inno-devops-labs · Abraham14711 · Jan 26, 2026 · Feb 4, 2026 · Feb 4, 2026 · Feb 4, 2026
diff --git a/.DS_Store b/.DS_Store
diff --git a/.github/workflows/ansible-deploy.yml b/.github/workflows/ansible-deploy.yml
@@ -0,0 +1,82 @@
+name: Ansible Deployment
+
+on:
+  push:
+    branches: [ main, master, lab06 ]
+    paths:
+      - 'ansible/**'
+      - '.github/workflows/ansible-deploy.yml'
+
+  pull_request:
+    branches: [ main, master,lab06 ]
+    paths:
+      - 'ansible/**'
+
+jobs:
+
+  lint:
+    name: Ansible Lint
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install dependencies
+        run: |
+          pip install ansible ansible-lint
+
+      - name: Create vault password file
+        run: |
+          echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" > /tmp/vault_pass
+
+      - name: Run ansible-lint
+        run: |
+          cd ansible
+          export ANSIBLE_VAULT_PASSWORD_FILE=/tmp/vault_pass
+
+  deploy:
+    name: Deploy Application
+    needs: lint
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install Ansible
+        run: |
+          pip install ansible
+
+      - name: Setup SSH
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+          ssh-keyscan -H ${{ secrets.VM_HOST }} >> ~/.ssh/known_hosts
+
+      - name: Deploy with Ansible
+        run: |
+          cd ansible
+          echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" > /tmp/vault_pass
+
+          ansible-playbook playbooks/deploy.yml \
+            -i inventory/hosts.ini \
+            --vault-password-file /tmp/vault_pass
+
+          rm /tmp/vault_pass
+
+      - name: Verify deployment
+        run: |
+          sleep 10
+          curl -f http://${{ secrets.VM_HOST }}:5000 || exit 1
diff --git a/.github/workflows/python-ci.yaml b/.github/workflows/python-ci.yaml
@@ -0,0 +1,94 @@
+name: Python CI
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+on:
+  push:
+    branches: [ "master", "main", "lab03" ]
+    paths:
+      - "app_python/**"
+      - ".github/workflows/python-ci.yml"
+
+  pull_request:
+    branches: [ "master" ]
+    paths:
+      - "app_python/**"
+      - ".github/workflows/python-ci.yml"
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: set up
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+          cache: pip
+          cache-dependency-path: |
+            app_python/requirements.txt
+
+      - name: dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r app_python/requirements.txt
+
+      - name: snyk
+        uses: snyk/actions/python@master
+        continue-on-error: true
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK }}
+        with:
+          args: --severity-threshold=high
+
+      - name: Linter
+        run: |
+          pip install flake8
+          flake8 app_python/ --count --select=E9,F63,F7,F82 --show-source --statistics
+          flake8 app_python/ --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
+
+      - name: Run tests with coverage
+        working-directory: app_python
+        run: pytest --cov=. --cov-report=xml --cov-fail-under=70
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          file: app_python/coverage.xml
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+  docker:
+    name: docker
+    needs: test
+    if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/lab03' || github.ref == 'refs/heads/main'
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Docker login
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Docker metadata (CalVer)
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: abrahambarrett228/devops-info-service
+          tags: |
+            type=raw,value={{date 'YYYY.MM'}}
+            type=raw,value={{date 'YYYY.MM'}}.${{ github.run_number }}
+            type=raw,value=latest
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: app_python
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
diff --git a/.gitignore b/.gitignore
@@ -1 +1,2 @@
-test
+test
+venv
diff --git a/ansible/.ansible-lint b/ansible/.ansible-lint
@@ -0,0 +1,11 @@
+skip_list:
+  - var-naming
+  - name
+  - key-order
+  - risky-file-permissions
+  - ignore-errors
+  - command-instead-of-module
+  - no-changed-when
+  - fqcn
+  - yaml[truthy]
+  - group_vars/all.yml
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
@@ -0,0 +1,11 @@
+[defaults]
+inventory = inventory/hosts.ini
+roles_path = roles
+host_key_checking = False
+remote_user = ubuntu
+retry_files_enabled = False
+
+[privilege_escalation]
+become = True
+become_method = sudo
+become_user = root
-Original file line number
+Diff line change
@@ -1 +1,2 @@
-    test
+    test
+    venv