Skip to content

Commit

Permalink
refactor(ci/cd) Update main.yml
Browse files Browse the repository at this point in the history
  • Loading branch information
@Uj5Ghare
Uj5Ghare authored Dec 8, 2024
1 parent 8bae55a commit 1d9ca17
Showing 1 changed file with 145 additions and 73 deletions.
218 changes: 145 additions & 73 deletions .github/workflows/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,93 +10,138 @@ defaults:
shell: bash

jobs:
# Build:
# runs-on: ubuntu-22.04
# defaults:
# run:
# shell: bash
# working-directory: ./frontend
# steps:
# - name: Checkout Code
# uses: actions/checkout@v4
# with:
# refs: ${{ github.refs_name }}
# - name: Setup node
# uses: actions/setup-node@v4
# with:
# node-version: '14.21.3'
# - name: Install dependencies
# run: npm install
# - name: Create production build folder
# run: npm run build --if-present
Build-Test-Frontend:
runs-on: ubuntu-22.04
defaults:
run:
shell: bash
working-directory: ./backend
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
refs: ${{ github.refs_name }}
- name: Setup node
uses: actions/setup-node@v4
with:
node-version: '14.21.3'
- name: Install dependencies
run: npm install
- name: Create production build folder
run: npm run build --if-present
- name: Testing API
run: npm test

Image-Vuln-Check-Frontend:
################################### FRONTEND ###############################################

Push-To-DockerHub-Frontend:
if: contains(github.event.head_commit.message, 'frontend')
runs-on: ubuntu-24.04
continue-on-error: true
defaults:
run:
shell: bash
working-directory: frontend/
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
ref: ${{ github.ref_name }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build Docker Image
run: docker build -t docker.io/${{ vars.DOCKER_USER }}/eng-frontend:${{ github.sha }} .
- name: Run Trivy Vulnerability Scanner
uses: aquasecurity/[email protected]
with:
image-ref: "docker.io/${{ vars.DOCKER_USER }}/eng-frontend:${{ github.sha }}"
format: "table"
exit-code: "1"
ignore-unfixed: true
output: trivy-report-frontend.txt
vuln-type: "os,library"
severity: "CRITICAL,HIGH"
- name: Upload Artifact
uses: actions/upload-artifact@v4
- name: Login to Docker Registry
uses: docker/login-action@v3
with:
name: trivy-report-frontend
path: trivy-report-frontend.txt
username: ${{ vars.DOCKER_USER }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Building Docker Image
run: docker build . -t ${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}}
- name: Pushing Docker Image
run: docker push ${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}}

Image-Vuln-Check-Backend:
Image-Vuln-Check-Frontend:
if: contains(github.event.head_commit.message, 'frontend')
runs-on: ubuntu-24.04
needs: [Push-To-DockerHub-Frontend]
continue-on-error: true
defaults:
run:
shell: bash
working-directory: backend/
working-directory: frontend/
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build Docker Image
run: docker build -t docker.io/${{ vars.DOCKER_USER }}/eng-backend:${{ github.sha }} .
- name: Run Trivy Vulnerability Scanner
uses: aquasecurity/[email protected]
with:
image-ref: "docker.io/${{ vars.DOCKER_USER }}/eng-backend:${{ github.sha }}"
image-ref: "docker.io/${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}}"
format: "table"
exit-code: "1"
ignore-unfixed: true
output: trivy-report-backend.txt
output: trivy-report-frontend.txt
vuln-type: "os,library"
severity: "CRITICAL,HIGH"
- name: Upload Artifact
uses: actions/upload-artifact@v4
with:
name: trivy-report-backend
path: trivy-report-backend.txt
name: trivy-report-frontend
path: trivy-report-frontend.txt

Update-ImgTag-Frontend:
runs-on: ubuntu-24.04
needs: [Image-Vuln-Check-Frontend]
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Update tag in K8s Deployment
run: |
sed -i 's|\(uj5ghare/chatgpt-backend:\)[^[:space:]]*|\1"1.${{ github.run_number }}.${{ github.run_attempt}}"|' k8s/manifests/frontend/deployment.yml
- name: Commit and push changes
run: |
git pull origin ${{ github.ref_name }}
git config --global user.email "${{ secrets.GH_USER_MAIL }}"
git config --global user.name "${{ vars.GH_USER_NAME }}"
git add .
git commit -m "refactor(k8s) updated k8s deployment image tag"
git push
Deploy-On-Minikube-Frontend:
if: contains(github.event.head_commit.message, 'frontend')
runs-on: ubuntu-24.04
needs: [Update-ImgTag-Frontend]
defaults:
run:
shell: bash
working-directory: k8s/manifests/frontend/
steps:
- uses: actions/checkout@v4
with:
refs: ${{ github.refs_name }}
- name: Start minikube
uses: medyagh/setup-minikube@latest
- name: Try the cluster!
run: kubectl get pods -A
- name: Deploy to minikube
run: |
kubectl apply -f namespace.yml
kubectl apply -f .
- name: Watch the changes
run: |
sleep 20
kubectl get all -n app
sleep 10
kubectl get all -n app
Push-To-DockerHub-Frontend:
################################### BACKEND ###############################################

Push-To-DockerHub-Backend:
if: contains(github.event.head_commit.message, 'backend')
runs-on: ubuntu-24.04
needs: [Image-Vuln-Check-Frontend]
defaults:
run:
shell: bash
working-directory: frontend/
working-directory: backend/
steps:
- name: Checkout Code
uses: actions/checkout@v4
Expand All @@ -110,41 +155,66 @@ jobs:
username: ${{ vars.DOCKER_USER }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Building Docker Image
run: docker build . -t ${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}}
run: docker build . -t ${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}}
- name: Pushing Docker Image
run: docker push ${{ vars.DOCKER_USER }}/eng-frontend:1.${{ github.run_number }}.${{ github.run_attempt}}

Push-To-DockerHub-Backend:
run: docker push ${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}}

Image-Vuln-Check-Backend:
if: contains(github.event.head_commit.message, 'backend')
runs-on: ubuntu-24.04
needs: [Image-Vuln-Check-Backend]
needs: [Push-To-DockerHub-Backend]
continue-on-error: true
defaults:
run:
shell: bash
working-directory: backend/
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Run Trivy Vulnerability Scanner
uses: aquasecurity/[email protected]
with:
ref: ${{ github.ref_name }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Registry
uses: docker/login-action@v3
image-ref: "docker.io/${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}}"
format: "table"
exit-code: "1"
ignore-unfixed: true
output: trivy-report-backend.txt
vuln-type: "os,library"
severity: "CRITICAL,HIGH"
- name: Upload Artifact
uses: actions/upload-artifact@v4
with:
username: ${{ vars.DOCKER_USER }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Building Docker Image
run: docker build . -t ${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}}
- name: Pushing Docker Image
run: docker push ${{ vars.DOCKER_USER }}/eng-backend:1.${{ github.run_number }}.${{ github.run_attempt}}
name: trivy-report-backend
path: trivy-report-backend.txt

Update-ImgTag-Backend:
runs-on: ubuntu-24.04
needs: [Image-Vuln-Check-Backend]
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Update tag in K8s Deployment
run: |
sed -i 's|\(uj5ghare/chatgpt-backend:\)[^[:space:]]*|\1"1.${{ github.run_number }}.${{ github.run_attempt}}"|' k8s/manifests/backend/deployment.yml
- name: Commit and push changes
run: |
git pull origin ${{ github.ref_name }}
git config --global user.email "${{ secrets.GH_USER_MAIL }}"
git config --global user.name "${{ vars.GH_USER_NAME }}"
git add .
git commit -m "refactor(k8s) updated k8s deployment image tag"
git push
Deploy-On-Minikube:
Deploy-On-Minikube-Backend:
if: contains(github.event.head_commit.message, 'backend')
runs-on: ubuntu-24.04
needs: [Push-To-DockerHub-Frontend, Push-To-DockerHub-Backend]
needs: [Update-ImgTag-Backend]
defaults:
run:
shell: bash
working-directory: k8s/manifests/
working-directory: k8s/manifests/backend/
steps:
- uses: actions/checkout@v4
with:
Expand All @@ -154,10 +224,12 @@ jobs:
- name: Try the cluster!
run: kubectl get pods -A
- name: Deploy to minikube
run:
kubectl apply -f frontend/namespace.yml
kubectl apply -f frontend/.
run: |
kubectl apply -f namespace.yml
kubectl apply -f .
- name: Watch the changes
run: |
sleep 20
sleep 10
kubectl get all -n app
sleep 10
kubectl get all -n app

0 comments on commit 1d9ca17

Please sign in to comment.