DockFast: Automating CI/CD with Jenkins and ArgoCD #
In today’s DevOps-driven environments, automation is the backbone of software delivery. This guide walks through deploying a secure, scalable, and observable CI/CD pipeline in a home lab setup using industry-standard tools:
- Docker for containerization
- Kubernetes (Minikube) for orchestration
- Jenkins for CI automation
- SonarQube for static code analysis
- Trivy for vulnerability scanning
- ArgoCD for GitOps-based continuous delivery
- Prometheus & Grafana for monitoring and observability
By the end, you’ll have a production-ready pipeline that automates builds, enforces code quality, scans for vulnerabilities, and deploys to Kubernetes with monitoring and self-healing capabilities.
Docker: Containerization for CI/CD Pipelines #
Docker is the foundation for containerized workloads, enabling consistent environments across dev, staging, and production.
Why Docker? #
- Consistency across environments
- Faster, lightweight deployments compared to VMs
- Portability for microservices and DevOps workflows
Core components: Docker Engine, Images, Containers, and Docker Compose.
Steps: #
- Build Docker images
docker build -t arbaazij/back_jnks App-files/backend/.
docker build -t arbaazij/front_jnks App-files/frontend/.
- Test with Docker Compose
docker compose up
docker compose build --no-cache
docker compose up
- Push images to Docker Hub
docker login
docker push arbaazij/back_jnks
docker push arbaazij/front_jnks
Kubernetes with Minikube: Orchestration Layer #
-
Kubernetes (K8s) automates deployment, scaling, and management of containerized applications.
-
Key Features:
-
Automated scaling & load balancing
-
Self-healing for failed pods
-
Declarative YAML-based configuration
-
Service discovery
-
-
Setup:
# Ubuntu
minikube start --memory=8192
# Mac
minikube start --driver=hyperkit
# Windows
minikube start --driver=hyperv
- Enable add-ons:
minikube addons enable ingress
minikube addons enable metrics-server
Jenkins: Continuous Integration (CI) #
-
Jenkins automates the build → test → deploy cycle.
-
Why Jenkins?
-
Pipelines for CI/CD automation
-
Huge plugin ecosystem
-
Integrates with Git, Docker, Kubernetes, AWS, etc.
-
Distributed builds for scaling
-
-
Setup Essentials:
-
Install plugins: Docker, SonarQube Scanner, Dependency Check, NodeJS, JDK
-
Configure SonarQube & Docker integrations
-
Add credentials for Git, Docker Hub, and SonarQube
-
Create pipelines with Pipeline Script from SCM
-
Pipeline builds can be debugged one stage at a time for efficiency.
-
SonarQube: Continuous Code Quality & Security #
-
SonarQube enforces clean code standards in CI/CD.
-
Benefits:
-
Detects bugs, vulnerabilities, and code smells
-
Enforces Quality Gates for production readiness
-
Supports 25+ programming languages
-
Deploy with Docker Compose for persistence:
-
version: "3"
services:
db:
image: postgres:12-alpine
environment:
- POSTGRES_USER=sonar
- POSTGRES_PASSWORD=sonar
- POSTGRES_DB=sonar
volumes:
- postgres_data:/var/lib/postgresql/data
sonarqube:
image: sonarqube:community
depends_on: [db]
ports:
- "9000:9000"
volumes:
postgres_data:
Access: http://localhost:9000
Trivy: DevSecOps Vulnerability Scanning #
Trivy scans container images, IaC, and repositories for vulnerabilities and misconfigurations.
sudo apt-get install wget apt-transport-https gnupg lsb-release
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install trivy
Use Trivy inside Jenkins pipelines to block vulnerable builds.
OLM: Operator Lifecycle Management #
Operator Lifecycle Manager simplifies installing and managing Kubernetes Operators like Prometheus and ArgoCD.
kubectl create -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.31.0/crds.yaml
kubectl create -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.31.0/olm.yaml
ArgoCD: GitOps Continuous Delivery #
-
ArgoCD enables declarative GitOps workflows for Kubernetes.
-
Why ArgoCD?
-
Git as the single source of truth
-
Automated syncing and rollbacks
-
Self-healing when unhealthy deployments occur
-
RBAC for secure multi-team collaboration
-
-
Deployment YAML:
apiVersion: argoproj.io/v1alpha1
kind: ArgoCD
metadata:
name: argocd
labels:
app: argocd
spec: {}
Prometheus & Grafana: Monitoring & Observability #
-
Prometheus
-
Collects time-series metrics from Kubernetes workloads
-
Includes Alertmanager for incident detection
-
Integrated with ServiceMonitors for scraping custom metrics
-
kubectl port-forward -n monitoring svc/prometheus-operated 9090:9090
- Expose custom app metrics:
app.get('/metrics', async (req, res) => {
res.set('Content-Type', promClient.register.contentType);
res.end(await promClient.register.metrics());
});
-
Grafana
-
Provides real-time dashboards from Prometheus data
-
Supports alerts & anomaly detection
-
RBAC for secure monitoring
-
-
Query Example:
rate(http_requests_total{namespace!="",pod!="",path!=""}[5m])
Final Results #
-
CI/CD Automation with Jenkins
-
Code Quality Gates with SonarQube
-
Security Scans with Trivy
-
GitOps Deployments with ArgoCD
-
Monitoring & Alerting with Prometheus
-
Visual Dashboards with Grafana
This pipeline integrates CI/CD, DevSecOps, GitOps, and Observability into a single streamlined workflow for modern cloud-native applications.