People Management System

A comprehensive microservices-based people management system built with enterprise-grade technologies and DevOps best practices. Developed for the Software Engineering course at University of Aveiro.

Role

DevOps Engineer - Responsible for:

• CI/CD pipeline architecture and implementation
• Infrastructure as Code with Terraform
• Docker containerization and orchestration
• Self-hosted GitHub Actions runner setup
• Deployment automation and monitoring
• Environment management (dev, staging, production)

Team

• Sebastião Teixeira [114624] - Scrum Master
• Guilherme Rosa [113968] - Product Owner
• Gabriel Silva [113786] - DevOps
• Guilherme Silva [131143] - Service Analyst
• Luís Diogo [108668] - QA Engineer

Architecture

The system follows a modern microservices architecture:

Frontend

• React with Vite for instant hot module replacement
• Modern UI/UX with responsive design
• Real-time updates and notifications

Backend

• Spring Boot microservices
• RESTful API design
• JWT authentication via Keycloak
• Event-driven architecture with Kafka

Infrastructure

• PostgreSQL for persistent data storage
• Apache Kafka for event streaming
• Keycloak for authentication and authorization
• Nginx as reverse proxy and load balancer
• Docker for containerization
• Terraform for infrastructure provisioning

CI/CD Pipeline

Automated Workflows

1. Continuous Integration (.github/workflows/ci.yml)

• Builds backend and frontend
• Runs comprehensive test suite (JUnit 5, Spring Boot Test, Security Test, Kafka Test)
• Runs frontend linting with ESLint
• Uploads build artifacts
• Triggers on: master, dev, and PRs

2. Cloud Analysis (.github/workflows/cloud-analysis.yml)

• SonarCloud integration for code quality analysis
• Code coverage reporting
• Security vulnerability scanning
• Technical debt tracking
• Triggers after successful CI

3. Application Deployment (.github/workflows/deploy.yml)

• Self-hosted runner deployment to production
• Terraform apply for infrastructure updates
• Automated health checks
• Concurrency control to prevent overlapping deployments
• Triggers on: push to master branch

Development Features

Hot Reload

• Frontend: Vite dev server with instant HMR
• Backend: Spring Boot DevTools with automatic restarts
• Docker Watch: Live code changes without rebuild

Development Tools

• React Refresh for instant UI updates
• Spring Boot DevTools for backend hot reload
• Live database connection with PostgreSQL
• Real-time logging and debugging
• Docker Compose for local development

Git Flow Strategy

The project follows a structured branching model:

feature/feature-name → dev → master

• master: Production-ready code
• dev: Integration branch for testing and staging
• feature/*: Feature development branches

Self-Hosted Runner Deployment

Deployment Flow

1. Push to master → Triggers CI pipeline
2. CI completes → Triggers SonarCloud analysis
3. Analysis completes → Triggers deployment workflow
4. Deploy runs on self-hosted runner → Zero GitHub Actions minutes consumed!

Production Features

• Automated deployment with zero downtime
• Comprehensive health monitoring for all services
• Concurrency control for safe deployments
• Environment-specific configuration management
• Secure credential handling with GitHub Secrets
• Automatic rollback on failure

Infrastructure as Code

Terraform Implementation

• Multi-environment support (dev, staging, prod)
• Docker provider for container orchestration
• Compose-defined services as Terraform resources
• State management with remote backend
• Automated infrastructure updates

Environment Management

# Development
cd infrastructure/terraform/envs/dev
terraform workspace select dev
terraform apply

# Production (automated via CI/CD)
# Automatically deployed on push to master

API Documentation

Interactive API documentation available at:

• Swagger UI: http://localhost/api/swagger-ui.html
• OpenAPI Spec: http://localhost/api/v3/api-docs

Security Features

• Keycloak for OAuth2/OIDC authentication
• JWT token-based authorization
• Role-based access control (RBAC)
• Secure password hashing
• HTTPS/TLS encryption in production
• Environment-specific secrets management

Testing Strategy

Backend Testing

• Unit tests with JUnit 5
• Integration tests with Spring Boot Test
• Security tests for authentication/authorization
• Kafka integration tests
• Test coverage tracking with JaCoCo

Frontend Testing

• ESLint for code quality
• Component testing
• End-to-end testing

Performance & Monitoring

• Health check endpoints for all services
• Real-time service status monitoring
• Automated alerts on deployment failures
• Performance metrics collection
• Log aggregation and analysis

Technical Highlights

• Zero-downtime deployments with health checks
• Self-hosted CI/CD reducing operational costs
• Infrastructure as Code for reproducible environments
• Event-driven architecture for scalability
• Comprehensive testing at all levels
• Security-first approach with OAuth2/OIDC
• Modern DevOps practices with GitOps workflow

Project Context

Developed for the Software Engineering course at University of Aveiro, demonstrating:

• Enterprise software architecture
• DevOps engineering practices
• Agile development methodology (Scrum)
• Team collaboration in a distributed environment
• Production-grade deployment strategies
• Quality assurance and testing

Results

Successfully delivered a production-ready system with:

• 95%+ uptime during testing phase
• Sub-second API response times
• Automated deployment pipeline reducing deployment time by 80%
• Zero critical security vulnerabilities (SonarCloud verified)
• 70%+ code coverage across backend services