Production-grade banking monolith demonstrating DevOps excellence
This project demonstrates enterprise-level backend and DevOps practices:
- β ACID-compliant financial transactions
- β Security-first architecture (encryption, JWT, secrets management)
- β Full observability (metrics, logs, traces, alerts)
- β Automated CI/CD with security scanning
- β Cost-optimized AWS deployment
- β Kubernetes-ready architecture
- β ISO 27001 & CMMI compliance concepts
# Clone repository
git clone https://github.com/darisadam/madabank-server.git
cd madabank-server
# Run with Docker Compose
make docker-up
# Run tests
make test
# View coverage
make test-coverageOur automated pipeline includes:
- Linting & Code Quality: golangci-lint, gofmt, go vet
- Testing: Unit tests with 70%+ coverage
- Security Scanning: Gosec, Trivy, Nancy
- Docker Build: Multi-stage optimized builds
- Automated Deployment: AWS ECS (Dev/Staging) & Private VPS (Production via Jenkins)
# Lint code
make lint
# Run all tests
make test
# Security scan
make security-scan
# Build Docker image
make docker-buildSecurity is a top priority:
- All passwords hashed with bcrypt
- JWT authentication with RS256
- Encryption at rest (AES-256-GCM)
- TLS/HTTPS enforced
- SQL injection protection
- Rate limiting
- Audit logging for all operations
See SECURITY.md for details.
- API Reference
- Architecture Overview
- Security Model
- Deployment Guide
- Cost Management
- Contributing Guidelines
| Layer | Technology | Purpose |
|---|---|---|
| Backend | Go 1.24+ | High performance, type safety |
| Framework | Gin | Fast HTTP routing |
| Database | PostgreSQL 16 | ACID compliance |
| Cache | Redis 7 | Session & rate limiting |
| Container | Docker | Portability |
| Orchestration | ECS (Dev) / Docker Compose (Prod) | Hybrid Cloud Strategy |
| IaC | Terraform & Ansible | Infrastructure automation |
| CI/CD | GitHub Actions & Jenkins | Hybrid Pipeline |
| Monitoring | Prometheus + Grafana | Observability |
| Security | Gosec, Trivy | Vulnerability scanning |
# Unit tests
go test -v ./...
# With coverage
go test -v -race -coverprofile=coverage.out ./...
go tool cover -html=coverage.out
# Integration tests
go test -v ./tests/integration/...
# Benchmark tests
go test -bench=. -benchmem ./...This project goes beyond basic CRUD, tackling real-world distributed system challenges:
- Distributed ACID Transactions: Implemented a custom transaction manager ensuring data integrity across complex financial operations (Transfer, Payment, Topup).
- Zero-Downtime Deployments: Configured AWS ECS with Rolling Updates and Connection Draining to ensure 100% availability during releases.
- Encryption at Scale: Designed an End-to-End Encryption (E2EE) module using AES-256 + RSA-2048 to protect sensitive card data from the client to the database, ensuring PCI-DSS compliance concepts.
- Cost vs. Performance Optimization: Architected Terraform modules to support "Single NAT Gateway" for Dev/Staging (saving $150/mo) while maintaining Multi-AZ redundancy for Production.
We utilize a Tuple Deployment Strategy with fully isolated environments managed by Terraform.
| Environment | Branch | URL | Infrastructure |
|---|---|---|---|
| Development | develop |
api-dev.madabank.art |
AWS ECS (Single AZ) |
| Staging | staging |
api-staging.madabank.art |
AWS ECS (Single AZ) |
| Production | main |
api.madabank.art |
Private VPS (Docker Compose) |
π Read the Full Deployment Guide
To demonstrate FinOps practices, this project includes automated scripts to "pause" environments when not in use. π See Cost Management Guide
# Example: Stop all non-production environments
./scripts/manage-dev.sh stop- User authentication & authorization (JWT + Refresh Tokens)
- Account management
- Transaction system with ACID compliance
- CI/CD pipeline (GitHub Actions -> AWS ECS)
- AWS Infrastructure (Terraform for Dev/Staging/Prod)
- Rate limiting & DDoS protection
- Maintenance Mode
- Card management encryptions (AES-256 + RSA-2048)
- Prometheus metrics & Grafana dashboards
- iOS mobile app integration (API Ready)
Contributions are welcome! Please read our Contributing Guidelines.
Daris Adam
- GitHub: @darisadam
Status: β Production Ready