diff --git a/.gitea/workflows/010_example_ci.yaml b/.gitea/workflows/010_example_ci.yaml new file mode 100644 index 0000000..f39fd34 --- /dev/null +++ b/.gitea/workflows/010_example_ci.yaml @@ -0,0 +1,131 @@ +name: Example CI + +on: + workflow_dispatch: + inputs: + image-tag: + description: "Tag for image" + default: "latest" # Define Docker image tag + type: string + required: true + +jobs: + lint: + runs-on: ubuntu-22.04 + steps: + - name: Checkout source code + uses: actions/checkout@v4 + - name: Install Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: '3.10' + - name: Install tox + run: pip install tox + - name: Run lint + run: | + cd backend + tox -e lint + + unit-test: + runs-on: ubuntu-22.04 + steps: + - name: Checkout source code + uses: actions/checkout@v4 + - name: Install Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: '3.10' + - name: Install tox + run: pip install tox + - name: Run unit tests + run: | + cd backend + tox -e unit + + build-image: + runs-on: ubuntu-22.04 + needs: [lint, unit-test] # Specify that build-image depends on lint and unit-test + steps: + - name: Checkout source code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build and export + uses: docker/build-push-action@v5 # Build Docker image via Dockerfile + with: + context: backend # Directory of Dockerfile + tags: ${{ vars.IMAGE }}:${{ inputs.image-tag }} + outputs: type=docker,dest=/tmp/image.tar + + - name: Upload artifact + uses: actions/upload-artifact@v3 + with: + name: image + path: /tmp/image.tar + + integration-tests: + runs-on: ubuntu-22.04 + needs: [build-image] + steps: + - name: Download artifact + uses: actions/download-artifact@v3 + with: + name: image + path: /tmp + - name: Load image + run: | + docker load --input /tmp/image.tar + docker image ls -a + docker run -p 8080:80 -d ${{ vars.IMAGE }}:${{ inputs.image-tag }} + sleep 5 + curl --fail 'http://localhost:8080/' + + vulnerability-scan: + runs-on: ubuntu-22.04 + needs: [build-image] + steps: + - name: Download artifact + uses: actions/download-artifact@v3 + with: + name: image + path: /tmp + - name: Load image + run: | + docker load --input /tmp/image.tar + docker image ls -a + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + image-ref: ${{ vars.IMAGE }}:${{ inputs.image-tag }} + format: 'json' + output: 'trivy-results.json' + severity: 'CRITICAL,HIGH' + - name: Upload results + uses: actions/upload-artifact@v3 + with: + name: trivy-results + path: ${{ github.workspace }}/trivy-results.json + + publish-image: + runs-on: ubuntu-22.04 + needs: [integration-tests, vulnerability-scan] + steps: + - name: Download artifact + uses: actions/download-artifact@v3 + with: + name: image + path: /tmp + - name: Load image + run: | + docker load --input /tmp/image.tar + docker image ls -a + - name: Login to DockerHub + uses: docker/login-action@v3 + with: + username: ${{ secrets.REGISTRY_USER }} + password: ${{ secrets.REGISTRY_TOKEN }} + - name: Docker push image to DockerHub + run: | + docker push ${{ vars.IMAGE }}:${{ inputs.image-tag }} \ No newline at end of file diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..f67e73c --- /dev/null +++ b/.gitignore @@ -0,0 +1,9 @@ +venv/ +build/ +*.charm +.tox/ +.coverage +__pycache__/ +.pytest_cache/ +*.py[cod] +.idea diff --git a/backend/Dockerfile b/backend/Dockerfile new file mode 100644 index 0000000..e9f3229 --- /dev/null +++ b/backend/Dockerfile @@ -0,0 +1,9 @@ +FROM python:3.10-slim + +WORKDIR /app +COPY requirements.txt /app/requirements.txt +RUN pip install -r requirements.txt +COPY . /app + +EXPOSE 80 +CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "80"] \ No newline at end of file diff --git a/backend/requirements-fmt.txt b/backend/requirements-fmt.txt new file mode 100644 index 0000000..a35b0f5 --- /dev/null +++ b/backend/requirements-fmt.txt @@ -0,0 +1,24 @@ +# +# This file is autogenerated by pip-compile with Python 3.8 +# by the following command: +# +# pip-compile requirements-fmt.in +# +black==23.9.1 + # via -r requirements-fmt.in +click==8.1.7 + # via black +isort==5.12.0 + # via -r requirements-fmt.in +mypy-extensions==1.0.0 + # via black +packaging==23.1 + # via black +pathspec==0.11.2 + # via black +platformdirs==3.10.0 + # via black +tomli==2.0.1 + # via black +typing-extensions==4.8.0 + # via black diff --git a/backend/requirements-lint.txt b/backend/requirements-lint.txt new file mode 100644 index 0000000..4330e9c --- /dev/null +++ b/backend/requirements-lint.txt @@ -0,0 +1,51 @@ +# +# This file is autogenerated by pip-compile with Python 3.8 +# by the following command: +# +# pip-compile requirements-lint.in +# +black==23.9.1 + # via -r requirements-lint.in +click==8.1.7 + # via black +codespell==2.2.5 + # via -r requirements-lint.in +flake8==6.0.0 + # via + # -r requirements-lint.in + # flake8-builtins + # pep8-naming + # pyproject-flake8 +flake8-builtins==2.1.0 + # via -r requirements-lint.in +flake8-copyright==0.2.4 + # via -r requirements-lint.in +isort==5.12.0 + # via -r requirements-lint.in +mccabe==0.7.0 + # via flake8 +mypy-extensions==1.0.0 + # via black +packaging==23.1 + # via black +pathspec==0.11.2 + # via black +pep8-naming==0.13.3 + # via -r requirements-lint.in +platformdirs==3.10.0 + # via black +pycodestyle==2.10.0 + # via flake8 +pyflakes==3.0.1 + # via flake8 +pyproject-flake8==6.0.0.post1 + # via -r requirements-lint.in +tomli==2.0.1 + # via + # black + # pyproject-flake8 +typing-extensions==4.8.0 + # via black + +# The following packages are considered to be unsafe in a requirements file: +# setuptools diff --git a/backend/requirements.txt b/backend/requirements.txt new file mode 100644 index 0000000..6eb791a --- /dev/null +++ b/backend/requirements.txt @@ -0,0 +1,4 @@ +fastapi +httpx +pytest +uvicorn