# 🚀 DevOps & CI/CD Tutorial for React-Python Applications

This notebook demonstrates how to implement a comprehensive DevOps pipeline for a full-stack React-Python application.

## 🎯 What You'll Learn

- Setting up automated testing for both frontend and backend
- Implementing code quality checks (linting, formatting)
- Security scanning and vulnerability detection
- CI/CD pipeline with GitHub Actions
- Developer productivity tools (Makefile)
- Best practices for development workflow

## 📋 Prerequisites

Before starting, ensure you have:
- Python 3.11+ with virtual environment
- Node.js 18+ with npm
- Git repository
- GitHub account (for CI/CD)
- Docker (optional, for containerization)

In [None]:
# Check system requirements
import subprocess
import sys

def check_command(cmd, name):
    try:
        result = subprocess.run(cmd, capture_output=True, text=True, shell=True)
        if result.returncode == 0:
            print(f"✅ {name}: {result.stdout.strip()}")
        else:
            print(f"❌ {name}: Not found")
    except Exception as e:
        print(f"❌ {name}: Error - {e}")

print("🔍 Checking system requirements...")
check_command("python3 --version", "Python")
check_command("node --version", "Node.js")
check_command("npm --version", "npm")
check_command("git --version", "Git")
check_command("docker --version", "Docker")
check_command("make --version | head -1", "Make")

## 🏗️ Project Structure

Our DevOps setup supports the following project structure:

```
react-python-playground/
├── .github/workflows/      # CI/CD pipelines
│   └── ci.yml              # Main CI/CD workflow
├── backend/                # Python Flask backend
│   ├── app.py             # Main application
│   ├── requirements.txt   # Python dependencies
│   ├── test_app.py        # Backend tests
│   ├── pytest.ini        # Test configuration
│   └── .coveragerc        # Coverage configuration
├── frontend/              # React frontend
│   ├── src/               # Source code
│   ├── package.json       # Node.js dependencies
│   └── jest.config.json   # Test configuration
├── Makefile              # Development commands
└── CI_CD_SETUP.md        # Setup documentation
```

## 🧪 Testing Setup

### Backend Testing (Python + pytest)

Our backend uses pytest with the following features:
- Unit tests for API endpoints
- Test coverage reporting
- Fixtures for test data
- Isolated test database

In [None]:
# Example: Run backend tests
import os
os.chdir('/home/roman/react-python-playground')

# Run backend tests with coverage
!make test-backend

In [None]:
# Show backend test structure
print("📋 Backend Test Structure:")
print("\n🔸 Test Classes:")
print("  - TestProductsAPI: Tests for /api/products endpoint")
print("  - TestProductAPI: Tests for /api/products/<id> endpoint")
print("  - TestHealthCheck: Tests for /health endpoint")

print("\n🔸 Test Features:")
print("  - Isolated test database using temporary files")
print("  - Fixtures for reusable test data")
print("  - Coverage reporting (currently 90%+)")
print("  - Comprehensive API testing (CRUD operations)")

print("\n🔸 Configuration Files:")
print("  - pytest.ini: Test configuration and options")
print("  - .coveragerc: Coverage reporting settings")

### Frontend Testing (React + Jest + React Testing Library)

Our frontend uses modern React testing practices:
- Component testing with React Testing Library
- Mocking external dependencies
- Coverage reporting for components

In [None]:
# Run frontend tests
!make test-frontend

## 🔍 Code Quality & Linting

We implement multiple layers of code quality checks:

### Backend (Python)
- **flake8**: Python code style and error detection
- **black**: Automatic code formatting
- **bandit**: Security vulnerability scanning
- **safety**: Dependency vulnerability checking

### Frontend (JavaScript/React)
- **ESLint**: JavaScript/React linting
- **Prettier**: Code formatting (via ESLint config)

In [None]:
# Run code quality checks
print("🔍 Running code quality checks...\n")

# Backend linting
print("📋 Backend Code Quality:")
!make lint-backend

In [None]:
# Frontend linting
print("📋 Frontend Code Quality:")
!make lint-frontend

In [None]:
# Security scanning
print("🔒 Security Checks:")
!make security

## 🤖 CI/CD Pipeline

Our GitHub Actions pipeline includes:

### Pipeline Jobs
1. **Frontend Tests**: Jest + React Testing Library
2. **Frontend Lint**: ESLint code quality
3. **Backend Tests**: pytest with coverage
4. **Docker Build**: Container image creation
5. **Security Scan**: Trivy vulnerability scanning
6. **Deploy**: Automated GCP deployment

### Triggers
- Push to `main`, `dev`, or `Dev` branches
- Pull requests to these branches
- Manual dispatch

In [None]:
# Show CI/CD workflow structure
print("🚀 CI/CD Pipeline Structure:")
print("\n📋 Workflow Jobs:")
jobs = [
    ("frontend-test", "🧪 Frontend Tests", "Jest + React Testing Library"),
    ("frontend-lint", "🔍 Frontend Linting", "ESLint code quality checks"),
    ("backend-test", "🧪 Backend Tests", "pytest with coverage"),
    ("docker-build", "🐳 Docker Build", "Container images + security scan"),
    ("deploy", "🚀 Deploy", "Automated GCP deployment"),
    ("notify", "📢 Notify", "Pipeline results summary")
]

for job_id, name, description in jobs:
    print(f"  {name}: {description}")

print("\n🔄 Pipeline Flow:")
print("  1. Tests run in parallel (frontend + backend)")
print("  2. Docker build waits for tests to pass")
print("  3. Deployment waits for Docker build")
print("  4. Notifications sent regardless of result")

## 🛠️ Developer Tools (Makefile)

Our Makefile provides convenient commands for common development tasks:

In [None]:
# Show all available make commands
!make help

### Most Used Commands

In [None]:
# Common development workflow
print("🚀 Common Development Workflow:")
print("\n1. Setup (for new developers):")
print("   make setup              # Complete setup")

print("\n2. Daily development:")
print("   make dev-backend        # Start backend server")
print("   make dev-frontend       # Start frontend server")

print("\n3. Before committing:")
print("   make test               # Run all tests")
print("   make lint               # Check code quality")
print("   make format             # Fix formatting")

print("\n4. Building & deployment:")
print("   make build              # Build everything")
print("   make deploy-local       # Local Docker deployment")

print("\n5. Maintenance:")
print("   make clean              # Clean build artifacts")
print("   make health             # Check app health")
print("   make status             # Show current status")

## 📊 Metrics & Monitoring

Our setup includes several monitoring and metrics features:

In [None]:
# Check current project status
!make status

In [None]:
# Health check endpoints
import requests
import json

def check_health_endpoint():
    try:
        # Note: This assumes backend is running
        response = requests.get('http://localhost:5000/health', timeout=5)
        if response.status_code == 200:
            health_data = response.json()
            print("✅ Backend Health Check:")
            print(f"   Status: {health_data.get('status', 'Unknown')}")
            print(f"   Version: {health_data.get('version', 'Unknown')}")
            print(f"   Timestamp: {health_data.get('timestamp', 'Unknown')}")
        else:
            print(f"❌ Backend Health Check Failed: {response.status_code}")
    except requests.exceptions.RequestException as e:
        print(f"❌ Backend not running or not accessible: {e}")
    except Exception as e:
        print(f"❌ Health check error: {e}")

check_health_endpoint()

## 🔐 Security Features

Our DevOps pipeline includes multiple security layers:

In [None]:
print("🛡️ Security Features:")
print("\n📋 Static Code Analysis:")
print("  - bandit: Python security issues")
print("  - safety: Python dependency vulnerabilities")
print("  - ESLint: JavaScript security patterns")

print("\n📋 Container Security:")
print("  - Trivy: Container vulnerability scanning")
print("  - SARIF reports: GitHub Security tab integration")

print("\n📋 CI/CD Security:")
print("  - Secrets management for Docker Hub & GCP")
print("  - Branch protection rules")
print("  - Automated security scanning on each push")

print("\n📋 Runtime Security:")
print("  - Health check endpoints")
print("  - CORS configuration")
print("  - Input validation in API endpoints")

## 📈 Coverage & Quality Metrics

Track your code quality with automated metrics:

In [None]:
# Generate coverage report
print("📊 Current Coverage Metrics:")
print("\n🐍 Backend Coverage (Python):")
!cd backend && ../.venv/bin/python -m pytest --cov=. --cov-report=term-missing -q

## 🚀 Deployment Options

Our setup supports multiple deployment strategies:

In [None]:
print("🚀 Deployment Strategies:")
print("\n📋 Local Development:")
print("  make dev-backend         # Local Python server")
print("  make dev-frontend        # Local React dev server")

print("\n📋 Local Docker:")
print("  make docker-build        # Build Docker images")
print("  make deploy-local        # Run with Docker Compose")

print("\n📋 Cloud Deployment:")
print("  - Automated GCP deployment via GitHub Actions")
print("  - Kubernetes manifests in k8s/ directory")
print("  - Terraform infrastructure as code")

print("\n📋 CI/CD Integration:")
print("  - Automatic deployment on main branch")
print("  - Docker Hub image publishing")
print("  - Environment-specific configurations")

## 🔧 Configuration Management

Key configuration files and their purposes:

In [None]:
import os

configs = [
    (".github/workflows/ci.yml", "Main CI/CD pipeline"),
    ("Makefile", "Development commands"),
    ("backend/pytest.ini", "Python test configuration"),
    ("backend/.coveragerc", "Coverage reporting settings"),
    ("backend/requirements.txt", "Python dependencies"),
    ("frontend/package.json", "Node.js dependencies & scripts"),
    ("frontend/jest.config.json", "Frontend test configuration"),
    ("CI_CD_SETUP.md", "Setup documentation")
]

print("📋 Configuration Files:")
for file_path, description in configs:
    full_path = os.path.join("/home/roman/react-python-playground", file_path)
    exists = "✅" if os.path.exists(full_path) else "❌"
    print(f"  {exists} {file_path}: {description}")

## 🎯 Best Practices

Key DevOps best practices implemented in this setup:

In [None]:
print("🎯 DevOps Best Practices:")

print("\n📋 Testing:")
print("  ✅ Automated tests for both frontend and backend")
print("  ✅ Test isolation with temporary databases")
print("  ✅ Code coverage reporting and thresholds")
print("  ✅ Mock external dependencies in tests")

print("\n📋 Code Quality:")
print("  ✅ Automated linting and formatting")
print("  ✅ Pre-commit quality checks")
print("  ✅ Consistent code style across team")
print("  ✅ Security vulnerability scanning")

print("\n📋 CI/CD:")
print("  ✅ Parallel job execution for speed")
print("  ✅ Fail-fast on quality issues")
print("  ✅ Automated deployment only after tests pass")
print("  ✅ Environment-specific configurations")

print("\n📋 Developer Experience:")
print("  ✅ Simple Makefile commands")
print("  ✅ Clear documentation")
print("  ✅ Quick setup for new developers")
print("  ✅ Local development mirrors production")

print("\n📋 Monitoring:")
print("  ✅ Health check endpoints")
print("  ✅ Pipeline status notifications")
print("  ✅ Security scanning reports")
print("  ✅ Coverage tracking over time")

## 🔄 Troubleshooting

Common issues and solutions:

In [None]:
print("🔧 Common Troubleshooting:")

print("\n❌ Tests Failing:")
print("  🔸 Check virtual environment: make sure you're using the right Python")
print("  🔸 Install dependencies: make install")
print("  🔸 Check test database: tests use temporary files")
print("  🔸 Verify mocks: ensure external dependencies are properly mocked")

print("\n❌ CI/CD Pipeline Failing:")
print("  🔸 Package lock sync: npm install to update package-lock.json")
print("  🔸 Python dependencies: check requirements.txt")
print("  🔸 Docker secrets: ensure Docker Hub credentials are set")
print("  🔸 GCP secrets: verify all GCP environment variables")

print("\n❌ Code Quality Issues:")
print("  🔸 Formatting: make format (auto-fix)")
print("  🔸 Linting: make lint (check issues)")
print("  🔸 Security: make security (scan vulnerabilities)")

print("\n❌ Local Development:")
print("  🔸 Port conflicts: check if ports 3000/5000 are available")
print("  🔸 Environment: make sure .venv is activated")
print("  🔸 Dependencies: make install-backend or make install-frontend")

## 🚀 Next Steps

To continue improving your DevOps pipeline:

In [None]:
print("🚀 Recommended Next Steps:")

print("\n📈 Enhanced Testing:")
print("  • Add integration tests")
print("  • Performance testing")
print("  • End-to-end testing with Playwright/Cypress")
print("  • Visual regression testing")

print("\n🔒 Advanced Security:")
print("  • SAST (Static Application Security Testing)")
print("  • DAST (Dynamic Application Security Testing)")
print("  • Secrets scanning in repository")
print("  • License compliance checking")

print("\n📊 Monitoring & Observability:")
print("  • Application metrics (Prometheus/Grafana)")
print("  • Log aggregation (ELK stack)")
print("  • Distributed tracing")
print("  • Alerting and notifications")

print("\n🚀 Advanced Deployment:")
print("  • Blue-green deployments")
print("  • Canary releases")
print("  • Feature flags")
print("  • Multi-environment promotion")

print("\n🔧 Developer Experience:")
print("  • Pre-commit hooks")
print("  • IDE integration")
print("  • Development containers")
print("  • Automated changelog generation")

## 📝 Summary

This DevOps setup provides:

✅ **Complete Test Coverage**: Both frontend and backend automated testing  
✅ **Code Quality Assurance**: Linting, formatting, and security scanning  
✅ **Automated CI/CD**: GitHub Actions pipeline with deployment  
✅ **Developer Tools**: Makefile with 20+ useful commands  
✅ **Security First**: Multiple layers of security scanning  
✅ **Easy Setup**: One-command setup for new developers  
✅ **Production Ready**: Docker containerization and cloud deployment  
✅ **Monitoring**: Health checks and pipeline notifications  

Your DevOps pipeline is now ready to ensure code quality, automate deployments, and improve developer productivity! 🎉