Sample Applications Deployment Summary

Overview

This implementation successfully deploys three sample applications (Java Spring Boot, Python FastAPI, and Node.js Express) to demonstrate the Fawkes platform capabilities and enable DORA metrics collection.

What Was Deployed

1. Sample Java Spring Boot Application (`sample-java-app`)

Location: services/samples/sample-java-app/
Framework: Spring Boot 3.4.1 with Java 21 LTS
Features:
REST API with health and actuator endpoints
Prometheus metrics via /actuator/prometheus
Security scanning (SonarQube, Trivy)
BDD tests with Cucumber
Docker containerization with multi-stage build
Access: https://sample-java-app.fawkes.idp
ArgoCD Application: platform/apps/samples/sample-java-app-application.yaml

2. Sample Python FastAPI Application (`sample-python-app`)

Location: services/samples/sample-python-app/
Framework: FastAPI 0.115.5 with Python 3.12
Features:
High-performance async REST API
Prometheus metrics via /metrics
Uvicorn ASGI server
BDD tests with Behave
Structured logging with JSON format
Access: https://sample-python-app.fawkes.idp
ArgoCD Application: platform/apps/samples/sample-python-app-application.yaml

3. Sample Node.js Express Application (`sample-nodejs-app`)

Location: services/samples/sample-nodejs-app/
Framework: Express 4.21.1 with Node.js 20
Features:
Lightweight REST API
Prometheus metrics with prom-client via /metrics
Winston logging
BDD tests with Cucumber
ESLint code quality
Access: https://sample-nodejs-app.fawkes.idp
ArgoCD Application: platform/apps/samples/sample-nodejs-app-application.yaml

Key Features

GitOps Deployment

All applications are deployed using ArgoCD with:

Automated sync and self-heal enabled
Source: https://github.com/paruff/fawkes.git
Target namespace: fawkes-samples
Sync policy: prune and self-heal

DORA Metrics Collection

Each application has DORA metrics annotations:

annotations:
  dora.fawkes.io/collect-metrics: "true"
  dora.fawkes.io/environment: "dev"

This enables tracking of:

Deployment Frequency: ArgoCD sync events
Lead Time for Changes: Commit to deployment time
Change Failure Rate: Failed syncs + incidents
Mean Time to Restore: Incident to recovery time

Ingress Configuration

All applications have:

TLS termination with cert-manager
nginx ingress class
SSL redirect enabled
Configured hostnames: {app-name}.fawkes.idp

Security Best Practices

Each application implements:

Non-root container execution (UID 65534)
Read-only root filesystem
All capabilities dropped
Security context with seccomp profile
Resource requests and limits

Prometheus Metrics

All applications expose metrics:

Java: /actuator/prometheus (Spring Actuator)
Python: /metrics (prometheus-client)
Node.js: /metrics (prom-client)

Pod annotations ensure automatic scraping:

prometheus.io/scrape: "true"
prometheus.io/port: "{port}"
prometheus.io/path: "/metrics"

Health Checks

Each application provides health endpoints:

Java: /actuator/health, /actuator/health/liveness, /actuator/health/readiness
Python: /health, /ready
Node.js: /health, /ready

Kubernetes probes are configured for liveness and readiness.

Backstage Catalog Integration

Each app includes catalog-info.yaml with:

Component metadata
API definitions (OpenAPI)
Kubernetes integration
GitHub repository links
Owner and lifecycle information

Deployment Instructions

Deploy All Sample Applications

# Apply ArgoCD applications
kubectl apply -f platform/apps/samples/

# Wait for applications to sync
argocd app wait sample-java-app sample-python-app sample-nodejs-app

# Check deployment status
kubectl get pods -n fawkes-samples

Deploy Individual Applications

# Java app
kubectl apply -f platform/apps/samples/sample-java-app-application.yaml

# Python app
kubectl apply -f platform/apps/samples/sample-python-app-application.yaml

# Node.js app
kubectl apply -f platform/apps/samples/sample-nodejs-app-application.yaml

Verify Deployment

# Check ArgoCD applications
kubectl get applications -n fawkes | grep sample

# Check pods
kubectl get pods -n fawkes-samples

# Check services
kubectl get services -n fawkes-samples

# Check ingress
kubectl get ingress -n fawkes-samples

# Test health endpoints
curl https://sample-java-app.fawkes.idp/actuator/health
curl https://sample-python-app.fawkes.idp/health
curl https://sample-nodejs-app.fawkes.idp/health

# Test metrics endpoints
curl https://sample-java-app.fawkes.idp/actuator/prometheus
curl https://sample-python-app.fawkes.idp/metrics
curl https://sample-nodejs-app.fawkes.idp/metrics

Acceptance Testing

A comprehensive BDD test has been created to validate the deployment:

Location: tests/bdd/features/sample-apps-deployment.feature
Coverage:
ArgoCD application creation and sync
Kubernetes resource deployment
Ingress accessibility
Health endpoint verification
Prometheus metrics exposure
DORA metrics annotations
Backstage catalog registration
Security context validation
Resource limits verification

Run Acceptance Tests

cd tests/bdd
./run-test.sh features/sample-apps-deployment.feature

Monitoring and Observability

View DORA Metrics

DevLake Dashboard: https://devlake.fawkes.idp
Grafana DORA Dashboard: https://grafana.fawkes.idp/d/dora-metrics

View Application Metrics

Prometheus: https://prometheus.fawkes.idp
Query: {app=~"sample-.*"}
Grafana: https://grafana.fawkes.idp
Dashboards created for each application

View Logs

OpenSearch: https://opensearch.fawkes.idp
Filter by namespace: fawkes-samples
Filter by app: sample-java-app, sample-python-app, sample-nodejs-app

View Traces

Grafana Tempo: https://grafana.fawkes.idp/explore?ds=tempo
Query by service name

CI/CD Integration

Each application includes a Jenkinsfile for CI/CD:

Build Stage: Compile and package
Test Stage: Unit tests and BDD tests with coverage
Scan Stage: SonarQube SAST and Trivy container scanning
Package Stage: Build Docker image
Publish Stage: Push to Harbor registry
Deploy Stage: Update GitOps repository

Quality gates enforce:

Zero new bugs/vulnerabilities (SonarQube)
No HIGH/CRITICAL vulnerabilities (Trivy)
Test coverage ≥ 80%
All tests passing

Files Created