A fully automated, production-grade CI/CD pipeline for deploying an Amazon Prime Video clone using modern DevOps practices and cloud-native tooling.
- Project Overview
- Architecture
- Tech Stack
- Pipeline Flow
- Prerequisites
- Project Structure
- Getting Started
- Pipeline Stages
- Infrastructure as Code
- Monitoring & Observability
- Security
- Contributing
- License
This project demonstrates a complete end-to-end DevOps pipeline for an Amazon Prime Video clone application. The entire workflow β from code commit to production deployment β is fully automated with industry-standard tools.
| Area | Tools Used |
|---|---|
| Source Control | GitHub |
| CI/CD Automation | Jenkins |
| Code Quality | SonarQube |
| Dependency Management | npm |
| Security Scanning | Aqua Trivy |
| Containerization | Docker |
| Container Registry | AWS ECR |
| Infrastructure as Code | Terraform |
| Kubernetes Orchestration | AWS EKS |
| Package Management | Helm |
| GitOps / Continuous Delivery | ArgoCD |
| Monitoring | Prometheus & Grafana |
Developer β GitHub β Jenkins Pipeline
β
βββ 1. Code Checkout
βββ 2. SonarQube Analysis (Code Quality)
βββ 3. npm Install & Build
βββ 4. Trivy Scan (Security)
βββ 5. Docker Build & Tag
βββ 6. Push to AWS ECR
β
βΌ
AWS ECR (Container Registry)
β
βΌ
ArgoCD (GitOps)
β
βββ Watches Helm chart changes
βββ Syncs desired state
β
βΌ
AWS EKS Cluster
β
βββ Pulls image from ECR
βββ Deploys Pods via Helm
βββ Manages Services & Ingress
β
βΌ
Prometheus + Grafana (Monitoring)
ββββββββββββ ββββββββββββ ββββββββββββββ βββββββββ βββββββββ ββββββββββ
β GitHub βββββΆβ Jenkins βββββΆβ SonarQube βββββΆβ npm βββββΆβ Trivy βββββΆβ Docker β
ββββββββββββ ββββββββββββ ββββββββββββββ βββββββββ βββββββββ ββββββ¬ββββ
β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
βΌ
ββββββββββββββ ββββββββββββ βββββββββββ βββββββββββββββ
β AWS ECR βββββΆβ ArgoCD βββββΆβ AWS EKS βββββΆβ Prometheus β
β (Registry)β β (GitOps) β β (K8s) β β + Grafana β
ββββββββββββββ ββββββββββββ βββββββββββ βββββββββββββββ
| Layer | Technology | Purpose |
|---|---|---|
| Frontend | React.js | Amazon Prime Video clone UI |
| Backend | Node.js | REST API server |
| Styling | CSS | Responsive design & animations |
| Category | Tool | Purpose |
|---|---|---|
| Version Control | GitHub | Source code management & webhooks |
| CI/CD | Jenkins | Pipeline orchestration & automation |
| Code Quality | SonarQube | Static code analysis & quality gates |
| Security | Aqua Trivy | Container & filesystem vulnerability scan |
| Containerization | Docker | Application containerization |
| Registry | AWS ECR | Private container image registry |
| IaC | Terraform | AWS infrastructure provisioning |
| Orchestration | AWS EKS | Managed Kubernetes cluster |
| Packaging | Helm | Kubernetes manifest templating & management |
| GitOps | ArgoCD | Declarative continuous delivery |
| Monitoring | Prometheus | Metrics collection & alerting |
| Visualization | Grafana | Dashboards & observability |
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β JENKINS CI/CD PIPELINE β
βββββββββββ¬ββββββββββββ¬βββββββββββ¬βββββββββββ¬ββββββββββββ¬βββββββββββββββββββββ€
β Stage 1β Stage 2 β Stage 3 β Stage 4 β Stage 5 β Stage 6 β
β β β β β β β
β Clone β SonarQube β npm β Trivy β Docker β Push to ECR β
β Repo β Analysis β Build β Scan β Build β + Deploy via β
β β β β β β ArgoCD β
βββββββββββ΄ββββββββββββ΄βββββββββββ΄βββββββββββ΄ββββββββββββ΄βββββββββββββββββββββ
- π₯ Clone β Pull latest code from GitHub
- π SonarQube Analysis β Static code analysis for bugs, vulnerabilities, code smells
- π¦ npm Install & Build β Install dependencies and build the application
- π‘οΈ Trivy Security Scan β Scan filesystem and Docker images for CVEs
- π³ Docker Build & Tag β Build production Docker image with proper tagging
- π€ Push to AWS ECR β Push image to private container registry
- π ArgoCD Sync β ArgoCD detects Helm chart changes and deploys to EKS
Before setting up this pipeline, ensure you have the following:
- Jenkins (LTS)
- SonarQube server
- Terraform (v1.5+)
- AWS CLI configured with proper credentials
- kubectl
- Helm (v3+)
- ArgoCD CLI
- Trivy
- AWS Account with IAM permissions for EKS, ECR, VPC, and EC2
- An S3 bucket for Terraform state (recommended)
full_stack_devops_pipeline/
β
βββ π server.js # Node.js application entry point
βββ π package.json # Node.js dependencies & scripts
βββ π Dockerfile # Multi-stage Docker build
βββ π docker-compose.yml # Local development orchestration
βββ π Jenkinsfile # CI/CD pipeline definition
βββ π .dockerignore # Docker build exclusions
βββ π .gitignore # Git exclusions
βββ π README.md # Project documentation (this file)
β
βββ π src/ # Application source code
β βββ π components/ # React components
β βββ π pages/ # Page-level components
β βββ π assets/ # Static assets (images, icons)
β βββ π App.js # Main React application
β
βββ π terraform/ # Infrastructure as Code
β βββ π main.tf # Main Terraform configuration
β βββ π variables.tf # Input variables
β βββ π outputs.tf # Output values
β βββ π provider.tf # AWS provider configuration
β βββ π modules/
β β βββ π vpc/ # VPC networking module
β β βββ π eks/ # EKS cluster module
β β βββ π ecr/ # ECR repository module
β βββ π terraform.tfvars # Variable values
β
βββ π helm/ # Helm chart for Kubernetes deployment
β βββ π Chart.yaml # Chart metadata
β βββ π values.yaml # Default configuration values
β βββ π templates/
β βββ π deployment.yaml # K8s Deployment manifest
β βββ π service.yaml # K8s Service manifest
β βββ π ingress.yaml # K8s Ingress manifest
β βββ π hpa.yaml # Horizontal Pod Autoscaler
β
βββ π monitoring/ # Monitoring stack configuration
β βββ π prometheus.yml # Prometheus configuration
β βββ π grafana/
β βββ π dashboards/ # Grafana dashboard JSON files
β
βββ π scripts/ # Utility scripts
βββ π setup-jenkins.sh # Jenkins setup automation
βββ π install-tools.sh # Tool installation script
βββ π cleanup.sh # Resource cleanup script
git clone https://github.com/<your-username>/full-stack-devops-pipeline.git
cd full-stack-devops-pipeline# Install dependencies
npm install
# Start the development server
npm run dev
# Application will be available at http://localhost:3000# Build the Docker image
docker build -t prime-video-clone .
# Run the container
docker run -d -p 3000:3000 --name prime-clone prime-video-clone
# Or use Docker Compose
docker-compose up -dcd terraform/
# Initialize Terraform
terraform init
# Preview the infrastructure changes
terraform plan
# Apply β provisions VPC, EKS Cluster, ECR, and IAM Roles
terraform apply -auto-approve
# Get EKS kubeconfig
aws eks update-kubeconfig --name prime-clone-cluster --region us-east-1-
Install Jenkins on an EC2 instance or run locally via Docker:
docker run -d --name jenkins \ --restart=on-failure \ -p 8080:8080 \ -v jenkins_home:/var/jenkins_home \ -v /var/run/docker.sock:/var/run/docker.sock \ jenkins/jenkins:lts
-
Install required Jenkins plugins:
- Docker Pipeline
- SonarQube Scanner
- AWS Credentials
- Pipeline: AWS Steps
- NodeJS Plugin
-
Configure credentials in Jenkins:
github-credentialsβ GitHub personal access tokensonarqube-tokenβ SonarQube authentication tokenaws-credentialsβ AWS Access Key & Secret Keydockerhub-credentialsβ Docker Hub credentials (if using)
-
Create a Pipeline job pointing to the
Jenkinsfilein this repository. -
Set up GitHub Webhook β
http://<jenkins-url>:8080/github-webhook/
pipeline {
agent any
environment {
AWS_ACCOUNT_ID = credentials('aws-account-id')
AWS_REGION = 'us-east-1'
ECR_REPO = "${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/prime-clone"
SONAR_HOST = 'http://<sonarqube-server>:9000'
}
stages {
stage('Checkout') { steps { git branch: 'main', url: '...' } }
stage('SonarQube Analysis'){ steps { /* SonarQube scanner */ } }
stage('npm Build') { steps { sh 'npm install && npm run build' } }
stage('Trivy FS Scan') { steps { sh 'trivy fs --severity HIGH,CRITICAL .' } }
stage('Docker Build') { steps { sh 'docker build -t prime-clone .' } }
stage('Trivy Image Scan') { steps { sh 'trivy image prime-clone' } }
stage('Push to ECR') { steps { /* ECR login & push */ } }
stage('Deploy via ArgoCD') { steps { /* Update Helm values, ArgoCD syncs */ } }
}
post {
success { echo 'β
Pipeline completed successfully!' }
failure { echo 'β Pipeline failed. Check logs.' }
}
}# Install ArgoCD on EKS
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
# Access ArgoCD UI
kubectl port-forward svc/argocd-server -n argocd 8080:443
# Get initial admin password
kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d
# Create ArgoCD Application (points to Helm chart in this repo)
argocd app create prime-clone \
--repo https://github.com/<your-username>/full-stack-devops-pipeline.git \
--path helm/ \
--dest-server https://kubernetes.default.svc \
--dest-namespace production \
--sync-policy automated# Install Prometheus & Grafana via Helm
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo update
helm install monitoring prometheus-community/kube-prometheus-stack \
--namespace monitoring \
--create-namespace
# Access Grafana dashboard
kubectl port-forward svc/monitoring-grafana -n monitoring 3000:80
# Default credentials β admin / prom-operatorThis pipeline implements security at every stage:
| Layer | Tool/Practice | Description |
|---|---|---|
| Code Quality | SonarQube | Detects bugs, code smells & vulnerabilities |
| Dependency Scan | Trivy (filesystem mode) | Scans node_modules for known CVEs |
| Image Scan | Trivy (image mode) | Scans built Docker image for OS/library vulns |
| Registry | AWS ECR (private) | Images stored in private, encrypted registry |
| Secrets Management | Jenkins Credentials Store | No hardcoded secrets in code |
| Network | AWS VPC + Security Groups | Isolated network with least-privilege access |
| Cluster | EKS with RBAC | Role-based access control for Kubernetes |
| Component | Purpose | Access |
|---|---|---|
| Prometheus | Metrics collection, alerting rules | http://<cluster-ip>:9090 |
| Grafana | Visualization dashboards | http://<cluster-ip>:3000 |
| ArgoCD UI | Deployment status & sync health | http://<cluster-ip>:8080 |
| Jenkins | Pipeline logs & build history | http://<jenkins-ip>:8080 |
- π’ Application β Request latency, error rates, throughput
- π΅ Kubernetes β Pod health, resource utilization, node status
- π Infrastructure β CPU, memory, disk, network I/O
- π΄ Alerts β Pipeline failures, pod crashes, high error rates
Contributions are welcome! Please follow these steps:
- Fork the repository
- Create a feature branch:
git checkout -b feature/amazing-feature - Commit your changes:
git commit -m 'Add amazing feature' - Push to the branch:
git push origin feature/amazing-feature - Open a Pull Request
feat: add new feature
fix: bug fix
docs: documentation update
ci: CI/CD pipeline changes
infra: infrastructure changes
refactor: code refactoring
test: add or update tests
This project is licensed under the MIT License β see the LICENSE file for details.
- Amazon Prime Video β UI inspiration
- Jenkins β CI/CD automation
- Terraform β Infrastructure as Code
- ArgoCD β GitOps continuous delivery
- Kubernetes β Container orchestration
- Prometheus & Grafana β Monitoring stack
β Star this repo if you find it helpful!
Built with β€οΈ using modern DevOps practices