add docker and k8s files

Author: brngates98

.dockerignore

@@ -0,0 +1,18 @@
+.git
+.github
+.gitignore
+README.md
+k8s
+*.md
+.env
+__pycache__
+*.pyc
+*.pyo
+*.pyd
+.Python
+*.so
+*.egg
+*.egg-info
+dist
+build
+

.github/workflows/docker-build.yml

@@ -0,0 +1,66 @@
+name: Build and Push Docker Image
+
+on:
+  push:
+    branches:
+      - main
+      - master
+    tags:
+      - 'v*'
+  pull_request:
+    branches:
+      - main
+      - master
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Container Registry
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=sha
+            type=raw,value=latest,enable={{is_default_branch}}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+

Dockerfile

@@ -0,0 +1,20 @@
+FROM python:3.11-slim
+
+WORKDIR /app
+
+# Copy requirements first for better layer caching
+COPY requirements.txt .
+
+# Install Python dependencies
+RUN pip install --no-cache-dir -r requirements.txt
+
+# Copy the application code
+COPY app.py .
+
+# Make app.py executable
+RUN chmod +x app.py
+
+# Run the application
+ENTRYPOINT ["python3", "app.py"]
+CMD []
+

k8s/cronjob.yaml

@@ -0,0 +1,58 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: intune2snipe-secrets
+  # Note: Replace the placeholder values below with your actual credentials
+  # Optional: AZURE_GROUP_IDS can be omitted if you don't need group filtering
+type: Opaque
+stringData:
+  AZURE_TENANT_ID: "your-tenant-id"
+  AZURE_CLIENT_ID: "your-client-id"
+  AZURE_CLIENT_SECRET: "your-client-secret"
+  SNIPEIT_URL: "https://your-snipeit-url/api/v1"
+  SNIPEIT_API_TOKEN: "your-snipeit-api-token"
+  SNIPEIT_DEFAULT_STATUS: "Ready to Deploy"
+  AZURE_GROUP_IDS: "group-id-1,group-id-2"
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: intune2snipe-sync
+  namespace: default
+spec:
+  # Run daily at 2:00 AM UTC
+  schedule: "0 2 * * *"
+  # Keep last 3 successful jobs and 1 failed job
+  successfulJobsHistoryLimit: 3
+  failedJobsHistoryLimit: 1
+  concurrencyPolicy: Forbid
+  jobTemplate:
+    spec:
+      template:
+        metadata:
+          labels:
+            app: intune2snipe-sync
+        spec:
+          restartPolicy: OnFailure
+          containers:
+          - name: intune2snipe
+            # Update with your container registry and image
+            image: ghcr.io/your-org/your-repo:latest
+            imagePullPolicy: Always
+            envFrom:
+            - secretRef:
+                name: intune2snipe-secrets
+            # Optional: Override default platform filter
+            # args: ["--platform", "windows"]
+            # Optional: Override group IDs via command-line argument
+            # args: ["--groups", "group-id-1,group-id-2"]
+            # Optional: Run in dry-run mode
+            # args: ["--dry-run"]
+            resources:
+              requests:
+                memory: "128Mi"
+                cpu: "100m"
+              limits:
+                memory: "512Mi"
+                cpu: "500m"
+

requirements.txt

@@ -0,0 +1,3 @@
+msal>=1.24.0
+requests>=2.31.0
+