diff --git a/.github/workflows/test_project.yml b/.github/workflows/test_project.yml index 8ef56e6..5c61a57 100644 --- a/.github/workflows/test_project.yml +++ b/.github/workflows/test_project.yml @@ -1,105 +1,68 @@ -name: ${{ github.actor }} executed Build Push Prod +name: "dev test" on: push: - tags: - - 'v[0-9]+\.[0-9]+\.[0-9]+' + branches: + - master + - dev + - 'feature/**' + paths: + - '**.go' + - '**.yml' + - '**.yaml' jobs: - build: + test: runs-on: ubuntu-latest env: TOKEN: ${{ secrets.TOKEN }} USERNAME: ${{ vars.USERNAME }} TAG_VERSION: ${{ github.ref_name }} steps: - - name: echo repo dir - id: repo-url - run: | - echo "repourl=$(echo ${{ github.server_url }} | sed -e 's;https://;;')" >> $GITHUB_OUTPUT - - name: Checkout code uses: actions/checkout@v4 - - name: Setup Quemu - uses: docker/setup-qemu-action@v3 - - - name: Set Up BuildX - uses: docker/setup-buildx-action@v3 - - - name: Login to Docker - uses: docker/login-action@v3 + - name: Setup Go + uses: actions/setup-go@v5 with: - registry: https://git.maximotejeda.com - username: ${{ vars.USERNAME }} - password: ${{ secrets.PWD }} - - - name: calculate short sha - id: calculate-sha + go-version-file: 'go.mod' + - name: run tidy run: | - echo "shortsha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT + go mod tidy + - name: test with go + run: go test -v ./... - - name: Build and push - uses: docker/build-push-action@v6 - with: - context: . - platforms: linux/amd64,linux/arm64 - push: true - tags: "${{ steps.repo-url.outputs.repourl }}/${{ github.repository }}:${{ github.ref_name }}" - build-args: | - version=${{ github.ref_name }} - SHORTSHA=${{ steps.calculate-sha.outputs.shortsha }} - - deploy: + vulnCheck: runs-on: ubuntu-latest - needs: build + needs: test env: TOKEN: ${{ secrets.TOKEN }} - TAG: ${{ github.ref_name }} - PASSWORD: $PWD USERNAME: ${{ vars.USERNAME }} TAG_VERSION: ${{ github.ref_name }} - NATS_SERVICE_URL: "${{ vars.NATS_SERVICE_URL }}" - ENV: "production" - APPLICATION_PORT: "${{ vars.APPLICATION_PORT }}" - DATA_SOURCE_URL: "${{ vars.DATA_SOURCE_URL }}" steps: - - name: echo repo dir - id: repo-url - run: | - echo "repourl=$(echo ${{ github.server_url }} | sed -e 's;https://;;')" >> $GITHUB_OUTPUT - echo "repoName=$(echo ${{ github.repository }} | sed -e 's;${{ github.actor }}/;;')" >> $GITHUB_OUTPUT - echo "${{ github.repository }} | sed -e 's;${{ github.actor }}/;;')" - - name: Checkout code + - name: checkout Code uses: actions/checkout@v4 - - name: install envsubst - run: | - apt update - apt install -y gettext-base - apt clean + - name: go vuln check + uses: golang/govulncheck-action@v1 + with: + go-version-file: 'go.mod' + go-package: ./... - - name: create deployment files + Ci-Lint: + runs-on: ubuntu-latest + needs: vulnCheck env: - IMAGE: "${{ steps.repo-url.outputs.repourl }}/${{ github.repository }}:${{ github.ref_name }}" - REPONAME: "${{ steps.repo-url.outputs.repoName }}" - run: | - envsubst < k8s/deployment.yml.template > k8s/deployment.yml - - name: Download kubectl - run: curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" + TOKEN: ${{ secrets.TOKEN }} + USERNAME: ${{ vars.USERNAME }} + TAG_VERSION: ${{ github.ref_name }} + steps: + - name: Checkout code + uses: actions/checkout@v4 - - name: install kubectl - run: sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl - - - name: insert kube config - run: | - mkdir ~/.kube - export IMAGE="$( echo ${{ github.server_url }} | sed -e 's;https://;;')/${{ github.repository }}:${{ github.ref_name }}" - echo "${{ secrets.KUBECONFIG }}" > ~/.kube/config - - name: check pod - run: kubectl apply -f k8s/deployment.yml - - - name: scale down deployment - continue-on-error: true - run: kubectl scale deployment ${{ steps.repo-url.outputs.repoName }}-grpc --replicas=0 - - - name: scale up deployment - run: kubectl scale deployment ${{ steps.repo-url.outputs.repoName }}-grpc --replicas=1 + - name: Setup Go + uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + - name: CI lint Check + uses: golangci/golangci-lint-action@v6 + with: + only-new-issues: true