added correct secrets #36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Node.js CI | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
# Step 1: Checkout the code | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
# Step 2: Set up Node.js environment (latest version) | |
- name: Set up Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: "22.x" | |
cache: npm | |
# Step 3: Install dependencies | |
- name: Install Dependencies | |
run: npm ci | |
# Step 4: Build the source code (if applicable) | |
- name: Build Source Code | |
run: npm run build --if-present | |
# Step 5: Run tests | |
- name: Run Tests | |
run: npm test --if-present | |
snyk: | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
# Step 1: Checkout the code | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
# Step 2: Set up Node.js environment (latest version) | |
- name: Set up Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: "22.x" | |
cache: npm | |
# Step 3: Install Snyk | |
- name: Install Snyk | |
run: npm install -g snyk | |
# Step 4: Authenticate Snyk | |
- name: Authenticate Snyk | |
run: snyk auth ${{ secrets.SNYK_TOKEN }} | |
# Step 5: Run Snyk security scan | |
- name: Snyk Security Scan | |
run: snyk test --all-projects | |
sonarqube: | |
needs: snyk | |
runs-on: ubuntu-latest | |
steps: | |
# Step 1: Checkout the code | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
# Step 2: Set up Java 17 (required for SonarQube) | |
- name: Set up Java 17 | |
uses: actions/setup-java@v3 | |
with: | |
distribution: "adopt" | |
java-version: "17" | |
# Step 3: Run SonarQube Scan | |
- name: SonarQube Scan | |
run: | | |
sonar-scanner \ | |
-Dsonar.projectKey=ContInt-backend \ | |
-Dsonar.sources=. \ | |
-Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} \ | |
-Dsonar.login=${{ secrets.SONAR_TOKEN }} | |
docker: | |
needs: sonarqube | |
runs-on: ubuntu-latest | |
steps: | |
# Step 1: Checkout the code | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
# Step 2: Log in to Docker Hub | |
- name: Log in to Docker Hub | |
run: echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_HUB_USERNAME }}" --password-stdin | |
# Step 3: Build Docker image | |
- name: Build Docker Image | |
run: docker build -t gregory789/contint-repository:contint-backend . | |
# Step 4: Push Docker image to Docker Hub | |
- name: Push Docker Image | |
run: docker push gregory789/contint-repository:contint-backend |