Developed an enterprise-grade AI tool to automate code generation and code review for large and legacy codebases. The system leverages Retrieval-Augmented Generation (RAG), Abstract Syntax Tree (AST) parsing, vector embeddings, and fine-tuned LLMs to provide context-aware code suggestions, reviews, and quality analysis. Integrated within a custom IDE for enhanced developer experience, this solution improves efficiency, security, and code maintainability in enterprise-scale software development.

As the primary developer for the core AI engine, I was responsible for architecting and implementing the entire backend pipeline, including RAG workflows, vector embedding integration, and LLM orchestration. My work included both foundational system design and ongoing research-driven improvements to maximize performance and relevance.

Initially, I integrated prompt engineering and user history management using MongoDB to provide contextual responses. Through further research and experimentation, I evaluated multiple approaches for context retrieval and performance optimization. This included benchmarking direct LLM prompting, leveraging user history, and ultimately integrating Pinecone for vector-based similarity search. By transitioning to Pinecone, I significantly improved the system’s ability to retrieve and utilize only the most relevant contextual information, resulting in more accurate and efficient code suggestions and reviews.

✤ The Idea: Building a Modern YouTube-like Service from the Ground Up

The goal of the StreamHive project was to design, build, and deploy a complete, end-to-end video streaming platform, similar in concept to services like YouTube or Vimeo. The core challenge was not just to build an application that could play videos, but to architect a system using modern, cloud-native principles. This means the platform is designed from day one to be highly scalable, resilient to failures, secure by default, and fully automated.

The project encompasses the entire lifecycle of software development: from a developer writing code, through automated build and deployment pipelines, to a user accessing the final application securely and efficiently from anywhere in the world.

✤ The Architecture: A Journey Through a Modern Cloud Application

The architecture is layered to separate concerns, ensuring each part of the system is specialized and efficient.

» 1. The Entry Point: The Edge & API Gateway

Before a user's request ever reaches our application, it passes through the edge layer. We use Cloudflare as our primary API Gateway and reverse proxy. It acts as the front door, providing:
‣ Security: DDoS protection and a Web Application Firewall (WAF) to prevent malicious traffic.
‣ Performance: A global Content Delivery Network (CDN) to cache static assets closer to users, dramatically speeding up load times.
‣ DNS Management: Securely routing user traffic to our cluster's entry point.

» 2. The Core Infrastructure: Orchestration on the Cloud

The entire application runs on the Azure cloud platform, leveraging its powerful managed services:
‣ Azure Kubernetes Service (AKS): The heart of our platform. Kubernetes is the orchestrator that manages our containerized microservices. It handles automatic scaling, healing, and rolling updates, ensuring the application is always running and available.
‣ Azure Blob Storage: A highly scalable and cost-effective solution for storing large files. We use it as the definitive storage for all raw and processed video files.
‣ Azure Key Vault: The secure vault for all our application secrets, like database passwords and API keys. This ensures sensitive data is never hard-coded in our source code.

» 3. The Internal Network: A Secure and Intelligent Service Mesh

Once inside the cluster, all service-to-service communication is managed by the Istio service mesh. Istio automatically injects a smart sidecar proxy into each microservice pod, giving us incredible power without changing any application code:
‣ Zero-Trust Security: Automatic mutual TLS (mTLS) encryption for all internal traffic, meaning services communicate securely by default.
‣ Advanced Traffic Management: Intelligent routing, circuit breaking, retries, and timeouts, making the entire system more resilient to failures.
‣ Deep Observability: Istio generates detailed metrics, logs, and traces for every single request, giving us a complete picture of our system's health.

» 4. The Application Logic: A Suite of Specialized Microservices

The application itself is broken down into small, independent microservices written in Go and Node.js. Each service has a single responsibility, making them easy to develop, test, and scale independently.
‣ Frontend Service: The user-facing web application that provides the UI.
‣ Security Service: Handles user authentication and authorization using JWTs.
‣ Upload Service: Manages the initial ingestion and validation of video files.
‣ Transcoder Service: A background worker that processes uploaded videos into different formats and resolutions for adaptive streaming.
‣ Video Catalog Service: The central API for all video metadata (titles, descriptions, etc.).
‣ Playback Service: Provides the streaming manifests that video players use to stream content.

» 5. The Data and Eventing Layer: Ensuring Consistency and Performance

The microservices rely on a robust data and messaging layer:
‣ PostgreSQL: Our primary relational database for storing all structured data, like user information and video metadata.
‣ Redis: An in-memory cache used to store frequently accessed data, dramatically reducing database load and improving API response times.
‣ RabbitMQ: A powerful message broker that enables asynchronous communication. When a video is uploaded, the system immediately responds to the user while publishing an event to a queue. This decouples the upload process from the slow transcoding process, creating a responsive and fault-tolerant system.

» 6. The Automation Engine: A Fully Automated CI/CD GitOps Pipeline

The entire process of building and deploying the StreamHive platform is fully automated, following modern CI/CD and GitOps principles.
‣ Source Control: All application code and Kubernetes configuration is stored in GitHub.
‣ Continuous Integration (CI): We use Azure DevOps to create a CI pipeline that automatically listens for code changes in GitHub. It builds the code, runs tests, and publishes a versioned container image to Docker Hub.
‣ Continuous Deployment (CD) with GitOps: The final step of the CI pipeline is to update a Kubernetes manifest file in a separate Git repository with the new image tag. ArgoCD, our GitOps tool running in the cluster, detects this change and automatically synchronizes the application, safely rolling out the new version with zero downtime. This means our Git repository is the single source of truth for our entire live environment.

» 7. The Observability Stack: Monitoring, Visualizing, and Alerting

To ensure the platform is running smoothly, we have a comprehensive observability stack:
‣ Prometheus: A time-series database that automatically scrapes and stores the detailed metrics generated by the Istio service mesh.
‣ Grafana: A powerful visualization tool that connects to Prometheus. We use it to build real-time dashboards that monitor the health, performance, and error rates of every microservice in the system.
‣ Secrets Management: The Secrets Store CSI Driver is a key security component that bridges Azure Key Vault and our Kubernetes pods, securely mounting secrets as files at runtime.

✤ Lessons Learned

‣ Kubernetes Journey: From Local Setups to a Managed Service
Our initial approach involved deploying on a local Kind Kubernetes cluster, where we faced and solved several early-stage issues. We then moved to manually installing Kubernetes on Azure VMs. This process was a significant learning experience, introducing us to complex concepts like CNI plugins for networking. Ultimately, these experiences highlighted the value of a managed service, leading us to adopt Azure Kubernetes Service (AKS) for its stability and operational efficiency.

‣ Edge Security, DNS, and Observability
Using Cloudflare as our DNS and edge security provider was a new and valuable experience. We learned how to configure security rules, enable DDoS protection, and set up HTTPS for the entire cluster. On the monitoring front, setting up Grafana dashboards with Prometheus as the data source was instrumental in learning how to visualize the health and performance of a distributed system in real-time.

‣ Cloud Integration and CI/CD Pipeline Challenges
Working with Azure as a cloud provider exposed us to its powerful ecosystem. We gained hands-on experience with services like Azure Load Balancers, Azure Blob Storage, and Azure Key Vault. A key challenge we solved was in our Azure DevOps pipeline, which required setting up a self-hosted build agent within the same virtual network as our Kubernetes cluster to enable successful deployments. Furthermore, securely pulling secrets from Key Vault required installing and configuring the Secrets Store CSI Driver in the cluster.

‣ Service Mesh Implementation and Application Resiliency
To meet industry standards for a modern API gateway, we implemented the Istio service mesh, which was a valuable and challenging lesson in itself. We also focused on application resiliency by implementing the Circuit Breaker pattern in our Go and NodeJS services to prevent cascading failures. On the frontend, we adopted the best practice of building our React app into static files and then serving them efficiently using a lightweight Nginx web server container.

✤ Technology Stack Summary

‣ Cloud: Azure (AKS, Blob Storage, Key Vault)
‣ Containerization & Orchestration: Docker, Kubernetes
‣ CI/CD & GitOps: Azure DevOps, ArgoCD, GitHub, Docker Hub
‣ Networking & Service Mesh: Cloudflare, Istio
‣ Backend Languages: Go, Node.js
‣ Databases & Caching: PostgreSQL, Redis
‣ Messaging: RabbitMQ
‣ Observability: Prometheus, Grafana
‣ Security: Secrets Store CSI Driver

✤ Architecture Diagrams

StreamHive System - Detailed Architecture StreamHive System - High level Architecture
✤ Project Documentation

📒 Download StreamHive Project Documentation (PDF)

I had the opportunity to lead the design and implementation of reliable CI/CD pipelines and GitHub Actions workflows for multiple software projects across Python, JavaScript, and TypeScript environments. By utilizing tools such as Docker and cloud platforms, particularly AWS EC2, I aimed to automate the build, test, and deployment processes for both backend and responsive web applications. Some of my key contributions include developing an end-to-end pipeline that facilitates React app deployments to cloud infrastructure, incorporating infrastructure-as-code and GitOps principles, and supporting continuous, dependable delivery of features and updates. These solutions helped improve development efficiency, minimized manual effort, and established best practices for scalable, automated software delivery across various technology stacks.

Secure Voting is a robust digital voting platform engineered to ensure the highest levels of security, transparency, and integrity in electoral processes. The system leverages modern cryptographic techniques for secure vote storage and transmission, incorporating end-to-end encryption and user authentication mechanisms to safeguard voter privacy and data integrity. Built with a modular architecture, the project utilizes [mention programming languages/frameworks used, e.g., Python, Node.js, React, MongoDB, etc.], enabling scalability and easy integration with existing infrastructure.

Key features include tamper-proof audit trails, real-time result computation, role-based access control, and a user-friendly web interface optimized for accessibility. The solution is designed to mitigate common vulnerabilities in e-voting systems, such as unauthorized access and data manipulation, by implementing multi-layered security protocols and rigorous validation checks. This project demonstrates a strong commitment to technological excellence and trust in digital democracy.

This application is a comprehensive tool designed to help you track and manage your medical history and the status of various health conditions. Its purpose is to assist with future medical decisions by offering a clear and organized overview of your health information. I developed this project out of personal interest, with the goal of creating a solution that can positively impact people's lives. The application is built using the MERN tech stack (MongoDB, Express.js, React.js, and Node.js), highlighting my skills in full-stack development.

This project was undertaken as part of a third-year software group assignment. It is a web application designed to allow users to buy and sell cars, compare prices and specifications, book test drives, and explore the latest car models. Additionally, the platform includes a car rental service, with administrative features to monitor rental cars and access detailed vehicle information.

I developed a web application using React.js to help users find nearby stores and access relevant information. Inspired by an article on Google Maps, I took on this project driven by personal interest. From gathering requirements to deployment, I conducted thorough research and gained valuable insights along the way. Incorporating web scraping technology allowed us to collect accurate and up-to-date store details from online maps and directories. To enhance the user experience, I implemented features such as search functionality, pagination, and error handling. The frontend was built using HTML, CSS, JavaScript, and React.js, with web scraping techniques utilized for data collection from map services.

We developed this mobile application as part of our third-year mobile application group project. The app is intended to assist us in finding a cameraman who meets our specific event needs. Flutter and Firebase were the technologies we utilized in its development.

This project was a collaborative endeavor conducted as a group initiative. Our objective was to predict students' final exam grades by considering a set of relevant factors. To accomplish this, we utilized decision tree and SVM algorithms.

Student Manager is a desktop application developed using WPF and structured with MVVM architecture, offering efficient management of student records. It facilitates the seamless addition, editing, and deletion of student details for enhanced usability.