{"id":27243814,"url":"https://github.com/stevehoober254/devops-portfolio","last_synced_at":"2026-04-06T21:33:14.757Z","repository":{"id":287212835,"uuid":"963971485","full_name":"stevehoober254/devops-portfolio","owner":"stevehoober254","description":"🚀 Advanced DevOps pipelines, IaC, observability stacks \u0026 multi-cloud deployment demos","archived":false,"fork":false,"pushed_at":"2025-04-10T19:49:47.000Z","size":9,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-10T20:58:49.830Z","etag":null,"topics":["ansible","automation","bash-scripting","chef","ci-cd-","devops","devops-pipeline","docker","github-actions","grafana","infrastructure-as-code","jenkins","kubernetes","prometheus","puppet","python-script","terraform"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stevehoober254.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["stevehoober254"]}},"created_at":"2025-04-10T13:47:52.000Z","updated_at":"2025-04-10T19:49:50.000Z","dependencies_parsed_at":"2025-04-10T20:58:50.784Z","dependency_job_id":null,"html_url":"https://github.com/stevehoober254/devops-portfolio","commit_stats":null,"previous_names":["stevehoober254/devops-portfolio"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/stevehoober254/devops-portfolio","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stevehoober254%2Fdevops-portfolio","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stevehoober254%2Fdevops-portfolio/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stevehoober254%2Fdevops-portfolio/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stevehoober254%2Fdevops-portfolio/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stevehoober254","download_url":"https://codeload.github.com/stevehoober254/devops-portfolio/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stevehoober254%2Fdevops-portfolio/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31491097,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-06T17:22:55.647Z","status":"ssl_error","status_checked_at":"2026-04-06T17:22:54.741Z","response_time":112,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","automation","bash-scripting","chef","ci-cd-","devops","devops-pipeline","docker","github-actions","grafana","infrastructure-as-code","jenkins","kubernetes","prometheus","puppet","python-script","terraform"],"created_at":"2025-04-10T20:58:48.009Z","updated_at":"2026-04-06T21:33:14.736Z","avatar_url":"https://github.com/stevehoober254.png","language":null,"funding_links":["https://github.com/sponsors/stevehoober254"],"categories":[],"sub_categories":[],"readme":"# ☁️ DevOps / Platform Engineer Portfolio — Stephen Gashoka\n\n\u003e Infrastructure-as-Code, CI/CD pipelines, Kubernetes, and multi-cloud automation. Production-grade reliability engineering with a focus on cost efficiency and self-healing systems.\n\n![Terraform](https://img.shields.io/badge/Terraform-7B42BC?style=flat-square\u0026logo=terraform\u0026logoColor=white)\n![Kubernetes](https://img.shields.io/badge/Kubernetes-326CE5?style=flat-square\u0026logo=kubernetes\u0026logoColor=white)\n![Docker](https://img.shields.io/badge/Docker-2496ED?style=flat-square\u0026logo=docker\u0026logoColor=white)\n![GitHub Actions](https://img.shields.io/badge/GitHub_Actions-2088FF?style=flat-square\u0026logo=githubactions\u0026logoColor=white)\n![Prometheus](https://img.shields.io/badge/Prometheus-E6522C?style=flat-square\u0026logo=prometheus\u0026logoColor=white)\n\n---\n\n## Projects\n\n### 1. Multi-Cloud CI/CD Pipeline with Secrets Rotation \u0026 Policy Compliance\n**Problem:** Maintaining deployments, secrets, and compliance across AWS and Azure simultaneously without a unified control plane.\n\n**Architecture:**\n- **GitHub Actions** for pipeline orchestration\n- **Terraform** modules for AWS (EKS) and Azure (AKS) provisioning\n- **HashiCorp Vault** for dynamic secrets with auto-rotation\n- **Open Policy Agent (OPA)** for pre-deployment policy enforcement (no public S3 buckets, no privileged containers)\n- **LaunchDarkly** for canary/feature-flag releases\n- **Slack webhooks** for deployment notifications\n\n**Key decisions:**\n- Chose Vault over AWS Secrets Manager to stay cloud-agnostic\n- OPA policies run as a GitHub Actions step before `terraform apply` — shift-left compliance\n- Canary deployments roll out to 5% traffic via weighted K8s services before full cutover\n\n**Stack:** Terraform · GitHub Actions · Vault · OPA · Kubernetes · Helm · Slack API\n\n---\n\n### 2. Infrastructure Cost Tracker \u0026 Optimizer\n**Problem:** Cloud spend spiralling due to idle resources and over-provisioned instances.\n\n**Architecture:**\n- **Infracost** integrated into GitHub Actions PRs — cost diff shown before merge\n- **AWS Lambda** (scheduled) scans for idle EC2, unattached EBS volumes, and unused RDS snapshots\n- Results pushed to a **Grafana** dashboard (backed by TimescaleDB)\n- **Slack alerts** when weekly spend exceeds defined thresholds\n- Auto-generates Terraform `destroy` plans for approved idle resources\n\n**Key decisions:**\n- TimescaleDB over plain Postgres for efficient time-series cost queries\n- Lambda runs on a cron — no always-on infra cost for the cost tracker itself (irony avoided)\n\n**Stack:** Terraform · Pulumi · Infracost · AWS Lambda · Grafana · TimescaleDB · Slack API\n\n---\n\n### 3. Self-Healing Kubernetes Cluster for Event-Driven Systems\n**Problem:** Event-driven microservices fail silently under Kafka lag spikes, causing downstream data loss.\n\n**Architecture:**\n- **KEDA** for Kafka-lag-based autoscaling of consumer pods\n- **Karpenter** for dynamic node provisioning (scale-in within 2min of idle)\n- **Prometheus + Alertmanager** for metrics and alert routing\n- **ArgoCD** for GitOps-based continuous deployment\n- **Chaos Engineering** with Chaos Monkey for periodic failure injection tests\n\n**Key decisions:**\n- KEDA over HPA because HPA can't natively scale on external event sources like Kafka\n- ArgoCD's sync waves used to enforce deployment ordering (infra → services → consumers)\n\n**Stack:** Kubernetes · KEDA · Karpenter · ArgoCD · Helm · Prometheus · Grafana · Chaos Monkey\n\n---\n\n## Skills demonstrated\n| Area | Technologies |\n|---|---|\n| IaC | Terraform, Ansible, Pulumi |\n| CI/CD | GitHub Actions, Jenkins, ArgoCD |\n| Containers | Docker, Kubernetes, Helm, Karpenter |\n| Observability | Prometheus, Grafana, Loki, Alertmanager |\n| Cloud | AWS (EKS, Lambda, Glue, RDS), GCP (GKE), Azure (AKS) |\n| Security | Vault, OPA, SOPS, Trivy |\n| Cost | Infracost, AWS Cost Explorer integration |\n\n---\n\n📧 stephengachoka57@gmail.com | 🌐 [stephengachoka.co.ke](https://stephengachoka.co.ke) | 📍 Nairobi, Kenya\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstevehoober254%2Fdevops-portfolio","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstevehoober254%2Fdevops-portfolio","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstevehoober254%2Fdevops-portfolio/lists"}