$ git push origin main

Enumerating objects: 14, done.

Writing objects: 100% (14/14), 3.21 KiB | done.

[✓] Triggered pipeline run #312

▶ Stage: checkout

Cloning repository...

Branch: main Commit: a4f9c2e

[✓] Checkout complete (1.2s)

▶ Stage: dependencies

go mod download

All modules verified.

[✓] Dependencies ready (4.8s)

▶ Stage: lint

golangci-lint run ./...

[✓] No issues found

▶ Stage: test

go test ./... -race -cover

ok api/handlers 0.312s coverage: 89.4%

ok api/services 0.201s coverage: 93.1%

ok api/models 0.089s coverage: 96.2%

[✓] 137 tests passed 0 failed (3.1s)

▶ Stage: build

docker build -t api-service:v2.4.1 .

Step 1/10 : FROM golang:1.21-alpine

Step 5/10 : RUN go build -ldflags='-s -w' -o main

Step 10/10 : EXPOSE 8080

Successfully built e4f8a2c91d3b

[✓] Image built (42s)

▶ Stage: security-scan

trivy image api-service:v2.4.1

2024-01-15T09:23:51Z Scanning...

semgrep --config=p/owasp-top-ten .

gitleaks detect --source .

snyk test --severity-threshold=high

[✓] No critical vulnerabilities (18s)

▶ Stage: push

docker push 123456.dkr.ecr.us-east-1.amazonaws.com/api:v2.4.1

v2.4.1: digest: sha256:e4f8a2c9... size: 1847

[✓] Pushed to ECR (8s)

▶ Stage: deploy → staging

kubectl apply -f k8s/staging/

deployment.apps/api-service configured

Waiting for rollout... 0/3 ready

Waiting for rollout... 1/3 ready

Waiting for rollout... 3/3 ready

[✓] Staging rollout complete (24s)

▶ Stage: integration-tests

pytest tests/integration/ -v

PASSED test_health_check

PASSED test_auth_flow

PASSED test_api_endpoints[24/24]

[✓] All integration tests passed (31s)

▶ Stage: deploy → production

kubectl apply -f k8s/production/

Rolling update: api-service 3 replicas

api-service-78d9f-xkp Running node-01

api-service-78d9f-mnq Running node-02

api-service-78d9f-pzr Running node-03

[✓] Production rollout complete (19s)

▶ Stage: verify

curl -s https://api.prod/health

{"status":"healthy","version":"v2.4.1","uptime":4}

[✓] Health check passed

══════════════════════════════════════════

[✓] Pipeline #312 PASSED 3m 41s

══════════════════════════════════════════

$ kubectl get pods -n production

NAME READY STATUS AGE

api-service-78d9f-xkp 1/1 Running 2m

api-service-78d9f-mnq 1/1 Running 2m

api-service-78d9f-pzr 1/1 Running 2m

$ terraform plan -out=tfplan

Refreshing state... aws_vpc.main

Refreshing state... aws_subnet.private[0]

Plan: 2 to add, 1 to change, 0 to destroy.

$ ansible-playbook -i inventory/prod deploy.yml

PLAY [webservers] *****************************

TASK [Pull latest image] **********************

changed: [web-01.prod.internal]

changed: [web-02.prod.internal]

PLAY RECAP ok=6 changed=2 unreachable=0

INFO CloudWatch: CPU avg 14% Mem 41%

INFO Prometheus: all scrape targets UP

INFO Grafana: 0 active alerts

INFO New Relic: Apdex 0.98 Error rate 0.01%

$ git push origin main

Enumerating objects: 14, done.

Writing objects: 100% (14/14), 3.21 KiB | done.

[✓] Triggered pipeline run #312

▶ Stage: checkout

Cloning repository...

Branch: main Commit: a4f9c2e

[✓] Checkout complete (1.2s)

▶ Stage: dependencies

go mod download

All modules verified.

[✓] Dependencies ready (4.8s)

▶ Stage: lint

golangci-lint run ./...

[✓] No issues found

▶ Stage: test

go test ./... -race -cover

ok api/handlers 0.312s coverage: 89.4%

ok api/services 0.201s coverage: 93.1%

ok api/models 0.089s coverage: 96.2%

[✓] 137 tests passed 0 failed (3.1s)

▶ Stage: build

docker build -t api-service:v2.4.1 .

Step 1/10 : FROM golang:1.21-alpine

Step 5/10 : RUN go build -ldflags='-s -w' -o main

Step 10/10 : EXPOSE 8080

Successfully built e4f8a2c91d3b

[✓] Image built (42s)

▶ Stage: security-scan

trivy image api-service:v2.4.1

2024-01-15T09:23:51Z Scanning...

semgrep --config=p/owasp-top-ten .

gitleaks detect --source .

snyk test --severity-threshold=high

[✓] No critical vulnerabilities (18s)

▶ Stage: push

docker push 123456.dkr.ecr.us-east-1.amazonaws.com/api:v2.4.1

v2.4.1: digest: sha256:e4f8a2c9... size: 1847

[✓] Pushed to ECR (8s)

▶ Stage: deploy → staging

kubectl apply -f k8s/staging/

deployment.apps/api-service configured

Waiting for rollout... 0/3 ready

Waiting for rollout... 1/3 ready

Waiting for rollout... 3/3 ready

[✓] Staging rollout complete (24s)

▶ Stage: integration-tests

pytest tests/integration/ -v

PASSED test_health_check

PASSED test_auth_flow

PASSED test_api_endpoints[24/24]

[✓] All integration tests passed (31s)

▶ Stage: deploy → production

kubectl apply -f k8s/production/

Rolling update: api-service 3 replicas

api-service-78d9f-xkp Running node-01

api-service-78d9f-mnq Running node-02

api-service-78d9f-pzr Running node-03

[✓] Production rollout complete (19s)

▶ Stage: verify

curl -s https://api.prod/health

{"status":"healthy","version":"v2.4.1","uptime":4}

[✓] Health check passed

══════════════════════════════════════════

[✓] Pipeline #312 PASSED 3m 41s

══════════════════════════════════════════

$ kubectl get pods -n production

NAME READY STATUS AGE

api-service-78d9f-xkp 1/1 Running 2m

api-service-78d9f-mnq 1/1 Running 2m

api-service-78d9f-pzr 1/1 Running 2m

$ terraform plan -out=tfplan

Refreshing state... aws_vpc.main

Refreshing state... aws_subnet.private[0]

Plan: 2 to add, 1 to change, 0 to destroy.

$ ansible-playbook -i inventory/prod deploy.yml

PLAY [webservers] *****************************

TASK [Pull latest image] **********************

changed: [web-01.prod.internal]

changed: [web-02.prod.internal]

PLAY RECAP ok=6 changed=2 unreachable=0

INFO CloudWatch: CPU avg 14% Mem 41%

INFO Prometheus: all scrape targets UP

INFO Grafana: 0 active alerts

INFO New Relic: Apdex 0.98 Error rate 0.01%

$ git push origin main

Enumerating objects: 14, done.

Writing objects: 100% (14/14), 3.21 KiB | done.

[✓] Triggered pipeline run #312

▶ Stage: checkout

Cloning repository...

Branch: main Commit: a4f9c2e

[✓] Checkout complete (1.2s)

▶ Stage: dependencies

go mod download

All modules verified.

[✓] Dependencies ready (4.8s)

▶ Stage: lint

golangci-lint run ./...

[✓] No issues found

▶ Stage: test

go test ./... -race -cover

ok api/handlers 0.312s coverage: 89.4%

ok api/services 0.201s coverage: 93.1%

ok api/models 0.089s coverage: 96.2%

[✓] 137 tests passed 0 failed (3.1s)

▶ Stage: build

docker build -t api-service:v2.4.1 .

Step 1/10 : FROM golang:1.21-alpine

Step 5/10 : RUN go build -ldflags='-s -w' -o main

Step 10/10 : EXPOSE 8080

Successfully built e4f8a2c91d3b

[✓] Image built (42s)

▶ Stage: security-scan

trivy image api-service:v2.4.1

2024-01-15T09:23:51Z Scanning...

semgrep --config=p/owasp-top-ten .

gitleaks detect --source .

snyk test --severity-threshold=high

[✓] No critical vulnerabilities (18s)

▶ Stage: push

docker push 123456.dkr.ecr.us-east-1.amazonaws.com/api:v2.4.1

v2.4.1: digest: sha256:e4f8a2c9... size: 1847

[✓] Pushed to ECR (8s)

▶ Stage: deploy → staging

kubectl apply -f k8s/staging/

deployment.apps/api-service configured

Waiting for rollout... 0/3 ready

Waiting for rollout... 1/3 ready

Waiting for rollout... 3/3 ready

[✓] Staging rollout complete (24s)

▶ Stage: integration-tests

pytest tests/integration/ -v

PASSED test_health_check

PASSED test_auth_flow

PASSED test_api_endpoints[24/24]

[✓] All integration tests passed (31s)

▶ Stage: deploy → production

kubectl apply -f k8s/production/

Rolling update: api-service 3 replicas

api-service-78d9f-xkp Running node-01

api-service-78d9f-mnq Running node-02

api-service-78d9f-pzr Running node-03

[✓] Production rollout complete (19s)

▶ Stage: verify

curl -s https://api.prod/health

{"status":"healthy","version":"v2.4.1","uptime":4}

[✓] Health check passed

══════════════════════════════════════════

[✓] Pipeline #312 PASSED 3m 41s

══════════════════════════════════════════

$ kubectl get pods -n production

NAME READY STATUS AGE

api-service-78d9f-xkp 1/1 Running 2m

api-service-78d9f-mnq 1/1 Running 2m

api-service-78d9f-pzr 1/1 Running 2m

$ terraform plan -out=tfplan

Refreshing state... aws_vpc.main

Refreshing state... aws_subnet.private[0]

Plan: 2 to add, 1 to change, 0 to destroy.

$ ansible-playbook -i inventory/prod deploy.yml

PLAY [webservers] *****************************

TASK [Pull latest image] **********************

changed: [web-01.prod.internal]

changed: [web-02.prod.internal]

PLAY RECAP ok=6 changed=2 unreachable=0

INFO CloudWatch: CPU avg 14% Mem 41%

INFO Prometheus: all scrape targets UP

INFO Grafana: 0 active alerts

INFO New Relic: Apdex 0.98 Error rate 0.01%

$ git push origin main

Enumerating objects: 14, done.

Writing objects: 100% (14/14), 3.21 KiB | done.

[✓] Triggered pipeline run #312

▶ Stage: checkout

Cloning repository...

Branch: main Commit: a4f9c2e

[✓] Checkout complete (1.2s)

▶ Stage: dependencies

go mod download

All modules verified.

[✓] Dependencies ready (4.8s)

▶ Stage: lint

golangci-lint run ./...

[✓] No issues found

▶ Stage: test

go test ./... -race -cover

ok api/handlers 0.312s coverage: 89.4%

ok api/services 0.201s coverage: 93.1%

ok api/models 0.089s coverage: 96.2%

[✓] 137 tests passed 0 failed (3.1s)

▶ Stage: build

docker build -t api-service:v2.4.1 .

Step 1/10 : FROM golang:1.21-alpine

Step 5/10 : RUN go build -ldflags='-s -w' -o main

Step 10/10 : EXPOSE 8080

Successfully built e4f8a2c91d3b

[✓] Image built (42s)

▶ Stage: security-scan

trivy image api-service:v2.4.1

2024-01-15T09:23:51Z Scanning...

semgrep --config=p/owasp-top-ten .

gitleaks detect --source .

snyk test --severity-threshold=high

[✓] No critical vulnerabilities (18s)

▶ Stage: push

docker push 123456.dkr.ecr.us-east-1.amazonaws.com/api:v2.4.1

v2.4.1: digest: sha256:e4f8a2c9... size: 1847

[✓] Pushed to ECR (8s)

▶ Stage: deploy → staging

kubectl apply -f k8s/staging/

deployment.apps/api-service configured

Waiting for rollout... 0/3 ready

Waiting for rollout... 1/3 ready

Waiting for rollout... 3/3 ready

[✓] Staging rollout complete (24s)

▶ Stage: integration-tests

pytest tests/integration/ -v

PASSED test_health_check

PASSED test_auth_flow

PASSED test_api_endpoints[24/24]

[✓] All integration tests passed (31s)

▶ Stage: deploy → production

kubectl apply -f k8s/production/

Rolling update: api-service 3 replicas

api-service-78d9f-xkp Running node-01

api-service-78d9f-mnq Running node-02

api-service-78d9f-pzr Running node-03

[✓] Production rollout complete (19s)

▶ Stage: verify

curl -s https://api.prod/health

{"status":"healthy","version":"v2.4.1","uptime":4}

[✓] Health check passed

══════════════════════════════════════════

[✓] Pipeline #312 PASSED 3m 41s

══════════════════════════════════════════

$ kubectl get pods -n production

NAME READY STATUS AGE

api-service-78d9f-xkp 1/1 Running 2m

api-service-78d9f-mnq 1/1 Running 2m

api-service-78d9f-pzr 1/1 Running 2m

$ terraform plan -out=tfplan

Refreshing state... aws_vpc.main

Refreshing state... aws_subnet.private[0]

Plan: 2 to add, 1 to change, 0 to destroy.

$ ansible-playbook -i inventory/prod deploy.yml

PLAY [webservers] *****************************

TASK [Pull latest image] **********************

changed: [web-01.prod.internal]

changed: [web-02.prod.internal]

PLAY RECAP ok=6 changed=2 unreachable=0

INFO CloudWatch: CPU avg 14% Mem 41%

INFO Prometheus: all scrape targets UP

INFO Grafana: 0 active alerts

INFO New Relic: Apdex 0.98 Error rate 0.01%

DevOps Engineer // Colombo, Sri Lanka

Thejana
Ravindu

$▌

Download Resume

About

Who I Am

I'm Thejana — a DevOps engineer passionate about building scalable, secure, and automated infrastructure. With hands-on experience in cloud platforms, CI/CD pipelines, and infrastructure as code, I focus on delivering robust DevOps solutions that streamline development and deployment processes with security embedded at every stage.

I have practical experience with tools like Jenkins, GitHub Actions, Docker, Terraform, Ansible, and Kubernetes, working across both AWS and Azure cloud platforms. I actively build projects that apply real-world DevOps and DevSecOps principles — from provisioning multi-environment cloud infrastructure with Terraform to implementing end-to-end secure CI/CD pipelines with automated vulnerability scanning using tools like Semgrep, Trivy, Snyk, and Gitleaks.

I'm currently seeking opportunities to contribute to modern DevOps teams where I can grow my expertise, collaborate with others, and work on impactful systems. Whether it's infrastructure automation, CI/CD orchestration, or monitoring solutions, I'm eager to take on challenges that accelerate delivery and elevate reliability.

Skills & Technologies

The DevOps Arsenal

AWS

Azure

Linux

Docker

Jenkins

Kubernetes

Terraform

Ansible

Prometheus

Grafana

New Relic

Datadog

TruffleHog

Gitleaks

Semgrep

Snyk

Trivy

Python

Go

AWS

Azure

Linux

Docker

Jenkins

Kubernetes

Terraform

Ansible

Prometheus

Grafana

New Relic

Datadog

TruffleHog

Gitleaks

Semgrep

Snyk

Trivy

Python

Go

0+

Technologies

0+

Years Experience

My Journey

Education & Experience

Bachelor of Science Honours in Computer Science

Informatics Institute of Technology (IIT) - Affiliated with University of Westminster (UK)

▸Graduated with Upper Second Class Honours.
▸Completed the final year research project on the topic of 'Plant leaf recognition system using deep learning'.

2020 – 2024

2020 – 2024

Bachelor of Science Honours in Computer Science

Informatics Institute of Technology (IIT) - Affiliated with University of Westminster (UK)

▸Graduated with Upper Second Class Honours.
▸Completed the final year research project on the topic of 'Plant leaf recognition system using deep learning'.

September 2025 – Present

Trainee DevOps Engineer

Aeturnum

▸Collaborated in a cross-functional team to design and implement an end-to-end DevSecOps pipeline, shifting security left by embedding automated security validation directly into the CI/CD workflow.
▸Investigated and diagnosed CI/CD pipeline failures across development and staging environments, reporting root cause findings to senior engineers and contributing to faster incident resolution.
▸Conducted internal research and produced Confluence documentation across areas including cloud platform migrations, infrastructure tooling evaluations, and cloud service updates — delivering actionable findings to support team decision-making.
▸Maintained New Relic monitoring alert sheet, ensuring up-to-date visibility into system health metrics and supporting the team's operational monitoring processes.

September 2025 – Present

Trainee DevOps Engineer

Aeturnum

▸Collaborated in a cross-functional team to design and implement an end-to-end DevSecOps pipeline, shifting security left by embedding automated security validation directly into the CI/CD workflow.
▸Investigated and diagnosed CI/CD pipeline failures across development and staging environments, reporting root cause findings to senior engineers and contributing to faster incident resolution.
▸Conducted internal research and produced Confluence documentation across areas including cloud platform migrations, infrastructure tooling evaluations, and cloud service updates — delivering actionable findings to support team decision-making.
▸Maintained New Relic monitoring alert sheet, ensuring up-to-date visibility into system health metrics and supporting the team's operational monitoring processes.

Freelance DevOps Engineer

Upwork

▸Actively learning client communication and proposal best practices for freelance DevOps work.
▸Seeking opportunities to deliver high-value solutions in Cloud Deployment and DevOps Automation.

April 2025 – Present

April 2025 – Present

Freelance DevOps Engineer

Upwork

▸Actively learning client communication and proposal best practices for freelance DevOps work.
▸Seeking opportunities to deliver high-value solutions in Cloud Deployment and DevOps Automation.

Nov 2022 – Nov 2023

FinTech DevOps Engineer (Intern)

Dialog Axiata PLC

▸Monitored logs in production systems using AWS CloudWatch, troubleshooting issues to ensure system reliability, performance and post production support.
▸Integrated detailed transaction logging into the Genie application within the SDLC, allowing for the identification and resolution of 85% of previously unknown transaction errors.
▸Collaborated with senior engineers to create a Grafana dashboard, by adding new columns to the database, providing real-time insights into system metrics and performance.
▸Designed and developed a front end using React to send push notifications to Genie customers, enhancing user engagement and communication.
▸Contributed to modify the backend using Spring Boot, implementing new features and optimizing performance for the Genie app.

Nov 2022 – Nov 2023

FinTech DevOps Engineer (Intern)

Dialog Axiata PLC

▸Monitored logs in production systems using AWS CloudWatch, troubleshooting issues to ensure system reliability, performance and post production support.
▸Integrated detailed transaction logging into the Genie application within the SDLC, allowing for the identification and resolution of 85% of previously unknown transaction errors.
▸Collaborated with senior engineers to create a Grafana dashboard, by adding new columns to the database, providing real-time insights into system metrics and performance.
▸Designed and developed a front end using React to send push notifications to Genie customers, enhancing user engagement and communication.
▸Contributed to modify the backend using Spring Boot, implementing new features and optimizing performance for the Genie app.

Projects

Ideas, Implemented.

Secure CI/CD Pipeline with Integrated DevSecOps Practices

Completed

Secure CI/CD Pipeline with Integrated DevSecOps Practices

Built an end-to-end DevSecOps pipeline for a Go REST API using GitHub Actions, shifting security left with Gitleaks, TruffleHog, Semgrep, Snyk, and Trivy. The application is containerized with Docker and deployed to AWS ECS Fargate via Amazon ECR, following industry security best practices.

GoGitHub ActionsDockerAmazon ECSAmazon ECRAWSSemgrepSnykTrivyGitleaksTruffleHog

MERN Application on Kubernetes

Completed

MERN Application on Kubernetes

Deployed a full-stack MERN (MongoDB, Express, React, Node.js) application on a Kubernetes cluster using Minikube. The project demonstrates containerization with Docker and orchestration with Kubernetes, following industry best practices. Built and deployed frontend and backend as separate containers, and exposed services via Kubernetes.

DockerKubernetesMinikubeGitHubReactNode.jsExpressMongoDB

AWS Resource Manager

Completed

AWS Resource Manager

Developed a lightweight and efficient Bash script to list various AWS resources across specified regions using AWS CLI. Ideal for quick audits, learning, and inventory management. Supports major AWS services like EC2, S3, IAM, Lambda, and more. Fully customizable, fast, and accepts user-defined inputs.

BashAWS CLIUbuntuIAM (AWS)EC2 (AWS)S3 (AWS)Lambda (AWS)GitHub

3 of 8 projects

Certifications

Certification Journey

1 Completed

1 In Progress

1 Planned

AWS Certified Cloud Practitioner

AWS Certified Cloud Practitioner

Amazon Web Services

Foundational understanding of AWS Cloud concepts, services, and terminology. Covers core AWS services, security, architecture, pricing, and support.

Completed

100%

Red Hat Certified System Administrator

Red Hat Certified System Administrator

Red Hat

Foundational understanding of Red Hat Enterprise Linux system administration. Covers essential command-line skills, user management, storage, networking, security, and system processes.

In Progress

15%

HashiCorp Terraform Associate

HashiCorp Terraform Associate

HashiCorp

Infrastructure as Code fundamentals and Terraform best practices. Covers configuration language, state management, and workflow automation.

Planned

Recommendations

What Colleagues Say

Udani

Kanishka

Charutha

Vihanga

Danuka

Udani Punsandee

Kanishka Dissanayake

Charutha Wijayakoon

Vihanga Hemachandra

Danuka Bhathiya

Senior DevOps

DevOps Engineer

Co-Founder

Associate ABAP

Software Engineer

"

I highly recommend Thejana Ravindu for their exceptional work as a DevOps intern, working with me on our team. He demonstrated strong skills in coding and log analysis using CloudWatch, significantly improving our development processes. Thejana is a dedicated and talented individual, and I am confident he will excel in their future endeavors.

Udani Punsandee

Senior DevOps Engineer · IFS R&D International

01 / 05

Contact

Get In Touch

Send a Message

Let's Connect

I'm always interested in discussing new opportunities, collaborating on projects, or sharing knowledge about DevOps practices.

Email

thejanaravindu2000@gmail.com

Phone

+94 76 397 5585 , +94 71 197 5585

Location

Colombo, Sri Lanka

Find Me Online