Skip to content
DevOps Engineer Assignment Workflow

fix(ci/cd) main.yml with img tag for backend and frontend #22

Sign in to view logs

fix(ci/cd) main.yml with img tag for backend and frontend

fix(ci/cd) main.yml with img tag for backend and frontend #22

Workflow file for this run

.github/workflows/main.yml at cd5cdc1
name: DevOps Engineer Assignment Workflow
on:
push:
branches: [main, dev]
paths:
- .github/workflows/main.yml
- frontend/*
- backend/*
- k8s/manifests/**/*
pull_request:
branches: [main]
defaults:
run:
shell: bash
permissions:
actions: write
contents: write
jobs:
Build-And-Test:
if: ${{ github.event_name == 'pull_request' }}
runs-on: ubuntu-22.04
defaults:
run:
shell: bash
working-directory: ./backend
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
refs: ${{ github.refs_name }}
- name: Setup node
uses: actions/setup-node@v4
with:
node-version: '14.21.3'
- name: Install dependencies
run: npm install
- name: Create production build folder
run: npm run build --if-present
- name: Testing API
run: npm test
################################### FRONTEND ###############################################
Push-To-DockerHub-Frontend:
if: contains(github.event.head_commit.message, 'frontend')
runs-on: ubuntu-24.04
defaults:
run:
shell: bash
working-directory: frontend/
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
ref: ${{ github.ref_name }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Registry
uses: docker/login-action@v3
with:
username: ${{ vars.DOCKER_USER }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Building Docker Image
run: docker build . -t ${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}}
- name: Pushing Docker Image
run: docker push ${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}}
Image-Vuln-Check-Frontend:
if: contains(github.event.head_commit.message, 'frontend')
runs-on: ubuntu-24.04
needs: [Push-To-DockerHub-Frontend]
continue-on-error: true
defaults:
run:
shell: bash
working-directory: frontend/
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Run Trivy Vulnerability Scanner
uses: aquasecurity/[email protected]
with:
image-ref: "docker.io/${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}}"
format: "table"
exit-code: "1"
ignore-unfixed: true
output: trivy-report-frontend.txt
vuln-type: "os,library"
severity: "CRITICAL,HIGH"
- name: Upload Artifact
uses: actions/upload-artifact@v4
with:
name: trivy-report-frontend
path: trivy-report-frontend.txt
Update-ImgTag-Frontend:
runs-on: ubuntu-24.04
needs: [Image-Vuln-Check-Frontend]
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Update tag in K8s Deployment
run: |
sed -i 's|\(uj5ghare/eng-frontend:\)[^[:space:]]*|\11.${{ github.run_number }}.${{ github.run_attempt}}|' k8s/manifests/frontend/deployment.yml
- name: Commit and push changes
run: |
git pull origin ${{ github.ref_name }}
git config --global user.email "${{ secrets.GH_USER_MAIL }}"
git config --global user.name "${{ vars.GH_USER_NAME }}"
git add .
git commit -m "refactor(k8s) updated k8s deployment image tag"
git push
Deploy-On-Minikube-Frontend:
if: contains(github.event.head_commit.message, 'frontend')
runs-on: ubuntu-24.04
needs: [Update-ImgTag-Frontend]
defaults:
run:
shell: bash
working-directory: k8s/manifests/frontend/
steps:
- uses: actions/checkout@v4
with:
refs: ${{ github.refs_name }}
- name: Start minikube
uses: medyagh/setup-minikube@latest
- name: Try the cluster!
run: kubectl get pods -A
- name: Deploy to minikube
run: |
kubectl apply -f namespace.yml
kubectl apply -f .
- name: Watch the changes
run: |
sleep 20
kubectl get all -n app
sleep 10
kubectl get all -n app
Slack-Notification-Frontend:
if: contains(github.event.head_commit.message, 'frontend')
runs-on: ubuntu-24.04
needs: [Deploy-On-Minikube-Frontend]
steps:
- name: Post to a Slack channel
uses: slackapi/[email protected]
with:
method: chat.postMessage
token: ${{ secrets.SLACK_BOT_TOKEN }}
payload: |
channel: ${{ secrets.SLACK_CHANNEL_ID }}
text: "GitHub Action Deployment result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}"
blocks:
- type: "section"
text:
type: "mrkdwn"
text: "GitHub Action Deployment result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}"
################################### BACKEND ###############################################
Push-To-DockerHub-Backend:
if: contains(github.event.head_commit.message, 'backend')
runs-on: ubuntu-24.04
defaults:
run:
shell: bash
working-directory: backend/
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
ref: ${{ github.ref_name }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Registry
uses: docker/login-action@v3
with:
username: ${{ vars.DOCKER_USER }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Building Docker Image
run: docker build . -t ${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}}
- name: Pushing Docker Image
run: docker push ${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}}
Image-Vuln-Check-Backend:
if: contains(github.event.head_commit.message, 'backend')
runs-on: ubuntu-24.04
needs: [Push-To-DockerHub-Backend]
continue-on-error: true
defaults:
run:
shell: bash
working-directory: backend/
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Run Trivy Vulnerability Scanner
uses: aquasecurity/[email protected]
with:
image-ref: "docker.io/${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}}"
format: "json"
exit-code: "1"
ignore-unfixed: true
output: trivy-report-backend.txt
vuln-type: "os,library"
severity: "CRITICAL,HIGH"
- name: Upload Artifact
uses: actions/upload-artifact@v4
with:
name: trivy-report-backend
path: trivy-report-backend.txt
Update-ImgTag-Backend:
runs-on: ubuntu-24.04
needs: [Image-Vuln-Check-Backend]
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Update tag in K8s Deployment
run: |
sed -i 's|\(uj5ghare/eng-backend:\)[^[:space:]]*|\11.${{ github.run_number }}.${{ github.run_attempt}}|' k8s/manifests/backend/deployment.yml
- name: Commit and push changes
run: |
git pull origin ${{ github.ref_name }}
git config --global user.email "${{ secrets.GH_USER_MAIL }}"
git config --global user.name "${{ vars.GH_USER_NAME }}"
git add .
git commit -m "refactor(k8s) updated k8s deployment image tag"
git push
Deploy-On-Minikube-Backend:
if: contains(github.event.head_commit.message, 'backend')
runs-on: ubuntu-24.04
needs: [Update-ImgTag-Backend]
defaults:
run:
shell: bash
working-directory: k8s/manifests/backend/
steps:
- uses: actions/checkout@v4
with:
refs: ${{ github.refs_name }}
- name: Start minikube
uses: medyagh/setup-minikube@latest
- name: Try the cluster!
run: kubectl get pods -A
- name: Deploy to minikube
run: |
kubectl apply -f namespace.yml
kubectl apply -f .
- name: Watch the changes
run: |
sleep 10
kubectl get all -n app
sleep 10
kubectl get all -n app
Slack-Notification-Backend:
if: contains(github.event.head_commit.message, 'backend')
runs-on: ubuntu-24.04
needs: [Deploy-On-Minikube-Backend]
steps:
- name: Post to a Slack channel
uses: slackapi/[email protected]
with:
method: chat.postMessage
token: ${{ secrets.SLACK_BOT_TOKEN }}
payload: |
channel: ${{ secrets.SLACK_CHANNEL_ID }}
text: "GitHub Action Deployment result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}"
blocks:
- type: "section"
text:
type: "mrkdwn"
text: "GitHub Action Deployment result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}"