Bookstore API | DevSecOps CI/CD pipeline

The Bookstore API is a RESTful API built with a focus on DevSecOps practices to ensure security throughout the development lifecycle.

Technology Stack

• Python
• Postgres
• Django

Formatter or Linters

• Flake8
• Black
• Isort

Run test cases

• Users

 ./manage test

How to set up locally using Docker container - Recommended

Prerequisite

• Make sure Docker is installed locally. Checkout installation here Docker
• Make sure Postgres is installed locally. Checkout installation here Postgres

1. Clone the project.

 git clone https://github.com/CyrilBaah/bookstore.git

 cd bookstore

2. Change the env.example file to .env
3. Run

 docker-compose build --no-cache

4. Run

 docker-compose build up

Generate API documentation

$ ./manage.py spectacular --color --file schema.yml

Generate Seeder

• Users

 ./manage seed_users

Get docker image | PostgreSQL DB IP

docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' container_name

Features in the DevSecOps Pipeline

Static Code Analysis

• Linters: The pipeline includes Flake8, Black , and Isort to ensure code consistency and quality.

Unit Testing

• Test Cases: The pipeline runs unit tests using ./manage test to ensure code functionality.

Security Scanning

• Dependency Check: Scans installed packages for security vulnerabilities by using Pyraider.