diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml new file mode 100644 index 00000000..53d069df --- /dev/null +++ b/.github/workflows/build.yaml @@ -0,0 +1,40 @@ +name: Build and Deploy + +on: + push: + branches: + - development + +jobs: + build-and-push-docker-image: + name: Build and push a new docker image + runs-on: ubuntu-latest + steps: + - name: Checkout the source code from the Github repository + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + timeout-minutes: 5 + + - name: Create Tag + id: tag + run: echo "tag=frontend-${{ github.ref_name }}-$(git rev-parse --short HEAD)-$(date +%s)" >> $GITHUB_OUTPUT + timeout-minutes: 5 + + - name: Login to ECR + uses: docker/login-action@v3 + with: + registry: ${{ secrets.AWS_ECR_REGISTRY }} + username: ${{ secrets.AWS_ECR_ACCESS_KEY_ID}} + password: ${{ secrets.AWS_ECR_SECRET_ACCESS_KEY }} + timeout-minutes: 5 + + - name: Build and Push Docker Image + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.local + push: true + tags: ${{ secrets.AWS_ECR_REGISTRY }}/${{ vars.AWS_ECR_REPOSITORY_APP }}:${{ steps.tag.outputs.tag }} + timeout-minutes: 5 diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml deleted file mode 100644 index b2699839..00000000 --- a/.github/workflows/codacy.yml +++ /dev/null @@ -1,61 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -# This workflow checks out code, performs a Codacy security scan -# and integrates the results with the -# GitHub Advanced Security code scanning feature. For more information on -# the Codacy security scan action usage and parameters, see -# https://github.com/codacy/codacy-analysis-cli-action. -# For more information on Codacy Analysis CLI in general, see -# https://github.com/codacy/codacy-analysis-cli. - -name: Codacy Security Scan - -on: - push: - branches: [ "development", "master" ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ "development" ] - schedule: - - cron: '36 12 * * 3' - -permissions: - contents: read - -jobs: - codacy-security-scan: - permissions: - contents: read # for actions/checkout to fetch code - security-events: write # for github/codeql-action/upload-sarif to upload SARIF results - actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status - name: Codacy Security Scan - runs-on: ubuntu-latest - steps: - # Checkout the repository to the GitHub Actions runner - - name: Checkout code - uses: actions/checkout@v4 - - # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis - - name: Run Codacy Analysis CLI - uses: codacy/codacy-analysis-cli-action@d840f886c4bd4edc059706d09c6a1586111c540b - with: - # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository - # You can also omit the token and run the tools that support default configurations - project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} - verbose: true - output: results.sarif - format: sarif - # Adjust severity of non-security issues - gh-code-scanning-compat: true - # Force 0 exit code to allow SARIF file generation - # This will handover control about PR rejection to the GitHub side - max-allowed-issues: 2147483647 - - # Upload the SARIF file generated in the previous step - - name: Upload SARIF results file - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: results.sarif diff --git a/.github/workflows/dev-branch-pr-deployment-pipeline.yml b/.github/workflows/dev-branch-pr-deployment-pipeline.yml deleted file mode 100644 index c0359624..00000000 --- a/.github/workflows/dev-branch-pr-deployment-pipeline.yml +++ /dev/null @@ -1,75 +0,0 @@ -name: Build and Deploy - -on: - push: - branches: - - development - -jobs: - build-and-push-docker-image: - name: Build and push a new docker image - runs-on: ubuntu-latest - steps: - - name: Checkout the source code from the Github repository - uses: actions/checkout@v4 - - - name: Login to Dockerhub - uses: docker/login-action@v3 - with: - username: ${{ vars.DOCKER_HUB_ACCOUNT_NAME }} - password: ${{ secrets.DOCKER_HUB_TOKEN }} - - - name: Build a new docker image - run: docker build -t ${{ vars.DOCKER_HUB_ACCOUNT_NAME }}/${{ vars.DOCKER_IMAGE_NAME }}:latest-version . - - - name: Push a new docker image into Dockerhub - run: docker push ${{ vars.DOCKER_HUB_ACCOUNT_NAME }}/${{ vars.DOCKER_IMAGE_NAME }}:latest-version - - deploy-app-to-server: - name: Deploy application to remote server via SSH - runs-on: ubuntu-latest - needs: build-and-push-docker-image - steps: - - name: Set DOCKER_IMAGE_TAG - run: echo "DOCKER_IMAGE_TAG=latest" >> $GITHUB_ENV - - - name: Deploy image via SSH - uses: appleboy/ssh-action@v1.0.0 - with: - host: ${{ secrets.DEV_SSH_HOST }} - port: ${{ secrets.DEV_SSH_PORT }} - username: ${{ secrets.DEV_SSH_USER }} - password: ${{ secrets.DEV_SSH_PASSWORD }} - script: | - echo "${{ secrets.DOCKER_HUB_TOKEN }}" | docker login -u ${{ vars.DOCKER_HUB_ACCOUNT_NAME }} --password-stdin - docker stop ${{ vars.DOCKER_CONTAINER_NAME }} || true - docker rm ${{ vars.DOCKER_CONTAINER_NAME }} || true - docker rmi ${{ vars.DOCKER_HUB_ACCOUNT_NAME }}/${{ vars.DOCKER_IMAGE_NAME }}:latest-version || true - docker pull ${{ vars.DOCKER_HUB_ACCOUNT_NAME }}/${{ vars.DOCKER_IMAGE_NAME }}:latest-version - docker run -d \ - --name ${{ vars.DOCKER_CONTAINER_NAME }} \ - --network=${{ vars.DOCKER_NETWORK }} \ - -e APP_SERVER_PORT=${{ vars.APP_SERVER_PORT }} \ - -e APP_JWT_SECRET=${{ secrets.APP_JWT_SECRET }} \ - -e APP_JWT_REFRESH_SECRET=${{ secrets.APP_JWT_REFRESH_SECRET }} \ - -e DATASOURCE_PORT=${{ vars.DATASOURCE_PORT }} \ - -e DATASOURCE_NAME=${{ vars.DATASOURCE_NAME }} \ - -e DATASOURCE_USERNAME=${{ vars.DATASOURCE_USERNAME }} \ - -e DATASOURCE_PASSWORD=${{ secrets.DATASOURCE_PASSWORD }} \ - -e DATASOURCE_HOST=${{ vars.DATASOURCE_HOST }} \ - -e AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }} \ - -e AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }} \ - -e AWS_REGION=${{ vars.AWS_REGION }} \ - -e AWS_USER_BUCKET=${{ vars.AWS_USER_BUCKET }} \ - -e AWS_PRODUCT_BUCKET=${{ vars.AWS_PRODUCT_BUCKET }} \ - -e AWS_DEFAULT_PRODUCT_IMAGES_PATH=${{ vars.AWS_DEFAULT_PRODUCT_IMAGES_PATH }} \ - -e GOOGLE_AUTH_CLIENT_ID=${{ vars.GOOGLE_AUTH_CLIENT_ID }} \ - -e GOOGLE_AUTH_CLIENT_SECRET=${{ vars.GOOGLE_AUTH_CLIENT_SECRET }} \ - -e GOOGLE_AUTH_REDIRECT_URI=${{ vars.GOOGLE_AUTH_REDIRECT_URI }} \ - -e REDIS_PORT=${{ vars.REDIS_PORT }} \ - -e SPRING_AI_OPENAI_API_KEY=${{ secrets.SPRING_AI_OPENAI_API_KEY }} \ - -e STRIPE_SECRET_KEY=${{ secrets.STRIPE_SECRET_KEY }} \ - -e STRIPE_WEBHOOK_SECRET=${{ secrets.STRIPE_WEBHOOK_SECRET }} \ - -v ${{ vars.APP_DATA_PATH_ON_THE_REMOTE_SERVER }}:/usr/app/logs \ - -v ${{ vars.APP_DATA_PATH_ON_THE_REMOTE_SERVER }}/products:/usr/app/products \ - zufarexplainedit/iced-latte-backend:latest-version diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml deleted file mode 100644 index 5df831f2..00000000 --- a/.github/workflows/greetings.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: Greetings - -on: - pull_request_target: - types: [opened] - issues: - types: [opened] - -jobs: - greeting: - runs-on: ubuntu-latest - permissions: - issues: write - pull-requests: write - steps: - - name: Greet contributor - uses: actions/first-interaction@v1 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - issue-message: | - Hello there! - - We truly appreciate you taking the time to create a new issue for our project on GitHub. Your input helps us improve and grow. Thank you! - pr-message: | - Hello there! - - Thank you for your contribution! We're delighted to see your Pull Request in our GitHub repository. Your efforts make a difference. Thanks a lot! diff --git a/.github/workflows/dev-branch-pr-build-and-test-pipeline.yaml b/.github/workflows/test.yaml similarity index 100% rename from .github/workflows/dev-branch-pr-build-and-test-pipeline.yaml rename to .github/workflows/test.yaml