The Production-Ready Python Template for Scalable Projects π¶
π Overview¶
βοΈ This python-template is built with modularity, scalability, and security in mind, leveraging cutting-edge tools and best practices to streamline development, testing, and deployment workflows for CloudOps, FinOps, and Data Science projects.
π₯ The project integrates VSCode DevContainers, GitHub Actions CI/CD workflows and uv/ruff/pytest to simplify development workflows and ensure security and compliance with Trivy and ChainguardΒ Wolfi.
π οΈ Features¶
Complete Walkthrough for CloudOps Python Template
π The Production-Ready Python Template for Scalable CloudOps and FinOps Projects π
π£ Attention Cloud Engineers, DevOps Pros, and Data Scientists! π₯
π¬ Are you tired of setting up Python environments, debugging CI/CD pipelines, or dealing with dependency management?
πΌ Today, Iβm thrilled to introduce a powerful, scalable, and production-ready Python templateβdesigned to streamline CloudOps automation, DevOps workflows, and FinOps visual analytics like never before!
π₯ Why This Python Template?¶
- π₯ β
Lightning-Fast Toolchain: Powered by π¦
uv- Next-generation Python dependency and build management, πruff- Linting and formatting at blazing speed, and π§ͺ pytest - Robust testing framework with coverage reports. - π₯ β
Effortless CI/CD Pipelines: π οΈ Taskfile Automation - Say goodbye to manual SDLC repetitive tasks, π³ Containerized Workflows β π‘οΈ Security-first practices and Multi-stage Wolfi-based Docker builds for scalable production-ready environments, and βοΈ Auto-publish to
PyPIand GitHub Container Registry (GHCR) with GitHub Actions. - π₯ βοΈCloudOps Automation and FinOps Toolkit β Pre-configured hybrid-cloud workflows and seamlessly integrations (jupyterlab, mkdocs, boto3, moto) for managing cloud infrastructure π.
βοΈ Key Features¶
| Feature | Toolchain | Purpose |
|---|---|---|
| π οΈ Configuration | pyproject.toml |
Centralized configuration for dependencies, testing, and linting. |
| π§Ή Task Automation | Taskfile |
Automates repetitive tasks like linting, testing, and publishing. |
| π¦ Python Dependencies | uv |
Lightning-fast dependency resolution, caching, and builds. |
| π Linting & Formatting | ruff |
Enforces code quality standards, auto-formatting, and import sorting. |
| π§ͺ Testing Framework | pytest |
Comprehensive unit tests, integration tests with coverage reporting. |
| π³ Docker Integration | Dockerfile + DevContainer |
Optimized wolfi-based multi-stage builds for CI/CD and local development environments. |
| π¦Ύ CI/CD Pipelines | GitHub Actions |
Automated builds, tests, and deployments to PyPI and GHCR. |
| π Security Compliance | chainguard/wolfi-base + SBOM + Attestations |
Ensures compliance, vulnerability scanning, and security transparency. |
π¬ Letβs Connect for insights on DevOps Accelerate, CloudOps Automation, and FinOps Toolkit! πΌ Build Faster and Smarter: Drop your thoughts, questions, or suggestions below!
π #CloudOps #DevOps #Python #CI/CD #GitHubActions #Docker #PyPI #AWS #Automation #InfrastructureAsCode #FinOps π
π§βπ» Software Development Lifecycle (SDLC) with CI/CD π¶
| Stage | Task Name | Description | Command |
|---|---|---|---|
| Dev | install | Install Python dependencies. | task install |
| Dev | format |
Format code using Ruff. | task format |
| Dev | lint |
Perform Python linter and code formatter with Ruff for errors and formatting issues. | task lint |
| Dev | code_quality |
Validcate Code Quality with SonarQube | task code_quality |
| Dev | render-docs |
Generate documentation for components, modules, and GitHub actions. | task render-docs |
| Test | test |
Run unit tests with Pytest and generate coverage reports. | task test |
| Test | ci | Full CI pipeline with clean, lint, build, and test steps. | task ci |
| Deploy | build |
Build artifacts for deployment. | task build |
| Deploy | publish | Publish the project to PyPI. | task publish |
| Deploy | sync_data_up |
Sync local data directory to S3 bucket. | task sync_data_up |
| Deploy | sync_data_down |
Download data from S3 bucket to local directory. | task sync_data_down |
| Utility | clean |
Remove Python cache files and temporary directories. | task clean |
| Utility | real-clean |
Perform a deep clean, including dependencies and cache files. | task real-clean |
| Docs | help |
List all available tasks with descriptions. | task help |
cloudops-template/
βββ .github/
β βββ workflows/ ## CI/CD pipelines for testing, building, and publishing
β β βββ test.yml
β β βββ build.yml
β β βββ publish.yml
βββ .devcontainer/ ## DevContainer configurations for VSCode
β βββ Dockerfile
β βββ devcontainer.json
|-- notebooks ## A directory to place all notebooks files.
| βββ *.ipynb ## Jupyter notebooks
| βββ my_nb_path.py ## Imported by *.ipynb to treat src/ as PYTHONPATH
βββ src/ ## Python modules developed in this project
β βββ cloudops/ ## Core source code for cloudops module
β β βββ __init__.py
β β βββ toolkit.py ## Toolkit utilities. Imported by *.ipynb to XXX their outputs
βββ tests/ ## Unit and integration tests
β βββ test_toolkit.py
βββ Taskfile.yaml ## Task automation
βββ Dockerfile ## Multi-stage Docker build
βββ pyproject.toml ## Configuration for dependencies and tools for Python toolchains
βββ README.md ## Documentation
βββ LICENSE ## License
π Quick Start¶
Enterprise-grade Development Workflows Best Practices
- 1. Local Development Tools: DevContainer, Docker, Python Packaging Standards* using pyproject.toml.
- 2. Automated CI/CD Pipelines ensure testing, packaging, and deployment are reliable and scalable.
- 3. Dockerized Builds provide consistent runtime environments and secure image hosting on GHCR.
- 4. MkDocs Documentation simplifies documentation management and enhances team collaboration.
- 5. Taskfile Workflow streamlines local development and integrates seamlessly with CI/CD pipelines.
1οΈβ£ Local Development Setup¶
Step 1.1. Clone the Repository¶
Step 1.2. Run in DevContainer¶
β Install VSCode and π³ Docker Desktop.
- Open the project in VSCode.
- Install the Remote - Containers extension.
- Reopen in Container:
Command PaletteCmd+Shift+P(Cmd+Shift +P) in MacOS orCtrl+Shift+Pin Windows(Ctrl+Shift +P) β Reopen in Container.
2οΈβ£ SDLC Taskfile Commands¶
Step 2.1. Install Python dependencies using UV¶
Step 2.2. Run CI/CD Pipelines¶
Step 2.3. π§ͺ Testing and Code Quality¶
-
Code Formatting and Linting
-
Validcate Code Quality with SonarQube
-
Test the Codebase with Coverage Reports
---------- coverage: platform darwin, python 3.12.6-final-0 ----------
Name Stmts Miss Cover Missing
--------------------------------------------------------
src/cloudops/__init__.py 2 0 100%
src/cloudops/toolkit.py 33 7 79% 107-114
--------------------------------------------------------
TOTAL 35 7 80%
Step 2.4. Build Docker Image¶
Step 2.5. Publish Artifacts to PyPI and GHCR¶
-
Build and Publish Docker Image to GHCR and DockerHub to nnthanh101/runbooks:latest
-
Build and Publish the Project Package to PyPI:
runbooksAutomatically deploys Docker images and Python packages to PyPI.
- In order to publish to PyPI you need to create a secret called UV_PUBLISH_TOKEN with your PyPI access token under API tokens.
- If you are using Twine to upload your projects to PyPI, set up your
$HOME/.pypircfile.
3οΈβ£ π¦ CI/CD using GitHub Actions¶
π³ Tests, linting, and publishing workflows integrated via GitHub Actions.
Step 3.1. PyPI Publishing Workflow¶
- Triggered on
mainbranch push. - Tests, formats, and builds the package.
- Publishes the package to PyPI
pip install runbooksusing trusted OIDC authentication.
Step 3.2. Docker Image Workflow¶
- Triggered on
releasecreation or push toreleasebranch. - Builds and pushes multi-stage Docker images to
- GHCR (
ghcr.io):ghcr.io/nnthanh101/runbooks:latest - DockerHub:
nnthanh101/python:runbooks - ECR
- GHCR (
- Generates attestations and SBOM for supply chain security.
Push Docker Image
Triggered automatically on GitHub Actions:
-
Push a new tag or release:
-
Monitor the logs: - GitHub Actions β Workflows β
Create and publish Docker image
4οΈβ£ Documentation with MkDocs¶
Step 4.1: Build the Documentation¶
Step 4.2: Serve the Documentation Locally¶
5οΈβ£ Usage Examples for Python API from PyPI Installation¶
Step 5.1. Install the Package:¶
Step 5.2. Use the Toolkit API:¶
Step 5.3. Use the Calculator API:¶
from runbooks.calculator import Calculator
calc = Calculator(precision=2)
print(calc.add(5, 10)) ## Output: 15.0
6οΈβ£ Usage Examples for Docker Image¶
Step 6.1. Pull and Run Container:¶
docker pull ghcr.io/nnthanh101/runbooks:latest
docker run --rm ghcr.io/nnthanh101/runbooks:latest runbooks toolkit add 5 10
Step 6.2. Shell Access for Debugging:¶
π Conclusion¶
This Python template provides a production-ready framework for building scalable, secure, and automated systems. It incorporates:
- Efficient DevOps pipelines for end-to-end CI/CD workflows for testing, publishing, and containerized deployments.
- Security-first practices with Chainguard's Wolfi, SBOM, artifact attestations, and vulnerability scanning.
- Simplified Development: Task automation & Streamlined dependency management with
Taskfileanduvfor fast builds and reliable testing. Also, Pre-configured DevContainer and Taskfile streamline workflows for new developers. π
π Ready to get started? β‘οΈ
π οΈ Clone the repo, run the tasks, and deploy your pipelines today! Let me know if you need enhancements like DevOps Accelerate using Terraform IaC, CloudOps Automation, and FinOps FOCUSβ’ Toolkit! π₯