-
Notifications
You must be signed in to change notification settings - Fork 0
246 lines (208 loc) · 7.41 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
name: CI/CD master
on:
workflow_run:
workflows:
- golangci-lint
types:
- completed
jobs:
initial:
name: Initializing
runs-on: ${{ matrix.platform }}
if: ${{ github.event.workflow_run.conclusion == 'success' }}
strategy:
matrix:
go-version: ['1.21.x', '1.22.x', '1.23.x']
platform: [ubuntu-latest]
steps:
- uses: actions/checkout@v4
- name: Set up Go ${{ matrix.go-version }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
- name: Go modules Cache
uses: actions/cache@v4
id: go-cache
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ matrix.go-version }}-${{ hashFiles('**/go.sum') }}
restore-keys: ${{ runner.os }}-go-
- if: steps.go-cache.outputs.cache-hit != 'true'
run: go mod download
- name: Install SWAGGER
run: go install github.com/swaggo/swag/cmd/swag@latest
- name: Update SWAGGER
working-directory: ./app
run: swag init --parseDependency --parseDepth=1
- name: Test
run: go test -v -coverprofile=profile.cov -race ./...
- name: Send goveralls coverage
uses: shogo82148/actions-goveralls@v1
with:
path-to-profile: profile.cov
flag-name: Go-${{ matrix.go }}
parallel: true
- name: Build
working-directory: ./app
run: |
CGO_ENABLED=0 GOOS=linux go build \
-ldflags "-X main.version=$(git rev-parse --short HEAD) -X main.buildTime=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" \
-v -o app-${{ matrix.go-version }}
- name: Upload Build results
uses: actions/upload-artifact@v4
with:
name: Go-results-${{ matrix.go-version }}
path: ./app/app-${{ matrix.go-version }}
check-coverage:
name: Check coverage
needs: [initial]
runs-on: ubuntu-latest
steps:
- uses: shogo82148/actions-goveralls@v1
with:
parallel-finished: true
docker-check-vulnerabilities:
runs-on: ubuntu-latest
needs: initial
steps:
- uses: actions/checkout@v4
- name: Checkov Dockerfile Scan
uses: bridgecrewio/[email protected]
with:
directory: .
framework: dockerfile
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarif
Docker-Hub:
if: ${{ github.event_name == 'push' }}
runs-on: ubuntu-latest
needs: docker-check-vulnerabilities
steps:
- uses: actions/checkout@v4
- name: Download the latest artifact
uses: actions/download-artifact@v4
with:
path: app
pattern: Go-results-*
- shell: bash
run: |
latest_version=$(ls -d app/Go-results-*/app-* | sort -V | tail -n 1)
echo $latest_version
mv $latest_version s3stream
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Push to Docker Hub
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: arturmon/s3stream:latest
cache-from: type=gha
cache-to: type=gha,mode=max
Docker-GHCR:
if: ${{ github.event_name == 'push' }}
runs-on: ubuntu-latest
needs: docker-check-vulnerabilities
steps:
- uses: actions/checkout@v4
- name: Download the latest artifact
uses: actions/download-artifact@v4
with:
path: app
pattern: Go-results-*
- shell: bash
run: |
latest_version=$(ls -d app/Go-results-*/app-* | sort -V | tail -n 1)
echo $latest_version
mv $latest_version s3stream
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push to GitHub Container Registry
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: ghcr.io/arturmon/s3stream:latest
cache-from: type=gha
cache-to: type=gha,mode=max
#Clean-old-Deploy:
# if: ${{ github.event_name == 'push' }}
# runs-on: ubuntu-latest
# environment: ${{ vars.ENVIRONMENT_STAGE }}
# needs: Docker
# steps:
# - name: Stop and Remove Old Containers
# uses: appleboy/[email protected]
# with:
# key: ${{ secrets.SSH_PRIVATE_KEY }}
# host: ${{ secrets.REMOTE_HOST }}
# port: 22
# username: ${{ secrets.REMOTE_USER }}
# script: |
# # Stop and remove the old containers
# podman stop albums-app || true
# podman rm albums-app || true
# Remove the old image
# podman rmi docker.io/arturmon/albums:latest || true
#Deploy:
# if: ${{ github.event_name == 'push' }}
# runs-on: ubuntu-latest
# environment: ${{ vars.ENVIRONMENT_STAGE }}
# needs: Clean-old-Deploy
# steps:
# - name: Deploy to Staging server
# uses: appleboy/[email protected]
# with:
# key: ${{ secrets.SSH_PRIVATE_KEY }}
# host: ${{ secrets.REMOTE_HOST }}
# port: 22
# username: ${{ secrets.REMOTE_USER }}
# script: |
# echo "======VERSION======"
# podman version
# echo "======INFO========="
# podman info
# echo "======DEPLOY======="
# podman pod create --name albums -p 3000:3000
# podman run --pod albums --privileged --name postgresql-server \
# -e POSTGRESQL_USERNAME="root" \
# -e POSTGRESQL_PASSWORD="${{ secrets.POSTGRESQL_PASSWORD }}" \
# -e POSTGRESQL_DATABASE="db_issue_album" \
# -d docker.io/bitnami/postgresql:latest
# echo "Up rabbitmq...."
# podman run --pod albums --privileged --name rabbitmq \
# -e RABBITMQ_DEFAULT_USER=user \
# -e RABBITMQ_DEFAULT_PASS=password \
# -d docker.io/rabbitmq:3.12.2
# podman run --pod albums --privileged --name albums-app \
# -e STORAGE_HOST="postgresql-server" \
# -e MQ_BROKER="rabbitmq" \
# -e LOG_LEVEL="info" \
# -d docker.io/arturmon/albums:latest
# - name: Wait for Albums App to Start
# uses: appleboy/[email protected]
# with:
# key: ${{ secrets.SSH_PRIVATE_KEY }}
# host: ${{ secrets.REMOTE_HOST }}
# port: 22
# username: ${{ secrets.REMOTE_USER }}
# script: |
# # Wait for the albums-app container to be up and running
# while ! podman inspect -f '{{.State.Running}}' albums-app; do sleep 5; done