Lab 05 solution – Aleksei Fominykh

.github/workflows/python-ci.yml

@@ -0,0 +1,69 @@
+name: Python CI/CD
+
+on:
+  push:
+    branches: [ "lab03" ]
+    paths:
+      - 'app_python/**'
+      - '.github/workflows/python-ci.yml'
+  pull_request:
+    branches: [ "main" ]
+    paths:
+      - 'app_python/**'
+
+concurrency:
+  group: python-ci-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  test-and-build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.12"
+        cache: 'pip'
+
+    - name: Install dependencies
+      run: |
+        pip install -r app_python/requirements.txt
+        pip install pytest pytest-cov flake8
+
+    - name: Run linter
+      run: flake8 app_python
+      continue-on-error: true
+
+    - name: Run tests
+      run: pytest app_python/tests --cov=app_python --cov-report=xml
+
+    - name: Install Snyk
+      run: npm install -g snyk
+
+    - name: Run Snyk (warn only)
+      run: snyk test --file=app_python/requirements.txt --severity-threshold=high
+      env:
+        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      continue-on-error: true
+
+    - name: Generate version (CalVer)
+      run: echo "VERSION=$(date +'%Y.%m.%d')" >> $GITHUB_ENV
+
+    - name: Log in to Docker Hub
+      uses: docker/login-action@v3
+      with:
+        username: ${{ secrets.DOCKER_USERNAME }}
+        password: ${{ secrets.DOCKER_PASSWORD }}
+
+    - name: Build and Push Docker Image
+      uses: docker/build-push-action@v6
+      with:
+        context: ./app_python
+        push: true
+        tags: |
+          ${{ secrets.DOCKER_USERNAME }}/devops-core-app-python:${{ env.VERSION }}
+          ${{ secrets.DOCKER_USERNAME }}/devops-core-app-python:latest

README.md

@@ -3,6 +3,7 @@
 [![Labs](https://img.shields.io/badge/Labs-18-blue)](#labs)
 [![Exam](https://img.shields.io/badge/Exam-Optional-green)](#exam-alternative)
 [![Duration](https://img.shields.io/badge/Duration-18%20Weeks-lightgrey)](#course-roadmap)
+[![Python CI](https://github.com/ph1larmon1a/DevOps-Core-Course/actions/workflows/python-ci.yml/badge.svg)](https://github.com/ph1larmon1a/DevOps-Core-Course/actions/workflows/python-ci.yml)
 
 Master **production-grade DevOps practices** through hands-on labs. Build, containerize, deploy, monitor, and scale applications using industry-standard tools.
 

ansible/.gitignore

@@ -0,0 +1,8 @@
+# Ansible
+*.retry
+.vault_pass
+__pycache__/
+ansible/inventory/*.pyc
+
+# OS
+.DS_Store

ansible/README.md

@@ -0,0 +1,36 @@
+# Lab05 — Ansible Fundamentals (Generated Project)
+
+## Quickstart
+
+From `ansible/`:
+
+```bash
+# Install collections
+ansible-galaxy collection install -r requirements.yml
+
+# Test connectivity (static inventory)
+ansible all -m ping
+
+# Provision
+ansible-playbook playbooks/provision.yml
+
+# Create Vault (use template as a guide)
+#   ansible-vault create group_vars/all.yml
+# or copy example then encrypt:
+#   cp group_vars/all.yml.example group_vars/all.yml
+#   ansible-vault encrypt group_vars/all.yml
+
+# Deploy
+ansible-playbook playbooks/deploy.yml --ask-vault-pass
+```
+
+## Bonus — AWS Dynamic Inventory
+
+1) Ensure AWS creds are available (env vars, AWS CLI profile, or instance role)
+2) Edit `inventory/aws_ec2.yml` region/filter as needed
+3) Run:
+
+```bash
+ansible-inventory -i inventory/aws_ec2.yml --graph
+ansible -i inventory/aws_ec2.yml all -m ping
+```

ansible/ansible.cfg

@@ -0,0 +1,14 @@
+[defaults]
+inventory = inventory/hosts.ini
+roles_path = roles
+host_key_checking = False
+remote_user = ubuntu
+retry_files_enabled = False
+stdout_callback = ansible.builtin.default
+result_format = yaml
+interpreter_python = auto_silent
+
+[privilege_escalation]
+become = True
+become_method = sudo
+become_user = root