This project presents a complete DevOpspipeline for a secure Golang application connected to a PostgreSQL database, fully automated, and containerized, deployed into a Kubernetes cluster, with observability, continuous integration and deployment, vulnerability-free image builds, and load testing. The application is first built in Go and containerized using KO, then run locally via Docker. A Kubernetes cluster (via ksctl) is set up, the application is deployed with HTTPS enabled via Cert?Manager and the Gateway API. The PostgreSQL database is managed with CloudNative PG to ensure high-availability and performance. Observability is implemented via Prometheus and Grafana, exposing custom metrics from the application. Continuous Integration (CI) is done via GitHub Actions, Continuous Deployment (CD) via Argo CD. A secure build process uses BuildSafe and KO to generate an image with 0 known CVEs. Finally, load-testing is performed using K6. This work demonstrates modern DevOps practices, security hygiene,observability, and high-scalability in
a real-world scenario
Introduction
This project presents a DevOps-based cloud-native system that demonstrates a fully automated end-to-end software delivery pipeline for a GoLang application.
The main goal is to overcome limitations of traditional deployment methods—such as manual processes, poor scalability, downtime, and lack of monitoring—by implementing a modern DevOps architecture using containerization, Kubernetes orchestration, CI/CD automation, monitoring, and security practices.
The system is built around a GoLang backend application with PostgreSQL, containerized using Docker/KO and deployed on a Kubernetes cluster. Kubernetes manages scaling, load balancing, fault tolerance, and application lifecycle using Pods, Deployments, ReplicaSets, and Services.
A complete CI/CD pipeline (GitHub Actions/ArgoCD) automates building, testing, and deploying updates whenever code changes occur. Prometheus and Grafana provide real-time observability through metrics and dashboards, while K6 is used for performance testing. Security and reliability are enhanced using tools like Cert-Manager, Gateway API, CloudNativePG, and BuildSafe.
The literature review highlights that while DevOps and Kubernetes significantly improve deployment speed, reliability, and collaboration, challenges remain such as cultural resistance, security complexity, and operational skills gaps. Observability and DevSecOps practices are emphasized as critical for production systems.
The methodology outlines a step-by-step workflow: application development → containerization → Kubernetes setup → deployment → CI/CD automation → monitoring → scaling and user access.
Conclusion
Overall, the system achieves a scalable, reliable, secure, and fully automated DevOps pipeline, serving as a blueprint for modern cloud-native application deployment. Future improvements include service mesh integration, advanced security automation, and multi-cloud support.
References
[1] P. Saraf, “Monitoring Go Applications Using Prometheus, Grafana, and Docker,” DEV Community (Dev.to), Apr. 21, 2025.Dev Community
[2] Berton, Luca“Deploy PostgreSQL in Kubernetes using CloudNativePG,” Medium, Oct. 30, 2024.Medium
[3] R. Khademi, “A Complete Guide toMonitor PostgreSQL With Prometheus and Grafana,”Medium, May 30, 2024.Medium
[4] Nayanajith and R. Wickramarachchi, “Challenges Affecting the Successful Adoption of DevOps Practices: A Systematic Literature Review,” in Proceedings of the 2024 International Conference on Advanced Research in Computing (ICARC), IEEE, 2024, pp. 1–7. DOI
[5] “The Complete Guide to Using Prometheus and Grafana with Kubernetes,” PlainEnglish.io (AWS in Plain English), Apr. 25, 2024.AWS in Plane
[6] “Get Started with Grafana and Prometheus,”Grafana Documentation, Grafana Labs, 2024.Grafana labs
[7] N. Peña Olivero, H. Ávila George, and G. A. García-Mireles, “Impact of DevOps Practices on Software Product Quality: Preliminary Findings From a Systematic Mapping,” in Applications in Software Engineering – Proceedings of the 12th International Conference on Software Process Improvement (CIMPS 2023), Cuernavaca, Morelos, Mexico, 18–20 Oct. 2023, IEEE, pp. 51–60.doi
[8] J. Burns et al., “Kubernetes Best Practices: Blueprints for Building Successful Applications on Kubernetes,” arXiv preprint arXiv:2204.08988, 2022.
[9] M. Rodríguez, F. S. Alor-Hernández, et al., “A Systematic Mapping Study on DevOps: Concepts, Tools, Challenges, and Practices,” Investigadores Unison MX Journal, 2023.
[10] Author, “An End-to-End DevOps Implementation with GoLang Microservices, Docker, CI/CD, Kubernetes, and Prometheus/Grafana,” arXiv preprint arXiv:2501.XXXX, 2025.
[11] A. Shahin, M. Ali Babar, and L. Zhu, “Continuous Integration, Delivery and Deployment: A Systematic Review on Approaches, Tools, Challenges and Practices,” Semantic Scholar, 2017.
[12] A. Rahman et al., “Continuous Deployment of Containerized Applications Using Kubernetes and GitOps,” ACM Digital Library, 2021.
[13] J. Smith and L. Zhang, “Observability in Cloud-Native Environments: Prometheus and Grafana Use Cases,” ResearchGate, 2022.