A simple and secure Python Flask API providing basic CRUD operations with a focus on DevSecOps best practices using containerization and distroless images.
Simple and secure Python API for DevSecOps practices, featuring basic CRUD functionality
This tool is designed for developers and DevSecOps practitioners who need a lightweight, secure API backend to manage product data with CRUD functionality. It is ideal for learning secure containerized application deployment and integrating security-focused container image practices in development pipelines.
This project requires Docker and Docker Compose installed on the host machine. Using distroless images enhances security by reducing the container footprint, but may complicate debugging. It is recommended to use this tool as a learning resource or a secure base for building more complex DevSecOps pipelines.
Clone the repository: git clone https://github.com/lisazevedo/basic-crud-api
Navigate into the project directory: cd basic-crud-api
Build and start the containers using Docker Compose: docker compose up --builddocker compose up --build
Builds the Docker image and starts the Flask API along with the SQLite volume container.
POST /product
Creates a new product with JSON body containing name and price.
GET /products
Retrieves a list of all products.
GET /product/<id>
Retrieves details of a specific product by ID.
PUT /product/<id>
Updates an existing product by ID with new name and price.
DELETE /product/<id>
Deletes a product by its ID.