DevSecOps Demo Application Deployment
Guide
Introduction 🌐
This guide will walk you through the process of setting up and deploying the DevSecOps demo
application using GitHub, Docker, Kubernetes, and ArgoCD. Follow the steps below to create
a seamless CI/CD pipeline that automatically deploys your application. Github link:
https://github.com/iam-veeramalla/devsecops-demo.git
https://www.linkedin.com/in/prasad-suman-mohan
�Prerequisites
• Node.js: Ensure you have Node.js (v14 or higher) installed.
• npm or yarn: Package manager for Node.js.
• GitHub Account: To clone the repository and manage secrets.
• AWS Account: To launch an EC2 instance.
• Docker: Containerization tool.
• kubectl and kind: For managing Kubernetes clusters.
• ArgoCD: For GitOps-based continuous delivery.
Getting Started
Step 1: Clone the Repository
Clone the DevSecOps demo application repository from GitHub:
git clone https://github.com/sumanprasad007/devsecops-demo.git
cd devsecops-demo
Step 2: Install Dependencies
Install the necessary dependencies using npm or yarn:
npm install
https://www.linkedin.com/in/prasad-suman-mohan
�Step 3: Start the Development Server
Start the development server to test the application locally:
npm run dev
Open your browser and navigate to http://localhost:5173 to view the application.
Step 4: Build for Production
Create a production build of the application:
npm run build
The build artifacts will be stored in the dist/ directory.
GitHub Configuration
Step 5: Create a GitHub Access Token
1. Generate a GitHub personal access token with the necessary permissions.
2. Add the token to the repository settings under Secrets and variables with the
name TOKEN.
https://www.linkedin.com/in/prasad-suman-mohan
�Step 6: Trigger GitHub Actions Workflow
1. Create a new version of the application and push the code to the repository.
2. This will trigger the GitHub Actions workflow, creating a new Docker image stored in
the GitHub Container Registry (GHCR).
3. The kubernetes/deployment.yaml file will be updated with the new image tag.
Kubernetes and ArgoCD Setup
Step 7: Launch an EC2 Instance
Launch an EC2 instance with the instance type t3a.medium or larger based on your
requirements.
Step 8: Install Docker
Install Docker and log in to GHCR:
sudo apt install docker.io -y
sudo usermod -aG docker ubuntu
docker login ghcr.io
https://www.linkedin.com/in/prasad-suman-mohan
�Step 9: Validate Docker Image
Run the latest Docker image to validate the changes:
docker run -d -p 80:80 ghcr.io/sumanprasad007/devsecops-demo:sha-
e01062c9913b710fb823b7efe54ab5df110c4ae7
docker ps
Step 10: Install kind and kubectl
Install kind and kubectl for managing Kubernetes clusters:
# For AMD64 / x86_64
[ $(uname -m) = x86_64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.27.0/kind-linux-
amd64
# For ARM64
[ $(uname -m) = aarch64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.27.0/kind-linux-
arm64
chmod +x ./kind
sudo mv ./kind /usr/local/bin/kind
https://www.linkedin.com/in/prasad-suman-mohan
� kind --version
kind create cluster --name devsecops-k8s-cluster
curl -LO "https://dl.k8s.io/release/$(curl -L -s
https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
kubectl config current-context
kubectl get pods -A
Step 11: Install ArgoCD
Install ArgoCD in your Kubernetes cluster:
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-
cd/stable/manifests/install.yaml
https://www.linkedin.com/in/prasad-suman-mohan
� kubectl get pods -n argocd
Step 12: Access ArgoCD
Make ArgoCD accessible via port-forwarding:
https://www.linkedin.com/in/prasad-suman-mohan
� kubectl port-forward svc/argocd-server 8000:80 -n argocd --address 0.0.0.0
kubectl get secrets -n argocd
kubectl get secrets argocd-initial-admin-secret -o yaml -n argocd
echo d0M3Rzc3S1pHYjlvZlRsMw== | base64 --decode
Step 13: Create ArgoCD Application
Create an application inside ArgoCD for your DevSecOps demo application.
Step 14: Create Docker Registry Secret
Create a secret to allow ArgoCD to fetch the Docker image from GHCR:
kubectl create secret docker-registry github-container-registry \
--docker-server=ghcr.io \
--docker-username=sumanprasad007 \
--docker-password=gSG33hqgjia;dsjg;asdgj;a ldsg aosd;f90u4t0lwLBI \
--docker-email=test@gmail.com
https://www.linkedin.com/in/prasad-suman-mohan
� kubectl get secrets -A
Step 15: Verify Pods
Ensure the pods are up and running:
kubectl get pods
https://www.linkedin.com/in/prasad-suman-mohan
�Step 16: Port Forward the Application
Port forward the application to access it in the browser:
kubectl port-forward pods/tic-tac-toe-bf47ccf4c-9v268 8888:80 --address 0.0.0.0
Access the application at http://Public-ip:8888.
Conclusion
By following these steps, you will have a fully automated CI/CD pipeline that deploys your
DevSecOps demo application to a Kubernetes cluster using ArgoCD. The entire process, from
code push to deployment, should take less than 180 seconds.
https://www.linkedin.com/in/prasad-suman-mohan
�Understanding how to leverage AWS tools and features will
enhance your capabilities, support certification preparation, and
boost confidence in real-world problem-solving for DevOps, cloud
engineering, and SRE roles. In the up-coming parts, we will
discussion on more such practical challenges along with steps for
the different AWS based scenarios. So, stay tuned for the and
follow @Prasad Suman Mohan for more such posts.
https://www.linkedin.com/in/prasad-suman-mohan
