FastAPI Shield

Production-minded FastAPI template validated entirely in GitHub Actions: tests, lint, container boot & health-check, ZAP baseline DAST, CycloneDX SBOM, pip-audit, Trivy image scan, Bandit static analysis, Prometheus metrics, and runtime hardening (API key, rate limit, security headers).

 

Repo: https://github.com/adela117/fastapi-shield

What’s inside

• ✅ Pytest on every push/PR
• ✅ Black + Flake8 style gates
• ✅ Docker build + health-check in CI
• ✅ ZAP baseline DAST
• ✅ CycloneDX SBOM via Syft + pip-audit --strict
• ✅ Trivy image scan (HIGH/CRITICAL fail)
• ✅ Bandit static analysis
• ✅ Prometheus /metrics + basic API key auth + rate limit

Screenshots

Quick links

• API docs when running or deployed: /docs
• Health: /health
• Metrics: /metrics

Contact

• LinkedIn: https://www.linkedin.com/in/albert-de-la-cruz-282-fiu
• Email: delacruz.albert@proton.me