https://github.com/trivediayush/devsecops-ci-pipeline
A fully functional DevSecOps Continuous Integration (CI) pipeline using GitHub Actions.
https://github.com/trivediayush/devsecops-ci-pipeline
cicd-pipeline declarative-pipeline devsecops devsecops-pipeline docker docker-compose github-actions github-actions-ci gitleaks-pass jenkins jenkins-declarative python sonarqube synk synk-configuration terraform
Last synced: 3 months ago
JSON representation
A fully functional DevSecOps Continuous Integration (CI) pipeline using GitHub Actions.
- Host: GitHub
- URL: https://github.com/trivediayush/devsecops-ci-pipeline
- Owner: trivediayush
- License: apache-2.0
- Created: 2025-06-10T16:30:10.000Z (about 1 year ago)
- Default Branch: master
- Last Pushed: 2025-06-20T07:03:50.000Z (about 1 year ago)
- Last Synced: 2025-08-10T00:22:04.748Z (11 months ago)
- Topics: cicd-pipeline, declarative-pipeline, devsecops, devsecops-pipeline, docker, docker-compose, github-actions, github-actions-ci, gitleaks-pass, jenkins, jenkins-declarative, python, sonarqube, synk, synk-configuration, terraform
- Language: Python
- Homepage:
- Size: 550 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
DevSecOps CI Pipeline
=====================
This repository demonstrates a fully functional DevSecOps Continuous Integration (CI) pipeline using GitHub Actions. It integrates static code analysis, secret scanning, unit testing, and dependency vulnerability scanning using open-source tools.
📌 Project Overview
-------------------
* **Language:** Python
* **CI/CD:** GitHub Actions
* **Security Tools:** SonarCloud, Gitleaks, Snyk
* **Testing Framework:** Pytest
🛠️ Tools Used
--------------
* GitHub Actions
* SonarCloud (Code Quality & Static Analysis)
* Gitleaks (Secrets Detection)
* Snyk (Vulnerability Scanning)
* Pytest (Unit Testing)
📋 Steps to Run Locally
-----------------------
1. Clone the repository:
git clone https://github.com/trivediayush/devsecops-ci-pipeline.git
cd devsecops-ci-pipeline
3. Install dependencies:
pip install -r requirements.txt
5. Run unit tests:
pytest tests/
7. Optional: Run security scans locally
* Gitleaks: `gitleaks detect --source . --config .gitleaks.toml`
* Snyk: `snyk test`
📈 CI Pipeline Stages
---------------------
1. Code Checkout
2. Python Environment Setup
3. Install Dependencies
4. Run Unit Tests
5. SonarCloud Scan
6. Gitleaks Secret Scan
7. Snyk Vulnerability Scan
🧭 Architecture Diagram
-----------------------

🧭 Output Images
-----------------------

👤 Author
-----------------------
# Ayush Trivedi