Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updated forms-flow-bpm-cd.yml: Added Dynamic url Handling #2537

Closed
wants to merge 17 commits into from
+74 −12
Closed

Updated forms-flow-bpm-cd.yml: Added Dynamic url Handling #2537

Changes from 1 commit
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
36db8ca
Updated bpm url
sethu-aot Jan 21, 2025
e1271ee
removed docker_name
sethu-aot Jan 21, 2025
0835a3d
updated branch
sethu-aot Jan 21, 2025
4cb92b6
Updated bpm
sethu-aot Jan 21, 2025
cf1b490
updated branch
sethu-aot Jan 21, 2025
8b7fafa
updated dynamic url fetching
sethu-aot Jan 21, 2025
cf03cda
Updated dynamic url fetching
sethu-aot Jan 21, 2025
d7f9d70
Enhanced curl
sethu-aot Jan 21, 2025
e5ac558
updated dev url
sethu-aot Jan 21, 2025
3df14cb
enhanced curl error handling
sethu-aot Jan 21, 2025
2723667
updated dev url
sethu-aot Jan 21, 2025
fe33d3b
updated urls
sethu-aot Jan 21, 2025
13f869b
updated url handling
sethu-aot Jan 21, 2025
bb4cf44
updated url handling
sethu-aot Jan 21, 2025
ff9801e
Updated forms-flow-bpm-cd.yml: Added Dynamic url Handling
sethu-aot Jan 21, 2025
0bb7b72
Merge branch 'AOT-Technologies:develop' into develop
sethu-aot Jan 21, 2025
be51166
Updated variables
sethu-aot Jan 21, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Updated bpm
@sethu-aot
sethu-aot committed Jan 21, 2025
commit 4cb92b665d0911998cad3de36093b7525a31d927
160 changes: 13 additions & 147 deletions .github/workflows/forms-flow-bpm-cd.yml
View file
Original file line number Diff line number Diff line change
@@ -1,146 +1,14 @@
name: Push Forms flow BPM to registry
name: Test ZAP Scan

on:
workflow_dispatch:
push:
branches:
- develop
paths:
- "forms-flow-bpm/**"
- "VERSION"
workflow_dispatch: # Allow manual triggers for testing

defaults:
run:
shell: bash
working-directory: ./forms-flow-bpm

jobs:
# build-and-push-image-to-dockerhub:
# if: github.repository == 'AOT-Technologies/forms-flow-ai'
# runs-on: ubuntu-latest
# strategy:
# matrix:
# include:
# - image: formsflow/forms-flow-bpm
# context: forms-flow-bpm
# dockerfile: Dockerfile
# name: forms-flow-bpm
# permissions:
# contents: read
# packages: write
# security-events: write
# steps:
# - name: Checkout repository
# uses: actions/checkout@v2
# - name: Set up Docker Buildx
# id: buildx
# uses: docker/setup-buildx-action@v1
# with:
# install: true
# - name: Set version
# if: ${{ github.ref != 'refs/heads/master' }}
# working-directory: .
# run: |
# VER=$(cat VERSION)
# echo "VERSION=$VER" >> $GITHUB_ENV

# - name: Set version
# if: ${{ github.ref == 'refs/heads/master' }}
# working-directory: .
# run: |
# VER=$(cat VERSION)
# VER=${VER/-alpha/''}
# echo "VERSION=$VER" >> $GITHUB_ENV

# - run: echo ${{ env.VERSION }}

# - name: Docker meta
# id: meta
# uses: docker/metadata-action@v3
# with:
# images: ${{ matrix.image }}
# tags: ${{ env.VERSION }}

# - name: Log in to the Container registry
# uses: docker/login-action@v1
# with:
# # registry: ${{ env.REGISTRY }}
# username: ${{ secrets.DOCKER_USERNAME }}
# password: ${{ secrets.DOCKER_ACCESS_TOKEN }}

# - name: Cache Docker layers
# uses: actions/cache@v2
# with:
# path: /tmp/.buildx-cache
# key: ${{ runner.os }}-buildx-${{ matrix.name }}-${{ github.sha }}
# restore-keys: |
# ${{ runner.os }}-buildx-${{ matrix.name }}
# - name: Build and push Docker image
# if: ${{ github.ref != 'refs/heads/master' }}
# uses: docker/build-push-action@v4
# with:
# context: forms-flow-bpm
# push: true
# file: forms-flow-bpm/Dockerfile
# platforms: linux/amd64,linux/arm64/v8
# tags: ${{ steps.meta.outputs.tags }}
# labels: ${{ steps.meta.outputs.labels }}
# - name: Build and push Docker image
# if: ${{ github.ref == 'refs/heads/master' }}
# uses: docker/build-push-action@v2
# with:
# context: forms-flow-bpm
# push: true
# platforms: linux/amd64,linux/arm64/v8
# file: forms-flow-bpm/Dockerfile
# tags: ${{ steps.meta.outputs.tags }}, formsflow/forms-flow-bpm:latest
# labels: ${{ steps.meta.outputs.labels }}
# # - name: Build and push Docker image - arm64
# # uses: docker/build-push-action@v4
# # with:
# # context: forms-flow-bpm
# # file: forms-flow-bpm/Dockerfile-ARM64
# # push: true
# # platforms: linux/arm64/v8
# # tags: ${{ steps.meta.outputs.tags }}-arm64
# # labels: ${{ steps.meta.outputs.labels }}
# - name: Scan Docker image 🐳
# uses: snyk/actions/docker@master
# continue-on-error: true
# with:
# image: ${{ steps.meta.outputs.tags }}
# args: --severity-threshold=high --sarif-file-output=snyk.sarif
# env:
# SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

# - name: Upload Snyk report as sarif 📦
# uses: github/codeql-action/upload-sarif@v2
# with:
# sarif_file: snyk.sarif
# #####
# - name: Set up AWS CLI
# uses: aws-actions/configure-aws-credentials@v1
# with:
# aws-access-key-id: ${{ secrets.AWS_DEPLOYMENT_ACCESS_KEY_ID }}
# aws-secret-access-key: ${{ secrets.AWS_DEPLOYMENT_SECRET_ACCESS_KEY }}
# aws-region: ca-central-1 # Change this to your desired region
# - name: Install kubectl
# run: |
# curl -LO "https://dl.k8s.io/release/$(curl -Ls https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
# chmod +x kubectl
# sudo mv kubectl /usr/local/bin/
# - name: Update Kube config
# run: aws eks update-kubeconfig --region ca-central-1 --name ${{ secrets.DEV_EKS_CLUSTER }}
# - name: Deploy to eks
# run: |
# kubectl -n ${{ secrets.DEV_OPENSOURCE_NAMESPACE }} patch deployment forms-flow-bpm -p '{"spec":{"template":{"spec":{"containers":[{"name":"forms-flow-bpm","image":"docker.io/formsflow/forms-flow-bpm:${{ env.VERSION }}"}]}}}}'
# kubectl -n ${{ secrets.DEV_OPENSOURCE_NAMESPACE }} rollout restart deployment forms-flow-bpm

zap_scan:
runs-on: ubuntu-latest
name: Scan the application
steps:
- name: Checkout
- name: Checkout repository
uses: actions/checkout@v2
with:
ref: master
@@ -149,8 +17,6 @@ jobs:
uses: zaproxy/action-full-scan@v0.8.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
# docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
# target: ${{ secrets.BPM_TARGET_URL }}
target: 'https://forms-flow-bpm-qa.aot-technologies.com/camunda'
rules_file_name: '.zap/rules.tsv'

@@ -159,13 +25,13 @@ jobs:
sudo apt-get update
sudo apt-get install -y awscli

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.REGION }}

- name: Upload ZAP Report to S3
run: |
aws s3 cp report_html.html s3://zap-report-formsflow/zap-reports/zap-report-$(date +%Y-%m-%d_%H-%M-%S).html
# - name: Configure AWS credentials
# uses: aws-actions/configure-aws-credentials@v1
# with:
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws-region: ${{ secrets.REGION }}

# - name: Upload ZAP Report to S3
# run: |
# aws s3 cp report_html.html s3://zap-report-formsflow/zap-reports/zap-report-$(date +%Y-%m-%d_%H-%M-%S).html