Lab10

.github/workflows/ci.yaml

@@ -0,0 +1,79 @@
+name: CI
+
+on:
+  push:
+    branches: [ "main", "lab3" ]
+  pull_request:
+    branches: [ "main" ]
+
+jobs:
+  build-and-test:
+    runs-on: ubuntu-latest
+    steps:
+      # Step 1: Checkout the repository
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # Step 2: Set up Python environment
+      - name: Set up Python 3.8
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.8"
+
+      # Step 3: Cache pip dependencies to speed up builds
+      - name: Cache pip dependencies
+        uses: actions/cache@v3
+        with:
+          path: ~/.cache/pip
+          key: ${{ runner.os }}-pip-${{ hashFiles('app_python/requirements.txt') }}
+          restore-keys: |
+            ${{ runner.os }}-pip-
+
+      # Step 4: Install dependencies
+      - name: Install dependencies
+        run: |
+          pip install --upgrade pip
+          # If you have a requirements.txt file in app_python, it will be used;
+          # otherwise, install the basic packages needed.
+          if [ -f app_python/requirements.txt ]; then
+            pip install -r app_python/requirements.txt
+          else
+            pip install fastapi uvicorn pytest flake8
+          fi
+
+      # Step 5: Lint the code using flake8
+      - name: Lint with flake8
+        run: |
+          pip install flake8
+          flake8 app_python
+
+      # Step 6: Run unit tests using pytest
+      - name: Run tests
+        run: pytest app_python/tests/
+
+  docker:
+    needs: build-and-test
+    runs-on: ubuntu-latest
+    steps:
+      # Step 1: Checkout the repository
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # Step 2: Login to Docker Hub
+      - name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      # Step 3: Build Docker image
+      - name: Build Docker image
+        run: |
+          # Assuming you have a Dockerfile in app_python or you build directly from the folder.
+          # Adjust the image name as needed.
+          docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/app:latest app_python
+
+      # Step 4: Push Docker image to Docker Hub
+      - name: Push Docker image
+        run: |
+          docker push ${{ secrets.DOCKERHUB_USERNAME }}/app:latest

.gitignore

@@ -0,0 +1,29 @@
+# Ignore Python related files and directories (for app_python)
+/app_python/__pycache__/
+/app_python/*.pyc
+/app_python/*.pyo
+/app_python/*.pyd
+/app_python/venv/
+__pycache__/
+*.py[cod]
+*$py.class
+
+**/__pycache__/
+
+# Ignore Node.js related files and directories (for app_react)
+/app_react/node_modules/
+/app_react/dist/
+/app_react/dist-ssr/
+/app_react/*.local
+/app_react/.env.local
+/app_react/.env.development.local
+/app_react/.env.test.local
+/app_react/.env.production.local
+/app_react/npm-debug.log*
+/app_react/yarn-debug.log*
+/app_react/yarn-error.log*
+/app_react/pnpm-debug.log*
+
+# General ignore rules that might apply to any project
+*.log
+*.DS_Store

ansible/ANSIBLE.md

@@ -0,0 +1,158 @@
+# Ansible Deployment Documentation
+
+This document describes the Ansible setup for deploying Docker and Docker Compose to a remote Ubuntu 22.04+ server using the official Docker repository.
+
+## Directory Structure
+
+```
+ansible/
+├── inventory/
+│   └── default_aws_ec2.yml    # Inventory file for target servers
+├── playbooks/
+│   └── dev/
+│       └── main.yaml          # Main playbook for Docker deployment
+├── roles/
+│   └── docker/               # Docker role
+│       ├── defaults/
+│       ├── handlers/
+│       ├── tasks/
+│       └── README.md
+└── ansible.cfg               # Ansible configuration file
+```
+
+## Prerequisites
+
+1. Ansible installed on the control node
+2. SSH access to target servers
+3. Python 3.x on target servers
+
+## Inventory Example
+
+`ansible/inventory/default_aws_ec2.yml`:
+```yaml
+all:
+  children:
+    webservers:
+      hosts:
+        web1:
+          ansible_host: "176.108.253.168"
+          ansible_user: "user1"
+          ansible_ssh_private_key_file: "~/.ssh/id_rsa"
+      vars:
+        ansible_python_interpreter: /usr/bin/python3
+```
+
+## Usage
+
+1. Verify inventory:
+   ```bash
+   ansible-inventory -i inventory/default_aws_ec2.yml --list
+   ansible-inventory -i inventory/default_aws_ec2.yml --graph
+   ```
+
+   Output:
+   ```json
+   {
+       "_meta": {
+           "hostvars": {
+               "web1": {
+                   "ansible_host": "176.108.253.168",
+                   "ansible_python_interpreter": "/usr/bin/python3",
+                   "ansible_ssh_private_key_file": "~/.ssh/id_rsa",
+                   "ansible_user": "user1"
+               }
+           }
+       },
+       "all": {
+           "children": [
+               "ungrouped",
+               "webservers"
+           ]
+       },
+       "webservers": {
+           "hosts": [
+               "web1"
+           ]
+       }
+   }
+   ```
+   ```
+   @all:
+     |--@ungrouped:
+     |--@webservers:
+     |  |--web1
+   ```
+
+2. Run the playbook:
+   ```bash
+   # Dry run
+   ansible-playbook -i inventory/default_aws_ec2.yml playbooks/dev/main.yaml --check --diff
+
+   # Actual deployment
+   ansible-playbook -i inventory/default_aws_ec2.yml playbooks/dev/main.yaml --diff
+   ```
+
+    dry-run output:
+   ```
+   PLAY [Deploy Docker and Docker Compose] ****************************************
+
+   TASK [Gathering Facts] *********************************************************
+   ok: [web1]
+
+   TASK [Update apt cache] ********************************************************
+   ok: [web1]
+
+   TASK [docker : Remove old Docker versions if they exist] ***********************
+   ok: [web1]
+
+   TASK [docker : Install required system packages] *******************************
+   ok: [web1]
+
+   TASK [docker : Add Docker GPG apt Key] *****************************************
+   changed: [web1]
+
+   TASK [docker : Add Docker repository] ******************************************
+   changed: [web1]
+
+   TASK [docker : Install Docker Engine] ******************************************
+   ok: [web1]
+
+   TASK [docker : Ensure Docker service is running] *******************************
+   ok: [web1]
+
+TASK [Verify Docker installation] **********************************************
+skipping: [web1]
+
+TASK [Display Docker version] **************************************************
+ok: [web1] => 
+  docker_version_check.stdout_lines: []
+
+TASK [Verify Docker Compose installation] **************************************
+skipping: [web1]
+
+TASK [Display Docker Compose version] ******************************************
+ok: [web1] => 
+  docker_compose_version_check.stdout_lines: []
+
+PLAY RECAP *********************************************************************
+web1                       : ok=10   changed=2    unreachable=0    failed=0    skipped=2    rescued=0    ignored=0
+   ```
+
+## Troubleshooting
+
+- Ensure the SSH key has correct permissions (chmod 600)
+- Verify the user has sudo privileges
+- Check if the user is in the docker group
+- If Docker service fails to start, check system logs: `journalctl -u docker`
+
+## Security Considerations
+
+- The playbook uses sudo for privilege escalation
+- Docker daemon is configured with secure defaults
+- System packages are updated before installation
+
+## Maintenance
+
+- Update the Docker version in `roles/docker/defaults/main.yml` if needed
+- Review and update security configurations
+- Monitor Docker logs and system resources

ansible/ansible.cfg

@@ -0,0 +1,13 @@
+[defaults]
+inventory = ./inventory/default_aws_ec2.yml
+remote_user = ubuntu
+host_key_checking = False
+roles_path = ./roles
+retry_files_enabled = False
+stdout_callback = yaml
+
+[privilege_escalation]
+become = True
+become_method = sudo
+become_user = root
+become_ask_pass = False

ansible/inventory/default_aws_ec2.yml

@@ -0,0 +1,10 @@
+all:
+  children:
+    webservers:
+      hosts:
+        web1:
+          ansible_host: "176.108.253.168"
+          ansible_user: "user1"
+          ansible_ssh_private_key_file: "{{ lookup('env', 'AWS_PRIVATE_KEY_PATH') | default('~/.ssh/id_rsa', true) }}"
+      vars:
+        ansible_python_interpreter: /usr/bin/python3

ansible/playbooks/dev/main.yaml

@@ -0,0 +1,38 @@
+---
+- name: Deploy Docker and Docker Compose
+  hosts: webservers
+  become: yes
+  gather_facts: yes
+
+  pre_tasks:
+    - name: Update apt cache
+      apt:
+        update_cache: yes
+        cache_valid_time: 3600
+
+  roles:
+    - role: docker
+      vars:
+        docker_version: "latest"
+        docker_compose_version: "2.24.5"
+
+  post_tasks:
+    - name: Verify Docker installation
+      command: docker --version
+      register: docker_version_check
+      changed_when: false
+      failed_when: false
+
+    - name: Display Docker version
+      debug:
+        var: docker_version_check.stdout_lines
+
+    - name: Verify Docker Compose installation
+      command: docker-compose --version
+      register: docker_compose_version_check
+      changed_when: false
+      failed_when: false
+
+    - name: Display Docker Compose version
+      debug:
+        var: docker_compose_version_check.stdout_lines

ansible/playbooks/dev/roles/docker/README.md

@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

ansible/playbooks/dev/roles/docker/defaults/main.yml

@@ -0,0 +1,3 @@
+#SPDX-License-Identifier: MIT-0
+---
+# defaults file for ansible/playbooks/dev/roles/docker

ansible/playbooks/dev/roles/docker/handlers/main.yml

@@ -0,0 +1,3 @@
+#SPDX-License-Identifier: MIT-0
+---
+# handlers file for ansible/playbooks/dev/roles/docker