Java Spring-Boot Petclinic Microservices
Java Spring-Boot Petclinic Microservices
Overview
A production-style deployment of the Spring-Boot Petclinic application rebuilt as microservices, enhanced with a full DevSecOps CI/CD pipeline, Istio service mesh, and end-to-end observability. Led a team of 4 as Team Leader.
Period: Nov 2025 – Dec 2025 | Team: 4 members | Role: Team Leader
Tech Stack
- CI/CD: Jenkins (multi-stage pipeline) · ArgoCD (GitOps CD)
- Security / Quality: SonarQube (SAST, code quality)
- Orchestration: Kubernetes (1 master + 1 worker on GCP Compute Engine) · Helm · Kustomize
- Service Mesh: Istio (mTLS, traffic management)
- Observability: Prometheus · Grafana · Loki · Grafana Alloy · Zipkin
Repositories
| Component | Link |
|---|---|
| Main Helm Chart | GitHub |
| Service Mesh Helm Chart | GitHub |
| Ingress Helm Chart | GitHub |
| Observability Helm Chart | GitHub |
| Base Project (Jenkins configured) | GitHub |
Key Achievements
- CI Pipeline (Jenkins + SonarQube): Built a multi-stage Jenkinsfile covering lint, unit tests, container build & push, and security scans applied at each phase. SonarQube scanning enforced against multiple security standards.
- CD (ArgoCD + Helm/Kustomize): Created Helm Charts and Kustomize manifests for GitOps-driven continuous delivery onto a Kubernetes cluster provisioned on GCP Compute Engine.
- Observability: Integrated Prometheus, Grafana, Loki, Zipkin, and Grafana Alloy to achieve full Metrics ↔ Traces ↔ Logs correlation. Custom dashboards expose request rates, p95 latency, and 5xx error alerts.
- Service Mesh: Configured Istio namespace-wide with mTLS enforced on all connections for a hardened network environment.
- Security & Resource Tuning: Applied namespace isolation, resource limits, and fluent label-based log routing via Alloy.