Deployments y grafana #20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: deploy | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| env: | |
| REGISTRY: antarescr | |
| IMAGE_NAME: rest_api | |
| jobs: | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| #Setear Outputs: | |
| #outputs: | |
| # RELEASE_VERSION: ${{ steps.tagVersion.outputs.RELEASE_VERSION }} | |
| steps: | |
| - uses: actions/checkout@v3 # checkout github code | |
| name: Checkout code | |
| with: | |
| fetch-depth: 0 # fetch tags | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| #- name: Get TAG version | |
| ##Crear variable dinamicamente >> $GITHUB_ENV lo mete en variable de Gitactions | |
| # run: echo "RELEASE_VERSION=$(git tag --sort=-creatordate | head -1)" >> $GITHUB_ENV | |
| #- name: Show Tag Version | |
| # id: tagVersion | |
| # run: | | |
| # echo ${{ env.RELEASE_VERSION }} | |
| # # Crea una variable tipo output para ser utilizada en otro JOB | |
| # echo "RELEASE_VERSION=${{ env.RELEASE_VERSION }}" >> $GITHUB_OUTPUT | |
| - name: Build & Push | |
| uses: docker/build-push-action@v3 | |
| with: | |
| push: true | |
| # file: ./path-to-dockerfile | |
| #Agrega version como latest | |
| tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest | |
| #Pone en el tag el valor de la version en variable RELEASE_VERSION | |
| #tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.RELEASE_VERSION }} | |
| build-args: | | |
| APP_ENV=${{ secrets.APP_ENV }} | |
| test: | |
| name: Run test | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Run test | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| - run: npm install | |
| - run: npm run test | |
| - name: Test succeded? | |
| if: ${{ success()}} | |
| run: echo "Test succeded!" | |
| - name: Test failed? | |
| if: ${{ failure()}} | |
| run: | | |
| curl -X POST -H 'Content-type: application/json' --data '{"text":" ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} test failed"}' ${{ secrets.SLACK_WEBHOOK_URL }} | |
| #SonarQube | |
| codeScan: | |
| runs-on: ubuntu-latest | |
| needs: test | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| # Disabling shallow clone is recommended for improving relevancy of reporting | |
| fetch-depth: 0 | |
| - name: SonarCloud Scan | |
| uses: sonarsource/sonarcloud-github-action@master # Ex: v2.1.0, See the latest version at https://github.com/marketplace/actions/sonarcloud-scan | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| #Secret especial ya existe | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| args: > | |
| -Dsonar.organization=${{ secrets.SONAR_ORGANIZATION }} | |
| -Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY }} | |
| - name: Get SonarCloud status | |
| run: | | |
| echo "SONAR_STATUS=$(curl -s -u ${{ secrets.SONAR_TOKEN}}: https://sonarcloud.io/api/qualitygates/project_status?projectKey=${{ secrets.SONAR_PROJECT_KEY }} | jq -r '.projectStatus.status')" >> $GITHUB_ENV | |
| - name: Check Status | |
| if: ${{ env.SONAR_STATUS == 'ERROR' }} | |
| run: exit 1 | |
| #Snyk | |
| security_snyk: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Run Snyk to check Docker images for vulnerabilities | |
| #Aca se indica que queremos scanear node@master para nodejs | |
| uses: snyk/actions/docker@master | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| with: | |
| image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest | |
| #LoadTest | |
| LoadTest: | |
| name: Load Testing | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| name: Checkout code | |
| - name: Set up | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| - name: Install Dependencies | |
| run: | | |
| npm install -g artillery | |
| npm install --save-dev artillery-plugin-ensure | |
| - name: Run container | |
| run: | | |
| docker run -d --name rest-api -p 3000:3000 ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest | |
| - name: Run Load Test | |
| run: | | |
| set -e # Detiene el workflow si la prueba de carga falla. | |
| artillery run loadTest/basic.yaml || exit 1 |