Lab6 Mark Petrov

.github/workflows/ansible-deploy-bonus.yml

@@ -0,0 +1,77 @@
+name: Ansible Deploy (Bonus App)
+
+on:
+  push:
+    branches: [main, master]
+    paths:
+      - 'ansible/vars/app_bonus.yml'
+      - 'ansible/playbooks/deploy_bonus.yml'
+      - 'ansible/roles/web_app/**'
+      - '.github/workflows/ansible-deploy-bonus.yml'
+  pull_request:
+    branches: [main, master]
+    paths:
+      - 'ansible/vars/app_bonus.yml'
+      - 'ansible/playbooks/deploy_bonus.yml'
+      - 'ansible/roles/web_app/**'
+      - '.github/workflows/ansible-deploy-bonus.yml'
+
+jobs:
+  lint:
+    name: Ansible Lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+      - name: Install dependencies
+        run: |
+          pip install ansible ansible-lint
+          ansible-galaxy collection install -r ansible/requirements.yml
+      - name: Run ansible-lint
+        run: |
+          cd ansible
+          ansible-lint playbooks/deploy_bonus.yml
+
+  deploy:
+    name: Deploy Bonus Application
+    needs: lint
+    runs-on: ubuntu-latest
+    if: github.event_name == 'push'
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+      - name: Install Ansible and collections
+        run: |
+          pip install ansible
+          ansible-galaxy collection install -r ansible/requirements.yml
+      - name: Setup SSH
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+          ssh-keyscan -H "${{ secrets.VM_HOST }}" >> ~/.ssh/known_hosts 2>/dev/null || true
+      - name: Create inventory for CI
+        run: |
+          cd ansible
+          mkdir -p inventory
+          printf '%s\n' '[webservers]' "devops-lab4-vm ansible_host=${{ secrets.VM_HOST }} ansible_user=${{ secrets.VM_USER }}" '' '[webservers:vars]' 'ansible_python_interpreter=/usr/bin/python3' > inventory/ci_hosts.ini
+      - name: Deploy Bonus App with Ansible
+        env:
+          ANSIBLE_VAULT_PASSWORD: ${{ secrets.ANSIBLE_VAULT_PASSWORD }}
+        run: |
+          cd ansible
+          echo "$ANSIBLE_VAULT_PASSWORD" > /tmp/vault_pass
+          chmod 600 /tmp/vault_pass
+          ansible-playbook playbooks/deploy_bonus.yml \
+            -i inventory/ci_hosts.ini \
+            --vault-password-file /tmp/vault_pass
+          rm -f /tmp/vault_pass
+      - name: Verify Bonus App
+        run: |
+          sleep 10
+          curl -f "http://${{ secrets.VM_HOST }}:8001" || exit 1
+          curl -f "http://${{ secrets.VM_HOST }}:8001/health" || exit 1

.github/workflows/ansible-deploy.yml

@@ -0,0 +1,97 @@
+# Ansible Deployment: lint on PR/push, deploy on push to ansible/**
+name: Ansible Deployment
+
+on:
+  push:
+    branches: [main, master]
+    paths:
+      - 'ansible/vars/app_python.yml'
+      - 'ansible/playbooks/deploy.yml'
+      - 'ansible/playbooks/deploy_python.yml'
+      - 'ansible/roles/common/**'
+      - 'ansible/roles/docker/**'
+      - 'ansible/roles/web_app/**'
+      - '.github/workflows/ansible-deploy.yml'
+  pull_request:
+    branches: [main, master]
+    paths:
+      - 'ansible/vars/app_python.yml'
+      - 'ansible/playbooks/deploy.yml'
+      - 'ansible/playbooks/deploy_python.yml'
+      - 'ansible/roles/common/**'
+      - 'ansible/roles/docker/**'
+      - 'ansible/roles/web_app/**'
+      - '.github/workflows/ansible-deploy.yml'
+
+jobs:
+  lint:
+    name: Ansible Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+
+      - name: Install dependencies
+        run: |
+          pip install ansible ansible-lint
+          ansible-galaxy collection install -r ansible/requirements.yml
+
+      - name: Run ansible-lint
+        run: |
+          cd ansible
+          ansible-lint playbooks/deploy.yml playbooks/deploy_python.yml playbooks/deploy_bonus.yml playbooks/deploy_all.yml playbooks/provision.yml playbooks/site.yml
+
+  deploy:
+    name: Deploy Application
+    needs: lint
+    runs-on: ubuntu-latest
+    if: github.event_name == 'push'
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+
+      - name: Install Ansible and collections
+        run: |
+          pip install ansible
+          ansible-galaxy collection install -r ansible/requirements.yml
+
+      - name: Setup SSH
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+          ssh-keyscan -H "${{ secrets.VM_HOST }}" >> ~/.ssh/known_hosts 2>/dev/null || true
+
+      - name: Create inventory for CI
+        run: |
+          cd ansible
+          mkdir -p inventory
+          printf '%s\n' '[webservers]' "devops-lab4-vm ansible_host=${{ secrets.VM_HOST }} ansible_user=${{ secrets.VM_USER }}" '' '[webservers:vars]' 'ansible_python_interpreter=/usr/bin/python3' > inventory/ci_hosts.ini
+
+      - name: Deploy Python App with Ansible
+        env:
+          ANSIBLE_VAULT_PASSWORD: ${{ secrets.ANSIBLE_VAULT_PASSWORD }}
+        run: |
+          cd ansible
+          echo "$ANSIBLE_VAULT_PASSWORD" > /tmp/vault_pass
+          chmod 600 /tmp/vault_pass
+          ansible-playbook playbooks/deploy_python.yml \
+            -i inventory/ci_hosts.ini \
+            --vault-password-file /tmp/vault_pass
+          rm -f /tmp/vault_pass
+
+      - name: Verify Python App
+        run: |
+          sleep 10
+          curl -f "http://${{ secrets.VM_HOST }}:8000" || exit 1
+          curl -f "http://${{ secrets.VM_HOST }}:8000/health" || exit 1

.github/workflows/go-ci.yml

@@ -0,0 +1,116 @@
+name: Go CI/CD Pipeline
+
+on:
+  push:
+    branches:
+      - main
+      - master
+      - lab3
+    paths:
+      - 'app_go/**'
+      - '.github/workflows/go-ci.yml'
+  pull_request:
+    branches:
+      - main
+      - master
+    paths:
+      - 'app_go/**'
+      - '.github/workflows/go-ci.yml'
+
+env:
+  GO_VERSION: '1.21'
+  DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }}
+  IMAGE_NAME: devops-info-service-go
+
+jobs:
+  test:
+    name: Test and Lint
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: ${{ env.GO_VERSION }}
+          cache-dependencies: true
+
+      - name: Run go vet
+        run: |
+          cd app_go
+          go vet ./...
+
+      - name: Run gofmt check
+        run: |
+          cd app_go
+          if [ "$(gofmt -s -l . | wc -l)" -gt 0 ]; then
+            echo "Code is not formatted. Run 'gofmt -s -w .'"
+            gofmt -d .
+            exit 1
+          fi
+
+      - name: Run tests
+        run: |
+          cd app_go
+          go test -v -coverprofile=coverage.out ./...
+
+      - name: Generate coverage report
+        run: |
+          cd app_go
+          go tool cover -html=coverage.out -o coverage.html
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          file: ./app_go/coverage.out
+          flags: go
+          name: go-coverage
+          fail_ci_if_error: false
+
+  build-and-push:
+    name: Build and Push Docker Image
+    runs-on: ubuntu-latest
+    needs: test
+    if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' || github.ref == 'refs/heads/lab03')
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_TOKEN }}
+
+      - name: Generate CalVer version
+        id: calver
+        run: |
+          VERSION=$(date +'%Y.%m.%d')
+          BUILD_NUMBER=${GITHUB_RUN_NUMBER}
+          FULL_VERSION="${VERSION}.${BUILD_NUMBER}"
+          echo "version=${VERSION}" >> $GITHUB_OUTPUT
+          echo "full_version=${FULL_VERSION}" >> $GITHUB_OUTPUT
+          echo "CalVer: ${VERSION}, Full: ${FULL_VERSION}"
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: ./app_go
+          push: true
+          tags: |
+            ${{ env.DOCKER_HUB_USERNAME }}/${{ env.IMAGE_NAME }}:${{ steps.calver.outputs.version }}
+            ${{ env.DOCKER_HUB_USERNAME }}/${{ env.IMAGE_NAME }}:${{ steps.calver.outputs.full_version }}
+            ${{ env.DOCKER_HUB_USERNAME }}/${{ env.IMAGE_NAME }}:latest
+          cache-from: type=registry,ref=${{ env.DOCKER_HUB_USERNAME }}/${{ env.IMAGE_NAME }}:buildcache
+          cache-to: type=registry,ref=${{ env.DOCKER_HUB_USERNAME }}/${{ env.IMAGE_NAME }}:buildcache,mode=max
+          labels: |
+            org.opencontainers.image.title=DevOps Info Service (Go)
+            org.opencontainers.image.description=DevOps course info service - Go implementation
+            org.opencontainers.image.version=${{ steps.calver.outputs.version }}
+            org.opencontainers.image.revision=${{ github.sha }}