Skip to content

Merge pull request #2475 from shuhaib-aot/feature/FWF-4160 #191

Merge pull request #2475 from shuhaib-aot/feature/FWF-4160

Merge pull request #2475 from shuhaib-aot/feature/FWF-4160 #191

name: forms-flow-web-CD
on:
workflow_dispatch:
push:
branches:
- master
- develop
- release/*
paths:
- "forms-flow-web/**"
- "VERSION"
defaults:
run:
shell: bash
jobs:
build:
if: github.repository == 'AOT-Technologies/forms-flow-ai'
name: Build and push artifacts to s3
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '16.20.0'
- run: npm ci
working-directory: ./forms-flow-web
- run: npm run build
working-directory: ./forms-flow-web
- uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.REGION }}
- name: Set version
if: ${{ github.ref != 'refs/heads/master' }}
working-directory: .
run: |
VER=$(cat VERSION)
echo "VERSION=$VER" >> $GITHUB_ENV
- name: Set version
if: ${{ github.ref == 'refs/heads/master' }}
working-directory: .
run: |
VER=$(cat VERSION)
VER=${VER/-alpha/''}
echo "VERSION=$VER" >> $GITHUB_ENV
- run: echo ${{ env.VERSION }}
- run: npm ci
working-directory: ./forms-flow-web/scripts
- run: node index
env:
BUCKET: ${{ secrets.BUCKET}}
VERSION: ${{ env.VERSION }}
working-directory: ./forms-flow-web/scripts
zap_scan:
runs-on: ubuntu-latest
name: Scan the web application
steps:
- name: Checkout
uses: actions/checkout@v2
with:
ref: master
- name: ZAP Scan
uses: zaproxy/[email protected]
with:
working-directory: zap-reports
token: ${{ secrets.GITHUB_TOKEN }}
docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
target: ${{ secrets.WEB_TARGET_URL }}
rules_file_name: '.zap/rules.tsv'
- name: Install AWS CLI
run: |
sudo apt-get update
sudo apt-get install -y awscli
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.REGION }}
- name: Upload ZAP Report to S3
run: |
aws s3 cp report_html.html s3://zap-report-formsflow/zap-reports/zap-report-$(date +%Y-%m-%d_%H-%M-%S).html