This repository contains a complete DevSecOps CI/CD pipeline implementation using open source tools, packaged as a software factory for Coder workspaces.
The DevSecOps factory provides a comprehensive CI/CD pipeline with security built in at every stage, including:
- Source control management (Gitea)
- CI/CD orchestration (Tekton)
- Container registry (Harbor)
- Security scanning (SonarQube, Trivy, OWASP ZAP)
- GitOps deployment (ArgoCD)
- Monitoring and observability (Prometheus, Grafana)
├── devsecops-factory/
│ ├── documentation.md # Comprehensive documentation
│ ├── coder-template/ # Coder template files
│ │ ├── main.tf # Workspace template
│ │ └── README.md # Template documentation
│ └── terraform/ # Infrastructure as Code
│ ├── main.tf # Main Terraform configuration
│ ├── variables.tf # Input variables
│ ├── outputs.tf # Output values
│ ├── terraform.tfvars.example # Example variable values
│ ├── Makefile # Automation commands
│ └── modules/ # Component modules
│ ├── gitea/ # Source control
│ ├── tekton/ # CI/CD pipeline
│ ├── harbor/ # Container registry
│ ├── security-tools/ # Security scanning
│ ├── argocd/ # GitOps deployment
│ └── monitoring/ # Monitoring stack
See the documentation.md file for comprehensive instructions on installation, usage, and best practices.
- Security-first approach: Security integrated at every stage of the pipeline
- Modular design: Components can be deployed independently or together
- GitOps methodology: Infrastructure and applications managed through Git
- Comprehensive monitoring: Full observability into the pipeline and applications
- Easy deployment: Packaged as a Coder template for quick setup
This project is open source and available under the MIT License.