-
Notifications
You must be signed in to change notification settings - Fork 1
89 lines (82 loc) · 2.37 KB
/
workflows.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
name: Workflow
on:
push:
branches:
- main
- staging
pull_request:
jobs:
build:
continue-on-error: False
runs-on: ubuntu-latest
steps:
# Clone the code and install required modules
- uses: actions/checkout@v2
- name: Install modules
run: yarn
# Run linters
- name: Run ESLint
run: yarn lint
# Run test
# - name: Run Test
# run: yarn test
docker:
runs-on: ubuntu-latest
needs:
- build
if: contains('
refs/heads/main
', github.ref) || contains('
refs/heads/staging
', github.ref)
env:
BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
steps:
- name: Confirm Image
run: echo "Building image for ${{env.BRANCH_NAME}}"
- name: Checkout
uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: valory
password: ${{ secrets.ACCESS_TOKEN }}
- name: Prepare Staging Env
if: contains('
refs/heads/staging
', github.ref)
uses: docker/build-push-action@v2
with:
context: .
push: true
tags: valory/${{ github.event.repository.name }}:${{env.BRANCH_NAME}}
build-args: "BACKEND_PUBLIC_URL=${{secrets.STAGING_BACKEND_PUBLIC_URL}}"
- name: Prepare Prod Env
if: contains('
refs/heads/main
', github.ref)
uses: docker/build-push-action@v2
with:
context: .
push: true
tags: valory/${{ github.event.repository.name }}:${{env.BRANCH_NAME}}
build-args: "BACKEND_PUBLIC_URL=${{secrets.PROD_BACKEND_PUBLIC_URL}}"
scan:
name: gitleaks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: actions/setup-go@v3
with:
go-version: "1.17.7"
- run: |
wget https://github.com/zricethezav/gitleaks/releases/download/v8.10.1/gitleaks_8.10.1_linux_x64.tar.gz && \
tar -xzf gitleaks_8.10.1_linux_x64.tar.gz && \
sudo install gitleaks /usr/bin && \
gitleaks detect --report-format json --report-path leak_report