lab 5

.gitignore

@@ -0,0 +1,64 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+pip-wheel-metadata/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Translations
+*.mo
+*.pot
+
+
+# pyenv
+.python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow
+__pypackages__/
+
+# Environments
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Pyre type checker
+.pyre/
+.idea/*
+.env
+/backup_worker.iml

CI.MD

@@ -0,0 +1,59 @@
+## Continuous Integration (CI) Best Practices
+
+
+### **Fine-tuned Triggers**
+- Limiting the CI to run only when changes occur in specific folders or files, rather than on every single commit or push. This conserves resources.
+    ```yaml
+    on:
+      push:
+        paths:
+        - 'app_python/**'
+    ```
+
+### **Explicit Environment Setup**
+- Specifying the environment (like the OS) and the exact version of the tools (like Python) ensures consistency across CI runs.
+    ```yaml
+    runs-on: ubuntu-latest
+    ```
+
+### **Dependency Caching**
+- Caching dependencies speeds up CI runs, as they don't have to be fetched from the internet every time.
+    ```yaml
+    - name: Cache pip
+      uses: actions/cache@v2
+    ```
+
+### **Linter Integration**
+- Linters like `flake8` ensure code quality and adherence to coding standards.
+    ```yaml
+    - name: Lint with flake8
+    ```
+
+### **Comprehensive Tests**
+- Run unit tests to catch regressions and ensure that the software behaves as expected.
+    ```yaml
+    - name: Run Tests
+    ```
+
+### Docker Integration
+- Building and pushing Docker images as part of CI ensures the latest code changes are always available as Docker images.
+```yaml
+    - name: Login to Docker Hub
+    - name: Build and Push Docker Image
+```
+
+### Secrets Management
+- Sensitive information, like login credentials, should be stored securely using platform features like [GitHub Secrets](https://docs.github.com/en/actions/reference/encrypted-secrets).
+
+### **Visibility with Status Badges**
+- A status badge in README provides a quick overview of the health of project.
+    ```markdown
+    ![Python CI Workflow](![Python CI Workflow](https://github.com/eukuz/devops-course-labs/workflows/Python%20CI%20Workflow/badge.svg)
+    ```
+
+### **Fail-fast Strategy**
+- If any step in the CI process fails, the entire job should stop immediately. This saves resources and provides faster feedback.
+
+### **Matrix Builds**
+- Running tests on multiple versions of a tool (e.g., Python) ensures compatibility across versions.
+

ansible/ANSIBLE.md

@@ -0,0 +1,64 @@
+### **Result of ansible-playbook playbooks/dev/main.yml --diff**
+
+```
+PLAY [Install docker] ***********************************************************************************************************************************************************************
+
+TASK [Gathering Facts] **********************************************************************
+ok: [vm]
+
+TASK [docker : Update apt] ******************************************************************************************************************************************************************
+changed: [vm]
+
+TASK [docker : Install python and pip] ******************************************************************************************************************************************************
+The following additional packages will be installed:
+  python3-wheel
+Recommended packages:
+  build-essential python3-dev
+The following NEW packages will be installed:
+  python3-pip python3-wheel
+0 upgraded, 2 newly installed, 0 to remove and 201 not upgraded.
+changed: [vm]
+
+TASK [docker : Install docker] **************************************************************************************************************************************************************
+included: /home/ubuntu/devOps/devops-course-labs/ansible/roles/docker/tasks/docker.yml for vm
+
+TASK [docker : Install docker] **************************************************************************************************************************************************************
+ok: [vm]
+
+TASK [docker : Install docker-compose] ******************************************************************************************************************************************************
+included: /home/ubuntu/devOps/devops-course-labs/ansible/roles/docker/tasks/docker_compose.yml for vm
+
+TASK [docker : Install docker-compose] ******************************************************************************************************************************************************
+changed: [vm]
+
+PLAY RECAP **********************************************************************************************************************************************************************************
+vm                       : ok=9    changed=3    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
+```
+
+### **Inventory Details**
+
+```
+{
+    "_meta": {
+        "hostvars": {
+            "vm":   {
+                "ansible_host": "84.201.141.246"
+                "ansible_user": "ubuntu"
+            }
+        }
+    },
+    "all": {
+        "children": [
+            "ungrouped",
+            "virtual_machines"
+        ]
+    }
+    "virtual_machines": {
+        "hosts": [
+            "vm"
+        ]
+    }
+}
+```
+
+

ansible/ansible.cfg

@@ -0,0 +1,3 @@
+[defaults]
+roles_path = ../ansible/roles
+inventory = inventory

ansible/inventory/inventory.yml

@@ -0,0 +1,5 @@
+virtual_machines:
+  hosts:
+    vm:
+      ansible_host: 84.201.141.246
+      ansible_user: ubuntu

ansible/playbooks/dev/main.yml

@@ -0,0 +1,4 @@
+- name: Install docker
+  hosts: vm
+  roles:
+    - docker

ansible/roles/docker/README.md

@@ -0,0 +1,22 @@
+Docker Role
+=========
+
+The docker role installs Docker using apt and Docker Compose using pip on the Virtual Machine.
+
+Requirements
+------------
+
+There are no additional roles or prerequisites for running 
+
+Role Variables
+--------------
+
+There are no additional variables for role
+
+Example Playbook
+----------------
+
+    - hosts: vms
+      roles:
+         - { role: username.rolename }
+

ansible/roles/docker/tasks/docker-compose.yml

@@ -0,0 +1,5 @@
+---
+- name: Install docker-compose
+  pip:
+    name: docker-compose
+    state: present

ansible/roles/docker/tasks/docker.yml

@@ -0,0 +1,5 @@
+---
+- name: Install docker
+  pip:
+    name: docker
+    state: present

ansible/roles/docker/tasks/main.yml

@@ -0,0 +1,10 @@
+---
+- name: Update apt
+  apt:
+    update_cache: true
+
+- name: Install python and pip
+  apt:
+    name:
+      - python3
+      - python3-pip

ansible/roles/web_app/defaults/main.yml

@@ -0,0 +1,43 @@
+---
+# Edition can be one of: 'ce' (Community Edition) or 'ee' (Enterprise Edition).
+docker_edition: 'ce'
+docker_packages:
+  - "docker-{{ docker_edition }}"
+  - "docker-{{ docker_edition }}-cli"
+  - "docker-{{ docker_edition }}-rootless-extras"
+  - "containerd.io"
+docker_packages_state: present
+
+# Service options.
+docker_service_manage: true
+docker_service_state: started
+docker_service_enabled: true
+docker_restart_handler_state: restarted
+
+# Docker Compose Plugin options.
+docker_install_compose_plugin: false
+docker_compose_package: docker-compose-plugin
+docker_compose_package_state: present
+
+# Docker Compose options.
+docker_install_compose: true
+docker_compose_version: "v2.11.1"
+docker_compose_arch: "{{ ansible_architecture }}"
+docker_compose_url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-linux-{{ docker_compose_arch }}"
+docker_compose_path: /usr/local/bin/docker-compose
+
+# Docker repo URL.
+docker_repo_url: https://download.docker.com/linux
+
+# Used only for Debian/Ubuntu. Switch 'stable' to 'nightly' if needed.
+docker_apt_release_channel: stable
+docker_apt_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'amd64' }}"
+docker_apt_repository: "deb [arch={{ docker_apt_arch }}] {{ docker_repo_url }}/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
+docker_apt_ignore_key_error: true
+docker_apt_gpg_key: "{{ docker_repo_url }}/{{ ansible_distribution | lower }}/gpg"
+
+# A list of users who will be added to the docker group.
+docker_users: []
+
+# Docker daemon options as a dict
+docker_daemon_options: {}

ansible/roles/web_app/handlers/main.yml

@@ -0,0 +1,7 @@
+---
+- name: restart docker
+  service:
+    name: docker
+    state: "{{ docker_restart_handler_state }}"
+  ignore_errors: "{{ ansible_check_mode }}"
+  when: docker_service_manage | bool

ansible/roles/web_app/tasks/docker-compose.yml

@@ -0,0 +1,30 @@
+---
+- name: Check current docker-compose version.
+  command: "{{ docker_compose_path }} --version"
+  register: docker_compose_vsn
+  check_mode: false
+  changed_when: false
+  failed_when: false
+
+- set_fact:
+    docker_compose_current_version: "{{ docker_compose_vsn.stdout | regex_search('(\\d+(\\.\\d+)+)') }}"
+  when: docker_compose_vsn.stdout is defined
+    and (docker_compose_vsn.stdout | length > 0)
+
+- name: Delete existing docker-compose version if it's different.
+  file:
+    path: "{{ docker_compose_path }}"
+    state: absent
+  when: >
+    docker_compose_current_version is defined
+    and (docker_compose_version | regex_replace('v', '')) not in docker_compose_current_version
+
+- name: Install Docker Compose (if configured).
+  get_url:
+    url: "{{ docker_compose_url }}"
+    dest: "{{ docker_compose_path }}"
+    mode: 0755
+  when: >
+    (docker_compose_current_version is not defined)
+    or (docker_compose_current_version|length == 0)
+    or (docker_compose_current_version is version((docker_compose_version | regex_replace('v', '')), '<'))

ansible/roles/web_app/tasks/docker-users.yml

@@ -0,0 +1,10 @@
+---
+- name: Ensure docker users are added to the docker group.
+  user:
+    name: "{{ item }}"
+    groups: docker
+    append: true
+  with_items: "{{ docker_users }}"
+
+- name: Reset ssh connection to apply user changes.
+  meta: reset_connection