|
1 | | -# PYTHON FLASK DYNAMODB |
| 1 | +# Code2Cloud Python Flask Application |
| 2 | + |
| 3 | +## Description |
| 4 | + |
| 5 | +This repository contains a Python Flask application designed to demonstrate the code-to-cloud traceability feature of Prisma Cloud. The application allows users to manage customer data, showcasing CRUD (Create, Read, Update, Delete) operations, and is containerized for deployment on cloud platforms like AKS, EKS, or GKE. The pipeline utilizes GitHub Actions for CI/CD, building and pushing the Docker image to GitHub Container Registry (GHCR). |
| 6 | + |
| 7 | +## Goals |
| 8 | + |
| 9 | +- Demonstrate code-to-cloud traceability using Prisma Cloud. |
| 10 | +- Showcase a simple customer management system with CRUD operations. |
| 11 | +- Utilize GitHub Actions for automated CI/CD. |
| 12 | +- Deploy the application using Kubernetes manifests. |
| 13 | + |
| 14 | + |
| 15 | +## Features |
| 16 | + |
| 17 | +- Add, edit, delete, and list customers. |
| 18 | +- Flask-based web application. |
| 19 | +- SQLite database for data storage. |
| 20 | +- CI/CD pipeline using GitHub Actions. |
| 21 | +- Containerized application deployed on Kubernetes. |
| 22 | + |
| 23 | +## Prerequisites |
| 24 | +Before you begin, ensure you have the following: |
| 25 | + |
| 26 | +- **System Admin Access to Prisma Cloud:** You need administrative access to Prisma Cloud to configure and monitor the security settings and ensure proper integration with your Kubernetes cluster. |
| 27 | + |
| 28 | +- **Kubeadmin Access to AKS, EKS, or GKE:** Ensure you have Kubernetes admin access to your chosen cloud provider's Kubernetes service (Azure Kubernetes Service, Amazon Elastic Kubernetes Service |
| 29 | + |
| 30 | +- **Prisma Cloud Defender Agent Deployed on K8s Cluster:** The Prisma Cloud Defender agent should be deployed on your Kubernetes cluster and connected to the Prisma Cloud tenant. This ensures that Prisma Cloud can monitor and protect your deployed applications. |
| 31 | + |
| 32 | +## Step-by-Step Procedure |
| 33 | + |
| 34 | +### Fork this Repository |
| 35 | + Click the "Fork" button in the top-right corner to create your own copy of the repository. |
| 36 | + |
| 37 | +### Onboard the Forked Repository in Prisma Cloud |
| 38 | + Follow the instructions in the Prisma Cloud documentation to connect your GitHub repository: |
| 39 | + [Add GitHub Repository to Prisma Cloud](https://docs.prismacloud.io/en/classic/appsec-admin-guide/get-started/connect-your-repositories/code-repositories/add-github) |
| 40 | + |
| 41 | +### Clone the repo |
| 42 | + Clone your forked repository to your local machine: |
| 43 | + ```bash |
| 44 | + git clone https://github.com/<your-github-username>/code2cloud-python-flask-webserver.git |
| 45 | + ``` |
| 46 | + |
| 47 | +### Change the Version Number in version.py |
| 48 | + Change the directory to the cloned repository: |
| 49 | + ```bash |
| 50 | + cd code2cloud-python-flask-webserver |
| 51 | + ``` |
| 52 | + |
| 53 | + Open the `version.py` file and update the version number: |
| 54 | + ```python |
| 55 | + version = "0.0.10" # Update to a new version number |
| 56 | + ``` |
| 57 | + |
| 58 | +### Push the changes to the Repository |
| 59 | + ```bash |
| 60 | + git add version.py |
| 61 | + git commit -m "Update version number to 0.0.10" |
| 62 | + git push origin main |
| 63 | + ``` |
| 64 | + |
| 65 | +### Create a PAT (Personal Access Token) Token |
| 66 | + Go to your GitHub account settings. |
| 67 | + Navigate to "Developer settings" and then "Personal access tokens." |
| 68 | + Generate a new token with write:packages scope and save it securely. |
| 69 | + |
| 70 | +### Deploy the Application with Manifests Files |
| 71 | + Apply the Kubernetes manifests to create the namespace, deployment, and service: |
| 72 | + ```bash |
| 73 | + kubectl apply -f manifests/deployment.yaml |
| 74 | + ``` |
| 75 | + |
| 76 | +### Create a Secret in the K8s Cluster to Pull the Image from GHCR |
| 77 | + |
| 78 | + Use the PAT token to create a Docker registry secret: |
| 79 | + ```bash |
| 80 | + kubectl create secret docker-registry ghcr-io-creds \ |
| 81 | + --docker-server=ghcr.io \ |
| 82 | + --docker-username=<github_handle> \ |
| 83 | + --docker-password=<your_pat_token> \ |
| 84 | + --docker-email=<email> |
| 85 | + ``` |
| 86 | + |
| 87 | +### Verify the Deployment |
| 88 | + Check the status of the pods to ensure they are running: |
| 89 | + ```bash |
| 90 | + kubectl get pods -n code2cloud |
| 91 | + ``` |
| 92 | + |
| 93 | + Verify the service is created and accessible: |
| 94 | + ```bash |
| 95 | + kubectl get svc -n code2cloud |
| 96 | + ``` |
| 97 | + |
| 98 | +### Access the Application |
| 99 | + Use the external IP provided by the LoadBalancer service to access the application in your browser. |
| 100 | + |
| 101 | +## Conclusion |
| 102 | +By following these steps, you have successfully demonstrated the code-to-cloud traceability feature of Prisma Cloud using a Python Flask application. The application is now deployed on a Kubernetes cluster, showcasing automated CI/CD with GitHub Actions and Docker. |
0 commit comments