Smaïn Tarfa

Mission focused on refactoring CI/CD pipelines for a Python application project with a hexagonal architecture, aiming for rapid and measurable delivery.

• Audit, simplification, and documentation of existing CI/CD pipelines

• Refactoring of the deployment chain for Python modules

• Goal achieved: delivery capability in 15 minutes excluding machine time

• Industrialization of code freeze with reduction of manual actions (< 4 hours)

• Clear separation of pipelines by branches (develop, features)

• Distinction between mocked tests and integration tests for reliable KPIs

• Automation of unit, integration, and functional tests

• Implementation of quality pipelines (Sonar, SAST)

• Elimination of manual steps in developments under team responsibility

• Automation of the creation and validation of external application components

• Implementation of automatic compliance checks for the hexagonal architecture

• Comprehensive documentation of CI/CD pipelines for the application pilot tool.

Mission carried out in a secure environment with full handover for operational maintenance.

Implementation of Identity and Access Management (IAM), with workflow automation (AWX, Python/Bash scripts), secret security (Vault), and proactive monitoring (Prometheus/Grafana).

Automation of IAM workflows with AWX, Python, and Bash scripts to reduce manual interventions and accelerate deployments. Secure secret management via HashiCorp Vault, implementation of Security Hardening policies. Container orchestration with Kubernetes, Helm, and Podman for scalability and resilience. Proactive monitoring with Prometheus, Grafana, and real-time alerts to ensure availability. Integration into a secure environment with Firewall and specific Networking constraints.

Capgemini Engineering designs license-free electric vehicles. The FollowMe project offers an application to support young drivers from the age of 14.

Implementation of GitLab CI/CD pipelines integrating SonarQube and OWASP Dependency-Check. Deployment of infrastructures on AWS with Elastic Beanstalk. Configuration of NGINX as an API Gateway with Load Balancing management and access security. Monitoring of compliance and security of cloud environments.