Skip to content

Licence for the Ministère de l'Intérieur (#591) #306

Licence for the Ministère de l'Intérieur (#591)

Licence for the Ministère de l'Intérieur (#591) #306

Workflow file for this run

name: 'Canary Build'
on:
push:
branches: [develop]
jobs:
frontend:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Read VERSION
id: package
uses: martinbeentjes/npm-get-version-action@master
- name: Echo VERSION
run: echo ${{ steps.package.outputs.current-version }}
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: all
- name: Setup BuildX
uses: docker/setup-qemu-action@v3
id: buildx
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_NEW_USERNAME }}
password: ${{ secrets.DOCKER_NEW_PASSWORD }}
- name: Build and push Frontend
uses: docker/build-push-action@v6
with:
builder: ${{ steps.buildx.outputs.name }}
file: frontend/Dockerfile
context: frontend
tags: retrospected/frontend:canary
platforms: linux/amd64,linux/arm64
push: true
backend:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Read VERSION
id: package
uses: martinbeentjes/npm-get-version-action@master
- name: Echo VERSION
run: echo ${{ steps.package.outputs.current-version }}
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: all
- name: Setup BuildX
uses: docker/setup-qemu-action@v3
id: buildx
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_NEW_USERNAME }}
password: ${{ secrets.DOCKER_NEW_PASSWORD }}
- name: Build and push Backend
uses: docker/build-push-action@v6
with:
builder: ${{ steps.buildx.outputs.name }}
file: backend/Dockerfile
context: backend
tags: retrospected/backend:canary
platforms: linux/amd64,linux/arm64
push: true
documentation:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Read VERSION
id: package
uses: martinbeentjes/npm-get-version-action@master
- name: Echo VERSION
run: echo ${{ steps.package.outputs.current-version }}
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: all
- name: Setup BuildX
uses: docker/setup-qemu-action@v3
id: buildx
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_NEW_USERNAME }}
password: ${{ secrets.DOCKER_NEW_PASSWORD }}
- name: Build and push Documentation
uses: docker/build-push-action@v6
with:
builder: ${{ steps.buildx.outputs.name }}
file: docs/Dockerfile
context: docs
tags: retrospected/docs:canary
platforms: linux/amd64
push: true
marketing:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Read VERSION
id: package
uses: martinbeentjes/npm-get-version-action@master
- name: Echo VERSION
run: echo ${{ steps.package.outputs.current-version }}
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: all
- name: Setup BuildX
uses: docker/setup-qemu-action@v3
id: buildx
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_NEW_USERNAME }}
password: ${{ secrets.DOCKER_NEW_PASSWORD }}
- name: Build and push Marketing
uses: docker/build-push-action@v6
with:
builder: ${{ steps.buildx.outputs.name }}
file: marketing/Dockerfile
context: marketing
tags: retrospected/marketing:canary
platforms: linux/amd64
push: true
maintenance:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Read VERSION
id: package
uses: martinbeentjes/npm-get-version-action@master
- name: Echo VERSION
run: echo ${{ steps.package.outputs.current-version }}
- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: all
- name: Setup BuildX
uses: docker/setup-qemu-action@v3
id: buildx
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_NEW_USERNAME }}
password: ${{ secrets.DOCKER_NEW_PASSWORD }}
- name: Build and push Maintenance
uses: docker/build-push-action@v6
with:
builder: ${{ steps.buildx.outputs.name }}
file: maintenance/Dockerfile
context: maintenance
tags: retrospected/maintenance:canary
platforms: linux/amd64
push: true
integration:
runs-on: ubuntu-latest
needs: [frontend, backend]
steps:
- uses: actions/checkout@v4
- name: Run Integration Tests
run: docker compose -f ./integration/docker-compose.ci.canary.yml up --exit-code-from cypress
- uses: actions/upload-artifact@v3
if: always()
with:
name: Test videos
path: integration/cypress/videos
retention-days: 14
trivy:
runs-on: ubuntu-latest
needs: [frontend, backend, marketing]
steps:
- name: Trivy - Frontend
uses: aquasecurity/trivy-action@master
with:
image-ref: retrospected/frontend:canary
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL'
- name: Trivy - Backend
uses: aquasecurity/trivy-action@master
with:
image-ref: retrospected/backend:canary
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL'
- name: Trivy - Marketing
uses: aquasecurity/trivy-action@master
with:
image-ref: retrospected/marketing:canary
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL'