CI/CD

Succes #54

Workflow file for this run

	name: CI/CD

	on:
	push:
	branches:
	- main
	- master
	pull_request:

	permissions:
	contents: read

	jobs:
	build-and-test:
	runs-on: ubuntu-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Set up Node.js
	uses: actions/setup-node@v4
	with:
	node-version: "18"
	cache: "npm"

	- name: Install dependencies
	run: npm ci

	- name: Run tests
	run: npm test

	- name: Build Auth service image
	run: docker build -t auth-service ./auth

	- name: Build Product service image
	run: docker build -t product-service ./product

	- name: Build Order service image
	run: docker build -t order-service ./order

	- name: Build API Gateway image
	run: docker build -t api-gateway ./api-gateway

	docker-scout:
	needs: build-and-test
	runs-on: ubuntu-latest
	permissions:
	contents: read
	security-events: write
	strategy:
	matrix:
	include:
	- service: auth
	context: ./auth
	image: auth-service
	- service: product
	context: ./product
	image: product-service
	- service: order
	context: ./order
	image: order-service
	- service: api-gateway
	context: ./api-gateway
	image: api-gateway

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Log in to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKER_NAME }}
	password: ${{ secrets.DOCKER_TOKEN }}

	- name: Build ${{ matrix.service }} image
	run: docker build -t ${{ matrix.image }}:scout ${{ matrix.context }}

	- name: Analyze ${{ matrix.service }} image with Docker Scout
	uses: docker/scout-action@v1
	with:
	command: cves
	image: ${{ matrix.image }}:scout
	sarif-file: ${{ matrix.image }}-docker-scout.sarif
	exit-code: false
	accept-license: true

	- name: Upload Docker Scout results
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: ${{ matrix.image }}-docker-scout.sarif


	push-docker-images:
	needs: build-and-test
	if: github.event_name == 'push' && (github.ref == 'refs/heads/main' \|\| github.ref == 'refs/heads/master')
	runs-on: ubuntu-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Log in to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKER_NAME }}
	password: ${{ secrets.DOCKER_TOKEN }}

	- name: Build and push service images
	env:
	REGISTRY: ${{ secrets.DOCKER_NAME }}
	GIT_SHA: ${{ github.sha }}
	run: \|
	if [ -z "$REGISTRY" ]; then
	echo "Docker Hub username secret is not configured" >&2
	exit 1
	fi

	services=(auth product order api-gateway)
	for service in "${services[@]}"; do
	IMAGE_SHA="$REGISTRY/$service:${GIT_SHA::7}"
	IMAGE_LATEST="$REGISTRY/$service:latest"

	echo "Building and pushing $service..."
	docker build -t "$IMAGE_SHA" -t "$IMAGE_LATEST" "./$service"
	docker push "$IMAGE_SHA"
	docker push "$IMAGE_LATEST"
	done

	- name: Confirm secrets status
	run: \|
	if [ -z "${{ secrets.DOCKER_NAME }}" ] \|\| [ -z "${{ secrets.DOCKER_TOKEN }}" ]; then
	echo "Missing Docker secrets"
	exit 1
	else
	echo "Docker secrets found and used successfully"
	fi

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Succes #54

Workflow file

Succes #54

Uh oh!

Workflow file for this run