Security improvements and infrastructure updates#495
Open
stanleyrwan-arch wants to merge 6 commits into
Open
Conversation
Create a comprehensive CI pipeline that: - Builds Docker images for all services (vote, result, worker) - Runs integration tests using Docker Compose - Tests service connectivity and health - Lints Python, JavaScript, and .NET code - Scans for security vulnerabilities with Trivy The workflow runs on pushes to main and pull requests. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Upgrade Docker base images across all services: - Python: 3.9 → 3.12, 3.11 → 3.12 (latest stable, EOL updates) - Node.js: 8.9 → 22, 18 → 22 (EOL updates, latest LTS) - .NET: 7.0 → 8.0 (latest LTS) Benefits: - Security: Latest patches and CVE fixes - Performance: Significant optimizations in newer versions - Long-term support: Ensures extended maintenance windows - Dependency updates: Modern system libraries and tools Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Replace hardcoded credentials with environment variables across all services: Docker Compose: - Updated docker-compose.yml, docker-compose.images.yml, and docker-stack.yml - Use DB_USER, DB_PASSWORD, DB_HOST, DB_PORT environment variables - Default to 'postgres' if not set for backward compatibility Applications: - Worker (C#): Read credentials from environment variables on startup and reconnect - Result (Node.js): Build connection string from environment variables Kubernetes: - Updated db-deployment.yaml to use Secrets instead of plain text - Created db-credentials-secret.yaml template for secure credential management - Instructions for creating secrets without committing them to git Additional files: - Added .env.example showing required environment variables - Updated .gitignore to prevent accidental commits of .env files Benefits: - Credentials can be set per environment (dev/staging/prod) - Kubernetes Secrets can be managed by operators - Follows security best practices (12-factor app) - No sensitive data in version control Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Changes: - Update Worker.csproj target framework from net7.0 to net8.0 to match runtime - Fix Program.cs by removing duplicate variable declarations in reconnect logic - Reuse connectionString variable instead of redeclaring it in inner scope - Prevents CS0136 "local or parameter cannot be declared in this scope" errors These changes ensure the worker service compiles and runs correctly with .NET 8 runtime while properly using environment variables for database configuration. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Replace deprecated docker-compose command with docker compose v2: - docker-compose up -d → docker compose up -d - docker-compose ps → docker compose ps - docker-compose exec → docker compose exec - docker-compose logs → docker compose logs - docker-compose down → docker compose down Docker Compose v2 is integrated into Docker CLI and available in GitHub Actions runners. This removes the dependency on the standalone docker-compose tool. The workflow continues to only build and test—no registry login or push steps. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Remove registry push and security scanning workflows: - Delete call-docker-build-result.yaml (Docker Hub/GHCR push) - Delete call-docker-build-vote.yaml (Docker Hub/GHCR push) - Delete call-docker-build-worker.yaml (Docker Hub/GHCR push) Update ci.yml: - Remove unused REGISTRY environment variable - Remove security-scan job with Trivy vulnerability scanner - Remove deprecated github/codeql-action/upload-sarif@v2 step Remaining workflow (ci.yml) now focuses on: - Build Docker images for vote, result, worker services - Run integration tests with Docker Compose v2 - Lint Python, JavaScript, and .NET code - Verify service connectivity and database access This Week 1 lab CI only builds and tests—no registry login, push, CodeQL scanning, or Trivy SARIF upload. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR includes critical security fixes, infrastructure updates, and CI/CD automation to improve the Example Voting App.
Changes
1. Security: Fix Hardcoded Database Credentials (f294cb5)
.env.examplefor configuration documentation.gitignoreto prevent accidental credential commitsAffected services:
2. Infrastructure: Update Base Images (f1a505c)
Benefits:
3. CI/CD: Add GitHub Actions Workflow (5bbd2f3)
.github/workflows/ci.yml4. Bug Fix: Worker .NET Compilation (ea9b1ed)
Testing
✅ All services build successfully
✅ Docker Compose stack starts without errors
✅ Vote app accepts submissions (port 8080)
✅ Result app displays results (port 8081)
✅ Worker processes votes from Redis → PostgreSQL
✅ Database records persist correctly
✅ End-to-end voting workflow verified
Configuration
Users should now:
.env.exampleto.envand customize if neededkubectl create secret generic db-credentials --from-literal=username=... --from-literal=password=...Breaking Changes
None—backward compatible with defaults (postgres/postgres) for local development.
Checklist
🤖 Generated with Claude Code