Task 1: Set Up a CI Pipeline

Objective: Set up a basic CI pipeline that builds a project automatically whenever new code is pushed.

Tools: GitHub Actions, Jenkins, GitLab CI, or CircleCI

Instructions

- Create a simple application (use Node.js, Python, or Java)
- Set up a repository on GitHub or GitLab
- Configure a CI tool to automatically build the application whenever new code is pushed to the repository
- Document each step with screenshots showing the pipeline running

In [None]:
def say_hello():
    return "Hello, CI!"

if __name__ == "__main__":
    print(say_hello())

from main import say_hello

def test_say_hello():
    assert say_hello() == "Hello, CI!"

pytest

git clone https://github.com/yourusername/ci-demo-python.git
cd ci-demo-python
# Add your files
git add .
git commit -m "Initial commit with Python app and test"
git push origin main

name: Python CI

on:
  push:
    branches: [ "main" ]
  pull_request:
    branches: [ "main" ]

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v3

      - name: Set up Python
        uses: actions/setup-python@v4
        with:
          python-version: '3.10'

      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
          pip install -r requirements.txt

      - name: Run tests
        run: |
          pytest

Task 2: Automated Build with Jenkins

Objective: Install Jenkins and configure an automated build job.

Tools: Jenkins, Docker (optional)

Instructions
- Install Jenkins on your local machine or use a cloud platform (like AWS, Azure)
- Set up a simple job that clones a Git repository and builds the project (e.g., a Java project using Maven or a
Node.js project)
- Set up a trigger to run the job automatically when new code is pushed to the repository
- Take screenshots of the Jenkins job and the build logs to demonstrate success.

In [1]:
docker run -p 8080:8080 -p 50000:50000 jenkins/jenkins:lts

cat /var/jenkins_home/secrets/initialAdminPassword

mvn archetype:generate -DgroupId=com.example -DartifactId=demo -DarchetypeArtifactId=maven-archetype-quickstart -DinteractiveMode=false

http://<YOUR_JENKINS_IP>:8080/github-webhook/


SyntaxError: invalid syntax (<ipython-input-1-2892304697>, line 1)

Task 3: Write Unit Tests for an Application

Objective: Write unit tests for a simple application and integrate them into a CI pipeline.

Tools: Jest (JavaScript), JUnit (Java), pytest (Python)


Instructions:
- Create a small application (e.g., a calculator, to-do list, or API)
- Write unit tests for the core functions (e.g., add, delete, or update functions)
- Integrate these tests into a CI pipeline using GitHub Actions, Jenkins, or GitLab CI
- Document your work with screenshots showing the tests running in the CI pipeline.

In [None]:
def add(a, b):
    return a + b

def subtract(a, b):
    return a - b

def multiply(a, b):
    return a * b

def divide(a, b):
    if b == 0:
        raise ValueError("Cannot divide by zero")
    return a / b

import pytest
from calculator import add, subtract, multiply, divide

def test_add():
    assert add(2, 3) == 5

def test_subtract():
    assert subtract(5, 2) == 3

def test_multiply():
    assert multiply(3, 4) == 12

def test_divide():
    assert divide(10, 2) == 5

def test_divide_by_zero():
    with pytest.raises(ValueError):
        divide(10, 0)
git init
git remote add origin https://github.com/yourusername/calculator-ci-pipeline.git
git add .
git commit -m "Initial commit with calculator and tests"
git push -u origin main


name: Python Unit Tests

on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

jobs:
  test:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Set up Python
        uses: actions/setup-python@v4
        with:
          python-version: '3.10'

      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
          pip install -r requirements.txt

      - name: Run tests
        run: |
          pytest


Task 4: Set Up Integration Testing for an API

Objective: Write integration tests for a REST API and automate them in a CI pipeline.

Tools: Postman, Newman, or Selenium (for web UI testing)

Instructions:
- Create a simple REST API (using Node.js, Python Flask, or Java Spring Boot)
- Write integration tests to check the interaction between different components (e.g., database and API)
- Set up the tests to run automatically in a Jenkins or GitLab CI pipeline after each deployment to a staging
environment
- Capture screenshots showing successful test execution.

In [None]:
from flask import Flask, jsonify, request

app = Flask(__name__)

data_store = []

@app.route('/items', methods=['GET'])
def get_items():
    return jsonify(data_store)

@app.route('/items', methods=['POST'])
def add_item():
    item = request.json.get('item')
    data_store.append(item)
    return jsonify({'message': 'Item added', 'item': item}), 201

if __name__ == "__main__":
    app.run(debug=True, port=5000)

pm.test("Status code is 200", function () {
    pm.response.to.have.status(200);
});

#!/bin/bash
echo "Starting Flask app in background..."
nohup python3 app.py &

sleep 5  # give app time to start

echo "Running integration tests with Newman..."
newman run flask-api-tests.postman_collection.json

echo "Killing Flask app..."
pkill -f app.py


Task 5: Automate Performance Testing in a CI/CD Pipeline

Objective: Automate performance testing using tools like Apache JMeter or K6.

Tools: JMeter, K6, Jenkins, or GitLab CI

InstructionsN
- Create a simple web application (or use an existing one)
- Write a JMeter or K6 test script to load test the application
- Automate the performance test in your CI/CD pipeline to run after every build
-Provide screenshots showing the performance results and graphs from the tool.

In [None]:
from flask import Flask
app = Flask(__name__)

@app.route('/')
def hello():
    return "Hello, Performance Testing!"

if __name__ == '__main__':
    app.run(port=5000)

# Ubuntu/Debian
sudo apt install gnupg ca-certificates
curl -s https://dl.k6.io/key.gpg | sudo gpg --dearmor -o /usr/share/keyrings/k6-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/k6-archive-keyring.gpg] https://dl.k6.io/deb stable main" | sudo tee /etc/apt/sources.list.d/k6.list
sudo apt update
sudo apt install k6

import http from 'k6/http';
import { check, sleep } from 'k6';

export let options = {
  vus: 10,  // number of virtual users
  duration: '10s',  // test duration
};

export default function () {
  let res = http.get('http://localhost:5000/');
  check(res, {
    'status is 200': (r) => r.status === 200,
  });
  sleep(1);
}

echo "Starting Flask app in background..."
nohup python3 app.py &

sleep 5

echo "Running K6 performance test..."
k6 run test_script.js

echo "Killing Flask app..."
pkill -f app.py

Task 6: Implement Basic Security Testing in a CI Pipeline

Objective: Integrate security testing into the CI pipeline using tools like OWASP ZAP or SonarQube.

Tools: OWASP ZAP, SonarQube, Jenkins, GitLab CI

InstructionsN
- Set up a simple web application
- Use OWASP ZAP to scan the application for vulnerabilities or use SonarQube for static code analysis
- Automate these tests in the CI pipeline to run every time code is pushed
- Take screenshots showing any vulnerabilities or issues detected by

the tool.

In [None]:
from flask import Flask, request

app = Flask(__name__)

@app.route('/')
def index():
    return "Welcome to secure app!"

@app.route('/search')
def search():
    query = request.args.get('q')
    return f"Results for {query}"  # vulnerable to XSS if not sanitized

if __name__ == '__main__':
    app.run(port=5000)


sonar-scanner \
  -Dsonar.projectKey=SecureApp \
  -Dsonar.sources=. \
  -Dsonar.host.url=http://localhost:9000 \
  -Dsonar.login=your_generated_token

# Start Flask app in background
nohup python3 app.py &

# Give time to start
sleep 5

# Run ZAP scan using Docker
docker run -t owasp/zap2docker-stable zap-baseline.py -t http://host.docker.internal:5000 -r zap-report.html

# Kill the Flask app
pkill -f app.py

Task 7: Automate Deployment to Staging Environment

Objective: Automate the deployment of an application to a staging environment after a successful build and
test.

Tools: Jenkins, AWS CodeDeploy, Docker, Kubernetes

Instructions7
- Create a simple application (Node.js, Python, or Java)
- Set up a CI pipeline that builds the application, runs tests, and deploys it to a staging environment (using
AWS, Docker, or Kubernetes)
- Document the pipeline setup, and take screenshots of the deployment logs
-Ensure the application is live and accessible from the staging environment

In [None]:
from flask import Flask
app = Flask(__name__)

@app.route('/')
def home():
    return "Deployed to Staging!"

if __name__ == '__main__':
    app.run(host='0.0.0.0', port=5000)

FROM python:3.9

WORKDIR /app

COPY requirements.txt .
RUN pip install -r requirements.txt

COPY . .

CMD ["python", "app.py"]

pipeline {
    agent any

    stages {
        stage('Build Docker Image') {
            steps {
                sh 'docker build -t flask-staging-app .'
            }
        }

        stage('Run Unit Tests') {
            steps {
                sh 'echo "Simulated Tests Passed!"' // Add real test scripts here
            }
        }

        stage('Deploy to Staging') {
            steps {
                sshagent(['staging-ssh']) {
                    sh """
                    scp -o StrictHostKeyChecking=no docker-compose.yml ec2-user@<STAGING_PUBLIC_IP>:/home/ec2-user/
                    ssh ec2-user@<STAGING_PUBLIC_IP> 'docker rm -f flask-staging || true && docker rmi flask-staging-app || true'
                    ssh ec2-user@<STAGING_PUBLIC_IP> 'cd /home/ec2-user && docker build -t flask-staging-app . && docker run -d -p 80:5000 --name flask-staging flask-staging-app'
                    """
                }
            }
        }
    }
}
