{"id":16314470,"url":"https://github.com/ntno/ntno-challenge","last_synced_at":"2025-04-27T22:50:07.131Z","repository":{"id":133095750,"uuid":"205290264","full_name":"ntno/ntno-challenge","owner":"ntno","description":"dev/ops coding challenge","archived":false,"fork":false,"pushed_at":"2019-10-17T03:26:06.000Z","size":156,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-26T20:58:26.160Z","etag":null,"topics":["apache2-license","codebuild","codecommit","codedeploy"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ntno.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-08-30T02:35:47.000Z","updated_at":"2022-12-29T00:04:55.000Z","dependencies_parsed_at":null,"dependency_job_id":"bc69fd6e-669e-4278-8fa9-c8411e4845a7","html_url":"https://github.com/ntno/ntno-challenge","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ntno%2Fntno-challenge","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ntno%2Fntno-challenge/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ntno%2Fntno-challenge/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ntno%2Fntno-challenge/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ntno","download_url":"https://codeload.github.com/ntno/ntno-challenge/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251052261,"owners_count":21528797,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apache2-license","codebuild","codecommit","codedeploy"],"created_at":"2024-10-10T21:54:01.828Z","updated_at":"2025-04-26T20:58:29.620Z","avatar_url":"https://github.com/ntno.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ntno-challenge\n\n## Infrastructure\n\n**complete:**\n* http web app using nginx and docker\n* force http -\u003e https (locally tested)\n* nginx config tested during build \n* docker image for generating a self signed certificate and uploading to aws systems manager parameter store\n* cert is pulled into final web app image during the build process - **not** stored with the web app code\n  * note - this is still not ideal because the keys are stored in the build artifact and final image (see todos)\n* integration with aws codecommit, codebuild, codedeploy\n  * changes to web app are automatically built into an image\n  * build process gets latest certs from systems parameter store\n  * docker image is packaged and stored in s3\n    * docker image is also stored in elastic container registry for easy retrieval\n  * packaged image is deployed to host server\n* automated provisioning of the codecommit -\u003e codebuild -\u003e codedeploy pipeline - see [pipeline.yml](https://github.com/ntno/ntno-challenge/tree/master/infrastructure/cloudformation/cft/pipeline.yml)\n* automated provisioning of the host server and associated networking resources - see [deploy-hello-world-app.yml](https://github.com/ntno/ntno-challenge/tree/master/infrastructure/cloudformation/cft/deploy-hello-world-app.yml)\n  * optional ssh access (via cloudformation parameter, defaults to no access over port 22)\n\n**in progress**\n* clean up IAM roles \n  * for the purposes of completing this POC quickly I made some of the roles more permissive than I would like them to be\n  * policies should be restricted to only act on pipeline resources\n  * unused policies should be removed\n\n**todo:**\n* integrate with automated certificate generator like certbot\n  * we want to prevent cert from being stored with app code or app image\n* add test stage to pipeline for functional testing (as opposed to configuration syntax checking)\n  * python e2e tests on against running container\n* research how to handle branch builds/deploys\n\n## Install\n### Prerequisites\n* create an amazon ec2 key pair and store securely\n* s3 bucket to store cloud formation templates (ex: ntno-misc)\n* aws user with the following permissions:  \n  * add parameters to the systems manager parameter store\n  * create/update/delete cloudformation stacks\n  * write/read for the cloud formation template bucket\n* docker\n* awscli\n* aws user with codecommit permissions and credentials (can be separate or the same as the first user)\n* update the [cloudformation helper script](https://github.com/ntno/ntno-challenge/tree/master/infrastructure/cloudformation/create.sh) with your custom parameters (bucket name, ec2 key pair name, etc.)  \n\n### Step 1 \ngenerate certificate and add to the systems manager parameter store\n\n`\ndocker build generate-certificate \\\n   -t generate-certificate \\\n   --build-arg AWS_ACCESS_KEY_ID=\"$(aws configure get aws_access_key_id)\" \\\n   --build-arg AWS_SECRET_ACCESS_KEY=\"$(aws configure get aws_secret_access_key)\" \\\n   --build-arg AWS_REGION=\"$(aws configure get region)\" \\\n   --no-cache\n`\n\n### Step 2\n* provision bucket for storing pipeline artifacts using [artifact-bucket.yml](https://github.com/ntno/ntno-challenge/tree/master/infrastructure/cloudformation/cft/pipeline.yml)\n* provision resources required for app hosting using [deploy-hello-world-app.yml](https://github.com/ntno/ntno-challenge/tree/master/infrastructure/cloudformation/cft/pipeline.yml)\n* provision the codecommit-\u003ecodebuild-\u003ecodedeploy pipeline using [pipeline.yml](https://github.com/ntno/ntno-challenge/tree/master/infrastructure/cloudformation/cft/pipeline.yml)  \n\n*see [create.sh](https://github.com/ntno/ntno-challenge/tree/master/infrastructure/cloudformation/create.sh) for notes on parameter values*\n\n### Step 3\n* connect to codecommit repo following aws instructions  \n* copy contents of [hello-world](https://github.com/ntno/ntno-challenge/tree/master/infrastructure/hello-world) to the codecommit repo \n  * (do not include .git files)  \n* push to codecommit  \n\n### Step 4 \nwait for pipeline to complete\n\n### Step 5  \nvisit the public dns of the hosted app\n\n* `region=$(aws configure get region)`  \n* `publicDns=$(aws cloudformation describe-stacks --stack-name app-hosting --query \"Stacks[0].Outputs[?OutputKey=='PublicDns'].OutputValue\" --output text)`  \n* `curl http://$publicDns.$region.compute.amazonaws.com`  \n* `curl -k https://$publicDns.$region.compute.amazonaws.com`  \n\n*note: you may need to navigate to the above address in chrome and go through the 'advanced -\u003e proceed' before the above curl requests work correctly*\n\n---\n---\n\n## Coding\n### Problem\n[regex/file parsing](https://www.hackerrank.com/challenges/validating-credit-card-number/problem)\n\n### Solution\nsee [code](https://github.com/ntno/ntno-challenge/blob/master/code/validate.py) for solution\n\n\n---\n---  \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fntno%2Fntno-challenge","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fntno%2Fntno-challenge","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fntno%2Fntno-challenge/lists"}