Add .gitea/workflows/*.yaml

.gitea/workflows/010_example_ci.yaml

@@ -0,0 +1,131 @@
+name: Example CI
+
+on:
+  workflow_dispatch:
+    inputs:
+      image-tag: 
+        description: "Tag for image"
+        default: "latest" # Define Docker image tag
+        type: string
+        required: true
+
+jobs:
+  lint:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout source code 
+        uses: actions/checkout@v4
+      - name: Install Python 3.10
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.10'
+      - name: Install tox
+        run: pip install tox
+      - name: Run lint
+        run: |
+          cd backend
+          tox -e lint
+  
+  unit-test:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout source code 
+        uses: actions/checkout@v4
+      - name: Install Python 3.10
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.10'
+      - name: Install tox
+        run: pip install tox
+      - name: Run unit tests
+        run: |
+          cd backend
+          tox -e unit
+
+  build-image:
+    runs-on: ubuntu-22.04
+    needs: [lint, unit-test]  # Specify that build-image depends on lint and unit-test
+    steps:
+      - name: Checkout source code 
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build and export
+        uses: docker/build-push-action@v5 # Build Docker image via Dockerfile
+        with:
+          context: backend # Directory of Dockerfile
+          tags: ${{ vars.IMAGE }}:${{ inputs.image-tag }} 
+          outputs: type=docker,dest=/tmp/image.tar
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: image
+          path: /tmp/image.tar
+  
+  integration-tests:
+    runs-on: ubuntu-22.04
+    needs: [build-image]
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: image
+          path: /tmp
+      - name: Load image
+        run: |
+          docker load --input /tmp/image.tar
+          docker image ls -a
+          docker run -p 8080:80 -d ${{ vars.IMAGE }}:${{ inputs.image-tag }} 
+          sleep 5
+          curl --fail 'http://localhost:8080/'
+  
+  vulnerability-scan:
+    runs-on: ubuntu-22.04
+    needs: [build-image]
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: image
+          path: /tmp
+      - name: Load image
+        run: |
+          docker load --input /tmp/image.tar
+          docker image ls -a
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: ${{ vars.IMAGE }}:${{ inputs.image-tag }}
+          format: 'json'
+          output: 'trivy-results.json'
+          severity: 'CRITICAL,HIGH'
+      - name: Upload results
+        uses: actions/upload-artifact@v3
+        with:
+          name: trivy-results
+          path: ${{ github.workspace }}/trivy-results.json
+  
+  publish-image:
+    runs-on: ubuntu-22.04
+    needs: [integration-tests, vulnerability-scan]
+    steps:
+      - name: Download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: image
+          path: /tmp
+      - name: Load image
+        run: |
+          docker load --input /tmp/image.tar
+          docker image ls -a
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.REGISTRY_USER }}
+          password: ${{ secrets.REGISTRY_TOKEN }}
+      - name: Docker push image to DockerHub
+        run: |
+          docker push ${{ vars.IMAGE }}:${{ inputs.image-tag }}

.gitignore

@@ -0,0 +1,9 @@
+venv/
+build/
+*.charm
+.tox/
+.coverage
+__pycache__/
+.pytest_cache/
+*.py[cod]
+.idea

backend/Dockerfile

@@ -0,0 +1,9 @@
+FROM python:3.10-slim
+
+WORKDIR /app
+COPY requirements.txt /app/requirements.txt
+RUN pip install -r requirements.txt
+COPY . /app
+
+EXPOSE 80
+CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "80"]

backend/requirements-fmt.txt

@@ -0,0 +1,24 @@
+#
+# This file is autogenerated by pip-compile with Python 3.8
+# by the following command:
+#
+#    pip-compile requirements-fmt.in
+#
+black==23.9.1
+    # via -r requirements-fmt.in
+click==8.1.7
+    # via black
+isort==5.12.0
+    # via -r requirements-fmt.in
+mypy-extensions==1.0.0
+    # via black
+packaging==23.1
+    # via black
+pathspec==0.11.2
+    # via black
+platformdirs==3.10.0
+    # via black
+tomli==2.0.1
+    # via black
+typing-extensions==4.8.0
+    # via black

backend/requirements-lint.txt

@@ -0,0 +1,51 @@
+#
+# This file is autogenerated by pip-compile with Python 3.8
+# by the following command:
+#
+#    pip-compile requirements-lint.in
+#
+black==23.9.1
+    # via -r requirements-lint.in
+click==8.1.7
+    # via black
+codespell==2.2.5
+    # via -r requirements-lint.in
+flake8==6.0.0
+    # via
+    #   -r requirements-lint.in
+    #   flake8-builtins
+    #   pep8-naming
+    #   pyproject-flake8
+flake8-builtins==2.1.0
+    # via -r requirements-lint.in
+flake8-copyright==0.2.4
+    # via -r requirements-lint.in
+isort==5.12.0
+    # via -r requirements-lint.in
+mccabe==0.7.0
+    # via flake8
+mypy-extensions==1.0.0
+    # via black
+packaging==23.1
+    # via black
+pathspec==0.11.2
+    # via black
+pep8-naming==0.13.3
+    # via -r requirements-lint.in
+platformdirs==3.10.0
+    # via black
+pycodestyle==2.10.0
+    # via flake8
+pyflakes==3.0.1
+    # via flake8
+pyproject-flake8==6.0.0.post1
+    # via -r requirements-lint.in
+tomli==2.0.1
+    # via
+    #   black
+    #   pyproject-flake8
+typing-extensions==4.8.0
+    # via black
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools

backend/requirements.txt

@@ -0,0 +1,4 @@
+fastapi
+httpx
+pytest
+uvicorn