Quiz fix and cicd

.github/workflows/ansible/inventories/dev/hosts.yml

@@ -0,0 +1,9 @@
+all:
+  hosts:
+    dev-server:
+      ansible_host: your_dev_server_ip
+      ansible_user: your_username
+      ansible_ssh_private_key_file: /path/to/your/private/key
+  vars:
+    env: "development"
+    docker_compose_file: "docker-compose.dev.yml"

.github/workflows/ansible/inventories/prod/hosts.yml

@@ -0,0 +1,9 @@
+all:
+  hosts:
+    prod-server:
+      ansible_host: your_prod_server_ip
+      ansible_user: your_username
+      ansible_ssh_private_key_file: /path/to/your/private/key
+  vars:
+    env: "production"
+    docker_compose_file: "docker-compose.prod.yml"

.github/workflows/ansible/inventories/test/hosts.yml

@@ -0,0 +1,9 @@
+all:
+  hosts:
+    test-server:
+      ansible_host: your_test_server_ip
+      ansible_user: your_username
+      ansible_ssh_private_key_file: /path/to/your/private/key
+  vars:
+    env: "test"
+    docker_compose_file: "docker-compose.test.yml"

.github/workflows/ansible/roles/app/tasks/main.yml

@@ -0,0 +1,17 @@
+---
+    - name: Create environment file
+      template:
+        src: .env.j2
+        dest: /home/{{ ansible_user }}/docker/{{ env }}/.env
+        mode: '0644'
+
+    - name: Pull the latest image
+      command: docker-compose -f /home/{{ ansible_user }}/docker/{{ env }}/{{ docker_compose_file }} pull
+      args:
+        chdir: /home/{{ ansible_user }}/docker/{{ env }}
+
+    - name: Restart the application
+      command: docker-compose -f /home/{{ ansible_user }}/docker/{{ env }}/{{ docker_compose_file }} up -d
+      args:
+        chdir: /home/{{ ansible_user }}/docker/{{ env }}
+

.github/workflows/ansible/roles/app/templates/.env.j2

@@ -0,0 +1,7 @@
+POSTGRES_USER={{ postgres_user }}
+POSTGRES_PASSWORD={{ postgres_password }}
+POSTGRES_DB={{ postgres_db }}
+POSTGRES_PORT=5432
+NEXTAUTH_SECRET={{ nextauth_secret }}
+NEXT_PUBLIC_SITE_URL={{ next_public_site_url }}
+NEXT_PUBLIC_SOCKET_URL={{ next_public_socket_url }}

.github/workflows/ansible/roles/common/tasks/main.yml

@@ -0,0 +1,36 @@
+---
+    - name: Update and upgrade apt packages
+      apt:
+        update_cache: yes
+        upgrade: dist
+        cache_valid_time: 86400
+
+    - name: Install required packages
+      apt:
+        name: "{{ item }}"
+        state: present
+      loop:
+        - git
+        - curl
+        - software-properties-common
+        - python3-pip
+
+    - name: Add Docker GPG key
+      apt_key:
+        url: https://download.docker.com/linux/ubuntu/gpg
+        state: present
+
+    - name: Add Docker repository
+      apt_repository:
+        repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable
+        state: present
+
+    - name: Install Docker
+      apt:
+        name: docker-ce
+        state: present
+
+    - name: Install Docker Compose
+      pip:
+        name: docker-compose
+

.github/workflows/ansible/roles/docker/tasks/main.yml

@@ -0,0 +1,18 @@
+---
+    - name: Create Docker Compose directory
+      file:
+        path: /home/{{ ansible_user }}/docker/{{ env }}
+        state: directory
+        mode: '0755'
+
+    - name: Copy Docker Compose file
+      template:
+        src: docker-compose.yml.j2
+        dest: /home/{{ ansible_user }}/docker/{{ env }}/{{ docker_compose_file }}
+        mode: '0644'
+
+    - name: Start Docker Compose
+      command: docker-compose -f /home/{{ ansible_user }}/docker/{{ env }}/{{ docker_compose_file }} up -d
+      args:
+        chdir: /home/{{ ansible_user }}/docker/{{ env }}
+

.github/workflows/ansible/roles/docker/templates/docker-compose.yaml.j2

@@ -0,0 +1,23 @@
+version: '3.8'
+services:
+  app:
+    image: ghcr.io/ismail-mouyahada/sat-square:{{ env }}-latest
+    env_file:
+      - .env
+    ports:
+      - "3000:3000"
+      - "5157:5157"
+    depends_on:
+      - db
+  db:
+    image: postgres:16
+    environment:
+      POSTGRES_USER: {{ postgres_user }}
+      POSTGRES_PASSWORD: {{ postgres_password }}
+      POSTGRES_DB: {{ postgres_db }}
+    ports:
+      - "5432:5432"
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+volumes:
+  postgres_data:

.github/workflows/ansible/site.yml

@@ -0,0 +1,9 @@
+---
+    - hosts: all
+      become: yes
+
+      roles:
+        - role: common
+        - role: docker
+        - role: app
+

.github/workflows/ci-cd.dev.yml

@@ -0,0 +1,153 @@
+name: CI/CD Dev Pipeline
+
+on:
+    push:
+      branches:
+        - dev
+    pull_request:
+      branches:
+        - dev
+
+env:
+    ENVIRONMENT: development
+    DATABASE_URL: ${{ secrets.DEV_DATABASE_URL }}
+    NEXTAUTH_SECRET: ${{ secrets.DEV_NEXTAUTH_SECRET }}
+    NEXT_PUBLIC_SITE_URL: http://dev.ismail-mouyahada.com
+    NEXT_PUBLIC_SOCKET_URL: ws://dev-socket.ismail-mouyahada.com
+
+jobs:
+  deps-vulnerability:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Install dependencies
+        run: npm install
+
+      - name: Run dependency vulnerability scan
+        uses: advanced-security/npm-audit-action@v1
+
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Install dependencies
+        run: npm install
+
+      - name: Run Linting
+        run: npm run lint
+
+  unit-tests:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Install dependencies
+        run: npm install
+
+      - name: Run Jest Unit Tests
+        run: npm run test:watch
+
+  codecov:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Install dependencies
+        run: npm install
+
+      - name: Run tests and generate coverage report
+        run: npm run test -- --coverage
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Run security analysis
+        uses: github/codeql-action/analyze@v2
+
+  lighthouse:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Install dependencies
+        run: npm install
+
+      - name: Run Lighthouse CI
+        run: npx lhci autorun
+
+  docker-build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Login to GitHub Container Registry
+        run: echo "${{ secrets.GHCR_PAT }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
+
+      - name: Build Docker image
+        run: docker build -t ghcr.io/ismail-mouyahada/sat-square:dev-${{ github.sha }} -f Dockerfile.dev .
+
+      - name: Scan Docker image for vulnerabilities
+        uses: aquasecurity/[email protected]
+        with:
+          image-ref: ghcr.io/ismail-mouyahada/sat-square:dev-${{ github.sha }}
+
+      - name: Push Docker image to GitHub Container Registry
+        run: docker push ghcr.io/ismail-mouyahada/sat-square:dev-${{ github.sha }}
+
+  e2e-tests:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Install dependencies
+        run: npm install
+
+      - name: Run end-to-end tests
+        run: npm run test:e2e
+
+  stress-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install dependencies
+        run: npm install
+
+      - name: Run stress tests
+        run: npm run test:stress
+
+  notify:
+    runs-on: ubuntu-latest
+    needs: [deps-vulnerability, lint, unit-tests, codecov, security, lighthouse, docker-build, e2e-tests, stress-test]
+    steps:
+      - name: Send Discord notification on success
+        if: success()
+        run: |
+          curl -X POST -H "Content-Type: application/json" \
+          -d '{"content": "CI/CD Dev Pipeline succeeded!"}' \
+          ${{ secrets.DISCORD_WEBHOOK_URL }}
+
+      - name: Send Discord notification on failure
+        if: failure()
+        run: |
+          curl -X POST -H "Content-Type: application/json" \
+          -d '{"content": "CI/CD Dev Pipeline failed!"}' \
+          ${{ secrets.DISCORD_WEBHOOK_URL }}