From 0e0ef4aacb9a05351369df466b80c7bdfa799807 Mon Sep 17 00:00:00 2001 From: AlexJelani Date: Thu, 25 Jun 2026 23:39:27 +0900 Subject: [PATCH 1/6] Fix Docker port mapping for FastAPI container --- Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 57c1063..9bfa09d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,8 +16,8 @@ RUN pip install --no-cache-dir -r requirements.txt # Copy the current directory contents into the container COPY . . -# Expose port 8080 to the outside world -EXPOSE 8080 +# Expose port 8000 to the outside world +EXPOSE 8000 # Run app.py when the container launches -CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8080"] +CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8000"] From 157afbc557662c242bf452a2af3c6d72052688a2 Mon Sep 17 00:00:00 2001 From: AlexJelani Date: Sat, 27 Jun 2026 07:43:36 +0900 Subject: [PATCH 2/6] Fix Docker port mapping for FastAPI container and ZAP scan target --- .github/workflows/unit-sec-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/unit-sec-test.yml b/.github/workflows/unit-sec-test.yml index b47d474..d9604bc 100644 --- a/.github/workflows/unit-sec-test.yml +++ b/.github/workflows/unit-sec-test.yml @@ -57,7 +57,7 @@ jobs: - name: Build Docker Image run: | docker build -t python-fastapi:${{ github.sha }} . - docker run -d -p 8080:8080 python-fastapi:${{ github.sha }} + docker run -d -p 8000:8000 python-fastapi:${{ github.sha }} - name: Wait for Docker container to be ready run: sleep 30 @@ -72,7 +72,7 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} docker_name: 'ghcr.io/zaproxy/zaproxy:stable' format: openapi - target: 'http://0.0.0.0:8080' + target: 'http://127.0.0.1:8000' rules_file_name: '.zap/rules.tsv' cmd_options: '-a' allow_issue_writing: false From 8870f7abccbe7b11a52f73754d8c6a51c0fcc482 Mon Sep 17 00:00:00 2001 From: AlexJelani Date: Sat, 27 Jun 2026 07:54:02 +0900 Subject: [PATCH 3/6] Fix GHCR image tag casing and FastAPI Docker port mapping --- .github/workflows/push-docker-image.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/push-docker-image.yml b/.github/workflows/push-docker-image.yml index 1989674..dec9996 100644 --- a/.github/workflows/push-docker-image.yml +++ b/.github/workflows/push-docker-image.yml @@ -27,7 +27,7 @@ jobs: id: meta uses: docker/metadata-action@v5 with: - images: ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }} + images: ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }} # Login against a Docker registry - name: Log into registry ${{ env.REGISTRY }} @@ -42,17 +42,17 @@ jobs: # Build and tag Docker Image - name: Build Docker Image run: | - docker build -t ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ github.sha }} . + docker build -t ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:${{ github.sha }} . - name: Tag Docker Image run: | - docker tag ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ github.sha }} ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest - docker tag ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ github.sha }} ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:testing + docker tag ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:${{ github.sha }} ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:latest + docker tag ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:${{ github.sha }} ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:testing # Push the Docker image to the registry - name: Push Docker Image to GHCR run: | - docker push ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ github.sha }} - docker push ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest - docker push ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:testing + docker push ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:${{ github.sha }} + docker push ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:latest + docker push ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:testing From 1879cbf1584b1a52af438a83ce983281cbb8f5e6 Mon Sep 17 00:00:00 2001 From: AlexJelani Date: Sat, 27 Jun 2026 07:56:30 +0900 Subject: [PATCH 4/6] Use: - `Fix GHCR image tag casing and GitHub Actions workflow syntax` --- .github/workflows/push-docker-image.yml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/.github/workflows/push-docker-image.yml b/.github/workflows/push-docker-image.yml index dec9996..3409226 100644 --- a/.github/workflows/push-docker-image.yml +++ b/.github/workflows/push-docker-image.yml @@ -8,6 +8,7 @@ env: # Use docker.io for Docker Hub if empty REGISTRY: ghcr.io IMAGE_NAME: 'python-fastapi' + IMAGE_OWNER: 'alexjelani' jobs: @@ -27,7 +28,7 @@ jobs: id: meta uses: docker/metadata-action@v5 with: - images: ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }} + images: ghcr.io/${{ env.IMAGE_OWNER }}/${{ env.IMAGE_NAME }} # Login against a Docker registry - name: Log into registry ${{ env.REGISTRY }} @@ -42,17 +43,17 @@ jobs: # Build and tag Docker Image - name: Build Docker Image run: | - docker build -t ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:${{ github.sha }} . + docker build -t ghcr.io/${{ env.IMAGE_OWNER }}/${{ env.IMAGE_NAME }}:${{ github.sha }} . - name: Tag Docker Image run: | - docker tag ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:${{ github.sha }} ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:latest - docker tag ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:${{ github.sha }} ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:testing + docker tag ghcr.io/${{ env.IMAGE_OWNER }}/${{ env.IMAGE_NAME }}:${{ github.sha }} ghcr.io/${{ env.IMAGE_OWNER }}/${{ env.IMAGE_NAME }}:latest + docker tag ghcr.io/${{ env.IMAGE_OWNER }}/${{ env.IMAGE_NAME }}:${{ github.sha }} ghcr.io/${{ env.IMAGE_OWNER }}/${{ env.IMAGE_NAME }}:testing # Push the Docker image to the registry - name: Push Docker Image to GHCR run: | - docker push ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:${{ github.sha }} - docker push ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:latest - docker push ghcr.io/${{ github.repository_owner.toLowerCase() }}/${{ env.IMAGE_NAME }}:testing + docker push ghcr.io/${{ env.IMAGE_OWNER }}/${{ env.IMAGE_NAME }}:${{ github.sha }} + docker push ghcr.io/${{ env.IMAGE_OWNER }}/${{ env.IMAGE_NAME }}:latest + docker push ghcr.io/${{ env.IMAGE_OWNER }}/${{ env.IMAGE_NAME }}:testing From 2d8843a4c7589da3b29b8da8612272afd2ade062 Mon Sep 17 00:00:00 2001 From: AlexJelani Date: Sat, 27 Jun 2026 08:21:14 +0900 Subject: [PATCH 5/6] Add SonarCloud scan workflow --- .github/workflows/sonarcloud.yml | 47 ++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 .github/workflows/sonarcloud.yml diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml new file mode 100644 index 0000000..9ffa7c9 --- /dev/null +++ b/.github/workflows/sonarcloud.yml @@ -0,0 +1,47 @@ +name: SonarCloud Scan + +on: + push: + branches: + - main + pull_request: + branches: + - main + +jobs: + sonarcloud: + name: SonarCloud Scan + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: '3.12' + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -r requirements.txt + pip install pytest pytest-cov + + - name: Run tests with coverage + run: | + pytest --cov=./ --cov-report=xml + + - name: SonarCloud Scan + uses: sonarsource/sonarcloud-github-action@v2.2.1 + with: + projectBaseDir: . + extraProperties: | + sonar.projectKey=alexjelani_python-fastapi + sonar.sources=. + sonar.python.coverage.reportPaths=coverage.xml + sonar.tests=tests + sonar.test.inclusions=tests/**/*.py + sonar.sourceEncoding=UTF-8 + sonar.exclusions=.github/**,tests/** + sonar.login=${{ secrets.SONAR_TOKEN }} From bdbcb7905a3ad3a656f1ff1f1f33ce6d60661653 Mon Sep 17 00:00:00 2001 From: AlexJelani Date: Sat, 27 Jun 2026 11:18:19 +0900 Subject: [PATCH 6/6] Fix SonarCloud action version --- .github/workflows/sonarcloud.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index 9ffa7c9..b410bd0 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -33,7 +33,7 @@ jobs: pytest --cov=./ --cov-report=xml - name: SonarCloud Scan - uses: sonarsource/sonarcloud-github-action@v2.2.1 + uses: sonarsource/sonarcloud-github-action@v5 with: projectBaseDir: . extraProperties: |