All Projects
DevOpsCase Study·87% Match

DevSecOps Food App — Full CI/CD Pipeline

DevSecOps pipeline for a Swiggy food-delivery clone (React frontend). Jenkins pipeline: GitHub webhook → SonarQube code quality gate → OWASP dependency check → Trivy image scan → Docker build/push (vaibhavbansal26/swiggy:latest) → container deploy on port 3000. Terraform provisions the AWS EC2 instance. Prometheus + Grafana + Helm for monitoring.

JenkinsDockerTerraformAWSSonarQubeOWASPTrivy
ProductionJenkinsCI/CDSonarQubeSASTTrivyImage scanTerraformIaC
Jenkins
CI/CD
SonarQube
SAST
Trivy
Image scan
Terraform
IaC
🔴 The Problem

Food delivery frontend had no automated security checks or consistent deployment process

Infrastructure was manually provisioned without version control

The Solution

Jenkins pipeline: GitHub webhook → SonarQube gate → OWASP dependency check → Trivy image scan → Docker build/push → container deploy

Terraform provisions AWS EC2; Prometheus + Grafana + Helm monitor the running app

📈 Impact & Results

Every PR gets security-scanned before a single byte reaches EC2

Docker image vaibhavbansal26/swiggy:latest auto-updated on every merge to main

Grafana dashboard shows live CPU/memory for the food app container

Full Tech Stack
JenkinsDockerTerraformAWSSonarQubeOWASPTrivyAWS EC2

More Projects

Interested in working together?
Let's build something impactful.