{"id":50893116,"url":"https://github.com/flobehejohn/doctrine-demo","last_synced_at":"2026-06-15T22:02:33.557Z","repository":{"id":319862428,"uuid":"1079717987","full_name":"flobehejohn/doctrine-demo","owner":"flobehejohn","description":null,"archived":false,"fork":false,"pushed_at":"2026-05-21T13:42:48.000Z","size":3368,"stargazers_count":0,"open_issues_count":2,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-21T19:36:30.436Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/flobehejohn.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":"audit/demo_audit/5xx.csv","citation":null,"codeowners":null,"security":"docs/security/npm-audit-policy.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-10-20T09:22:49.000Z","updated_at":"2026-05-10T22:45:50.000Z","dependencies_parsed_at":"2025-10-20T16:33:47.219Z","dependency_job_id":"b705ca61-87e4-474a-8fb7-acac53c01941","html_url":"https://github.com/flobehejohn/doctrine-demo","commit_stats":null,"previous_names":["flobehejohn/doctrine-demo"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/flobehejohn/doctrine-demo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/flobehejohn%2Fdoctrine-demo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/flobehejohn%2Fdoctrine-demo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/flobehejohn%2Fdoctrine-demo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/flobehejohn%2Fdoctrine-demo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/flobehejohn","download_url":"https://codeload.github.com/flobehejohn/doctrine-demo/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/flobehejohn%2Fdoctrine-demo/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34381762,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-15T02:00:07.085Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-06-15T22:02:32.793Z","updated_at":"2026-06-15T22:02:33.553Z","avatar_url":"https://github.com/flobehejohn.png","language":"PowerShell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Doctrine Demo — DevOps Proof (Observability E2E)\n\n[![staff-ci](https://github.com/flobehejohn/doctrine-demo/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/flobehejohn/doctrine-demo/actions/workflows/ci.yml)\n\n[![Kubernetes](https://img.shields.io/badge/Kubernetes-ready-326ce5?logo=kubernetes\u0026logoColor=white)](#stack)\n[![Prometheus](https://img.shields.io/badge/Prometheus-Grafana%20stack-e6522c?logo=prometheus\u0026logoColor=white)](#dashboards)\n[![PowerShell](https://img.shields.io/badge/Automation-PowerShell-5391fe?logo=powershell\u0026logoColor=white)](#run-demo)\n[![Storytelling](https://img.shields.io/badge/Storytelling-DevOps%20Proof-6f42c1)](#preuves)\n\n**But  :** montrer en un coup d’œil ma capacité à **déployer**, **observer** et **raconter** l’état d’une app (Node) sur Kubernetes avec **Prometheus / Grafana / Alertmanager**, dashboards provisionnés, requêtes PromQL, alertes, et **livrables partageables** (PNG, CSV, PDF).  \n_Extraits d’audit \u0026 preuves inclus dans `audit/demo_audit`._ ([rapport HTML/PDF + panneaux Grafana + CSV]).\n\n## Sommaire\n-  Stack\n-  Schéma (vue rapide)\n-  Rejouer la démo (5 min)\n-  Dashboards \u0026 Requêtes clés\n-  Preuves livrées (recruteur)\n-  Traçabilité Git\n\n##  Stack\n- **App** : Node.js + `prom-client` (metrics `/metrics`, `/healthz`)\n- **Container** : Dockerfile non-root (UID 10001), healthcheck\n- **Kubernetes** : Deployment, Service, HPA, PDB, Ingress\n- **Observability** : Prometheus (scrape, rules), Alertmanager (route par défaut), Grafana (datasource \u0026 dashboards JSON provisionnés)\n- **Scripting** : PowerShell pour audit, snapshots PNG/CSV, packaging\n- **Infra as Code** : Manifests K8s + dossiers Terraform (eks/k3d)\n\n##  Schéma (vue rapide)\n```text\n[Users] -\u003e Ingress -\u003e Service (80-\u003e8080) -\u003e Pods \"doctrine-demo\" (Node)\n   |\n   +-\u003e /metrics -----------------------\u003e Prometheus (Kube-Prometheus-Stack)\n                                           |\n                                           +-\u003e Alertmanager (routes)\n                                           +-\u003e Grafana (datasource + dashboards JSON)\n```\n\n##  Rejouer la démo (5 min)\n```bash\n# App container\ndocker build -t doctrine-demo:local -f Dockerfile .\ndocker run -p 8080:8080 doctrine-demo:local\n\n# K8s (extraits)\nkubectl apply -f k8s/sa.yaml\nkubectl apply -f k8s/deployment.yaml\nkubectl apply -f k8s/service.yaml\nkubectl apply -f k8s/hpa.yaml\nkubectl apply -f k8s/pdb.yaml\nkubectl apply -f k8s/ingress.yaml\n\n# Monitoring\nkubectl apply -f monitoring/grafana/datasources/grafana-datasource-prom.yaml\nkubectl apply -f monitoring/prometheus.yml\nkubectl apply -f monitoring/prometheusrule.yaml\nkubectl apply -f monitoring/alertmanager.yml\nkubectl apply -f monitoring/podmonitor-app.yaml\n```\n\n**Astuce incident :** passer `latency_ms` à `300` dans `k8s/deployment.yaml` (ConfigMap) pour déclencher l’alerte p95.\n\n##  Dashboards \u0026 Requêtes clés\n- `RPS` : `sum(rate(http_requests_total[1m])) by (route)`\n- `p95` : `histogram_quantile(0.95, sum(rate(http_request_duration_seconds_bucket[5m])) by (le, route))`\n- `5xx` : `sum(rate(http_requests_total{code=~\"5..\"}[5m])) by (route)`\n- `CPU` : `sum(rate(container_cpu_usage_seconds_total{pod=~\"doctrine-demo.*\"}[5m]))`\n- `RAM` : `sum(container_memory_working_set_bytes{pod=~\"doctrine-demo.*\"})`\n\n##  Livrables \n`audit/demo_audit/`\n- `images/panel_01..06.png` : RPS, p95, 5xx, CPU, RAM, Restarts\n- `rps.csv`, `p95.csv`, `5xx.csv`, `cpu.csv`, `mem.csv` : tableaux de synthèse 8h\n- `report.html`, `report.pdf` : rapport prêt à partager (cluster, pods, services, targets \u0026 alertes)\n- `alerts.json`, `targets.json` : cibles Prometheus \u0026 alertes actives (preuve SRE)\n- `demo.gif` : aperçu animé (si ImageMagick installé lors de l’audit)\n\nUn exemple de rapport généré est visible dans le repo (section Graphiques + Tableaux) pour un partage immédiat.\n\n##  Traçabilité Git\n- Commit conventionnel : `feat(repo): demo DevOps observability E2E + preuves (Grafana/Prom/AM)`\n- Tags : `demo-v1` + timestamp `audit-YYYYMMDD-HHmm` pour snapshoter l’audit\n- Remote cible : `https://github.com/flobehejohn/doctrine-demo`\n\n## Staff-level CI \u0026 Observability Proof\n\nThis repository now includes a Staff-level proof gate for CI and observability:\n\n- strict local core gate: scripts/validate-full.ps1 -SkipDocker;\n- HTTP contract tests for /healthz, /search, and /metrics;\n- GitHub Actions split between core and container;\n- observability proof inventory under docs/proofs/observability-evidence.md;\n- Docker-deferred validation strategy under docs/operations/docker-deferred-validation.md;\n- ADR and case study documentation under docs/adr/ and docs/case-studies/.\n\n## 3-minute review path\n\nPour une lecture rapide du case study :\n\n1. [Recruiter one-pager](./docs/presentation/recruiter-one-pager.md)\n2. [Release scorecard](./docs/presentation/release-scorecard.md)\n3. [Staff / Lead review guide](./docs/presentation/staff-review-guide.md)\n4. [Evidence gallery](./docs/presentation/evidence-gallery.md)\n5. [Observability evidence index](./docs/proofs/observability-evidence.md)\n6. [npm audit policy](./docs/security/npm-audit-policy.md)\n7. [GitHub Actions Node 24 readiness](./docs/operations/github-actions-node24-readiness.md)\n\nLe repo distingue volontairement la preuve locale sans Docker (`validate-full.ps1 -SkipDocker`) et la preuve container distante via GitHub Actions.\n\n## Hardening readiness path\n\nCette section répond explicitement aux objections classiques d’un entretien DevOps/SRE senior :\n\n1. [PowerShell cross-platform rationale](./docs/operations/powershell-crossplatform-rationale.md)\n2. [GitOps readiness](./docs/gitops/README.md)\n3. [Terraform remote state readiness](./docs/terraform/remote-state-readiness.md)\n4. [Shift-left SAST readiness](./docs/security/shift-left-sast-readiness.md)\n5. [ArgoCD example application](./gitops/argocd/doctrine-demo-application.example.yaml)\n\nLe repo ne prétend pas être une plateforme Kubernetes complète de production. Il montre un socle démontrable, auditable et extensible vers GitOps, remote state Terraform et DevSecOps.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fflobehejohn%2Fdoctrine-demo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fflobehejohn%2Fdoctrine-demo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fflobehejohn%2Fdoctrine-demo/lists"}