Kubernetes-dashboard: feat: add Docker support and enhance application structure

- Introduced `.dockerignore` to exclude unnecessary files from Docker builds.
- Created `Dockerfile` for building the application image with Python 3.9 and necessary dependencies.
- Added `docker-compose.yml` for simplified multi-container management, including a Redis service for future enhancements.
- Refactored `app.py` to improve logging and structure.
- Introduced `dashboard_types.py` for type definitions related to system metrics and Kubernetes resources.
- Updated `kubernetes_client.py` to utilize new type definitions and improve code clarity.

Signed-off-by: NotHarshhaa <reddyharshhaa12@gmail.com>

Author: NotHarshhaa

.dockerignore

@@ -0,0 +1,95 @@
+# Python bytecode and cache files
+__pycache__/
+*.py[cod]
+*$py.class
+*.so
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# Virtual environments
+venv/
+env/
+ENV/
+env.bak/
+venv.bak/
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# OS
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+ehthumbs.db
+Thumbs.db
+
+# Logs
+*.log
+logs/
+
+# Environment variables
+.env
+.env.local
+.env.production
+
+# Backup files
+*.backup
+*.bak
+
+# Kubernetes config (sensitive)
+kubeconfig*
+*.kubeconfig
+
+# Test coverage
+htmlcov/
+.coverage
+.coverage.*
+coverage.xml
+*.cover
+.hypothesis/
+.pytest_cache/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# pyenv
+.python-version
+
+# Docker
+.dockerignore
+
+# Git
+.git/
+.gitignore
+
+# Documentation
+*.md
+!README.md
+ARCHITECTURE.md
+
+# Node modules (if any frontend build tools)
+node_modules/
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*

.github/workflows/docker-build.yml

@@ -0,0 +1,245 @@
+name: Build and Push to Docker Hub
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+env:
+  REGISTRY: docker.io
+  IMAGE_NAME: kubernetes-dashboard
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    name: Code Quality Checks
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: '3.9'
+        cache: 'pip'  # Enable pip caching
+        
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install flake8 black isort mypy
+        if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
+        
+    - name: Lint with flake8
+      run: |
+        flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
+        flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
+        
+    - name: Check code formatting with black
+      run: black --check --diff .
+      
+    - name: Check import sorting with isort
+      run: isort --check-only --diff .
+      
+    - name: Type checking with mypy
+      run: mypy --ignore-missing-imports .
+
+  security-scan:
+    runs-on: ubuntu-latest
+    name: Security Scanning
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Run Bandit Security Linter
+      uses: securecodewarrior/github-action-bandit-scan@v1
+      with:
+        path: '.'
+        
+    - name: Run Semgrep
+      uses: returntocorp/semgrep-action@v1
+      with:
+        config: >-
+          p/security-audit
+          p/secrets
+          p/xss
+          p/command-injection
+          
+    - name: Check dependencies for vulnerabilities
+      run: |
+        python -m pip install --upgrade pip
+        pip install safety
+        if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
+        safety check --json --output safety-report.json || true
+        
+    - name: Upload safety report
+      uses: actions/upload-artifact@v3
+      with:
+        name: safety-report
+        path: safety-report.json
+
+  test:
+    runs-on: ubuntu-latest
+    name: Run Tests
+    strategy:
+      matrix:
+        python-version: ['3.9', '3.11']  # Reduced from 4 to 2 versions
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Set up Python ${{ matrix.python-version }}
+      uses: actions/setup-python@v4
+      with:
+        python-version: ${{ matrix.python-version }}
+        cache: 'pip'  # Enable pip caching
+        
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r requirements.txt
+        pip install pytest pytest-cov pytest-mock
+        
+    - name: Run tests with coverage
+      run: |
+        pytest --cov=. --cov-report=xml --cov-report=term-missing --tb=short
+        
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v3
+      with:
+        file: ./coverage.xml
+        flags: unittests
+        name: codecov-umbrella
+
+  validate-docker:
+    runs-on: ubuntu-latest
+    name: Validate Docker Configuration
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Validate Dockerfile
+      run: |
+        test -f Dockerfile || (echo "Dockerfile not found" && exit 1)
+        docker build --dry-run -f Dockerfile .
+        
+    - name: Build test image
+      run: |
+        docker build -t test-image .
+        
+    - name: Test container startup
+      run: |
+        docker run -d --name test-container -p 5000:5000 test-image
+        sleep 10
+        curl -f http://localhost:5000/health || exit 1
+        docker stop test-container
+        docker rm test-container
+
+  build:
+    needs: [lint, security-scan, test, validate-docker]
+    runs-on: ubuntu-latest
+    name: Build Docker Image
+    if: github.event_name != 'pull_request'
+    
+    outputs:
+      image-digest: ${{ steps.build.outputs.digest }}
+      image-tag: ${{ steps.meta.outputs.tags }}
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+      
+    - name: Log in to Docker Hub
+      uses: docker/login-action@v3
+      with:
+        username: ${{ secrets.DOCKER_USERNAME }}
+        password: ${{ secrets.DOCKER_PASSWORD }}
+        
+    - name: Extract metadata
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: ${{ env.REGISTRY }}/${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME }}
+        tags: |
+          type=raw,value=latest,enable={{is_default_branch}}
+          
+    - name: Build and push Docker image
+      id: build
+      uses: docker/build-push-action@v5
+      with:
+        context: .
+        platforms: linux/amd64  # Reduced to single platform for faster builds
+        push: true
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+        cache-from: type=gha
+        cache-to: type=gha,mode=max
+        build-args: |
+          BUILD_DATE=${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.created'] }}
+          VCS_REF=${{ github.sha }}
+        # Optimize build layers
+        target: production
+          
+    - name: Generate SBOM
+      uses: anchore/sbom-action@v0
+      with:
+        image: ${{ steps.meta.outputs.tags }}
+        format: spdx-json
+        output-file: sbom.spdx.json
+        
+    - name: Upload SBOM artifact
+      uses: actions/upload-artifact@v3
+      with:
+        name: sbom
+        path: sbom.spdx.json
+
+  security-scan-image:
+    needs: build
+    runs-on: ubuntu-latest
+    name: Scan Docker Image
+    if: github.event_name != 'pull_request'
+    
+    steps:
+    - name: Run Trivy vulnerability scanner
+      uses: aquasecurity/trivy-action@master
+      with:
+        image-ref: ${{ needs.build.outputs.image-tag }}
+        format: 'table'
+        
+    - name: Generate SARIF report
+      uses: aquasecurity/trivy-action@master
+      with:
+        image-ref: ${{ needs.build.outputs.image-tag }}
+        format: 'sarif'
+        output: 'trivy-results.sarif'
+        
+    - name: Upload Trivy scan results as artifact
+      uses: actions/upload-artifact@v3
+      with:
+        name: trivy-scan-results
+        path: trivy-results.sarif
+
+  notify:
+    needs: [lint, security-scan, test, validate-docker, build, security-scan-image]
+    runs-on: ubuntu-latest
+    name: Build Status
+    if: always()
+    
+    steps:
+    - name: Notify on success
+      if: needs.lint.result == 'success' && needs.security-scan.result == 'success' && needs.test.result == 'success' && needs.validate-docker.result == 'success' && (needs.build.result == 'success' || needs.build.result == 'skipped') && (needs.security-scan-image.result == 'success' || needs.security-scan-image.result == 'skipped')
+      run: |
+        echo "✅ All checks passed! Image ${{ needs.build.outputs.image-tag }} built and pushed successfully"
+        
+    - name: Notify on failure
+      if: needs.lint.result == 'failure' || needs.security-scan.result == 'failure' || needs.test.result == 'failure' || needs.validate-docker.result == 'failure' || needs.build.result == 'failure' || needs.security-scan-image.result == 'failure'
+      run: |
+        echo "❌ Some checks failed!"
+        exit 1

Dockerfile

@@ -0,0 +1,50 @@
+# Use Python 3.9 slim image as base
+FROM python:3.9-slim
+
+# Set working directory
+WORKDIR /app
+
+# Set environment variables
+ENV PYTHONDONTWRITEBYTECODE=1 \
+    PYTHONUNBUFFERED=1 \
+    FLASK_APP=app.py \
+    FLASK_ENV=production \
+    API_PORT=5000
+
+# Install system dependencies
+RUN apt-get update && apt-get install -y \
+    curl \
+    gnupg \
+    wget \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install Trivy for security scanning
+RUN wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | apt-key add - \
+    && echo "deb https://aquasecurity.github.io/trivy-repo/deb buster main" | tee -a /etc/apt/sources.list.d/trivy.list \
+    && apt-get update \
+    && apt-get install -y trivy \
+    && rm -rf /var/lib/apt/lists/*
+
+# Copy requirements first for better caching
+COPY requirements.txt .
+
+# Install Python dependencies
+RUN pip install --no-cache-dir -r requirements.txt
+
+# Copy application code
+COPY . .
+
+# Create non-root user for security
+RUN useradd --create-home --shell /bin/bash app \
+    && chown -R app:app /app
+USER app
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+    CMD curl -f http://localhost:5000/health || exit 1
+
+# Expose port
+EXPOSE 5000
+
+# Start the application
+CMD ["python", "app.py"]