Lab16

.github/workflows/python-ci.yml

@@ -0,0 +1,126 @@
+name: Python CI/CD Pipeline
+
+on:
+  push:
+    branches: [ main, master, lab03 ]
+    paths:
+      - 'app_python/**'
+      - '.github/workflows/python-ci.yml'
+  pull_request:
+    branches: [ main, master ]
+    paths:
+      - 'app_python/**'
+  workflow_dispatch:
+
+env:
+  REGISTRY: docker.io
+  IMAGE_NAME: nadiaa02/devops-python-app
+  PYTHON_VERSION: '3.11'
+
+jobs:
+  test:
+    name: Lint & Test
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Setup Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: ${{ env.PYTHON_VERSION }}
+        cache: 'pip'
+        cache-dependency-path: 'app_python/requirements*.txt'
+
+    - name: Cache pip packages
+      uses: actions/cache@v4
+      with:
+        path: ~/.cache/pip
+        key: ${{ runner.os }}-pip-${{ hashFiles('app_python/requirements*.txt') }}
+        restore-keys: |
+          ${{ runner.os }}-pip-
+
+    - name: Install dependencies
+      working-directory: ./app_python
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r requirements.txt
+        pip install -r requirements-dev.txt
+
+    - name: Lint with flake8
+      working-directory: ./app_python
+      run: |
+        flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
+        flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
+
+    - name: Run tests with coverage
+      working-directory: ./app_python
+      run: |
+        pytest tests/ -v --cov=. --cov-report=xml --cov-report=term-missing
+
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v4
+      with:
+        file: ./app_python/coverage.xml
+        flags: python
+        name: python-coverage
+        token: ${{ secrets.CODECOV_TOKEN }}
+      continue-on-error: true
+
+  security:
+    name: Security Scan
+    runs-on: ubuntu-latest
+    needs: test
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Run Snyk vulnerability scan
+      uses: snyk/actions/python@master
+      env:
+        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      with:
+        args: --file=app_python/requirements.txt --severity-threshold=high
+      continue-on-error: true
+
+  docker:
+    name: Build & Push Docker Image
+    runs-on: ubuntu-latest
+    needs: [test, security]
+    if: github.event_name == 'push' && github.ref == 'refs/heads/lab03'
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Login to Docker Hub
+      uses: docker/login-action@v3
+      with:
+        username: ${{ secrets.DOCKER_USERNAME }}
+        password: ${{ secrets.DOCKER_PASSWORD }}
+
+    - name: Generate version
+      id: version
+      run: |
+        VERSION=$(date -u +'%Y.%m.%d-%H%M')
+        MONTH=$(date -u +'%Y.%m')
+        echo "version=$VERSION" >> $GITHUB_OUTPUT
+        echo "month=$MONTH" >> $GITHUB_OUTPUT
+
+    - name: Build and push
+      uses: docker/build-push-action@v5
+      with:
+        context: ./app_python
+        file: ./app_python/Dockerfile
+        push: true
+        tags: |
+          ${{ env.IMAGE_NAME }}:${{ steps.version.outputs.version }}
+          ${{ env.IMAGE_NAME }}:${{ steps.version.outputs.month }}
+          ${{ env.IMAGE_NAME }}:latest
+        cache-from: type=gha
+        cache-to: type=gha,mode=max

.gitignore

@@ -1 +1,16 @@
-test
+test
+# Terraform
+*.tfstate
+*.tfstate.*
+.terraform/
+terraform.tfvars
+*.tfvars
+.terraform.lock.hcl
+
+# Pulumi
+pulumi/venv/
+Pulumi.*.yaml
+
+# Credentials
+key.json
+*.pem

app_python/Dockerfile

@@ -0,0 +1,15 @@
+FROM python:3.11-slim
+
+WORKDIR /app
+
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+COPY . .
+
+ENV FLASK_APP=app.py
+ENV FLASK_ENV=production
+
+EXPOSE 5000
+
+CMD ["python", "app.py"]

app_python/README.md

@@ -0,0 +1,33 @@
+# DevOps Python Application
+
+![Python CI/CD Pipeline](https://github.com/nadiaa02/DevOps-Core-Course/actions/workflows/python-ci.yml/badge.svg?branch=lab03)
+
+## Prerequisites
+- Python 3.11+
+
+## Installation
+`bash
+pip install -r requirements.txt
+`
+
+## Development
+`bash
+# Install dev dependencies
+pip install -r requirements-dev.txt
+
+# Run tests
+pytest tests/ -v --cov=.
+`
+
+## Docker
+`bash
+docker pull nadiaa02/devops-python-app:latest
+docker run -p 5000:5000 nadiaa02/devops-python-app:latest
+`
+
+## CI/CD Pipeline
+- **Testing**: pytest with coverage
+- **Linting**: flake8
+- **Security**: Snyk vulnerability scanning
+- **Versioning**: Calendar Versioning (CalVer)
+- **Deployment**: Automatic Docker build & push

app_python/app — копия.py

@@ -0,0 +1,85 @@
+import os
+import socket
+import platform
+import logging
+from datetime import datetime, timezone
+from flask import Flask, jsonify, request
+
+logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(name)s - %(levelname)s - %(message)s')
+logger = logging.getLogger(__name__)
+
+app = Flask(__name__)
+
+HOST = os.getenv('HOST', '0.0.0.0')
+PORT = int(os.getenv('PORT', 5000))
+START_TIME = datetime.now(timezone.utc)
+
+def get_system_info():
+    return {
+        'hostname': socket.gethostname(),
+        'platform': platform.system(),
+        'platform_version': platform.release(),
+        'architecture': platform.machine(),
+        'cpu_count': os.cpu_count(),
+        'python_version': platform.python_version()
+    }
+
+def get_uptime():
+    delta = datetime.now(timezone.utc) - START_TIME
+    seconds = int(delta.total_seconds())
+    hours, remainder = divmod(seconds, 3600)
+    minutes, _ = divmod(remainder, 60)
+    return {
+        'seconds': seconds,
+        'human': f"{hours} hour{'s' if hours != 1 else ''}, {minutes} minute{'s' if minutes != 1 else ''}"
+    }
+
+@app.route('/', methods=['GET'])
+def index():
+    logger.info(f"Request: {request.method} {request.path} from {request.remote_addr}")
+    uptime = get_uptime()
+    return jsonify({
+        "service": {
+            "name": "devops-info-service",
+            "version": "1.0.0",
+            "description": "DevOps course info service",
+            "framework": "Flask"
+        },
+        "system": get_system_info(),
+        "runtime": {
+            "uptime_seconds": uptime['seconds'],
+            "uptime_human": uptime['human'],
+            "current_time": datetime.now(timezone.utc).isoformat(),
+            "timezone": "UTC"
+        },
+        "request": {
+            "client_ip": request.remote_addr or 'unknown',
+            "user_agent": request.headers.get('User-Agent', 'unknown'),
+            "method": request.method,
+            "path": request.path
+        },
+        "endpoints": [
+            {"path": "/", "method": "GET", "description": "Service information"},
+            {"path": "/health", "method": "GET", "description": "Health check"}
+        ]
+    })
+
+@app.route('/health', methods=['GET'])
+def health():
+    return jsonify({
+        'status': 'healthy',
+        'timestamp': datetime.now(timezone.utc).isoformat(),
+        'uptime_seconds': get_uptime()['seconds']
+    })
+
+@app.errorhandler(404)
+def not_found(error):
+    return jsonify({'error': 'Not Found', 'message': 'Endpoint does not exist'}), 404
+
+@app.errorhandler(500)
+def internal_error(error):
+    return jsonify({'error': 'Internal Server Error', 'message': 'An unexpected error occurred'}), 500
+
+if __name__ == '__main__':
+    logger.info('Application starting...')
+    app.run(host=HOST, port=PORT, debug=False)

app_python/app.py

@@ -0,0 +1,85 @@
+import os
+import socket
+import platform
+import logging
+from datetime import datetime, timezone
+from flask import Flask, jsonify, request
+
+logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(name)s - %(levelname)s - %(message)s')
+logger = logging.getLogger(__name__)
+
+app = Flask(__name__)
+
+HOST = os.getenv('HOST', '0.0.0.0')
+PORT = int(os.getenv('PORT', 5000))
+START_TIME = datetime.now(timezone.utc)
+
+def get_system_info():
+    return {
+        'hostname': socket.gethostname(),
+        'platform': platform.system(),
+        'platform_version': platform.release(),
+        'architecture': platform.machine(),
+        'cpu_count': os.cpu_count(),
+        'python_version': platform.python_version()
+    }
+
+def get_uptime():
+    delta = datetime.now(timezone.utc) - START_TIME
+    seconds = int(delta.total_seconds())
+    hours, remainder = divmod(seconds, 3600)
+    minutes, _ = divmod(remainder, 60)
+    return {
+        'seconds': seconds,
+        'human': f"{hours} hour{'s' if hours != 1 else ''}, {minutes} minute{'s' if minutes != 1 else ''}"
+    }
+
+@app.route('/', methods=['GET'])
+def index():
+    logger.info(f"Request: {request.method} {request.path} from {request.remote_addr}")
+    uptime = get_uptime()
+    return jsonify({
+        "service": {
+            "name": "devops-info-service",
+            "version": "1.0.0",
+            "description": "DevOps course info service",
+            "framework": "Flask"
+        },
+        "system": get_system_info(),
+        "runtime": {
+            "uptime_seconds": uptime['seconds'],
+            "uptime_human": uptime['human'],
+            "current_time": datetime.now(timezone.utc).isoformat(),
+            "timezone": "UTC"
+        },
+        "request": {
+            "client_ip": request.remote_addr or 'unknown',
+            "user_agent": request.headers.get('User-Agent', 'unknown'),
+            "method": request.method,
+            "path": request.path
+        },
+        "endpoints": [
+            {"path": "/", "method": "GET", "description": "Service information"},
+            {"path": "/health", "method": "GET", "description": "Health check"}
+        ]
+    })
+
+@app.route('/health', methods=['GET'])
+def health():
+    return jsonify({
+        'status': 'healthy',
+        'timestamp': datetime.now(timezone.utc).isoformat(),
+        'uptime_seconds': get_uptime()['seconds']
+    })
+
+@app.errorhandler(404)
+def not_found(error):
+    return jsonify({'error': 'Not Found', 'message': 'Endpoint does not exist'}), 404
+
+@app.errorhandler(500)
+def internal_error(error):
+    return jsonify({'error': 'Internal Server Error', 'message': 'An unexpected error occurred'}), 500
+
+if __name__ == '__main__':
+    logger.info('Application starting...')
+    app.run(host=HOST, port=PORT, debug=False)