Lab4 PR helper

LAB4.md

@@ -0,0 +1,49 @@
+# 4
+
+## Infrastructure as code
+
+### 6 points
+
+0. You will need a VPN tool for this lab, as Terraform doesn't work in Russia.
+
+1. Get familiar with Terraform tool.
+   > [Intro](https://www.terraform.io/intro/index.html)
+   > [Best practices](https://www.terraform.io/docs/cloud/guides/recommended-practices/index.html)
+2. Create a `terraform` folder for your workspaces.
+3. Create a `TF.md` inside the `terraform` folder.
+4. Follow [the Docker tutorial](https://learn.hashicorp.com/collections/terraform/docker-get-started) to build a Docker infrastructure using Terraform.
+   * Install it
+   * Build Infrastructure
+   * Provide the output of following commands in the `TF.md` file:
+   ```sh
+            terraform show
+            terraform state list
+   ```
+   *  Change Infrastructure, provide a part o the log with the applied changes in the `TF.md`.
+   *  Using Input variables rename your docker container.
+   *  Finish the tutorial and provide the output of the `terraform output` command in the `TF.md`.
+
+5. Follow [the AWS tutorial](https://learn.hashicorp.com/tutorials/terraform/aws-build?in=terraform/aws-get-started) and all points from the previous step.
+6. Create a PR to the forked repo lab4 branch, ask your teammates to review it and review PRs of your teammates.
+7. **Create a PR in your own repository from the lab4 branch to the lab3 one.** It will help us with grading.
+
+### 4 more points
+
+1. Use [the Github provider for Terraform](https://registry.terraform.io/providers/integrations/github/latest/docs).
+   * Create a directory for your GitHub project inside the `terrafrom` folder.
+   * Build GitHub infrastructure - [an example](https://dev.to/pwd9000/manage-and-maintain-github-with-terraform-2k86), prepare `.tf` files that should include:
+       * repository name
+       * repository description
+       * visibility
+       * default branch
+       * branch protection rule for the default branch
+   * Don't put your token as a variable in the code use an environment variable.
+2. Import your existing repository using `terraform import` command. Example: `terraform import "github_repository.labs" "labs"`
+3. Apply changes from your terraform config to the repository
+4.  Provide Terraform related best practices that you applied in the `TF.md` file.
+
+## Bonus
+
+### 2 extra points
+
+1. Disable rebase and squash commits for the repository using terraform. Apply changes.

app_python/.gitignore

@@ -1,6 +1,8 @@
 # Created by https://www.toptal.com/developers/gitignore/api/python
 # Edit at https://www.toptal.com/developers/gitignore?templates=python
 
+terraform.tfvars
+
 ### Python ###
 # Byte-compiled / optimized / DLL files
 __pycache__/

terraform/TF.md

@@ -0,0 +1,46 @@
+# Terraform
+
+## Docker
+Command outputs:
+- [`terraform show`](https://pastebin.com/y12r0PDA) (click to see at pastebin.com)
+- ```
+  $terraform state list
+  docker_container.python_app
+  docker_image.devops-pythonapp
+  ```
+- [`terraform plan`](https://pastebin.com/4rSRTgbw) (click) after the following changes:
+  - change the image tag from `latest` to `1.0`
+  - change external port from 80 to 8000
+  - change container name
+- ```
+  $terraform output
+  container_id = "2404111f9ca4593d45918e186910b3ec54b0ef61fa667afeda5884a44176d648"
+  image_id = "sha256:df6be276cf046b32ae4f9942457bca68d2beb0ad49e0ba849844bfa7e57eb01fe2xen/devops-pythonapp:1.0"
+  ```
+
+## Yandex Cloud
+The configuration was taken from Yandex Cloud official [Terraform guide](https://cloud.yandex.ru/docs/tutorials/infrastructure-management/terraform-quickstart).
+Command outputs:
+- [`terraform show`](https://pastebin.com/t81aSnXh) (click to see at pastebin.com)
+- ```
+  $terraform state list
+  yandex_compute_instance.vm-1
+  yandex_compute_instance.vm-2
+  yandex_vpc_network.network-1
+  yandex_vpc_subnet.subnet-1
+  ```
+- [`terraform plan`](https://pastebin.com/hfTCamhL) (click) after the following changes:
+  - change OS of the second VM from Ubuntu to Debian
+- ```
+  $terraform output
+  external_ip_address_vm_1 = "51.250.29.173"
+  external_ip_address_vm_2 = "51.250.18.166"
+  internal_ip_address_vm_1 = "192.168.10.29"
+  internal_ip_address_vm_2 = "192.168.10.23"
+  ```
+
+## Best practices
+1. Variables and outputs are declared is separate files (`variables.tf` and `outputs.tf` respectively
+2. `.tfstate` files are uploaded to VCS so that anyone authorized can manage the infrastructure from the right state
+3. Secrets are injected through env or input variables
+4. `terraform fmt` is applied to each configuration

terraform/docker/main.tf

@@ -0,0 +1,24 @@
+terraform {
+  required_providers {
+    docker = {
+      source = "kreuzwerker/docker"
+      version = "~> 2.13.0"
+    }
+  }
+}
+
+provider "docker" {}
+
+resource "docker_image" "devops-pythonapp" {
+  name         = "e2xen/devops-pythonapp:1.0"
+  keep_locally = false
+}
+
+resource "docker_container" "python_app" {
+  image = docker_image.devops-pythonapp.latest
+  name  = var.container_name
+  ports {
+    internal = 80
+    external = 8000
+  }
+}

terraform/docker/outputs.tf

@@ -0,0 +1,9 @@
+output "container_id" {
+  description = "ID of the Docker container"
+  value       = docker_container.python_app.id
+}
+
+output "image_id" {
+  description = "ID of the Docker image"
+  value       = docker_image.devops-pythonapp.id
+}

terraform/docker/terraform.tfstate

@@ -0,0 +1,9 @@
+{
+  "version": 4,
+  "terraform_version": "1.3.0",
+  "serial": 13,
+  "lineage": "9bdd4b82-679e-4ab0-d77b-8d0672b326c4",
+  "outputs": {},
+  "resources": [],
+  "check_results": []
+}

terraform/docker/terraform.tfstate.backup

@@ -0,0 +1,150 @@
+{
+  "version": 4,
+  "terraform_version": "1.3.0",
+  "serial": 10,
+  "lineage": "9bdd4b82-679e-4ab0-d77b-8d0672b326c4",
+  "outputs": {
+    "container_id": {
+      "value": "2404111f9ca4593d45918e186910b3ec54b0ef61fa667afeda5884a44176d648",
+      "type": "string"
+    },
+    "image_id": {
+      "value": "sha256:df6be276cf046b32ae4f9942457bca68d2beb0ad49e0ba849844bfa7e57eb01fe2xen/devops-pythonapp:1.0",
+      "type": "string"
+    }
+  },
+  "resources": [
+    {
+      "mode": "managed",
+      "type": "docker_container",
+      "name": "python_app",
+      "provider": "provider[\"registry.terraform.io/kreuzwerker/docker\"]",
+      "instances": [
+        {
+          "schema_version": 2,
+          "attributes": {
+            "attach": false,
+            "bridge": "",
+            "capabilities": [],
+            "command": [
+              "uvicorn",
+              "app.main:app",
+              "--host",
+              "0.0.0.0",
+              "--port",
+              "80"
+            ],
+            "container_logs": null,
+            "cpu_set": "",
+            "cpu_shares": 0,
+            "destroy_grace_seconds": null,
+            "devices": [],
+            "dns": [],
+            "dns_opts": [],
+            "dns_search": [],
+            "domainname": "",
+            "entrypoint": [],
+            "env": [],
+            "exit_code": null,
+            "gateway": "172.17.0.1",
+            "group_add": [],
+            "healthcheck": [],
+            "host": [],
+            "hostname": "2404111f9ca4",
+            "id": "2404111f9ca4593d45918e186910b3ec54b0ef61fa667afeda5884a44176d648",
+            "image": "sha256:df6be276cf046b32ae4f9942457bca68d2beb0ad49e0ba849844bfa7e57eb01f",
+            "init": false,
+            "ip_address": "172.17.0.2",
+            "ip_prefix_length": 16,
+            "ipc_mode": "private",
+            "labels": [],
+            "links": [],
+            "log_driver": "json-file",
+            "log_opts": {},
+            "logs": false,
+            "max_retry_count": 0,
+            "memory": 0,
+            "memory_swap": 0,
+            "mounts": [],
+            "must_run": true,
+            "name": "python_app",
+            "network_alias": null,
+            "network_data": [
+              {
+                "gateway": "172.17.0.1",
+                "global_ipv6_address": "",
+                "global_ipv6_prefix_length": 0,
+                "ip_address": "172.17.0.2",
+                "ip_prefix_length": 16,
+                "ipv6_gateway": "",
+                "network_name": "bridge"
+              }
+            ],
+            "network_mode": "default",
+            "networks": null,
+            "networks_advanced": [],
+            "pid_mode": "",
+            "ports": [
+              {
+                "external": 8000,
+                "internal": 80,
+                "ip": "0.0.0.0",
+                "protocol": "tcp"
+              }
+            ],
+            "privileged": false,
+            "publish_all_ports": false,
+            "read_only": false,
+            "remove_volumes": true,
+            "restart": "no",
+            "rm": false,
+            "security_opts": [],
+            "shm_size": 64,
+            "start": true,
+            "stdin_open": false,
+            "sysctls": {},
+            "tmpfs": {},
+            "tty": false,
+            "ulimit": [],
+            "upload": [],
+            "user": "pythonapp",
+            "userns_mode": "",
+            "volumes": [],
+            "working_dir": "/code"
+          },
+          "sensitive_attributes": [],
+          "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==",
+          "dependencies": [
+            "docker_image.devops-pythonapp"
+          ]
+        }
+      ]
+    },
+    {
+      "mode": "managed",
+      "type": "docker_image",
+      "name": "devops-pythonapp",
+      "provider": "provider[\"registry.terraform.io/kreuzwerker/docker\"]",
+      "instances": [
+        {
+          "schema_version": 0,
+          "attributes": {
+            "build": [],
+            "force_remove": null,
+            "id": "sha256:df6be276cf046b32ae4f9942457bca68d2beb0ad49e0ba849844bfa7e57eb01fe2xen/devops-pythonapp:1.0",
+            "keep_locally": false,
+            "latest": "sha256:df6be276cf046b32ae4f9942457bca68d2beb0ad49e0ba849844bfa7e57eb01f",
+            "name": "e2xen/devops-pythonapp:1.0",
+            "output": null,
+            "pull_trigger": null,
+            "pull_triggers": null,
+            "repo_digest": "e2xen/devops-pythonapp@sha256:74fa61f664f155c482eae421025745062a6064d2c2068f805fe68998bfb320a5"
+          },
+          "sensitive_attributes": [],
+          "private": "bnVsbA=="
+        }
+      ]
+    }
+  ],
+  "check_results": []
+}

terraform/docker/variables.tf

@@ -0,0 +1,3 @@
+variable "container_name" {
+  type = string
+}