Update main_rajuapp-devops.yml #12

Workflow file for this run

.github/workflows/main_rajuapp-devops.yml at 751c48f

	name: Docker Build, Scan, and Test

	on:
	push:
	branches:
	- main


	jobs:
	build_scan_test_deploy_prod:
	runs-on: self-hosted
	if: github.ref == 'refs/heads/main'

	steps:
	- name: Checkout code
	uses: actions/checkout@v2

	- name: Set up Node.js
	uses: actions/setup-node@v2
	with:
	node-version: '20.x'

	- name: Install dependencies
	run: npm install

	- name: SonarQube Scan
	run: sonar-scanner -Dsonar.projectKey=my_project -Dsonar.sources=. -Dsonar.host.url=http://sonarqube-server:9000 -Dsonar.login=my_token

	- name: Build Docker image
	run: docker build -t backend:latest .

	- name: Trivy Scan
	run: trivy backend:latest

	- name: Tag Docker image (prod)
	run: docker tag backend:latest docker.io/raju00533/backend:prod-latest

	- name: Push Docker image (prod)
	run: docker push docker.io/raju00533/backend:prod-latest

	- name: Run Docker image (prod)
	run: docker run -d -p 4000:4000 --name backend_prod docker.io/raju00533/backend:prod-latest

	- name: Start OWASP ZAP scan
	run: \|
	zap-baseline.py -t http://localhost:4000 -g gen.conf -r report.html

	- name: ModSecurity Configuration
	run: \|
	# Copy ModSecurity rules to Nginx configuration directory
	sudo mkdir -p /etc/nginx/modsecurity
	sudo cp /rules/*.conf /etc/nginx/modsecurity/
	# Reload Nginx to apply new ModSecurity rules
	sudo nginx -t && sudo systemctl reload nginx

	build_scan_test_deploy_dev:
	runs-on: self-hosted
	if: github.ref == 'refs/heads/dev'

	steps:
	- name: Checkout code
	uses: actions/checkout@v2

	- name: Set up Node.js
	uses: actions/setup-node@v2
	with:
	node-version: '20.x'

	- name: Install dependencies
	run: npm install

	- name: SonarQube Scan
	run: sonar-scanner -Dsonar.projectKey=my_project -Dsonar.sources=. -Dsonar.host.url=http://sonarqube-server:9000 -Dsonar.login=my_token

	- name: Build Docker image
	run: docker build -t backend:latest .

	- name: Trivy Scan
	run: trivy backend:latest

	- name: Tag Docker image (dev)
	run: docker tag backend:latest docker.io/raju00533/backend:dev-latest

	- name: Push Docker image (dev)
	run: docker push docker.io/raju00533/backend:dev-latest

	- name: Run Docker image (dev)
	run: docker run -d -p 4000:4000 --name backend_dev docker.io/raju00533/backend:dev-latest

	- name: Increase version in package.json
	run: \|
	npm version patch -m "Bump version to %s"
	- name: Push changes to repository
	uses: stefanzweifel/git-auto-commit-action@v4
	with:
	commit_message: "Bump version and Docker image tag"
	commit_user_name: "Raju00533"
	commit_user_email: "raju12ghimire@gmail.com"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update main_rajuapp-devops.yml #12

Workflow file

Update main_rajuapp-devops.yml #12

Jobs

Run details

Workflow file for this run