Skip to content
This repository has been archived by the owner on Sep 22, 2024. It is now read-only.
Build NGSA-App

Build NGSA-App #246

Sign in to view logs

Build NGSA-App

Build NGSA-App #246

Workflow file for this run

.github/workflows/ngsa.yaml at e9549ac
name: Build NGSA-App
on:
schedule:
# Run Sunday at 6:00 AM UTC
- cron: "0 6 * * 0"
push:
branches:
- main
paths:
- 'Dockerfile'
- '*.csproj'
- '**.cs'
- '.github/workflows/ngsa.yaml'
- 'autogitops/**'
jobs:
build:
runs-on: ubuntu-20.04
env:
DOCKER_REPO: ghcr.io/retaildevcrews/ngsa-app
steps:
- uses: actions/checkout@v2
- name: Login to Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ secrets.GHCR_ID }}
password: ${{ secrets.GHCR_PAT }}
- name: Docker Build
run: |
docker build . --progress auto -t image
- name: Grype Scan Image for Vulnerabilities
uses: anchore/scan-action@v3
id: grype
with:
image: "image"
severity-cutoff: critical
acs-report-enable: true
fail-build: true
- name: Upload Grype Vulnerability SARIF report
if: always()
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ${{ steps.grype.outputs.sarif }}
- name: Docker Run and Test - In-Memory
if: (github.event_name == 'schedule')
run: |
docker run -d --name ngsacs -p 8080:8080 image --in-memory
echo "Waiting for web server to start ..."
wait_time=10
sleep $wait_time
# wait up to 30 seconds for web server to start
while true
do
if curl -s localhost:8080/version ; then
echo -e "\n web server is running"
break
fi
# check if container is still running
if [ -z "$(docker ps -q -f name=ngsacs)" ]; then
docker logs ngsacs
exit 1
fi
if [ $wait_time -gt 30 ] ; then
echo -e "\n timeout waiting for web server to start"
exit 1
fi
sleep 1
((wait_time=wait_time+1))
done
docker run --rm --network=host ghcr.io/retaildevcrews/ngsa-lr:beta -s "http://localhost:8080" --max-errors 1 -f benchmark.json baseline.json
- name: Set Secrets
if: (github.event_name == 'schedule')
run: |
mkdir -p /tmp/secrets
echo -n ${{ secrets.NGSA_TEST_COSMOS_RW_KEY}} >| /tmp/secrets/CosmosKey
echo -n ${{ secrets.NGSA_TEST_COSMOS_URL }} >| /tmp/secrets/CosmosUrl
echo -n 'movies' >| /tmp/secrets/CosmosCollection
echo -n 'imdb' >| /tmp/secrets/CosmosDatabase
- name: Docker Run and Test - Cosmos
if: (github.event_name == 'schedule')
run: |
docker run -d --name ngsacscosmos -p 8081:8080 -v /tmp/secrets:/app/secrets:ro image --no-cache
echo "Waiting for web server to start ..."
wait_time=10
sleep $wait_time
# wait up to 30 seconds for web server to start
while true
do
if curl -s localhost:8081/version ; then
echo -e "\n web server is running"
break
fi
# check if container is still running
if [ -z "$(docker ps -q -f name=ngsacscosmos)" ]; then
docker logs ngsacscosmos
exit 1
fi
if [ $wait_time -gt 30 ] ; then
echo -e "\n timeout waiting for web server to start"
exit 1
fi
sleep 1
((wait_time=wait_time+1))
done
echo "Running Cosmos benchmark and baseline"
docker run --rm --network=host ghcr.io/retaildevcrews/ngsa-lr:beta -s "http://localhost:8081" --max-errors 1 -f benchmark.json baseline.json
- name: Delete Secrets
if: (github.event_name == 'schedule')
run: |
rm -rf /tmp/secrets
- name: Docker Tag and Push
run: |
VERSION=$(docker run --rm image --version)
# tag the repo with :beta
docker tag image $DOCKER_REPO:beta
# Push to the repo
docker push -a $DOCKER_REPO
- name: AutoGitOps Pull
run: |
docker pull ghcr.io/retaildevcrews/autogitops:0.3.0
- name: GitOps Deploy
run: |
docker run \
--name ago \
--rm \
-v $(pwd)/autogitops:/ago/autogitops \
ghcr.io/retaildevcrews/autogitops:0.3.0 -r /retaildevcrews/ngsa-asb -p ${{ secrets.GHCR_PAT }}