Merge pull request #4 from 3llimi/lab03

Ahmed Baha Eddine Alimi - B23-SD-01 [Lab03 + Bonus Task]

Author: 3llimi

.github/workflows/go-ci.yml

@@ -0,0 +1,101 @@
+name: Go CI
+
+on:
+  push:
+    branches: [ master, lab03 ]
+    paths:
+      - 'app_go/**'
+      - '.github/workflows/go-ci.yml'
+  pull_request:
+    branches: [ master ]
+    paths:
+      - 'app_go/**'
+
+jobs:
+  test:
+    name: Test Go Application
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: '1.23'
+          cache-dependency-path: app_go/go.sum
+
+      - name: Install dependencies
+        working-directory: ./app_go
+        run: go mod download
+
+      - name: Run gofmt
+        working-directory: ./app_go
+        run: |
+          gofmt -l .
+          test -z "$(gofmt -l .)"
+
+      - name: Run go vet
+        working-directory: ./app_go
+        run: go vet ./...
+
+      - name: Run tests with coverage
+        working-directory: ./app_go
+        run: go test -v -race -coverprofile=coverage.out -covermode=atomic ./...
+
+      - name: Display coverage summary
+        working-directory: ./app_go
+        run: go tool cover -func=coverage.out
+
+      - name: Convert coverage to lcov format
+        working-directory: ./app_go
+        run: |
+          go install github.com/jandelgado/gcov2lcov@latest
+          gcov2lcov -infile=coverage.out -outfile=coverage.lcov
+
+      - name: Upload coverage to Coveralls
+        uses: coverallsapp/github-action@v2
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          path-to-lcov: ./app_go/coverage.lcov
+          flag-name: go
+          parallel: false
+
+  docker:
+    name: Build and Push Docker Image
+    runs-on: ubuntu-latest
+    needs: test
+    if: github.event_name == 'push'
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ secrets.DOCKERHUB_USERNAME }}/devops-info-service-go
+          tags: |
+            type=raw,value=latest
+            type=sha,prefix={{date 'YYYY.MM.DD'}}-
+      
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: ./app_go
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.github/workflows/python-ci.yml

@@ -0,0 +1,126 @@
+name: Python CI
+
+on:
+  push:
+    branches: [ master, lab03 ]
+    paths:
+      - 'app_python/**'
+      - '.github/workflows/python-ci.yml'
+  pull_request:
+    branches: [ master ]
+    paths:
+      - 'app_python/**'
+
+jobs:
+  test:
+    name: Test Python Application
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.14'
+          cache: 'pip'
+          cache-dependency-path: 'app_python/requirements-dev.txt'
+
+      - name: Install dependencies
+        working-directory: ./app_python
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements-dev.txt
+
+      - name: Lint with ruff
+        working-directory: ./app_python
+        run: |
+          pip install ruff
+          ruff check . --output-format=github || true
+
+      - name: Run tests with coverage
+        working-directory: ./app_python
+        run: |
+          pytest -v --cov=. --cov-report=term --cov-report=lcov
+
+      - name: Upload coverage to Coveralls
+        uses: coverallsapp/github-action@v2
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          path-to-lcov: ./app_python/coverage.lcov
+          flag-name: python
+          parallel: false
+
+  docker:
+    name: Build and Push Docker Image
+    runs-on: ubuntu-latest
+    needs: test
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ secrets.DOCKERHUB_USERNAME }}/devops-info-service
+          tags: |
+            type=raw,value=latest
+            type=sha,prefix={{date 'YYYY.MM.DD'}}-
+      
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: ./app_python
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+  security:
+    name: Security Scan with Snyk
+    runs-on: ubuntu-latest
+    
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.14'
+
+      - name: Install dependencies
+        working-directory: ./app_python
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+
+      - name: Install Snyk CLI
+        run: |
+          curl --compressed https://static.snyk.io/cli/latest/snyk-linux -o snyk
+          chmod +x ./snyk
+          sudo mv ./snyk /usr/local/bin/snyk
+
+      - name: Authenticate Snyk
+        run: snyk auth ${{ secrets.SNYK_TOKEN }}
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+
+      - name: Run Snyk to check for vulnerabilities
+        working-directory: ./app_python
+        continue-on-error: true
+        run: |
+          snyk test --severity-threshold=high --file=requirements.txt

app_go/README.md

@@ -1,3 +1,5 @@
+[![Go CI](https://github.com/3llimi/DevOps-Core-Course/workflows/Go%20CI/badge.svg)](https://github.com/3llimi/DevOps-Core-Course/actions/workflows/go-ci.yml)
+[![Coverage Status](https://coveralls.io/repos/github/3llimi/DevOps-Core-Course/badge.svg?branch=lab03)](https://coveralls.io/github/3llimi/DevOps-Core-Course?branch=lab03)
 # DevOps Info Service (Go)
 
 A Go implementation of the DevOps info service for the bonus task.