vivixell/microservices-demo — explained in plain English
Analysis updated 2026-05-18
Learn how to build a full DevSecOps pipeline on AWS EKS using Terraform, GitHub Actions, and ArgoCD.
See a working example of GitOps deployment where committing new manifests automatically updates a live Kubernetes cluster.
Study how to add automated secret scanning, code quality gates, and container vulnerability scanning to a CI/CD pipeline.
Use as a reference microservices demo app for testing Kubernetes cloud infrastructure setups.
| vivixell/microservices-demo | aasheeshlikepanner/vase | alexzielenski/controller-runtime | |
|---|---|---|---|
| Stars | 0 | 0 | — |
| Language | Go | Go | Go |
| Last pushed | — | — | 2022-04-20 |
| Maintenance | — | — | Dormant |
| Setup difficulty | hard | moderate | hard |
| Complexity | 5/5 | 4/5 | 4/5 |
| Audience | ops devops | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires an AWS account and following the linked external deployment guide to bootstrap Terraform state and cloud infrastructure.
This project is a fork of Google's Online Boutique demo application, an example online shop made up of about eleven small services, adapted here to show a full DevSecOps pipeline running on Amazon's EKS Kubernetes service. Rather than focusing on the shop's features, the point of this repository is to demonstrate how to build, secure, and deploy a microservices app on AWS from end to end. All of the cloud infrastructure, including the Kubernetes cluster, database, container registry, and load balancer, is defined as code using Terraform and applied automatically through a dependency ordered pipeline in GitHub Actions. Once the infrastructure exists, an ArgoCD controller continuously watches a folder of Kubernetes manifests in this repository and keeps the live cluster in sync with whatever is committed there, which is a pattern known as GitOps. The build pipeline that runs on every push does several things in sequence: it scans the code for accidentally committed secrets with Gitleaks, checks code quality with SonarQube's static analysis, builds Docker images only for the services that changed, scans those images for known vulnerabilities with Trivy, and finally pushes the images to a private container registry and commits the new image tags so ArgoCD picks them up. For monitoring, the cluster runs Prometheus and Grafana to collect and display metrics about both the infrastructure and the running application. DNS is handled automatically too: a tool called ExternalDNS watches for new load balancer addresses and creates the matching DNS records in Amazon Route 53, so nobody has to set up DNS records by hand. The repository is organized into a one-time bootstrap step for shared state storage, a terraform folder with separate modules for each piece of infrastructure, a kubernetes-manifests folder that ArgoCD watches, the source code for all the microservices, a teardown script for tearing down all AWS resources, and GitHub Actions workflow files for infrastructure, builds, and teardown. A companion article linked from the README walks through the full setup process step by step.
A DevSecOps reference project that deploys Google's Online Boutique microservices demo to AWS EKS using Terraform, ArgoCD GitOps, and automated security scanning.
Mainly Go. The stack also includes Go, Kubernetes, Terraform.
Setup difficulty is rated hard, with roughly 1day+ to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.