DevOps CI/CD Pipeline for Cloud Microservice

Overview

This project demonstrates a complete DevOps pipeline for a cloud-based FastAPI microservice built in SWE-455: Cloud Applications Engineering at KFUPM. The system performs CRUD operations on quotes and is fully automated through GitHub Actions for continuous integration, testing, and deployment to Render Cloud.

1. Architecture

  • Framework: FastAPI + Uvicorn
  • Containerization: Docker for reproducible builds
  • CI/CD: GitHub Actions (multi-stage workflows)
  • Testing: Pytest for unit and integration testing
  • Security: CodeQL for static vulnerability scanning
  • Deployment: Render Cloud (auto from main branch)

2. Pipeline Flow

The pipeline automates the full lifecycle from commit to deployment:

  1. Run flake8 to ensure PEP8 compliance.
  2. Execute pytest for automated unit/integration tests.
  3. Perform CodeQL security analysis.
  4. If on main branch → deploy automatically to Render.
name: CI/CD Pipeline
on:
  push:
    branches: [ main, dev, staging ]
jobs:
  lint-test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Install dependencies
        run: pip install -r requirements.txt
      - name: Run Linter
        run: flake8 .
      - name: Run Tests
        run: pytest
  deploy:
    needs: lint-test
    if: github.ref == 'refs/heads/main'
    runs-on: ubuntu-latest
    steps:
      - name: Deploy to Render
        run: curl -X POST ${{ secrets.RENDER_DEPLOY_HOOK }}

3. Branch Strategy

BranchPurposePipeline Stage
devDevelopment and feature testingCI only (lint, test)
stagingIntegration and pre-productionCI + preview
mainProduction releaseFull CI/CD + deploy

4. Quality and Security

  • 100% automated tests using Pytest for CRUD API endpoints.
  • CodeQL ensures zero known vulnerabilities before merge.
  • Branch protection prevents merging without passing CI.
  • Artifacts and logs automatically stored for traceability.

5. DevOps Practices

  • GitHub Project Board for agile tracking (To-Do → In-Progress → Done).
  • Pull requests tied to specific issues for accountability.
  • Review-based merges with automated checks.

Project Information

  • Category: DevOps / Cloud Automation
  • Course: SWE 455 – Cloud Applications Engineering
  • Instructor: Dr. Fakhri Alam Khan
  • Team: Abdulrahman Sharqawi, Mohab Hussien, Basil Al-Ashqar
  • Technologies: FastAPI, Docker, GitHub Actions, CodeQL, Pytest, Render
  • Live API: https://quote-api-hucb.onrender.com
  • Documentation: Download Full Report (PDF)

Key Achievements

  • Implemented full CI/CD with GitHub Actions and Render Cloud.
  • Achieved secure, automated deployment pipeline.
  • Integrated static analysis and testing into every commit.
  • Applied agile and DevOps best practices in a real project.

Conclusion

This project showcased the end-to-end principles of DevOps automation — continuous integration, delivery, and security in a reproducible, cloud-based environment. It provided practical experience with pipelines, microservices, and secure deployment workflows that mirror modern industry standards.