This project demonstrates a DevOps pipeline that integrates:
- β Flask app containerized with Docker
- β Trivy scanning for vulnerabilities & SBOM
- β Promtail β Loki pipeline for log collection
- β GitHub Actions CI/CD to build & push images
It provides a mini end-to-end setup for secure, observable, and automated deployments.
- βοΈ Dockerization of Flask applications
- π Image scanning & SBOM generation using Trivy
- π Log aggregation pipeline with Promtail + Loki
- π CI/CD automation using GitHub Actions workflows
- π Infrastructure as Code with
docker-compose& YAML - π Python web development with logging to files
| Layer | Tools / Tech |
|---|---|
| Backend App | Python (Flask) |
| Security | Trivy (SBOM + vulnerability scan) |
| Log Forwarding | Promtail |
| Log Aggregation | Loki |
| Containerization | Docker, Docker Compose |
| CI/CD | GitHub Actions |
| Source Control | Git, GitHub |
| DevOps Skills | CI/CD, Observability, Security, YAML |
flasktrivylokidemo/ βββ app.py # Flask application βββ Dockerfile # Flask app Dockerfile βββ docker-compose.yml # Multi-service setup (Flask, Loki, Promtail) βββ promtail-config.yaml # Promtail log forwarder config βββ loki-config.yml # Loki configuration βββ .github/ β βββ workflows/ β βββ gitworkflow.yml # GitHub Actions pipeline βββ requirements.txt # Flask dependencies βββ README.md
GitHub Actions workflow automates:
- Build Docker image of Flask app
- Scan image with Trivy (optional extension)
- Push to Docker Hub automatically
- Clone the repo:
git clone https://github.com/<your-username>/flasktrivylokidemo.git cd flasktrivylokidemo
Start services:
bash Copy Edit docker-compose up -d Access:
Flask app β http://localhost:5000
Loki API β http://localhost:3100
π Future Improvements Add Grafana dashboards for Loki logs
Extend Trivy scans with GitHub Action reports
Deploy to Kubernetes for scaling