more testing of subscription #130
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build & Push Production Docker Image | |
| on: | |
| push: | |
| branches: [ "*" ] | |
| pull_request: | |
| branches: [ "*" ] | |
| jobs: | |
| unit-test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.21.3' | |
| - name: Install dependencies for go | |
| run: go mod download | |
| - name: Unit Testing | |
| run: go test -v ./... | |
| - name: Generate coverage report | |
| run: go test -coverprofile=coverage.out ./... | |
| - name: Upload coverage report | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: coverage-report | |
| path: coverage.out | |
| sonar: | |
| needs: [unit-test] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download coverage report | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: coverage-report | |
| - name: SonarCloud Scan | |
| uses: sonarsource/sonarcloud-github-action@master | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| snyk: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Run Snyk to check for golang vulnerabilities | |
| uses: snyk/actions/golang@master | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| with: | |
| args: --severity-threshold=high --fail-on=all | |
| build: | |
| needs: [sonar, snyk, unit-test] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker Repository | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ secrets.DOCKER_REGISTRY }} | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_TOKEN }} | |
| - name: Build the Docker image | |
| run: docker build . --file Dockerfile --tag ${{ secrets.DOCKER_REPO }}:latest | |
| - name: Run Snyk to check Docker image for vulnerabilities | |
| uses: snyk/actions/docker@master | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| with: | |
| image: ${{ secrets.DOCKER_REPO }}:latest | |
| args: --severity-threshold=high --fail-on=all | |
| - name: Push the Docker image | |
| run: docker push ${{ secrets.DOCKER_REPO }}:latest | |
| if: github.ref == 'refs/heads/main' | |
| - name: Notify IRC Success | |
| run: | | |
| export COMMIT_MSG=$(git log -1 --pretty=%B) | |
| export MESSAGE="Build of ${{ secrets.DOCKER_REPO }}:latest completed successfully with commit message: $COMMIT_MSG. See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
| curl -X POST -H "Content-Type: application/json" -d "{\"message\": \"$MESSAGE\", \"password\": \"${{ secrets.WMB_PASSWORD }}\", \"colourcode\": 3}" https://convos.findlayis.me/wmb/message | |
| if: success() | |
| - name: Notify IRC Failure | |
| run: | | |
| export COMMIT_MSG=$(git log -1 --pretty=%B) | |
| export MESSAGE="Build of ${{ secrets.DOCKER_REPO }}:latest failed with commit message: $COMMIT_MSG. See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
| curl -X POST -H "Content-Type: application/json" -d "{\"message\": \"$MESSAGE\", \"password\": \"${{ secrets.WMB_PASSWORD }}\", \"colourcode\": 4}" https://convos.findlayis.me/wmb/message | |
| if: failure() | |
| deploy: | |
| needs: [build] | |
| if: github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Deploy image to production | |
| uses: appleboy/ssh-action@master | |
| with: | |
| host: ${{ secrets.SSH_HOST }} | |
| username: ${{ secrets.SSH_USERNAME }} | |
| key: ${{ secrets.SSH_SECRET }} | |
| port: 22 | |
| script: | | |
| cd /srv/wmb | |
| docker compose pull | |
| docker compose up -d |