Skip to content

Latest commit

 

History

History
126 lines (89 loc) · 4.84 KB

README.md

File metadata and controls

126 lines (89 loc) · 4.84 KB

Zomeal: Where Culinary Delight Meets Cutting-Edge Security and Deployment

Build, Analyze, Scan

Welcome to Zomeal, an advanced DevSecOps project designed to clone Zomato with enhanced security and deployment capabilities. Leveraging cutting-edge technologies like React, Node.js, Docker, Kubernetes, GitHub Actions, SonarQube, Trivy, Jenkins, and OWASP principles, Zomeal ensures a seamless, secure, and scalable dining experience.

Table of Contents

  1. Project Overview
  2. Tech Stack
  3. Features
  4. Installation
  5. Usage
  6. Available Scripts
  7. Security and Testing
  8. CI/CD Pipeline
  9. Build Details
  10. Learn More
  11. License

Project Overview

Zomeal is your ultimate culinary guide, designed to provide a seamless experience for discovering eateries and hidden gems. With a focus on security, continuous integration, and high performance, Zomeal aims to revolutionize the way you explore and enjoy food.

Tech Stack

  • Frontend: React
  • Backend: Node.js
  • Containerization: Docker
  • Orchestration: Kubernetes
  • CI/CD: GitHub Actions
  • Code Quality: SonarQube
  • Vulnerability Scanning: Trivy
  • Automation: Jenkins
  • Security: OWASP

Features

  • Create React App: Bootstrapped for easy setup and development.
  • Containerization: Docker ensures consistent environments across different stages.
  • Orchestration: Kubernetes for managing and scaling clusters.
  • Continuous Integration and Deployment: Automated pipelines with GitHub Actions.
  • Code Quality and Security: Integrated SonarQube and Trivy for robust scanning.
  • OWASP Compliance: Adherence to top security practices for web applications.

Installation

Clone the repository:

git clone https://github.com/SUGAM-ARORA/Zomeal.git
cd Zomeal

Install dependencies:

npm install

Usage

npm start

Runs the app in development mode.
Open http://localhost:3000 to view it in your browser.

The page will reload if you make edits.
You will also see any lint errors in the console.

npm test

Launches the test runner in interactive watch mode.
See the section about running tests for more information.

npm run build

Builds the app for production to the build folder.
It correctly bundles React in production mode and optimizes the build for the best performance.

Available Scripts

npm run eject

Ejects the app for full control over configuration files and dependencies.

Additional Scripts

Security and Testing

  • SonarQube: Scans code for vulnerabilities and code smells.
  • Trivy: Checks Docker images for vulnerabilities.
  • OWASP Compliance: Ensures adherence to top security practices.

CI/CD Pipeline

  • GitHub Actions: Automated workflows for continuous integration and deployment.
  • Jenkins: Used for advanced automation tasks.
  • SonarQube and Trivy: Integrated into the pipeline for continuous security checks.

Build Details

Build, Analyze, Scan

  • Build Status: Automatically triggered on push and pull request events.
  • Analysis: Runs SonarQube analysis for code quality.
  • Scanning: Utilizes Trivy for vulnerability scanning.

Learn More

License

This project is licensed under the MIT License.