https://github.com/daoud-hussain/cicd-todo-application
A complete Jenkins CI/CD Pipeline of a Full-Stack to-do Application.
https://github.com/daoud-hussain/cicd-todo-application
docker jenkins owasp-dependencycheck sonarqube trivy
Last synced: 3 months ago
JSON representation
A complete Jenkins CI/CD Pipeline of a Full-Stack to-do Application.
- Host: GitHub
- URL: https://github.com/daoud-hussain/cicd-todo-application
- Owner: Daoud-Hussain
- License: mit
- Created: 2024-07-09T07:36:29.000Z (11 months ago)
- Default Branch: master
- Last Pushed: 2024-07-11T11:59:23.000Z (11 months ago)
- Last Synced: 2025-01-23T07:09:43.138Z (5 months ago)
- Topics: docker, jenkins, owasp-dependencycheck, sonarqube, trivy
- Language: HTML
- Homepage:
- Size: 383 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
## CI/CD Pipeline for a Full Stack Application Using SonarQube, OWASP Dependency Check, Docker, and Trivy.
In this CI/CD pipeline, I integrate robust tools to ensure code quality, security, and compliance for our full stack application. The pipeline comprises the following components:
- **SonarQube**: For continuous code quality inspection, detecting bugs, vulnerabilities, and code smells in the application code.
- **OWASP Dependency Check**: To identify and report known vulnerabilities in project dependencies, ensuring third-party libraries are secure.
- **Docker**: A platform to develop, ship, and run applications inside lightweight, portable containers. It simplifies the development and deployment process by providing isolated environments for each service in the application.
- **Trivy**: A comprehensive security scanner for containers, identifying vulnerabilities, misconfigurations, and other potential security risks in Docker images.
This pipeline automates the build, test, and deployment processes, ensuring that only secure and high-quality code reaches production.