Lab11

.github/workflows/app_nodejs.yml

@@ -0,0 +1,136 @@
+name: Nodejs CI
+
+on:
+  push:
+    paths:
+      - "app_nodejs/**"
+      - ".github/workflows/app_nodejs.yml"
+  pull_request:
+    paths:                            
+      - "app_nodejs/**"
+      - ".github/workflows/app_nodejs.yml"
+
+jobs:
+  dependencies:
+    name: Install Dependencies
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      - name: Set Up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "18"
+          cache: "npm"
+          cache-dependency-path: app_nodejs/package-lock.json
+
+      - name: Cache Node Modules
+        uses: actions/cache@v3
+        with:
+          path: app_nodejs/node_modules
+          key: ${{ runner.os }}-node-modules-${{ hashFiles('app_nodejs/package-lock.json') }}
+          restore-keys: |
+            ${{ runner.os }}-node-modules-
+
+      - name: Install Dependencies
+        run: npm install
+        working-directory: app_nodejs
+
+  lint:
+    name: Lint Code
+    runs-on: ubuntu-latest
+    needs: dependencies
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Set Up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "18"
+
+      - name: Restore Cached Node Modules
+        uses: actions/cache@v3
+        with:
+          path: app_nodejs/node_modules
+          key: ${{ runner.os }}-node-modules-${{ hashFiles('app_nodejs/package-lock.json') }}
+
+      - name: Run ESLint
+        run: npx eslint .
+        working-directory: app_nodejs
+
+  snyk:
+    name: Snyk Security Scan
+    runs-on: ubuntu-latest
+    needs: lint
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      - name: Set Up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "18"
+
+      - name: Restore Cached Node Modules
+        uses: actions/cache@v3
+        with:
+          path: app_nodejs/node_modules
+          key: ${{ runner.os }}-node-modules-${{ hashFiles('app_nodejs/package-lock.json') }}
+
+      - name: Run Snyk Security Scan
+        uses: snyk/actions/node@master
+        with:
+          args:  --skip-unresolved --severity-threshold=high app_nodejs/
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+
+  test:
+    name: Run Tests
+    runs-on: ubuntu-latest
+    needs: snyk
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Set Up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "18"
+
+      - name: Restore Cached Node Modules
+        uses: actions/cache@v3
+        with:
+          path: app_nodejs/node_modules
+          key: ${{ runner.os }}-node-modules-${{ hashFiles('app_nodejs/package-lock.json') }}
+
+      - name: Run Jest Tests
+        run: npm test -- --ci --coverage
+        working-directory: app_nodejs
+
+  docker:
+    name: Build & Push Docker Image
+    runs-on: ubuntu-latest
+    needs: test
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      - name: Set Up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build & Push Docker Image
+        uses: docker/build-push-action@v6
+        with:
+          push: true
+          tags: "${{ vars.DOCKER_USERNAME }}/app_nodejs:latest"
+          context: ./app_nodejs
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.github/workflows/app_python.yml

@@ -0,0 +1,157 @@
+name: Python CI
+
+on:
+  push:
+    paths:
+      - "app_python/**"
+      - ".github/workflows/app_python.yml"
+  pull_request:
+    paths:                            
+      - "app_python/**"
+      - ".github/workflows/app_python.yml"
+
+jobs:
+  dependencies:
+    name: Dependencies
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Cache Venv with Dependencies
+        uses: actions/cache@v3
+        with:
+          path: app_python/venv
+          key: ${{ runner.os }}-venv-${{ hashFiles('app_python/requirements.txt') }}
+          restore-keys: |
+            ${{ runner.os }}-venv-
+
+      - name: Install Dependencies
+        run: | 
+          python -m venv venv
+          source venv/bin/activate
+          pip install -r requirements.txt
+        working-directory: app_python
+
+
+  lint:
+    name: Lint 
+    runs-on: ubuntu-latest
+    needs: dependencies
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Set Up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.11"
+
+      - name: Restore Cached venv
+        uses: actions/cache@v3
+        with:
+          path: app_python/venv
+          key: ${{ runner.os }}-venv-${{ hashFiles('app_python/requirements.txt') }}
+
+      - name: Run Flake8 Linter
+        run: |
+          source venv/bin/activate
+          flake8  --exclude=venv,__pycache__,.git --max-line-length=100 .
+        working-directory: app_python
+
+  snyk:
+    name: Snyk Security Scan
+    runs-on: ubuntu-latest
+    needs: lint
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      - name: Run Snyk Security Scan
+        uses: snyk/actions/python-3.10@master
+        with:
+          args: --skip-unresolved app_python/
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+
+
+  run:
+    name: Run
+    runs-on: ubuntu-latest
+    needs: snyk
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Set Up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.11"
+
+      - name: Restore Cached venv
+        uses: actions/cache@v3
+        with:
+          path: app_python/venv
+          key: ${{ runner.os }}-venv-${{ hashFiles('app_python/requirements.txt') }}
+
+      - name: Start Application
+        run: |
+          source venv/bin/activate
+          nohup python app.py > app.log 2>&1 & 
+        working-directory: app_python 
+
+  test:
+    name: Test
+    runs-on: ubuntu-latest
+    needs: run
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Set Up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.11"
+
+      - name: Restore Cached venv
+        uses: actions/cache@v3
+        with:
+          path: app_python/venv
+          key: ${{ runner.os }}-venv-${{ hashFiles('app_python/requirements.txt') }}
+
+      - name: Run Tests
+        run: |
+          source venv/bin/activate
+          pytest --disable-warnings --maxfail=3
+        working-directory: app_python 
+
+  docker:
+    runs-on: ubuntu-latest
+    needs: test
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      - name: Set Up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build & Push
+        uses: docker/build-push-action@v6
+        with:
+          push: true
+          tags: "${{ vars.DOCKER_USERNAME }}/app_python:latest"
+          context: ./app_python
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+

.gitignore

@@ -0,0 +1 @@
+.DS_Store

ansible/.gitignore

@@ -0,0 +1,4 @@
+key.json
+fact_cache
+inventory/yandex-cloud-token
+plugins/inventory/__pycache__/