Lab6

.github/workflows/python-ci.yml

@@ -0,0 +1,76 @@
+name: Python test and build
+
+on:
+  push:
+    branches: [ lab** ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  PYTHON_VERSION: '3.12'
+  DOCKER_IMAGE_NAME: 'devops-info-service'
+  APP_PATH: 'app_python'
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+          cache: 'pip'
+          cache-dependency-path: '${{ env.APP_PATH }}/requirements.txt'
+
+      - name: Install dependencies
+        run: |
+          pip install -r ${{ env.APP_PATH }}/requirements.txt
+          pip install pytest flake8
+
+      - name: Run a linter
+        run: flake8 ${{ env.APP_PATH }}/app.py --max-line-length=100 --statistics
+
+      - name: Run unit tests
+        run: pytest ${{ env.APP_PATH }}
+
+      - name: Install Snyk CLI
+        run: |
+          curl https://downloads.snyk.io/cli/stable/snyk-linux -o snyk-linux
+          curl https://downloads.snyk.io/cli/stable/snyk-linux.sha256 -o snyk.sha256
+          sha256sum -c snyk.sha256
+          chmod +x snyk-linux
+          sudo mv snyk-linux /usr/local/bin/snyk
+      - name: Run Snyk to test project dependencies
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        run: |
+          cd ${{ env.APP_PATH }}
+          snyk auth  ${{ secrets.SNYK_TOKEN }}
+          snyk test
+
+  docker:
+    needs: test
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Generate version
+        run: echo "VERSION=$(date +%Y.%m.%d)" >> $GITHUB_ENV
+
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: ./${{ env.APP_PATH }}
+          push: true
+          tags: |
+            ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.DOCKER_IMAGE_NAME }}:latest
+            ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.DOCKER_IMAGE_NAME }}:${{ env.VERSION }}

ansible/ansible.cfg

@@ -0,0 +1,12 @@
+[defaults]
+inventory = inventory/hosts.ini
+roles_path = roles
+host_key_checking = False
+remote_user = ubuntu
+retry_files_enabled = False
+deprecation_warnings = False
+
+[privilege_escalation]
+become = True
+become_method = sudo
+become_user = root

ansible/group_vars/all.yml

@@ -0,0 +1,55 @@
+$ANSIBLE_VAULT;1.1;AES256
+66363163383865346639333733303737653036373230636663373139643332653439633861653532
+3566366563323736633532363331656565333361323933390a613136396236353364303464663264
+37376632393134633835363263326638393561323733343937363830356165336533363863333064
+6435653261613932390a613366393634363232386435633834396164653266616131636262313333
+33323930323437666161366332336637383731666634323562643831616139336661626138333832
+32383161646635333330366563393139656132643133326539646462313764346466323836396264
+38656565383630653466306435646637363131663964373862613265386431666439633935303533
+66386635303139326363393735373265306437326236306233626635333431666462346461316363
+64383633626539373335626364613966613035326238363830383739343366313138303139373262
+36353036373537636635363835633266663437663434633566373836663335363031386463313261
+36313930336636656163656533353964643965633138383462346564363038313162663534323039
+36653065636161653533393631306134346364383138613939353461383636336465323632663036
+61666136643835333637613735346139303264383536613430333233376364323765316133323432
+31316132623537636234303031663830616632306233303035613534323965633366623966333164
+34353536393635363037373237393239633539653439326637666138656237363263353734336431
+38346539376364623132313530613339663135303630346461383333653838316336336237623366
+32613162353761353566663039626163636263343864356162376531353630356437646135643037
+66653631303665303261636233633232646133363533636463636566303935656431616665613538
+31363365353663643039613535383966666564636336386564313130393334326637363034666530
+30386130633965363830313233666438613366313636343531376230626462623231643430346363
+66643863396362623763623736303230343730653263633432663033653863313833613963616465
+37376235626635353364383736613163323638643661376630643230616238323639316266366163
+32326436313932313531613639356166356634303935353739306332623063333933316530323435
+61313738363530323735346565306636306230306564333138353964393231386239303563323662
+63386631636231626134393734666632636533316435363636366237326239343739373637623661
+32656566663830636566636231313030323331373562376263313933323962626539666362366437
+66626533353964356132393764316334376263373666386264373866303938656634343339366664
+63633537626665366161663964323832333531383862303463666230343034643661303532303762
+30626537636430363162316230386534306138396238393135353634643631623361376364323865
+65393462383265306165633861613965663432303661636536326534303130623339393932636330
+35636238323432616330623966356437356237653665353232386231393765316263353264356264
+35386439636462316163353962626633616533363330333539373837376531386534386230646537
+35366230336632613332356334626633376563373738383339613136366236643531323738373665
+34666530343462613665633636623761646264623035353332653536323737376136303262623132
+65306663313964303634323737663061303538636331326231303331383166343035336633373064
+30643666633666623234633537313338303939303333626637393037636638393861353334366534
+39366539613362623036636633333932363938323539663662386366633363366263316366613033
+66653337613139323562303435633034343962306132663631623663653039666230383437343138
+31306131326266316665613266636432613737396238653136326435343564366666383738313435
+64663238633265363636386130373139306464346231636135646135623733613035363635646165
+38633633656530626466333566303866636535393435303938373932353864353433643338353061
+64303037306237613064333164333861653638333030383965653533343931346133633735643062
+63363137653564353836333231303565326431616563303463643062653331656363386564656563
+30623932666235343364376363353561356330323833656639623364346431663236343031646661
+62633937303661386139666465363034616563646633613330323937396239373930646463353763
+37393830363832383536653665353934373163373762363432363064653862323238363434373438
+64393461333962303066666532363937653330356166353332303536346231623234386465643765
+34373666316633626335383335656535656235326366393265353332623062653836306162623363
+36386661383963396339613437376435633362333930373731316237376563393233656334613630
+39646537636665343565343066623434343634613062323164346335613930623365623537306638
+61303364363731306138663434393366336639376266336661343537353665323863663234663763
+61383237386637323831343838306337323531643830633364303862633434656132383235373639
+37326662376230303030646331663734326636663363616164626461303563656436353433373962
+3361353964383637616264356164666561623934393666383139

ansible/group_vars/all.yml.backup

@@ -0,0 +1,24 @@
+$ANSIBLE_VAULT;1.1;AES256
+37363538613332346638663330653662623065303465383039323431613066323366376465393965
+3338613132343965316433313431346233343935383430300a346130633437633365343664353132
+39353134616263626561356135356133313834343936386664646233306639366463303166303630
+6435343166373463370a623635656434353730356366373738643564616432663065653237353334
+62393931313930363734666133656463666535306435633765373764303131373462643961633733
+36653863633037663766656661316362633965326632303037623634383535336261393463666231
+35646431386239353037306535303663323161386536303663386230313165303239636466373264
+33343638616264666438376665313839646335633231633532623733306132613765386263363439
+39363337643531393634666131623163666432663631363734303333373032653663383666623035
+32363138396432613661313630383763303231383233656335656335613163336566646364336239
+63333034346632336561633263663136383539666562396635633434623966396166313063393038
+31666265633161613537353430333133663732363237636164613765386564663433346539636135
+37396237616537623565393566636134396138616538333065656164663166306338633865633464
+39333538623033643934373163643330356132383361343934323066303735373961653637663865
+31613230623435316330393531646538333162353363656363376132306261346163306430353432
+38303737316666333731373065383030633731326638343932653938333131336464353530313765
+62653065336138656235323932643831643238306130353731666233366530333361313737353233
+65343932353839343665663238376163373233623931343036346163613632353637376237396663
+38303266646665626231646463313530363466393335333565643934363833633463303238653764
+39613761633234363133383236303039623635386261346266373663313064373962306630313564
+35383932666139373336333634396365303364653339613938306238636139386337653331326266
+31356134333662306538323465663261356433616433343933633439663663623238363363333065
+396137666236663538343338633061376438

ansible/inventory/hosts.ini

@@ -0,0 +1,2 @@
+[webservers]
+damir-VirtualBox ansible_host=192.168.1.8 ansible_user=damir

ansible/playbooks/deploy.yml

@@ -0,0 +1,32 @@
+---
+- name: Deploy application to web servers
+  hosts: webservers
+  become: yes
+  gather_facts: yes
+
+  vars_files:
+    - ../group_vars/all.yml
+
+  pre_tasks:
+    - name: Display deployment information
+      debug:
+        msg:
+          - "Starting deployment of {{ app_name }}"
+          - "Image: {{ dockerhub_username }}/{{ app_name }}:{{ docker_image_tag }}"
+          - "Target host: {{ inventory_hostname }}"
+
+  roles:
+    - role: web_app
+
+  post_tasks:
+    - name: Verify deployment
+      docker_container_info:
+        name: "{{ app_container_name }}"
+      register: final_container
+
+    - name: Show deployment status
+      debug:
+        msg: 
+          - "Deployment completed successfully!"
+          - "Container status: {{ final_container.container.State.Status }}"
+          - "Container started: {{ final_container.container.State.StartedAt }}"

ansible/playbooks/provision.yml

@@ -0,0 +1,14 @@
+---
+- name: Provision web servers with common tools and Docker
+  hosts: webservers
+  become: yes
+  gather_facts: yes
+
+  roles:
+    - role: common
+      common_timezone: "Europe/Moscow"
+      tags: [common, always]
+
+    - role: docker
+      docker_user: "damir"
+      tags: [docker]

ansible/roles/common/defaults/main.yml

@@ -0,0 +1,25 @@
+---
+# Default packages to install
+common_packages:
+  - python3-pip
+  - python3-venv
+  - curl
+  - wget
+  - git
+  - vim
+  - htop
+  - net-tools
+  - software-properties-common
+  - apt-transport-https
+  - ca-certificates
+  - gnupg
+  - lsb-release
+  - unzip
+  - tree
+  - tmux
+
+# Default timezone
+common_timezone: "UTC"
+
+# User to create (for demonstration)
+common_user_name: appuser

ansible/roles/common/tasks/main.yml

@@ -0,0 +1,55 @@
+---
+- name: Common role tasks
+  block:
+    - name: Package installation block
+      block:
+        - name: Update apt cache
+          apt:
+            update_cache: yes
+            cache_valid_time: 3600
+          register: apt_update_result
+
+        - name: Install essential packages
+          apt:
+            name: "{{ common_packages }}"
+            state: present
+
+      rescue:
+        - name: Fix apt cache on failure
+          command: apt-get update --fix-missing
+
+        - name: Retry package installation
+          apt:
+            name: "{{ common_packages }}"
+            state: present
+
+      always:
+        - name: Log package installation completion
+          copy:
+            content: "Common packages installed at {{ ansible_date_time.iso8601 }}"
+            dest: /tmp/common_packages_completed.log
+
+      tags:
+        - packages
+      become: yes
+
+    - name: User creation block
+      block:
+        - name: Ensure common user exists
+          user:
+            name: "{{ common_user_name }}"
+            state: present
+            shell: /bin/bash
+            create_home: yes
+      tags:
+        - users
+      become: yes
+
+  always:
+    - name: Log common role completion
+      copy:
+        content: "Common role completed at {{ ansible_date_time.iso8601 }}"
+        dest: /tmp/common_role_completed.log
+      become: yes
+
+  tags: common

ansible/roles/docker/defaults/main.yml

@@ -0,0 +1,19 @@
+---
+# Docker version constraints (use 'latest' or specific version)
+docker_version: "latest"
+docker_compose_version: "latest"
+
+# User to add to docker group
+docker_user: "{{ ansible_user }}"
+
+# Docker repository settings
+docker_repo_url: "https://download.docker.com/linux/ubuntu"
+docker_gpg_key: "https://download.docker.com/linux/ubuntu/gpg"
+
+# Docker packages to install
+docker_packages:
+  - docker-ce
+  - docker-ce-cli
+  - containerd.io
+  - docker-buildx-plugin
+  - docker-compose-plugin

ansible/roles/docker/handlers/main.yml

@@ -0,0 +1,7 @@
+---
+- name: restart docker
+  systemd:
+    name: docker
+    state: restarted
+    daemon_reload: yes
+  become: yes

ansible/roles/docker/tasks/config.yml

@@ -0,0 +1,30 @@
+---
+- name: Ensure Docker service is running and enabled
+  systemd:
+    name: docker
+    state: started
+    enabled: yes
+
+- name: Add user to docker group
+  user:
+    name: "{{ docker_user }}"
+    groups: docker
+    append: yes
+  notify: restart docker
+
+- name: Install Python Docker module for Ansible
+  pip:
+    name:
+      - docker
+      - docker-compose
+    state: present
+
+- name: Verify Docker installation
+  command: docker --version
+  register: docker_version_check
+  changed_when: false
+
+- name: Display Docker version
+  debug:
+    msg: "Docker installed: {{ docker_version_check.stdout }}"
+  when: docker_version_check.stdout is defined