This is a comprehensive DevSecOps learning project that demonstrates how to deploy a React-based Tetris game on AWS EKS (Elastic Kubernetes Service) using industry-standard tools and practices. The project covers the entire software development lifecycle from infrastructure provisioning to continuous deployment with integrated security scanning.
- ☁️ Infrastructure as Code - Provision AWS EKS clusters and Jenkins servers using Terraform
- 🔄 CI/CD Automation - Build automated pipelines with Jenkins
- 🐳 Containerization - Dockerize React applications
- ☸️ Kubernetes Orchestration - Deploy and manage containerized apps on EKS
- 🔒 Security Integration - Implement security scanning with Trivy, OWASP Dependency-Check, and SonarQube
- 🚀 GitOps - Continuous delivery with ArgoCD
┌─────────────────┐ ┌──────────────────┐ ┌─────────────────┐
│ Developer │────▶│ Jenkins CI/CD │────▶│ Docker Hub │
│ (Git Push) │ │ Pipelines │ │ (Registry) │
└─────────────────┘ └──────────────────┘ └─────────────────┘
│ │
▼ ▼
┌──────────────────┐ ┌─────────────────┐
│ SonarQube │ │ AWS EKS │
│ (Code Quality) │ │ Cluster │
└──────────────────┘ └─────────────────┘
│ ▲
▼ │
┌──────────────────┐ ┌─────────────────┐
│ Trivy & OWASP │────▶│ ArgoCD │
│ (Security Scan)│ │ (GitOps) │
└──────────────────┘ └─────────────────┘
Tetris-game/
├── EKS-TF/ # Terraform scripts for EKS cluster deployment
│ ├── backend.tf # S3 backend configuration
│ ├── eks-cluster.tf # EKS cluster configuration
│ ├── eks-node-group.tf # Node group configuration
│ ├── iam-policy.tf # IAM policies for EKS
│ ├── iam-role.tf # IAM roles for EKS
│ ├── provider.tf # AWS provider configuration
│ ├── variables.tf # Input variables
│ ├── variables.tfvars # Variable values
│ └── vpc.tf # VPC and networking
│
├── Jenkins-Server-TF/ # Terraform scripts for Jenkins EC2 instance
│ ├── backend.tf # S3 backend configuration
│ ├── ec2.tf # EC2 instance configuration
│ ├── gather.tf # Data sources
│ ├── iam-instance-profile.tf # Instance profile
│ ├── iam-policy.tf # IAM policies for Jenkins
│ ├── iam-role.tf # IAM role for Jenkins
│ ├── provider.tf # AWS provider configuration
│ ├── tools-install.sh # Jenkins tools installation script
│ ├── variables.tf # Input variables
│ ├── variables.tfvars # Variable values
│ └── vpc.tf # VPC configuration
│
├── Jenkins-Pipeline-Code/ # Jenkins pipeline definitions
│ ├── Jenkinsfile-EKS-Terraform # Pipeline for EKS infrastructure
│ ├── Jenkinsfile-TetrisV1 # CI/CD pipeline for Tetris V1
│ └── Jenkinsfile-TetrisV2 # CI/CD pipeline for Tetris V2
│
├── Manifest-file/ # Kubernetes manifests
│ ├── deployment-service.yml # Deployment and Service definitions
│ └── ingress.yaml # Ingress configuration (ALB)
│
├── Tetris-V1/ # Initial version of Tetris game
│ ├── Dockerfile # Docker configuration
│ ├── package.json # Node.js dependencies
│ ├── public/ # Static assets
│ ├── src/ # React source code
│ └── README.md # Version-specific documentation
│
├── Tetris-V2/ # Enhanced version of Tetris game
│ ├── Dockerfile # Docker configuration
│ ├── package.json # Node.js dependencies
│ ├── public/ # Static assets
│ ├── src/ # React source code
│ └── README.md # Version-specific documentation
│
├── assets/ # Project assets and diagrams
│ └── Infra.gif # Infrastructure architecture diagram
│
├── Process.md # Implementation process documentation
└── LICENSE # Apache 2.0 License
| Category | Tools |
|----------|-------| | Cloud Platform | AWS (EC2, EKS, IAM, VPC, S3) | | Infrastructure as Code | Terraform | | CI/CD | Jenkins | | Container Orchestration | Kubernetes (EKS) | | Containerization | Docker | | Code Quality | SonarQube | | Security Scanning | Trivy, OWASP Dependency-Check | | GitOps | ArgoCD | | Application | React.js, Node.js |
- AWS Account with appropriate IAM permissions
- Terraform installed (v1.0+)
- Git installed
- Basic understanding of AWS, Kubernetes, and CI/CD concepts
git clone https://github.com/x0lg0n/Tetris-game.git
cd Tetris-gamecd Jenkins-Server-TF
terraform init
terraform plan -var-file=variables.tfvars
terraform apply -var-file=variables.tfvarscd ../EKS-TF
terraform init
terraform plan -var-file=variables.tfvars
terraform apply -var-file=variables.tfvars- Access Jenkins UI (EC2 public IP:8080)
- Install required plugins
- Configure credentials:
- AWS credentials (
aws-key) - Docker Hub credentials (
docker) - SonarQube token (
sonar-token) - GitHub token (
github)
- AWS credentials (
- Create pipeline jobs using the Jenkinsfiles
Run the Jenkins pipelines in order:
- EKS-Terraform Pipeline - Provisions infrastructure
- TetrisV1/V2 Pipeline - Builds, scans, and deploys the application
- Code Checkout - Pull latest code from Git
- SonarQube Analysis - Code quality and security analysis
- Quality Gate - Wait for quality gate results
- Dependency Installation - Install npm packages
- OWASP Dependency-Check - Scan for vulnerable dependencies
- Trivy File Scan - Scan source code for vulnerabilities
- Docker Build - Build Docker image
- Docker Push - Push image to Docker Hub
- Trivy Image Scan - Scan Docker image for vulnerabilities
- Update Deployment - Update Kubernetes manifests with new image tag
- Checkout - Pull Terraform code
- Terraform Init - Initialize Terraform working directory
- Terraform Validate - Validate Terraform configuration
- Terraform Plan - Generate execution plan
- Terraform Apply/Destroy - Provision or destroy infrastructure
- SonarQube: Static code analysis for bugs, vulnerabilities, and code smells
- OWASP Dependency-Check: Identifies known vulnerabilities in project dependencies
- Trivy: Comprehensive vulnerability scanner for:
- Source code (file scan)
- Container images (image scan)
- Quality Gates: Automated approval/rejection based on security and quality thresholds
For a complete step-by-step implementation guide, refer to the blog post.
Additional documentation:
- Process.md - Implementation process and milestones
- Tetris-V1/README.md - Tetris V1 specific documentation
- Tetris-V2/README.md - Tetris V2 specific documentation
To avoid unnecessary AWS charges, destroy the infrastructure when done:
# Destroy EKS Cluster
cd EKS-TF
terraform destroy -var-file=variables.tfvars
# Destroy Jenkins Server
cd ../Jenkins-Server-TF
terraform destroy -var-file=variables.tfvarsContributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
- Open-source community for amazing tools and frameworks
- SonarQube for code quality insights
- Trivy for security scanning
- OWASP for dependency security checks
- All contributors who make learning and collaboration possible
Happy Learning! 🚀