tradebyte · cardiff1982 · Dec 4, 2024 · Dec 4, 2024 · Dec 4, 2024 · Dec 4, 2024
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,41 @@
+name: CI Pipeline
+
+on:
+  push:
+    branches:
+      - "**"
+      - "!main"
+    paths-ignore:
+      - "helm"
+  workflow_call:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install python
+        uses: actions/setup-python@v5.3.0
+        with:
+          python-version: "3.12"
+
+      - name: Checkout code
+        uses: actions/checkout@v4.2.2
+
+      - name: Install dependencies
+        run: |
+          pip install -r requirements.txt
+
+      - name: Run pytest
+        run: |
+          python tests/test.py
+        continue-on-error: false
+
+      - name: Run SonarTest
+        run: |
+          echo "It's OK"
+        continue-on-error: false
+
+      - name: Run security scan
+        run: |
+          echo "It's OK"
+        continue-on-error: false
diff --git a/.gitignore b/.gitignore
@@ -1 +1,4 @@
-.vscode/*
+.vscode/*
+.idea/
+.venv
+__pycache__/
diff --git a/.helm/Chart.yaml b/.helm/Chart.yaml
@@ -0,0 +1,10 @@
+apiVersion: v2
+name: tradebyte-tha
+description: A Helm chart for Tradebyte home task
+type: application
+version: 0.1.0
+appVersion: "1.16.0"
+dependencies:
+  - name: redis
+    version: 20.4.0
+    repository: "oci://registry-1.docker.io/bitnamicharts"
diff --git a/.helm/templates/configmap.yaml b/.helm/templates/configmap.yaml
@@ -0,0 +1,11 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Chart.Name }}
+  annotations:
+  {{- with .Values.annotations }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+data:
+  REDIS_HOST: "{{ .Release.Name }}-redis-master"
diff --git a/.helm/templates/deployment.yaml b/.helm/templates/deployment.yaml
@@ -0,0 +1,101 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Chart.Name }}
+  labels:
+    app: {{ .Chart.Name }}
+  annotations:
+  {{- with .Values.annotations }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  replicas: {{ .Values.scaling.dev.minReplicas }}
+  strategy:
+    type: {{ .Values.strategy.type }}
+    {{- if eq .Values.strategy.type "RollingUpdate"}}
+    rollingUpdate:
+      maxSurge: {{ .Values.strategy.maxSurge }}
+      maxUnavailable: {{ .Values.strategy.maxUnavailable }}
+    {{- end }}
+  selector:
+    matchLabels:
+      app: {{ .Chart.Name }}
+  template:
+    metadata:
+      name: {{ .Chart.Name }}
+      annotations:
+      {{- with .Values.annotations }}
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        app: {{ .Chart.Name }}
+    spec:
+      securityContext:
+        runAsUser: 1000
+        runAsGroup: 3000
+        fsGroup: 2000
+      affinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - podAffinityTerm:
+                topologyKey: kubernetes.io/hostname
+                labelSelector:
+                  matchLabels:
+                    app: {{ .Chart.Name }}
+              weight: 100
+      {{- if .Values.imagePullSecrets }}
+      imagePullSecrets:
+        - name: {{ .Values.imagePullSecrets }}
+      {{- end }}
+      containers:
+        - name: {{ .Chart.Name }}
+          image: {{ .Values.application.image }}:{{ .Values.application.imageTag }}
+          imagePullPolicy: {{ .Values.imagePullPolicy | default "Always"}}
+          env:
+            - name: REDIS_HOST
+              valueFrom:
+                configMapKeyRef:
+                  key: REDIS_HOST
+                  name: {{ .Chart.Name }}
+            - name: REDIS_PORT
+              valueFrom:
+                secretKeyRef:
+                  key: REDIS_PORT
+                  name: {{ .Chart.Name }}
+            - name: REDIS_DB
+              valueFrom:
+                secretKeyRef:
+                  key: REDIS_DB
+                  name: {{ .Chart.Name }}
+            - name: ENVIRONMENT
+              value: {{ .Values.env | quote }}
+            - name: HOST
+              value: {{ .Values.application.appHost | quote }}
+            - name: PORT
+              value: {{ .Values.application.port | quote }}
+          resources:
+            {{- if eq .Values.env "prod" }}
+            {{- toYaml .Values.resources.prod | nindent 12 }}
+            {{- else if eq .Values.env "staging" }}
+            {{- toYaml .Values.resources.staging | nindent 12 }}
+            {{- else }}
+            {{- toYaml .Values.resources.dev | nindent 12 }}
+            {{- end }}
+          ports:
+            - containerPort: {{ .Values.application.port }}
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              port: {{ .Values.application.port }}
+              path: {{ .Values.livenessProbe.path }}
+            initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+            failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+          readinessProbe:
+            httpGet:
+              port: {{ .Values.application.port }}
+              path: {{ .Values.readinessProbe.path }}
+            initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+            failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+      restartPolicy: Always
diff --git a/.helm/templates/hpa.yaml b/.helm/templates/hpa.yaml
@@ -0,0 +1,30 @@
+---
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ .Chart.Name }}
+  labels:
+    app: {{ .Chart.Name }}
+  annotations:
+  {{- with .Values.annotations }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ .Chart.Name }}
+  {{- if eq .Values.env "prod" }}
+  {{- toYaml .Values.scaling.prod | nindent 2 }}
+  {{- else if eq .Values.env "staging" }}
+  {{- toYaml .Values.scaling.staging | nindent 2 }}
+  {{- else }}
+  {{- toYaml .Values.scaling.dev | nindent 2 }}
+  {{- end }}
+  metrics:
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.scaling.cpuTh }}
diff --git a/.helm/templates/ingress.yaml b/.helm/templates/ingress.yaml
@@ -0,0 +1,21 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ .Chart.Name }}
+  annotations:
+    {{- with .Values.annotations }}
+      {{- toYaml . | nindent 4 }}
+    {{- end }}
+    nginx.ingress.kubernetes.io/rewrite-target: /
+spec:
+  rules:
+  - host: {{ .Values.application.appHost }}
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: {{ .Chart.Name }}
+            port:
+              number: {{ .Values.application.port }}
diff --git a/.helm/templates/pdb.yaml b/.helm/templates/pdb.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: {{ .Chart.Name }}
+  annotations:
+  {{- with .Values.annotations }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  minAvailable: 1
+  unhealthyPodEvictionPolicy: AlwaysAllow
+  selector:
+    matchLabels:
+      app: {{ .Chart.Name }}
diff --git a/.helm/templates/secret.yaml b/.helm/templates/secret.yaml
@@ -0,0 +1,13 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Chart.Name }}
+  annotations:
+  {{- with .Values.annotations }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+type: Opaque
+data:
+  REDIS_PORT: NjM3OQ==
+  REDIS_DB: MA==
diff --git a/.helm/templates/service.yaml b/.helm/templates/service.yaml
@@ -0,0 +1,16 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Chart.Name }}
+  annotations:
+  {{- with .Values.annotations }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  selector:
+      app: {{ .Chart.Name }}
+  ports:
+    - protocol: TCP
+      port: {{ .Values.application.port }}
+      targetPort: {{ .Values.application.port }}
diff --git a/.helm/values.yaml b/.helm/values.yaml
@@ -0,0 +1,63 @@
+env: staging
+annotations:
+  "project": "Tradebyte Home Challenge"
+application:
+  image: cardiffc/tradebyte
+  imageTag: 4
+  port: 8000
+  appHost: tradebyte.test
+scaling:
+  dev:
+    minReplicas: 3
+    maxReplicas: 3
+  staging:
+    minReplicas: 3
+    maxReplicas: 6
+  prod:
+    minReplicas: 3
+    maxReplicas: 10
+  cpuTh: 80
+strategy:
+  type: RollingUpdate
+  maxSurge: 2
+  maxUnavailable: 2
+resources:
+  dev:
+    limits:
+      cpu: 200m
+      memory: 1Gi
+    requests:
+      cpu: 10m
+      memory: 500Mi
+  staging:
+    limits:
+      cpu: 200m
+      memory: 2Gi
+    requests:
+      cpu: 50m
+      memory: 1Gi
+  prod:
+    limits:
+      cpu: 1000m
+      memory: 8Gi
+    requests:
+      cpu: 100m
+      memory: 1Gi
+livenessProbe:
+  path: /live
+  initialDelaySeconds: 15
+  periodSeconds: 10
+  failureThreshold: 3
+readinessProbe:
+  path: /ready
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  failureThreshold: 3
+redis:
+  replica:
+    replicaCount: 1
+  auth:
+    enabled: false
+
+
+
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,8 @@
+FROM python:3.12-alpine3.20
+WORKDIR /app
+COPY requirements.txt ./
+RUN pip install --no-cache-dir -r requirements.txt
+COPY static/ ./static
+COPY templates/ ./templates
+COPY hello.py ./
+CMD ["python", "hello.py"]