{"id":26880634,"url":"https://github.com/suhas-005/devops-pipeline","last_synced_at":"2026-04-07T08:31:49.417Z","repository":{"id":284751746,"uuid":"955466765","full_name":"suhas-005/devops-pipeline","owner":"suhas-005","description":"End-to-end DevOps Pipeline Project - AWS","archived":false,"fork":false,"pushed_at":"2025-04-01T05:06:10.000Z","size":107,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-17T17:50:57.559Z","etag":null,"topics":["aws","aws-eks","cicd","devops","devsecops","docker","github-actions","helm","iac","kubernetes","self-hosted-runner","terraform","typescript"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/suhas-005.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-03-26T17:24:05.000Z","updated_at":"2025-04-04T13:43:53.000Z","dependencies_parsed_at":"2025-06-17T17:53:09.138Z","dependency_job_id":null,"html_url":"https://github.com/suhas-005/devops-pipeline","commit_stats":null,"previous_names":["suhas-005/devops-pipeline"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/suhas-005/devops-pipeline","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suhas-005%2Fdevops-pipeline","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suhas-005%2Fdevops-pipeline/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suhas-005%2Fdevops-pipeline/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suhas-005%2Fdevops-pipeline/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/suhas-005","download_url":"https://codeload.github.com/suhas-005/devops-pipeline/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suhas-005%2Fdevops-pipeline/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31506562,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-07T03:10:19.677Z","status":"ssl_error","status_checked_at":"2026-04-07T03:10:13.982Z","response_time":105,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-eks","cicd","devops","devsecops","docker","github-actions","helm","iac","kubernetes","self-hosted-runner","terraform","typescript"],"created_at":"2025-03-31T14:37:54.425Z","updated_at":"2026-04-07T08:31:49.411Z","avatar_url":"https://github.com/suhas-005.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# **End-to-End DevOps Project on AWS**\n\n![Architecture diagram](https://github.com/user-attachments/assets/d3497a05-62ad-49c8-a01d-c8bdc6cc1a4e)\n\n### **Technology used:**\n- Terraform\n- GitHub Actions (Self-hosted runners)\n- AWS (EKS - Kubernetes)\n- Helm\n- SonarQube\n- Trivy\n- NPM/Node\n- Docker\n- Ubuntu\n\n### **Version used:**\n-  Terraform:  v1.11.3\n-  Node: v20.x\n-  Helm: 3.17.1\n-  Kubernetes: v1.32\n-  Ubuntu - 24.04\n\n### **How to run/deploy**\n\n#### **Pre-requisites:**\n- AWS Account and CLI setup: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-quickstart.html\n- DockerHub account\n- Create a AWS S3 for Terraform remote state storage \n- Terraform installed on local machine - https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli\n\n#### **Deploying the project:**\n\n1. **Run terraform to spawn EC2 instance for hosting GitHub Self-hosted runner**\n   ```bash\n   cd terraform-github-runner\n   terraform init\n   terraform plan\n   terraform init\n   ```\n   This creates an EC2 instance (t2.medium) along with a VPC, Subnet (Public), Security group, Route, Internet Gateway. It also create a IAM role with Administrator Access and attaches this to the EC2 instance (This is not recommended in production, this project only needs access to IAM, EKS, S3, VPC (includes subnets, IGW, Security groups) Administrator access is given for ease of doing project that's it)\n\u003cbr\u003e\n\n2. **Setup GitHub Self-hosted runner**\n   - SSH into the EC2 instance using the Public IP from the output of the Terraform code\n     ```\n     ssh -i \u003cpath to your ssh key\u003e ubuntu@\u003cpublic-ip\u003e\n     ```\n   - Go to your GitHub repository and click on **Settings** tab \u003e **Runners** \u003e **New self-hosted runner** - https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners\n   - Run the commands mentioned on the EC2 instance, and at last run the below command to run the github runner as service\n     ```bash\n     sudo ./svc.sh install\n     sudo ./svc.sh start\n     ```\n\u003cbr\u003e\n\n3. **Setup EKS Cluster**\u003cbr\u003e\n   Login to GitHub Runner EC2 instance again and run terraform-eks from there\n   ```\n   git clone https://github.com/suhas-005/devops-pipeline.git\n   cd devops-pipeline/terraform-eks\n   terraform init\n   terraform plan\n   terraform apply\n   ```\n   This will take around 15-20 minutes to finish\n\u003cbr\u003e\n\n4. **Setup SonarQube**\u003cbr\u003e\n   SonarQube URL: ```\u003cpublic-ip-of-ec2\u003e:9000```\u003cbr\u003e\n   Initial username and password - ```admin```\u003cbr\u003e\n   - Reset the password\n   - Then on the home page, click on ```Manually``` to create a project manually\n     \n     ![Sonar Project 1](https://github.com/user-attachments/assets/dff1cd4f-d686-4634-90c8-59dcc11fcb60)\n     \n   - Then provide a **Project display name** (Ex: devops-tic-tac-toe), **Project key**(Ex: devops-tic-tac-toe) and **Main branch name**(Ex: main)\n     \n   - Then on the next page click on **With GitHub Actions**\n     \n     ![Sonar Workflow 1](https://github.com/user-attachments/assets/440fb8e2-1cba-444f-a84a-8af9090aca39)\n     \n   - Then click on **Generate** to generate a **SONAR_TOKEN**, copy this token to a notepad temporarily. Also copy **SONAR_HOST_URL**\n   - Then on the next step, Click on **Other**\n     \n     ![Sonar Workflow 2](https://github.com/user-attachments/assets/f9a034a0-7a27-4af3-a16d-992cd4aa5a60)\n     \n   - Then click on Finish tutorial\n\u003cbr\u003e\n\n6. **Setup GitHub Action Secrets and Variables**\n   - Go to your GitHub repository and click on **Settings** tab \u003e **Secrets and variables** \u003e **Actions** \u003e **Create repository secret**\n   - Create secrets for **SONAR_TOKEN**, **SONAR_HOST_URL**, **DOCKERHUB_USERNAME**  and **DOCKERHUB_TOKEN**.\n   - Under Variables create variable for **IMAGE_NAME**\n   - Now add a file with name **sonar-project.properties** under app-codebase directory containing the project-key obtained in the previous step while setting up SonarQube\n\u003cbr\u003e\n\n7. **Trigger GitHub Actions**\n   1. Trigger **Run checks/tests** workflow (app-ci-tests.yaml):\n      - This action gets triggred when a PR is created and changes exist under app-codebase/ directory.\n        ![PR](https://github.com/user-attachments/assets/213dc2fa-8eb9-464b-8adc-be43f0e8f635)\n        \n        ![Workflow 1](https://github.com/user-attachments/assets/8b326667-45ec-42af-9c98-26f4c2d4b988)\n\n    2. Trigger **Build and deploy** workflow (app-cd-deploy.yaml):\n       - This action gets triggered when there is a push to main branch and changes exists on app-codebase/ directory or helm-chart/ directory.\n         ![Workflow 2](https://github.com/user-attachments/assets/74257a5c-f211-4f18-a94b-b03509008cd4)\n\u003cbr\u003e\n\n8. **Access the application**\n   - Once both the workflow have run successfully, we can access the application. Login to your AWS account and go to Load Balancers section There a load balancer will be created (this may take few minutes), use that URL/DNS name to access the Tic-Tac-Toe app.\n     ![App](https://github.com/user-attachments/assets/42987916-a2f4-461b-ab6e-5a1431613bfa)\n\n\n### **Clean up**\n```\nhelm uninstall tic-tac-toe -n devops-project\ncd terraform-eks\nterraform destroy\ncd terraform-github-runner\nterraform destroy\n```\nDestroy the S3 bucket created on for strong remote state.\n\n### Future Improvements\n- CI/CD to deploy EKS\n- Restrict EC2 IAM Role access\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsuhas-005%2Fdevops-pipeline","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsuhas-005%2Fdevops-pipeline","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsuhas-005%2Fdevops-pipeline/lists"}