This is a simple demo flask application that greet user with welcome message. The application is containarized using Dockerfile and integrate with Jenkins for CI using Jenkinsfile.
Python3 is required.
The application has been develop and tested on Python 3.10.2
- Clone the git repository and enter into the folder
git clone https://github.com/test-org-cicd/flask-app-project.git
cd flask-app-project
- Create and activate a virtual environment:
pip install pipenv
pipenv shell
- Install the dependencies
pipenv install --dev
- For testing
pytest
is being used
pytest -v
The application is using some pre-commit hooks for SAST, Secret Leak Protection, Style Guide and Linting. The tools used are:
To run all pre-commit type
pipenv run pre-commit run --all-files
To start the application do the following
export FLASK_ENV=development
export FLASK_APP=autoapp.py
flask run --host=0.0.0.0
Now you can browse the application at http://localhost:5000
For production deployment the CI/CD pipelin is being used. Jenkins is used to complete the CI(Continous Integration) process and for CD(Continuous Deployment) ArgoCD is being used.
Jenkins steps
- Build
- Install all the pipenv dev dependencies
- Run all pre-commit
- Run all pytest
- SAST
- Dependency Check
- Integrate with Dependency Track for software composition analysis. It will upload CycloneDX SBOM to Dependency Track.
- Integrate with Sonarqube for
Code Quality and Code Security
.
- Dependency Check
- Docker Image With Kaniko
- Build Image using Kaniko tool within the container. For this project the container image is being pushed to
Amazon ECR
. The container image is being tagged by reading theVERSION
file from the code repo.
- Build Image using Kaniko tool within the container. For this project the container image is being pushed to
- Deploy To Staging Using ArgoCD
- In this stage it reads the
VERSION
file and update the kubernetes manifest file using Kustomize in the seperate git repo for this application at https://github.com/test-org-cicd/flask-app-deploy. This manifest repo is being monitored by ArgoCD for any changes and deploy toKubernetes
cluster accordingly.
- In this stage it reads the
- Dependency Track
- Sonarqube
Working on DefectDojo for the security posture of the application.
The Flask Application is GNU GPL3 licensed. See the LICENSE file for details.