inno-devops-labs · mashfeii · Feb 11, 2026 · Feb 11, 2026 · Feb 15, 2026 · Feb 19, 2026
diff --git a/.github/workflows/ansible-deploy-bonus.yml b/.github/workflows/ansible-deploy-bonus.yml
@@ -0,0 +1,94 @@
+---
+name: Ansible Deploy Bonus (Go App)
+
+on:
+  push:
+    branches: [master]
+    paths:
+      - "labs-work/ansible/roles/web_app/**"
+      - "labs-work/ansible/vars/app_bonus.yml"
+      - "labs-work/ansible/playbooks/deploy_bonus.yml"
+      - "labs-work/ansible/playbooks/deploy_all.yml"
+  pull_request:
+    branches: [master]
+    paths:
+      - "labs-work/ansible/roles/web_app/**"
+      - "labs-work/ansible/vars/app_bonus.yml"
+      - "labs-work/ansible/playbooks/deploy_bonus.yml"
+      - "labs-work/ansible/playbooks/deploy_all.yml"
+  workflow_dispatch:
+
+jobs:
+  lint:
+    name: Ansible Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install Ansible and ansible-lint
+        run: |
+          pip install ansible ansible-lint
+
+      - name: Run ansible-lint
+        working-directory: labs-work/ansible
+        run: |
+          ansible-lint playbooks/deploy_bonus.yml
+
+  deploy:
+    name: Deploy Go Application
+    runs-on: ubuntu-latest
+    needs: lint
+    if: github.ref == 'refs/heads/master'
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install Ansible
+        run: |
+          pip install ansible
+
+      - name: Setup SSH key
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/devops-lab04
+          chmod 600 ~/.ssh/devops-lab04
+          ssh-keyscan -H ${{ secrets.VM_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
+
+      - name: Write vault password file
+        run: |
+          echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" > /tmp/vault_pass
+          chmod 600 /tmp/vault_pass
+
+      - name: Update inventory with VM host
+        working-directory: labs-work/ansible
+        run: |
+          sed -i "s/ansible_host=.*/ansible_host=${{ secrets.VM_HOST }}/" inventory/hosts.ini
+
+      - name: Run deployment playbook
+        working-directory: labs-work/ansible
+        run: |
+          ansible-playbook playbooks/deploy_bonus.yml \
+            --vault-password-rile /tmp/vault_pass \
+            --private-key ~/.ssh/devops-lab04 \
+            --tags app_deploy
+
+      - name: Verify deployment
+        run: |
+          sleep 5
+          curl -f http://${{ secrets.VM_HOST }}:8001/health
+
+      - name: Cleanup vault password file
+        if: always()
+        run: |
+          rm -f /tmp/vault_pass
diff --git a/.github/workflows/ansible-deploy.yml b/.github/workflows/ansible-deploy.yml
@@ -0,0 +1,90 @@
+---
+name: Ansible Deploy
+
+on:
+  push:
+    branches: [master]
+    paths:
+      - "labs-work/ansible/**"
+      - "!labs-work/ansible/docs/**"
+  pull_request:
+    branches: [master]
+    paths:
+      - "labs-work/ansible/**"
+      - "!labs-work/ansible/docs/**"
+  workflow_dispatch:
+
+jobs:
+  lint:
+    name: Ansible Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install Ansible and ansible-lint
+        run: |
+          pip install ansible ansible-lint
+
+      - name: Run ansible-lint
+        working-directory: labs-work/ansible
+        run: |
+          ansible-lint playbooks/*.yml
+
+  deploy:
+    name: Deploy Application
+    runs-on: ubuntu-latest
+    needs: lint
+    if: github.ref == 'refs/heads/master'
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install Ansible
+        run: |
+          pip install ansible
+
+      - name: Setup SSH key
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/devops-lab04
+          chmod 600 ~/.ssh/devops-lab04
+          ssh-keyscan -H ${{ secrets.VM_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
+
+      - name: Write vault password file
+        run: |
+          echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" > /tmp/vault_pass
+          chmod 600 /tmp/vault_pass
+
+      - name: Update inventory with VM host
+        working-directory: labs-work/ansible
+        run: |
+          sed -i "s/ansible_host=.*/ansible_host=${{ secrets.VM_HOST }}/" inventory/hosts.ini
+
+      - name: Run deployment playbook
+        working-directory: labs-work/ansible
+        run: |
+          ansible-playbook playbooks/deploy.yml \
+            --vault-password-file /tmp/vault_pass \
+            --private-key ~/.ssh/devops-lab04 \
+            --tags app_deploy
+
+      - name: Verify deployment
+        run: |
+          sleep 5
+          curl -f http://${{ secrets.VM_HOST }}:5000/health
+
+      - name: Cleanup vault password file
+        if: always()
+        run: |
+          rm -f /tmp/vault_pass
diff --git a/.github/workflows/go-ci.yml b/.github/workflows/go-ci.yml
@@ -0,0 +1,99 @@
+name: Go CI
+
+on:
+  push:
+    branches: [main, master]
+    paths:
+      - 'labs-work/app_go/**'
+      - '.github/workflows/go-ci.yml'
+  pull_request:
+    branches: [main, master]
+    paths:
+      - 'labs-work/app_go/**'
+      - '.github/workflows/go-ci.yml'
+
+env:
+  DOCKER_IMAGE: mashfeii/devops-info-service-go
+  GO_VERSION: '1.21'
+
+jobs:
+  test:
+    name: Lint and Test
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: labs-work/app_go
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: ${{ env.GO_VERSION }}
+          cache-dependency-path: labs-work/app_go/go.mod
+
+      - name: Run golangci-lint
+        uses: golangci/golangci-lint-action@v4
+        with:
+          working-directory: labs-work/app_go
+          version: latest
+
+      - name: Run tests with coverage
+        run: |
+          go test -v -coverprofile=coverage.out -covermode=atomic ./...
+          go tool cover -func=coverage.out
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v4
+        with:
+          files: labs-work/app_go/coverage.out
+          flags: go
+          token: ${{ secrets.CODECOV_TOKEN }}
+        if: always()
+
+  build:
+    name: Build and Push Docker
+    runs-on: ubuntu-latest
+    needs: test
+    if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Generate CalVer version
+        id: version
+        run: |
+          echo "VERSION=$(date +%Y.%m.%d)" >> $GITHUB_OUTPUT
+          echo "SHA_SHORT=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.DOCKER_IMAGE }}
+          tags: |
+            type=raw,value=${{ steps.version.outputs.VERSION }}
+            type=raw,value=latest
+            type=sha,prefix=,format=short
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: labs-work/app_go
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max