-
Notifications
You must be signed in to change notification settings - Fork 4
106 lines (88 loc) · 3.66 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
# Name of the workflow
name: CI Pipeline
# Events that trigger the workflow
on:
push:
branches: [ main, develop, mtoof ] # Trigger on push to main, develop, and mtoof branches
pull_request:
branches: [ main, develop, mtoof ] # Trigger on pull request to main, develop, and mtoof branches
# Define jobs in the workflow
jobs:
setup:
runs-on: ubuntu-latest
steps:
- name: Upgrade setuptools
run: pip install --upgrade setuptools
- name: Checkout code
uses: actions/checkout@v4 # Update to the latest version to use Node.js 20
# Set up Python environment
- name: Set up Python 3.11
uses: actions/setup-python@v4 # Update to the latest version to use Node.js 20
with:
python-version: 3.11 # Use Python version 3.11
# Install project dependencies
- name: Install dependencies
run: |
python -m pip install --upgrade pip # Upgrade pip
pip install -r auth_service/requirements.txt # Install dependencies from auth_service requirements
security:
needs: setup
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4 # Update to the latest version to use Node.js 20
- name: Set up Python 3.11
uses: actions/setup-python@v4 # Update to the latest version to use Node.js 20
with:
python-version: 3.11
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r auth_service/requirements.txt # Install dependencies from auth_service requirements
# Set environment variables for security checks
- name: Set environment variables
run: echo "DJANGO_SECRET_KEY=${{ secrets.DJANGO_SECRET_KEY }}" >> $GITHUB_ENV
# Run security checks
- name: Run security checks
run: |
pip install bandit # Install Bandit for security checks
bandit -r . # Run Bandit on the codebase
build:
needs: [setup, security]
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4 # Update to the latest version to use Node.js 20
- name: Set up Python 3.11
uses: actions/setup-python@v4 # Update to the latest version to use Node.js 20
with:
python-version: 3.11
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r auth_service/requirements.txt # Install dependencies from auth_service requirements
# Set environment variables for Docker build
- name: Set environment variables
run: echo "DJANGO_SECRET_KEY=${{ secrets.DJANGO_SECRET_KEY }}" >> $GITHUB_ENV
# Build the Docker image from auth_service Dockerfile
- name: Build Docker image
run: docker build -t transcendence -f auth_service/Dockerfile .
deploy:
needs: build
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4 # Update to the latest version to use Node.js 20
# Log in to Docker Hub
- name: Deploy to Docker Hub
env:
DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
run: |
echo "${DOCKER_HUB_PASSWORD}" | docker login -u "${DOCKER_HUB_USERNAME}" --password-stdin
docker tag transcendence ${DOCKER_HUB_USERNAME}/transcendence:latest
docker push ${DOCKER_HUB_USERNAME}/transcendence:latest
# Deploy to the server
- name: Deploy to server
run: |
ssh user@server "docker pull ${DOCKER_HUB_USERNAME}/transcendence:latest && docker-compose up --build -d"