Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature/work on pipeline #480

Merged
merged 4 commits into from
Feb 28, 2024
Merged

Feature/work on pipeline #480

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
c48054c
merge build and push docker image
mafasva Feb 28, 2024
309eaf4
fix typo
mafasva Feb 28, 2024
71d7c35
merge push and PR pipeline
mafasva Feb 28, 2024
b1cb584
replace dependencyCheck with trivy
mafasva Feb 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
51 changes: 27 additions & 24 deletions .github/workflows/PR_to_develop.yml → .github/workflows/build-for-development.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,14 @@
name: PR into develop
name: Build for development

on:
push:
branches: [ 'feature/**' ]
pull_request_target:
branches:
- 'develop'
branches: [ develop ]
types: [ closed ]

jobs:
verify:
test_and_scan:
runs-on: ubuntu-latest

steps:
Expand All @@ -23,24 +25,17 @@ jobs:
- name: Run integration tests
run: mvn verify -P integration-tests
continue-on-error: true
- name: Save test results
- name: Prepare test results
run: |
mkdir -p ~/test-results/unit-tests/
mkdir -p ~/test-results/integration-tests/
find . -type f -regex ".*/target/surefire-reports/.*xml" -exec cp {} ~/test-results/unit-tests/ \;
find . -type f -regex ".*/target/failsafe-reports/.*xml" -exec cp {} ~/test-results/integration-tests/ \;
- name: Run CVE scan
run: mvn dependency-check:check
- name: Upload test coverage report
uses: actions/upload-artifact@v4
with:
name: test-coverage-report
path: target/site/jacoco-merged-test-coverage-report
- name: Upload dependency check report
uses: actions/upload-artifact@v4
with:
name: dependency-check-report
path: target/dependency-check-report.html
- name: Upload unit tests report
uses: actions/upload-artifact@v4
with:
Expand All @@ -51,6 +46,18 @@ jobs:
with:
name: integration-tests-report
path: ~/test-results/integration-tests/
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
ignore-unfixed: true
format: 'sarif'
output: 'trivy-results.sarif'
severity: 'CRITICAL,HIGH'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'
- name: SonarCloud Scan
uses: sonarsource/[email protected]
env:
Expand All @@ -59,9 +66,10 @@ jobs:
continue-on-error: true

docker:
runs-on: ubuntu-latest
needs: verify
needs: test_and_scan
if: github.event.pull_request.merged == true

runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
Expand All @@ -71,17 +79,12 @@ jobs:
java-version: '17'
distribution: 'temurin'
cache: 'maven'
- name: Build
run: mvn clean package
- name: build image
run: mvn spring-boot:build-image -Dspring-boot.build-image.imageName=${{ secrets.DOCKER_USERNAME }}/num-portal:develop -DskipTests
- name: Login to Docker Hub
- name: Login to docker hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push
uses: docker/build-push-action@v5
with:
load: true
tags: ${{ secrets.DOCKER_USERNAME }}/num-portal:develop
- name: Build and push docker image
run: |
mvn spring-boot:build-image -Dspring-boot.build-image.imageName=${{ secrets.DOCKER_USERNAME }}/num-portal:develop -DskipTests
docker push ${{ secrets.DOCKER_USERNAME }}/num-portal:develop
24 changes: 15 additions & 9 deletions .github/workflows/nightly.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,8 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v4
- name: Checkout
uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
Expand All @@ -21,24 +22,17 @@ jobs:
- name: Run integration tests
run: mvn verify -P integration-tests
continue-on-error: true
- name: Save test results
- name: Prepare test results
run: |
mkdir -p ~/test-results/unit-tests/
mkdir -p ~/test-results/integration-tests/
find . -type f -regex ".*/target/surefire-reports/.*xml" -exec cp {} ~/test-results/unit-tests/ \;
find . -type f -regex ".*/target/failsafe-reports/.*xml" -exec cp {} ~/test-results/integration-tests/ \;
- name: Run CVE scan
run: mvn dependency-check:check
- name: Upload test coverage report
uses: actions/upload-artifact@v4
with:
name: test-coverage-report
path: target/site/jacoco-merged-test-coverage-report
- name: Upload dependency check report
uses: actions/upload-artifact@v4
with:
name: dependency-check-report
path: target/dependency-check-report.html
- name: Upload unit tests report
uses: actions/upload-artifact@v4
with:
Expand All @@ -49,6 +43,18 @@ jobs:
with:
name: integration-tests-report
path: ~/test-results/integration-tests/
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
ignore-unfixed: true
format: 'sarif'
output: 'trivy-results.sarif'
severity: 'CRITICAL,HIGH'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'
- name: SonarCloud Scan
uses: sonarsource/[email protected]
env:
Expand Down
61 changes: 0 additions & 61 deletions .github/workflows/push.yml
View file
Open in desktop

This file was deleted.

Loading