This repository contains a complete DevSecOps CI/CD pipeline implementation using open source tools, packaged as a software factory for Coder workspaces.
The DevSecOps factory provides a comprehensive CI/CD pipeline with security built in at every stage, including:
- Source control management (Gitea)
- CI/CD orchestration (Tekton)
- Container registry (Harbor)
- Security scanning (SonarQube, Trivy, OWASP ZAP)
- GitOps deployment (ArgoCD)
- Monitoring and observability (Prometheus, Grafana)
βββ devsecops-factory/
β βββ documentation.md # Comprehensive documentation
β βββ coder-template/ # Coder template files
β β βββ main.tf # Workspace template
β β βββ README.md # Template documentation
β βββ terraform/ # Infrastructure as Code
β βββ main.tf # Main Terraform configuration
β βββ variables.tf # Input variables
β βββ outputs.tf # Output values
β βββ terraform.tfvars.example # Example variable values
β βββ Makefile # Automation commands
β βββ modules/ # Component modules
β βββ gitea/ # Source control
β βββ tekton/ # CI/CD pipeline
β βββ harbor/ # Container registry
β βββ security-tools/ # Security scanning
β βββ argocd/ # GitOps deployment
β βββ monitoring/ # Monitoring stack
See the documentation.md file for comprehensive instructions on installation, usage, and best practices.
- Security-first approach: Security integrated at every stage of the pipeline
- Modular design: Components can be deployed independently or together
- GitOps methodology: Infrastructure and applications managed through Git
- Comprehensive monitoring: Full observability into the pipeline and applications
- Easy deployment: Packaged as a Coder template for quick setup
This project is open source and available under the MIT License.