feat: complete lab03 ci pipeline

Author: pepega

.github/workflows/python-ci.yml

@@ -0,0 +1,91 @@
+name: Python CI
+
+on:
+  push:
+    branches:
+      - master
+      - lab03
+    paths:
+      - "app_python/**"
+      - ".github/workflows/python-ci.yml"
+  pull_request:
+    branches:
+      - master
+    paths:
+      - "app_python/**"
+      - ".github/workflows/python-ci.yml"
+
+concurrency:
+  group: python-ci-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+          cache: "pip"
+          cache-dependency-path: app_python/requirements.txt
+
+      - name: Install dependencies
+        working-directory: app_python
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+
+      - name: Lint with ruff
+        working-directory: app_python
+        run: ruff check .
+
+      - name: Run tests
+        working-directory: app_python
+        run: pytest -q
+
+      - name: Snyk security scan
+        if: ${{ secrets.SNYK_TOKEN != '' }}
+        uses: snyk/actions/python@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --severity-threshold=high
+
+  docker:
+    needs: test
+    if: ${{ github.event_name == 'push' && (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/lab03') }}
+    runs-on: ubuntu-latest
+
+    env:
+      DOCKER_IMAGE: ${{ secrets.DOCKERHUB_USERNAME }}/devops-info-service
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Generate version
+        run: echo "VERSION=$(date +'%Y.%m.%d')" >> $GITHUB_ENV
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: app_python
+          file: app_python/Dockerfile
+          push: true
+          tags: |
+            ${{ env.DOCKER_IMAGE }}:${{ env.VERSION }}
+            ${{ env.DOCKER_IMAGE }}:latest

app_python/README.md

@@ -1,5 +1,7 @@
 # DevOps Info Service
 
+[![Python CI](https://github.com/pepegx/DevOps-Core-Course/actions/workflows/python-ci.yml/badge.svg)](https://github.com/pepegx/DevOps-Core-Course/actions/workflows/python-ci.yml)
+
 > A web service that provides comprehensive system and runtime information for DevOps monitoring and diagnostics.
 
 ## Overview
@@ -112,6 +114,20 @@ HOST=127.0.0.1 PORT=3000 DEBUG=true python app.py
 gunicorn -w 4 -b 0.0.0.0:5000 app:app
 ```
 
+## Test Suite
+
+Run the test suite locally with:
+
+```bash
+pytest -q
+```
+
+Run linting locally with:
+
+```bash
+ruff check .
+```
+
 ## Docker
 
 ### Build Image (pattern)

app_python/docs/LAB03.md

@@ -0,0 +1,66 @@
+# Lab 3 — Continuous Integration (CI/CD): Implementation Report
+
+**Student:** Danil Fishchenko  
+**Date:** January 31, 2026  
+**App:** DevOps Info Service (Flask)
+
+---
+
+## 1. Overview
+
+- **Testing framework:** pytest — concise syntax, strong fixtures ecosystem, widely used for Flask apps.
+- **Coverage:** Tests validate `GET /`, `GET /health`, and error responses (404, 405).
+- **Workflow triggers:** Runs on push to `master` and `lab03`, and on PRs to `master`, only when `app_python/**` or workflow file changes.
+- **Versioning strategy:** **CalVer** (`YYYY.MM.DD`) for Docker tags — simple and time-based for a continuously deployed service.
+
+---
+
+## 2. Workflow Evidence
+
+- ✅ **Successful workflow run:** TODO — add GitHub Actions run link after push.
+- ✅ **Tests passing locally (terminal output):**
+
+```
+....                                                              [100%]
+4 passed in 0.07s
+```
+
+- ✅ **Local run + endpoint checks:**
+
+```
+{"endpoints":[{"description":"Service and system information","method":"GET","path":"/"},{"description":"Health check endpoint","method":"GET","path":"/health"}],"request":{"client_ip":"127.0.0.1","me
+{"status":"healthy","timestamp":"2026-01-31T11:00:38.653301+00:00","uptime_seconds":1}
+```
+
+- ✅ **Docker image on Docker Hub:** https://hub.docker.com/r/pepegx/devops-info-service
+- ✅ **Status badge in README:** Added to the top of the app README.
+
+---
+
+## 3. Best Practices Implemented
+
+- **Dependency caching:** `actions/setup-python` with pip cache speeds up repeated installs.
+- **Job dependencies:** Docker build/push runs only after tests pass (`needs: test`).
+- **Conditional publishing:** Docker push runs only on `master` or `lab03` branch pushes.
+- **Workflow concurrency:** Cancels outdated runs on the same branch.
+- **Path filters:** CI runs only when `app_python/` changes.
+- **Snyk scanning:** Optional dependency vulnerability scan with `SNYK_TOKEN` secret.
+
+**Caching speed improvement:** TODO — record cache hit/miss times from Actions.
+
+**Snyk results:** TODO — record findings or note “no issues found.”
+
+---
+
+## 4. Key Decisions
+
+- **Versioning Strategy:** CalVer aligns with frequent service updates without manual SemVer management.
+- **Docker Tags:** `${VERSION}` (CalVer) and `latest` for stable consumers.
+- **Workflow Triggers:** Focused on `app_python/` to avoid unnecessary CI in a monorepo.
+- **Test Coverage:** Core endpoints and error cases tested; system-specific values are asserted by structure, not exact host values.
+
+---
+
+## 5. Challenges (Optional)
+
+- **None encountered** during local test setup.

app_python/requirements.txt

@@ -7,3 +7,4 @@ gunicorn==21.2.0
 # Development and Testing
 pytest==7.4.3
 pytest-flask==1.3.0
+ruff==0.6.9

app_python/tests/test_app.py

@@ -0,0 +1,47 @@
+import app as app_module
+
+
+class TestDevOpsInfoService:
+    def setup_method(self):
+        app_module.app.config.update({
+            "TESTING": True
+        })
+        self.client = app_module.app.test_client()
+
+    def test_root_endpoint_success(self):
+        response = self.client.get("/")
+        assert response.status_code == 200
+
+        data = response.get_json()
+        assert "service" in data
+        assert "system" in data
+        assert "runtime" in data
+        assert "request" in data
+        assert "endpoints" in data
+
+        assert data["service"]["name"] == "devops-info-service"
+        assert data["service"]["framework"] == "Flask"
+        assert isinstance(data["endpoints"], list)
+        assert any(ep["path"] == "/" for ep in data["endpoints"])
+        assert any(ep["path"] == "/health" for ep in data["endpoints"])
+
+    def test_health_endpoint_success(self):
+        response = self.client.get("/health")
+        assert response.status_code == 200
+
+        data = response.get_json()
+        assert data["status"] == "healthy"
+        assert "timestamp" in data
+        assert "uptime_seconds" in data
+
+    def test_not_found_endpoint_returns_404(self):
+        response = self.client.get("/missing")
+        assert response.status_code == 404
+
+        data = response.get_json()
+        assert data["error"] == "Not Found"
+        assert data["status_code"] == 404
+
+    def test_method_not_allowed_returns_405(self):
+        response = self.client.post("/")
+        assert response.status_code == 405