Skip to content

rwxford/codertesting

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 

Repository files navigation

DevSecOps CI/CD Pipeline for Coder

This repository contains a complete DevSecOps CI/CD pipeline implementation using open source tools, packaged as a software factory for Coder workspaces.

Overview

The DevSecOps factory provides a comprehensive CI/CD pipeline with security built in at every stage, including:

  • Source control management (Gitea)
  • CI/CD orchestration (Tekton)
  • Container registry (Harbor)
  • Security scanning (SonarQube, Trivy, OWASP ZAP)
  • GitOps deployment (ArgoCD)
  • Monitoring and observability (Prometheus, Grafana)

Repository Structure

├── devsecops-factory/
│   ├── documentation.md            # Comprehensive documentation
│   ├── coder-template/             # Coder template files
│   │   ├── main.tf                 # Workspace template
│   │   └── README.md               # Template documentation
│   └── terraform/                  # Infrastructure as Code
│       ├── main.tf                 # Main Terraform configuration
│       ├── variables.tf            # Input variables
│       ├── outputs.tf              # Output values
│       ├── terraform.tfvars.example # Example variable values
│       ├── Makefile                # Automation commands
│       └── modules/                # Component modules
│           ├── gitea/              # Source control
│           ├── tekton/             # CI/CD pipeline
│           ├── harbor/             # Container registry
│           ├── security-tools/     # Security scanning
│           ├── argocd/             # GitOps deployment
│           └── monitoring/         # Monitoring stack

Getting Started

See the documentation.md file for comprehensive instructions on installation, usage, and best practices.

Features

  • Security-first approach: Security integrated at every stage of the pipeline
  • Modular design: Components can be deployed independently or together
  • GitOps methodology: Infrastructure and applications managed through Git
  • Comprehensive monitoring: Full observability into the pipeline and applications
  • Easy deployment: Packaged as a Coder template for quick setup

License

This project is open source and available under the MIT License.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published