24%2Fdevsecops_netflix_monitoring-alerting","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faymanek24%2Fdevsecops_netflix_monitoring-alerting/lists"}