All Modules Mission Architecture Milestones Done Checklist

Capstone Project

Take the notes app from source code to a monitored, auto-deployed production system.

Module 12 · Everything from Modules 6–11, end to end. Your portfolio piece.

Project Capstone 4–8 hours

The Mission

No new tools this time. Your job is to assemble everything you've learned into one working pipeline: a developer pushes code, and minutes later a tested, containerized, monitored app is running on a cluster — with zero manual steps.

Definition of success

A teammate clones your repo, runs one command to bring it up locally, and a git push to main automatically tests, builds, publishes, and deploys the notes app — with a Grafana dashboard showing it's healthy.

This is the project you put on your résumé and GitHub. By the end you'll have a repo that demonstrates the entire DevOps lifecycle on a single, real application.

The Full Picture

Here's how the pieces you've built across the course connect into one system:

┌──────────┐ git push ┌─────────────────────────┐ │ Developer │ ────────────▶ │ GitHub repo (main) │ └──────────┘ └────────────┬────────────┘ │ triggers ▼ ┌───────────────────────────────────────┐ │ GitHub Actions (Module 9) │ │ test ─▶ build image ─▶ push to GHCR │ │ └──────────▶ deploy │ └───────────────────────┬───────────────┘ │ kubectl apply ▼ ┌──────────────── Kubernetes cluster (Module 8) ───────────────┐ │ │ │ ┌─────────────┐ ┌─────────────┐ │ │ │ web (x2) │ ─────▶ │ db (Postgres)│ │ │ │ notes-app │ └─────────────┘ │ │ │ /metrics │ │ │ └──────┬──────┘ │ │ │ scraped by │ │ ┌──────▼──────┐ ┌─────────────┐ │ │ │ Prometheus │ ─────▶ │ Grafana │ (Module 11) │ │ └─────────────┘ └─────────────┘ │ └──────────────────────────────────────────────────────────────┘ Local dev: docker compose up (Modules 6 & 7) │ Infra: Terraform (Module 10)

Every module has a role

6 Dockerfile · 7 Compose for local dev · 8 Kubernetes manifests · 9 CI/CD pipeline · 10 Terraform for infra · 11 Prometheus + Grafana. The capstone is wiring them into one repo.

Milestones

Work through these in order. Each ends with a "Done when" test — don't move on until it passes. Most of the work is reusing the files you already built; the capstone is making them work together.

M1
Module 6 · Docker

Containerize the app

Make sure the notes app has a clean Dockerfile, a .dockerignore, and a /health + /metrics endpoint (added in Modules 9 & 11).

Done when

docker build -t notes-app:1.0 . succeeds and docker run -p 8080:5000 notes-app:1.0 serves the app, /health, and /metrics.

M2
Modules 7 & 11 · Compose

One-command local stack

Your docker-compose.yml should bring up web + db + prometheus + grafana together, with the notes data persisted in a volume.

Done when

docker compose up launches all four services, you can add notes that survive a restart, and Grafana (:3000) shows live request metrics.

M3
Module 8 · Kubernetes

Deploy to the cluster

Collect your k8s/ manifests — Secret, db Deployment+Service, web Deployment (2 replicas) +Service. Deploy to Minikube.

Done when

kubectl apply -f k8s/ brings everything up, minikube service web opens the app, and deleting a web pod auto-heals back to 2.

M4
Module 9 · CI/CD

Automate test → build → publish

Your .github/workflows/ci.yml runs pytest, then (only if green) builds the image and pushes it to GHCR, tagged with the commit SHA.

Done when

A push to main shows two green jobs in the Actions tab, and a fresh image appears in your GitHub Packages, tagged with the commit.

M5
Module 9 + 8 · Continuous Deployment

Close the loop: auto-deploy

Add a deploy job that updates the running app to the new image. This is the step Module 9 deferred — here's the unifying pipeline:

deploy: needs: build-and-push runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Configure kubeconfig run: echo "${{ secrets.KUBECONFIG }}" > $HOME/.kube/config - name: Roll out the new image run: | kubectl set image deployment/web \ web=ghcr.io/${{ github.repository }}:${{ github.sha }} kubectl rollout status deployment/web

Local vs. real cluster

GitHub's runners can't reach your local Minikube. To truly automate deployment you need a cluster the runner can reach — a cloud cluster (with a KUBECONFIG secret) or a self-hosted runner. Module 13 spins up a real one. For now, if you're on Minikube, run the kubectl set image step manually after the image is published — the muscle memory is identical.

Done when

Publishing a new image results in the cluster running it — automatically (cloud) or via the one documented manual command (local). kubectl rollout status reports success.

M6
Module 11 · Observability

Prove it's healthy

Confirm Prometheus is scraping the deployed app and build a Grafana dashboard with at least three panels: request rate, latency, and error rate (the golden signals).

Done when

Your Grafana dashboard shows live traffic, and generating load (or an error) visibly moves the graphs. Export the dashboard JSON into your repo.

Suggested Repo Layout

A clean structure makes the project legible to anyone who finds it (including a hiring manager):

notes-app/ ├── app.py # the Flask app (/, /add, /health, /metrics) ├── requirements.txt ├── Dockerfile # Module 6 ├── .dockerignore ├── docker-compose.yml # Modules 7 & 11 (web, db, prometheus, grafana) ├── prometheus.yml # Module 11 ├── tests/ │ └── test_app.py # Module 9 ├── k8s/ # Module 8 │ ├── db-secret.yaml │ ├── db.yaml │ └── web.yaml ├── terraform/ # Module 10 │ └── main.tf ├── grafana/ │ └── dashboard.json # exported in M6 ├── .github/workflows/ │ └── ci.yml # Modules 9 & 12 (test, build, deploy) └── README.md # your architecture diagram + run instructions

Definition of Done

Tick every box. This is your acceptance test for the whole course:

Make It a Portfolio Piece

You built something real — now present it so it counts:

  • README first. Open with a one-paragraph summary, the architecture diagram (reuse the one above), and copy-paste run instructions.
  • Add screenshots of the green pipeline, kubectl get pods, and your Grafana dashboard.
  • Add the CI/CD badge to the top of the README (Module 9).
  • Write 3–4 sentences on what each tool does and why you chose it — this is what interviews probe.
  • Pin the repo on your GitHub profile.

Be ready to talk about it

Practice explaining the flow out loud: "On push, Actions runs the tests; if they pass it builds an image, pushes it to a registry, and rolls it out to Kubernetes, where Prometheus and Grafana monitor it." That sentence is a junior DevOps interview answer.

Stretch Goals

Want to go further? Pick any of these:

  • Add a readiness/liveness probe to the web Deployment so rollouts are zero-downtime.
  • Add a Prometheus alert + Alertmanager that emails/Slacks you on high error rate.
  • Run tests on pull requests and require them to pass before merge (branch protection).
  • Give Postgres a PersistentVolumeClaim on Kubernetes so its data survives pod restarts.
  • Use Terraform to provision a real cloud cluster, then point your deploy job at it (leads into Module 13).

Congratulations 🎉

You did it

You've taken a single application through the entire DevOps lifecycle: built, containerized, orchestrated, automated, and monitored — using free, local, industry-standard tools. That's the real job.

One optional step remains: Module 13 — Real Cloud, where you take this exact project and deploy it to a free cloud tier, turning the manual deploy step into a fully automated one.

Capstone Project

The Mission Architecture Milestones Repo Layout Definition of Done Portfolio Stretch Goals Congratulations