A full-stack banking application demonstrating modern DevSecOps practices with Harness CI/CD, featuring comprehensive security scanning, automated testing, and Kubernetes deployment.
This application consists of three main components:
- Frontend: Angular 17 web application with Bootstrap UI and Harness Feature Flags integration
- Backend: Django 5.0 REST API with JWT authentication and Swagger documentation
- Infrastructure: Kubernetes-based deployment with Helm charts
- User authentication and authorization (JWT)
- Banking operations (accounts, transfers, payments)
- Mortgage and loan management
- Investment portfolio tracking
- Credit score monitoring
- Transaction history and statements
- Bill payment scheduling
- Multi-factor authentication support
- Continuous Integration: Automated build and test pipeline
- Test Intelligence: Smart test selection with pytest
- Security Scanning:
- OWASP Dependency Check
- OSV Scanner for vulnerability detection
- Aqua Trivy container scanning
- DAST (Dynamic Application Security Testing)
- SBOM Generation: SPDX-JSON format
- Container Registry: Docker Hub integration
- Deployment Strategies:
- Rolling deployment for frontend
- Canary deployment with verification for backend
- Continuous Verification: Automated deployment validation
- Docker and Docker Compose
- Python 3.9+
- Node.js 18+ and npm
- Kubernetes cluster (for deployment)
- Harness account (for CI/CD pipeline)
- Navigate to the backend directory:
cd backend- Create a virtual environment:
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate- Install dependencies:
pip install -r requirements.txt- Run migrations:
python manage.py migrate- Start the development server:
python manage.py runserverThe backend API will be available at http://localhost:8000
- Navigate to the frontend directory:
cd frontend-app/harness-webapp- Install dependencies:
npm install- Start the development server:
npm startThe frontend will be available at http://localhost:4200
Execute the test suite:
cd python-tests
pytestcd backend
docker build -t devsecops-backend .cd frontend-app/harness-webapp
docker build -t devsecops-frontend .The application includes Helm charts for Kubernetes deployment:
# Deploy backend
helm install backend ./harness-deploy/backend
# Deploy frontend
helm install frontend ./harness-deploy/frontendThe application uses Harness for continuous integration and deployment. The pipeline includes:
- Test Intelligence: Runs pytest with intelligent test selection
- Compile: Application compilation using org template
- Security Scanning (Parallel):
- OWASP dependency scanning
- OSV vulnerability scanning
- Container Build: Docker image build and push to registry
- Container Scanning: Aqua Trivy scan with SBOM generation
- Frontend Deployment: Rolling deployment to Kubernetes
- Backend Deployment (Parallel with DAST):
- Canary deployment with 1 instance
- Continuous verification (5 min duration)
- Manual intervention on verification failure
- Full rolling deployment after verification
- DAST Scans: Dynamic security testing
- Project: Platform_Engineering
- Organization: demo
- Repository: org.devsecops
- Live URL: https://devsecops.harness-demo.site
The following environment variables are used in production:
Backend:
SECRET_KEY: Django secret key (must be set in production)DEBUG: Set toFalsein productionHOSTNAME: Deployment hostnameSERVICE_NAME: Service identifierEXECUTION_USER: Deployment userLAST_EXECUTION_ID: Last pipeline execution IDAPPLICATION_VERSION: Application versionARTIFACT_VERSION: Artifact version
Frontend:
- Feature flag SDK configuration
- API endpoint configuration
- Move
SECRET_KEYto environment variables - Set
DEBUG = False - Configure
ALLOWED_HOSTSproperly - Use environment-specific configuration
- Enable HTTPS/SSL
- Configure proper CORS settings
- Review and update security middleware
The backend API includes Swagger/OpenAPI documentation:
- Swagger UI:
http://localhost:8000/swagger/ - ReDoc:
http://localhost:8000/redoc/
The project includes comprehensive test coverage:
- Credit Score Tests:
python-tests/test_credit_score.py - Mortgage Tests:
python-tests/test_mortgages.py - Payment Tests:
python-tests/test_payments.py
Run all tests:
cd python-tests
pytest -v- Angular 17
- TypeScript 5.3
- Bootstrap 5.3
- NgBootstrap
- Harness Feature Flags SDK
- RxJS
- Django 5.0
- Django REST Framework
- djangorestframework-simplejwt
- django-cors-headers
- drf-yasg (Swagger/OpenAPI)
- Gunicorn
- PostgreSQL support (psycopg2)
- scikit-learn (ML capabilities)
- Docker
- Kubernetes
- Helm
- Harness CI/CD
- OWASP Dependency Check
- OSV Scanner
- Aqua Trivy
- pytest
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is a demonstration application for DevSecOps practices.
For questions or issues, please open an issue in the repository or contact the development team.
Note: This is a demo application for educational and workshop purposes. Review and update security configurations before using in production environments.