From 2fe516d5f7553a22036dcd38017948b776ffaf29 Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 15:58:04 +0530 Subject: [PATCH 01/21] feat(cicd) Create main.yml workflow --- .github/workflows/main.yml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 .github/workflows/main.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000..2fc267a --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,28 @@ +name: DevOps Engineer Assignment Workflow + +on: + push: + branches: [main, dev] + +defaults: + run: + shell: bash + +jobs: + Build: + runs-on: ubuntu-22.04 + defaults: + run: + shell: bash + working-directory: ./frontend + steps: + - name: Checkout Code + uses: actions/checkout@v4 + with: + refs: ${{ github.refs_name }} + - name: Setup node + uses: actions/setup-node@v4 + - name: Install dependencies + run: npm install + - name: Create production build folder + run: npm run build --if-present From afd4b90ade65d2b2e4721b1e119b16d497a12211 Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 15:59:46 +0530 Subject: [PATCH 02/21] refactor(ci/cd)Update main.yml --- .github/workflows/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 2fc267a..df43150 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -22,6 +22,8 @@ jobs: refs: ${{ github.refs_name }} - name: Setup node uses: actions/setup-node@v4 + with: + node_version: '14.21.3' - name: Install dependencies run: npm install - name: Create production build folder From e188942202af295a331e8363c68d64ca04ffa146 Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 16:00:45 +0530 Subject: [PATCH 03/21] refactor(ci/cd) Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index df43150..9e40beb 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -23,7 +23,7 @@ jobs: - name: Setup node uses: actions/setup-node@v4 with: - node_version: '14.21.3' + node-version: '14.21.3' - name: Install dependencies run: npm install - name: Create production build folder From 0c5aacb7a519502ed42a099e5533a3077cbaeb30 Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 16:33:16 +0530 Subject: [PATCH 04/21] refactor(ci/cd) Update main.yml with docker job --- .github/workflows/main.yml | 64 ++++++++++++++++++++++++++------------ 1 file changed, 44 insertions(+), 20 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9e40beb..7bc15cc 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -3,28 +3,52 @@ name: DevOps Engineer Assignment Workflow on: push: branches: [main, dev] - + pull_request: + defaults: run: shell: bash jobs: - Build: - runs-on: ubuntu-22.04 - defaults: - run: - shell: bash - working-directory: ./frontend - steps: - - name: Checkout Code - uses: actions/checkout@v4 - with: - refs: ${{ github.refs_name }} - - name: Setup node - uses: actions/setup-node@v4 - with: - node-version: '14.21.3' - - name: Install dependencies - run: npm install - - name: Create production build folder - run: npm run build --if-present + # Build: + # runs-on: ubuntu-22.04 + # defaults: + # run: + # shell: bash + # working-directory: ./frontend + # steps: + # - name: Checkout Code + # uses: actions/checkout@v4 + # with: + # refs: ${{ github.refs_name }} + # - name: Setup node + # uses: actions/setup-node@v4 + # with: + # node-version: '14.21.3' + # - name: Install dependencies + # run: npm install + # - name: Create production build folder + # run: npm run build --if-present + + Docker: + runs-on: ubuntu-24.04 + defaults: + run: + shell: bash + working-directory: ./frontend + steps: + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKER_USER }} + password: ${{ secrets.DOCKER_TOKEN }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Build and push + uses: docker/build-push-action@v6 + with: + context: ./frontend + push: true + tags: ${{ vars.DOCKER_USER }}/eng-frontend:${{ github.run_number }} From 61d3a9eebf9999151db511dd3122a104206d6141 Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 16:35:57 +0530 Subject: [PATCH 05/21] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 7bc15cc..ce44902 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -49,6 +49,6 @@ jobs: - name: Build and push uses: docker/build-push-action@v6 with: - context: ./frontend + context: . push: true tags: ${{ vars.DOCKER_USER }}/eng-frontend:${{ github.run_number }} From 81d3202aadc94a09f51452fc9d8ea9407b83be5a Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 16:38:12 +0530 Subject: [PATCH 06/21] refactor(ci/cd) Update main.yml --- .github/workflows/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index ce44902..d8453b8 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -49,6 +49,5 @@ jobs: - name: Build and push uses: docker/build-push-action@v6 with: - context: . push: true tags: ${{ vars.DOCKER_USER }}/eng-frontend:${{ github.run_number }} From 5a8f1c14ed3c3b5630a63a8c47957eec99b626e5 Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 16:40:49 +0530 Subject: [PATCH 07/21] refactor(ci/cd) Update main.yml --- .github/workflows/main.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d8453b8..bad0dfa 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -37,6 +37,10 @@ jobs: shell: bash working-directory: ./frontend steps: + - name: Checkout Code + uses: actions/checkout@v4 + with: + refs: ${{ github.refs_name }} - name: Login to Docker Hub uses: docker/login-action@v3 with: From d7239e6b4324498aa51f14ad668984f9e08cbecd Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 16:47:22 +0530 Subject: [PATCH 08/21] test(ci/cd) Update main.yml --- .github/workflows/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index bad0dfa..c92cdd8 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -53,5 +53,6 @@ jobs: - name: Build and push uses: docker/build-push-action@v6 with: + context: fronted/ push: true tags: ${{ vars.DOCKER_USER }}/eng-frontend:${{ github.run_number }} From 5291dd53fdf6cee63a83a818da08f48b47bbb9a7 Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 17:48:54 +0530 Subject: [PATCH 09/21] feat(k8) Added k8s/manifests for frontend and backend --- k8s/manifests/backend/deployment.yml | 29 +++++++++++++++++++++++++++ k8s/manifests/backend/hpa.yml | 25 +++++++++++++++++++++++ k8s/manifests/backend/service.yml | 16 +++++++++++++++ k8s/manifests/frontend/deployment.yml | 29 +++++++++++++++++++++++++++ k8s/manifests/frontend/hpa.yml | 25 +++++++++++++++++++++++ k8s/manifests/frontend/service.yml | 16 +++++++++++++++ 6 files changed, 140 insertions(+) create mode 100644 k8s/manifests/backend/deployment.yml create mode 100644 k8s/manifests/backend/hpa.yml create mode 100644 k8s/manifests/backend/service.yml create mode 100644 k8s/manifests/frontend/deployment.yml create mode 100644 k8s/manifests/frontend/hpa.yml create mode 100644 k8s/manifests/frontend/service.yml diff --git a/k8s/manifests/backend/deployment.yml b/k8s/manifests/backend/deployment.yml new file mode 100644 index 0000000..8941570 --- /dev/null +++ b/k8s/manifests/backend/deployment.yml @@ -0,0 +1,29 @@ +# This is a sample deployment manifest file for a simple web application. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: node-deployment + namespace: app + labels: + app: node +spec: + replicas: 2 + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 1 + maxUnavailable: 25% + selector: + matchLabels: + app: node + template: + metadata: + labels: + app: node + spec: + containers: + - name: node-con + image: uj5ghare/eng-backend:latest + ports: + - containerPort: 8000 + imagePullPolicy: Always \ No newline at end of file diff --git a/k8s/manifests/backend/hpa.yml b/k8s/manifests/backend/hpa.yml new file mode 100644 index 0000000..9bd5943 --- /dev/null +++ b/k8s/manifests/backend/hpa.yml @@ -0,0 +1,25 @@ +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: node-hpa + namespace: app +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: node-deployment + minReplicas: 1 + maxReplicas: 3 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 80 + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: 80 diff --git a/k8s/manifests/backend/service.yml b/k8s/manifests/backend/service.yml new file mode 100644 index 0000000..c3a79af --- /dev/null +++ b/k8s/manifests/backend/service.yml @@ -0,0 +1,16 @@ +# Service for the application +apiVersion: v1 +kind: Service +metadata: + name: node-svc + namespace: app + labels: + app: node +spec: + ports: + - port: 80 + targetPort: 8000 + protocol: TCP + selector: + app: node + type: ClusterIP \ No newline at end of file diff --git a/k8s/manifests/frontend/deployment.yml b/k8s/manifests/frontend/deployment.yml new file mode 100644 index 0000000..1e2eb35 --- /dev/null +++ b/k8s/manifests/frontend/deployment.yml @@ -0,0 +1,29 @@ +# This is a sample deployment manifest file for a simple web application. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: react-deployment + namespace: app + labels: + app: react +spec: + replicas: 2 + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 1 + maxUnavailable: 25% + selector: + matchLabels: + app: react + template: + metadata: + labels: + app: react + spec: + containers: + - name: react-con + image: uj5ghare/eng-frontend:latest + ports: + - containerPort: 3000 + imagePullPolicy: Always \ No newline at end of file diff --git a/k8s/manifests/frontend/hpa.yml b/k8s/manifests/frontend/hpa.yml new file mode 100644 index 0000000..6f5f082 --- /dev/null +++ b/k8s/manifests/frontend/hpa.yml @@ -0,0 +1,25 @@ +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: react-hpa + namespace: app +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: react-deployment + minReplicas: 1 + maxReplicas: 3 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 80 + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: 80 diff --git a/k8s/manifests/frontend/service.yml b/k8s/manifests/frontend/service.yml new file mode 100644 index 0000000..eb70a6e --- /dev/null +++ b/k8s/manifests/frontend/service.yml @@ -0,0 +1,16 @@ +# Service for the application +apiVersion: v1 +kind: Service +metadata: + name: react-svc + namespace: app + labels: + app: react +spec: + ports: + - port: 80 + targetPort: 3000 + protocol: TCP + selector: + app: react + type: ClusterIP \ No newline at end of file From be962dc28213937c5ca85b42c05fbcc119f89400 Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 17:57:46 +0530 Subject: [PATCH 10/21] feat(k8s) Added namespace.yml file in both backend and frontend --- k8s/manifests/backend/namespace.yml | 6 ++++++ k8s/manifests/frontend/namespace.yml | 6 ++++++ 2 files changed, 12 insertions(+) create mode 100644 k8s/manifests/backend/namespace.yml create mode 100644 k8s/manifests/frontend/namespace.yml diff --git a/k8s/manifests/backend/namespace.yml b/k8s/manifests/backend/namespace.yml new file mode 100644 index 0000000..b9da35a --- /dev/null +++ b/k8s/manifests/backend/namespace.yml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: app + labels: + app: node \ No newline at end of file diff --git a/k8s/manifests/frontend/namespace.yml b/k8s/manifests/frontend/namespace.yml new file mode 100644 index 0000000..6dfb0f7 --- /dev/null +++ b/k8s/manifests/frontend/namespace.yml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: app + labels: + app: react \ No newline at end of file From 8bae55a408fec3d18181806a9a8b243e935ac2e1 Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 17:59:09 +0530 Subject: [PATCH 11/21] refactor(ci/cd) Update main.yml with trivy and k8s stages --- .github/workflows/main.yml | 157 +++++++++++++++++++++++++++++++------ 1 file changed, 131 insertions(+), 26 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index c92cdd8..f9a831b 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -30,29 +30,134 @@ jobs: # - name: Create production build folder # run: npm run build --if-present - Docker: - runs-on: ubuntu-24.04 - defaults: - run: - shell: bash - working-directory: ./frontend - steps: - - name: Checkout Code - uses: actions/checkout@v4 - with: - refs: ${{ github.refs_name }} - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ vars.DOCKER_USER }} - password: ${{ secrets.DOCKER_TOKEN }} - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Build and push - uses: docker/build-push-action@v6 - with: - context: fronted/ - push: true - tags: ${{ vars.DOCKER_USER }}/eng-frontend:${{ github.run_number }} + Image-Vuln-Check-Frontend: + runs-on: ubuntu-24.04 + continue-on-error: true + defaults: + run: + shell: bash + working-directory: frontend/ + steps: + - name: Checkout Code + uses: actions/checkout@v4 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Build Docker Image + run: docker build -t docker.io/${{ vars.DOCKER_USER }}/eng-frontend:${{ github.sha }} . + - name: Run Trivy Vulnerability Scanner + uses: aquasecurity/trivy-action@0.20.0 + with: + image-ref: "docker.io/${{ vars.DOCKER_USER }}/eng-frontend:${{ github.sha }}" + format: "table" + exit-code: "1" + ignore-unfixed: true + output: trivy-report-frontend.txt + vuln-type: "os,library" + severity: "CRITICAL,HIGH" + - name: Upload Artifact + uses: actions/upload-artifact@v4 + with: + name: trivy-report-frontend + path: trivy-report-frontend.txt + + Image-Vuln-Check-Backend: + runs-on: ubuntu-24.04 + continue-on-error: true + defaults: + run: + shell: bash + working-directory: backend/ + steps: + - name: Checkout Code + uses: actions/checkout@v4 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Build Docker Image + run: docker build -t docker.io/${{ vars.DOCKER_USER }}/eng-backend:${{ github.sha }} . + - name: Run Trivy Vulnerability Scanner + uses: aquasecurity/trivy-action@0.20.0 + with: + image-ref: "docker.io/${{ vars.DOCKER_USER }}/eng-backend:${{ github.sha }}" + format: "table" + exit-code: "1" + ignore-unfixed: true + output: trivy-report-backend.txt + vuln-type: "os,library" + severity: "CRITICAL,HIGH" + - name: Upload Artifact + uses: actions/upload-artifact@v4 + with: + name: trivy-report-backend + path: trivy-report-backend.txt + + Push-To-DockerHub-Frontend: + runs-on: ubuntu-24.04 + needs: [Image-Vuln-Check-Frontend] + defaults: + run: + shell: bash + working-directory: frontend/ + steps: + - name: Checkout Code + uses: actions/checkout@v4 + with: + ref: ${{ github.ref_name }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to Docker Registry + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKER_USER }} + password: ${{ secrets.DOCKER_TOKEN }} + - name: Building Docker Image + run: docker build . -t ${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}} + - name: Pushing Docker Image + run: docker push ${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}} + + Push-To-DockerHub-Backend: + runs-on: ubuntu-24.04 + needs: [Image-Vuln-Check-Backend] + defaults: + run: + shell: bash + working-directory: backend/ + steps: + - name: Checkout Code + uses: actions/checkout@v4 + with: + ref: ${{ github.ref_name }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to Docker Registry + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKER_USER }} + password: ${{ secrets.DOCKER_TOKEN }} + - name: Building Docker Image + run: docker build . -t ${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}} + - name: Pushing Docker Image + run: docker push ${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}} + + Deploy-On-Minikube: + runs-on: ubuntu-24.04 + needs: [Push-To-DockerHub-Frontend, Push-To-DockerHub-Backend] + defaults: + run: + shell: bash + working-directory: k8s/manifests/ + steps: + - uses: actions/checkout@v4 + with: + refs: ${{ github.refs_name }} + - name: Start minikube + uses: medyagh/setup-minikube@latest + - name: Try the cluster! + run: kubectl get pods -A + - name: Deploy to minikube + run: + kubectl apply -f frontend/namespace.yml + kubectl apply -f frontend/. + - name: Watch the changes + run: | + sleep 20 + kubectl get all -n app From 1d9ca17e7b3b342baa5ea4ca60129916518bfde5 Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 18:38:16 +0530 Subject: [PATCH 12/21] refactor(ci/cd) Update main.yml --- .github/workflows/main.yml | 218 ++++++++++++++++++++++++------------- 1 file changed, 145 insertions(+), 73 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index f9a831b..04690ac 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -10,29 +10,33 @@ defaults: shell: bash jobs: - # Build: - # runs-on: ubuntu-22.04 - # defaults: - # run: - # shell: bash - # working-directory: ./frontend - # steps: - # - name: Checkout Code - # uses: actions/checkout@v4 - # with: - # refs: ${{ github.refs_name }} - # - name: Setup node - # uses: actions/setup-node@v4 - # with: - # node-version: '14.21.3' - # - name: Install dependencies - # run: npm install - # - name: Create production build folder - # run: npm run build --if-present + Build-Test-Frontend: + runs-on: ubuntu-22.04 + defaults: + run: + shell: bash + working-directory: ./backend + steps: + - name: Checkout Code + uses: actions/checkout@v4 + with: + refs: ${{ github.refs_name }} + - name: Setup node + uses: actions/setup-node@v4 + with: + node-version: '14.21.3' + - name: Install dependencies + run: npm install + - name: Create production build folder + run: npm run build --if-present + - name: Testing API + run: npm test - Image-Vuln-Check-Frontend: + ################################### FRONTEND ############################################### + + Push-To-DockerHub-Frontend: + if: contains(github.event.head_commit.message, 'frontend') runs-on: ubuntu-24.04 - continue-on-error: true defaults: run: shell: bash @@ -40,63 +44,104 @@ jobs: steps: - name: Checkout Code uses: actions/checkout@v4 + with: + ref: ${{ github.ref_name }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - name: Build Docker Image - run: docker build -t docker.io/${{ vars.DOCKER_USER }}/eng-frontend:${{ github.sha }} . - - name: Run Trivy Vulnerability Scanner - uses: aquasecurity/trivy-action@0.20.0 - with: - image-ref: "docker.io/${{ vars.DOCKER_USER }}/eng-frontend:${{ github.sha }}" - format: "table" - exit-code: "1" - ignore-unfixed: true - output: trivy-report-frontend.txt - vuln-type: "os,library" - severity: "CRITICAL,HIGH" - - name: Upload Artifact - uses: actions/upload-artifact@v4 + - name: Login to Docker Registry + uses: docker/login-action@v3 with: - name: trivy-report-frontend - path: trivy-report-frontend.txt + username: ${{ vars.DOCKER_USER }} + password: ${{ secrets.DOCKER_TOKEN }} + - name: Building Docker Image + run: docker build . -t ${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}} + - name: Pushing Docker Image + run: docker push ${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}} - Image-Vuln-Check-Backend: + Image-Vuln-Check-Frontend: + if: contains(github.event.head_commit.message, 'frontend') runs-on: ubuntu-24.04 + needs: [Push-To-DockerHub-Frontend] continue-on-error: true defaults: run: shell: bash - working-directory: backend/ + working-directory: frontend/ steps: - name: Checkout Code uses: actions/checkout@v4 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Build Docker Image - run: docker build -t docker.io/${{ vars.DOCKER_USER }}/eng-backend:${{ github.sha }} . - name: Run Trivy Vulnerability Scanner uses: aquasecurity/trivy-action@0.20.0 with: - image-ref: "docker.io/${{ vars.DOCKER_USER }}/eng-backend:${{ github.sha }}" + image-ref: "docker.io/${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}}" format: "table" exit-code: "1" ignore-unfixed: true - output: trivy-report-backend.txt + output: trivy-report-frontend.txt vuln-type: "os,library" severity: "CRITICAL,HIGH" - name: Upload Artifact uses: actions/upload-artifact@v4 with: - name: trivy-report-backend - path: trivy-report-backend.txt + name: trivy-report-frontend + path: trivy-report-frontend.txt + + Update-ImgTag-Frontend: + runs-on: ubuntu-24.04 + needs: [Image-Vuln-Check-Frontend] + steps: + - name: Checkout Code + uses: actions/checkout@v4 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Update tag in K8s Deployment + run: | + sed -i 's|\(uj5ghare/chatgpt-backend:\)[^[:space:]]*|\1"1.${{ github.run_number }}.${{ github.run_attempt}}"|' k8s/manifests/frontend/deployment.yml + - name: Commit and push changes + run: | + git pull origin ${{ github.ref_name }} + git config --global user.email "${{ secrets.GH_USER_MAIL }}" + git config --global user.name "${{ vars.GH_USER_NAME }}" + git add . + git commit -m "refactor(k8s) updated k8s deployment image tag" + git push + + Deploy-On-Minikube-Frontend: + if: contains(github.event.head_commit.message, 'frontend') + runs-on: ubuntu-24.04 + needs: [Update-ImgTag-Frontend] + defaults: + run: + shell: bash + working-directory: k8s/manifests/frontend/ + steps: + - uses: actions/checkout@v4 + with: + refs: ${{ github.refs_name }} + - name: Start minikube + uses: medyagh/setup-minikube@latest + - name: Try the cluster! + run: kubectl get pods -A + - name: Deploy to minikube + run: | + kubectl apply -f namespace.yml + kubectl apply -f . + - name: Watch the changes + run: | + sleep 20 + kubectl get all -n app + sleep 10 + kubectl get all -n app - Push-To-DockerHub-Frontend: + ################################### BACKEND ############################################### + + Push-To-DockerHub-Backend: + if: contains(github.event.head_commit.message, 'backend') runs-on: ubuntu-24.04 - needs: [Image-Vuln-Check-Frontend] defaults: run: shell: bash - working-directory: frontend/ + working-directory: backend/ steps: - name: Checkout Code uses: actions/checkout@v4 @@ -110,13 +155,15 @@ jobs: username: ${{ vars.DOCKER_USER }} password: ${{ secrets.DOCKER_TOKEN }} - name: Building Docker Image - run: docker build . -t ${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}} + run: docker build . -t ${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}} - name: Pushing Docker Image - run: docker push ${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}} - - Push-To-DockerHub-Backend: + run: docker push ${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}} + + Image-Vuln-Check-Backend: + if: contains(github.event.head_commit.message, 'backend') runs-on: ubuntu-24.04 - needs: [Image-Vuln-Check-Backend] + needs: [Push-To-DockerHub-Backend] + continue-on-error: true defaults: run: shell: bash @@ -124,27 +171,50 @@ jobs: steps: - name: Checkout Code uses: actions/checkout@v4 + - name: Run Trivy Vulnerability Scanner + uses: aquasecurity/trivy-action@0.20.0 with: - ref: ${{ github.ref_name }} - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Login to Docker Registry - uses: docker/login-action@v3 + image-ref: "docker.io/${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}}" + format: "table" + exit-code: "1" + ignore-unfixed: true + output: trivy-report-backend.txt + vuln-type: "os,library" + severity: "CRITICAL,HIGH" + - name: Upload Artifact + uses: actions/upload-artifact@v4 with: - username: ${{ vars.DOCKER_USER }} - password: ${{ secrets.DOCKER_TOKEN }} - - name: Building Docker Image - run: docker build . -t ${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}} - - name: Pushing Docker Image - run: docker push ${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}} + name: trivy-report-backend + path: trivy-report-backend.txt + + Update-ImgTag-Backend: + runs-on: ubuntu-24.04 + needs: [Image-Vuln-Check-Backend] + steps: + - name: Checkout Code + uses: actions/checkout@v4 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Update tag in K8s Deployment + run: | + sed -i 's|\(uj5ghare/chatgpt-backend:\)[^[:space:]]*|\1"1.${{ github.run_number }}.${{ github.run_attempt}}"|' k8s/manifests/backend/deployment.yml + - name: Commit and push changes + run: | + git pull origin ${{ github.ref_name }} + git config --global user.email "${{ secrets.GH_USER_MAIL }}" + git config --global user.name "${{ vars.GH_USER_NAME }}" + git add . + git commit -m "refactor(k8s) updated k8s deployment image tag" + git push - Deploy-On-Minikube: + Deploy-On-Minikube-Backend: + if: contains(github.event.head_commit.message, 'backend') runs-on: ubuntu-24.04 - needs: [Push-To-DockerHub-Frontend, Push-To-DockerHub-Backend] + needs: [Update-ImgTag-Backend] defaults: run: shell: bash - working-directory: k8s/manifests/ + working-directory: k8s/manifests/backend/ steps: - uses: actions/checkout@v4 with: @@ -154,10 +224,12 @@ jobs: - name: Try the cluster! run: kubectl get pods -A - name: Deploy to minikube - run: - kubectl apply -f frontend/namespace.yml - kubectl apply -f frontend/. + run: | + kubectl apply -f namespace.yml + kubectl apply -f . - name: Watch the changes run: | - sleep 20 + sleep 10 + kubectl get all -n app + sleep 10 kubectl get all -n app From 8782f806016a7e334142a474bcc1d3a000a2cbfc Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 19:04:42 +0530 Subject: [PATCH 13/21] Update main.yml --- .github/workflows/main.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 04690ac..1c9436d 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -3,14 +3,21 @@ name: DevOps Engineer Assignment Workflow on: push: branches: [main, dev] + paths: + - .github/workflows/main.yml + - frontend/* + - backend/* + - k8s/manifests/**/* pull_request: - + branches: [main, dev] + - defaults: run: shell: bash jobs: - Build-Test-Frontend: + Build-And-Test: + if: ${{ github.event_name == 'pull_request' }} runs-on: ubuntu-22.04 defaults: run: From a2d00eb5eae888265ab4e986b51b44a7125bc96b Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 19:06:44 +0530 Subject: [PATCH 14/21] test(ci/cdi) testing backend --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 1c9436d..b44dd42 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -9,8 +9,8 @@ on: - backend/* - k8s/manifests/**/* pull_request: - branches: [main, dev] - - + branches: [main] + defaults: run: shell: bash From cc863557e2aacd1216133537441d8df1ccd281fc Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 19:12:50 +0530 Subject: [PATCH 15/21] fix(ci/cd) Update-ImgTag jobs --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index b44dd42..95d3cf8 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -103,7 +103,7 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} - name: Update tag in K8s Deployment run: | - sed -i 's|\(uj5ghare/chatgpt-backend:\)[^[:space:]]*|\1"1.${{ github.run_number }}.${{ github.run_attempt}}"|' k8s/manifests/frontend/deployment.yml + sed -i 's|\(uj5ghare/eng-frontend:\)[^[:space:]]*|\1"1.${{ github.run_number }}.${{ github.run_attempt}}"|' k8s/manifests/frontend/deployment.yml - name: Commit and push changes run: | git pull origin ${{ github.ref_name }} @@ -204,7 +204,7 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} - name: Update tag in K8s Deployment run: | - sed -i 's|\(uj5ghare/chatgpt-backend:\)[^[:space:]]*|\1"1.${{ github.run_number }}.${{ github.run_attempt}}"|' k8s/manifests/backend/deployment.yml + sed -i 's|\(uj5ghare/eng-backend:\)[^[:space:]]*|\1"1.${{ github.run_number }}.${{ github.run_attempt}}"|' k8s/manifests/backend/deployment.yml - name: Commit and push changes run: | git pull origin ${{ github.ref_name }} From 03754baf83061d29f6ad158218c59c898414bd32 Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 19:23:48 +0530 Subject: [PATCH 16/21] test(ci/cd) testing backend --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 95d3cf8..cc46370 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -182,7 +182,7 @@ jobs: uses: aquasecurity/trivy-action@0.20.0 with: image-ref: "docker.io/${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}}" - format: "table" + format: "json" exit-code: "1" ignore-unfixed: true output: trivy-report-backend.txt From f4dac4caf4abd6df0cbe4c42adefd63c38f1e97c Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 19:28:53 +0530 Subject: [PATCH 17/21] test(ci/cd) testing frontend --- .github/workflows/main.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index cc46370..aee1b59 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -15,6 +15,10 @@ defaults: run: shell: bash +permissions: + actions: write + contents: write + jobs: Build-And-Test: if: ${{ github.event_name == 'pull_request' }} From d3241a9b432d40f000e7ffbbdd054ddd48cade3f Mon Sep 17 00:00:00 2001 From: Uj5Ghare Date: Sun, 8 Dec 2024 14:00:57 +0000 Subject: [PATCH 18/21] refactor(k8s) updated k8s deployment image tag --- k8s/manifests/frontend/deployment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/manifests/frontend/deployment.yml b/k8s/manifests/frontend/deployment.yml index 1e2eb35..c3b24ce 100644 --- a/k8s/manifests/frontend/deployment.yml +++ b/k8s/manifests/frontend/deployment.yml @@ -23,7 +23,7 @@ spec: spec: containers: - name: react-con - image: uj5ghare/eng-frontend:latest + image: uj5ghare/eng-frontend:"1.17.1" ports: - containerPort: 3000 imagePullPolicy: Always \ No newline at end of file From 9ad9358101eeaff591ec057fd3c3b2346ccc482c Mon Sep 17 00:00:00 2001 From: ujwal pachghare <131592212+Uj5Ghare@users.noreply.github.com> Date: Sun, 8 Dec 2024 20:05:03 +0530 Subject: [PATCH 19/21] feat(ci/cd) Added slack notification jobs for backend and frontend --- .github/workflows/main.yml | 40 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index aee1b59..6ed9977 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -144,6 +144,26 @@ jobs: sleep 10 kubectl get all -n app + Slack-Notification-Frontend: + if: contains(github.event.head_commit.message, 'frontend') + runs-on: ubuntu-24.04 + needs: [Deploy-On-Minikube-Frontend] + steps: + - name: Post to a Slack channel + uses: slackapi/slack-github-action@v2.0.0 + with: + method: chat.postMessage + token: ${{ secrets.SLACK_BOT_TOKEN }} + payload: | + channel: ${{ secrets.SLACK_CHANNEL_ID }} + text: "GitHub Action build result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}" + blocks: + - type: "section" + text: + type: "mrkdwn" + text: "GitHub Action build result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}" + + ################################### BACKEND ############################################### Push-To-DockerHub-Backend: @@ -244,3 +264,23 @@ jobs: kubectl get all -n app sleep 10 kubectl get all -n app + + Slack-Notification-Backend: + if: contains(github.event.head_commit.message, 'backend') + runs-on: ubuntu-24.04 + needs: [Deploy-On-Minikube-Backend] + steps: + - name: Post to a Slack channel + uses: slackapi/slack-github-action@v2.0.0 + with: + method: chat.postMessage + token: ${{ secrets.SLACK_BOT_TOKEN }} + payload: | + channel: ${{ secrets.SLACK_CHANNEL_ID }} + text: "GitHub Action build result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}" + blocks: + - type: "section" + text: + type: "mrkdwn" + text: "GitHub Action build result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}" + From 5104286404a345761233430bfeb61b2d9bb0d08c Mon Sep 17 00:00:00 2001 From: Uj5Ghare Date: Sun, 8 Dec 2024 14:36:25 +0000 Subject: [PATCH 20/21] refactor(k8s) updated k8s deployment image tag --- k8s/manifests/backend/deployment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/manifests/backend/deployment.yml b/k8s/manifests/backend/deployment.yml index 8941570..57c4661 100644 --- a/k8s/manifests/backend/deployment.yml +++ b/k8s/manifests/backend/deployment.yml @@ -23,7 +23,7 @@ spec: spec: containers: - name: node-con - image: uj5ghare/eng-backend:latest + image: uj5ghare/eng-backend:"1.18.1" ports: - containerPort: 8000 imagePullPolicy: Always \ No newline at end of file From 94b671ba55d8d3a9a2770f1666dc75060827d3ad Mon Sep 17 00:00:00 2001 From: Uj5Ghare Date: Sun, 8 Dec 2024 14:37:21 +0000 Subject: [PATCH 21/21] refactor(k8s) updated k8s deployment image tag --- k8s/manifests/frontend/deployment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/manifests/frontend/deployment.yml b/k8s/manifests/frontend/deployment.yml index c3b24ce..db30350 100644 --- a/k8s/manifests/frontend/deployment.yml +++ b/k8s/manifests/frontend/deployment.yml @@ -23,7 +23,7 @@ spec: spec: containers: - name: react-con - image: uj5ghare/eng-frontend:"1.17.1" + image: uj5ghare/eng-frontend:"1.18.1" ports: - containerPort: 3000 imagePullPolicy: Always \ No newline at end of file