added workflow

codewithmuh · codewithmuh · commit c71ead6532c9 · 2024-01-18T12:33:22.000+05:00
diff --git a/.github/workflows/1_pylint.yml b/.github/workflows/1_pylint.yml
@@ -9,7 +9,8 @@ on:
 
 jobs:
   pylint-check:
-    runs-on: ubuntu-latest
+    # runs-on: ubuntu-latest -- Used to run on Github hosting
+    runs-on: self-hosted
 
     steps:
     - name: Checkout code
diff --git a/.github/workflows/2_sonar.yml b/.github/workflows/2_sonar.yml
@@ -0,0 +1,34 @@
+name: Sonar Code Review Workflow
+
+on:
+  workflow_run:
+    workflows: 
+      - Python Syntax Code Quality Check Workflow
+    types:
+      - completed
+     
+jobs:
+  build:
+    name: Build
+     # runs-on: ubuntu-latest -- Used to run on Github hosting
+    runs-on: self-hosted
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - uses: sonarsource/sonarqube-scan-action@master
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+      # If you wish to fail your job when the Quality Gate is red, uncomment the
+      # following lines. This would typically be used to fail a deployment.
+      # - uses: sonarsource/sonarqube-quality-gate-action@master
+      #   timeout-minutes: 5
+      #   env:
+      #     SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
+
+
+
+
+
diff --git a/.github/workflows/3_build.yml b/.github/workflows/3_build.yml
@@ -0,0 +1,40 @@
+name: Code Build Workflow
+
+on:
+    workflow_run:
+      workflows: 
+        - Sonar Code Review Workflow
+      types:
+        - completed
+        
+jobs:
+  build:
+    name: Build
+     # runs-on: ubuntu-latest -- Used to run on Github hosting
+    runs-on: self-hosted
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Docker build and push
+        run: |
+          docker build -t react-aws-eks-github-actions .
+          docker tag react-aws-eks-github-actions codewithmuh/react-aws-eks-github-actions:latest
+          docker login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_TOKEN }}
+          docker push codewithmuh/react-aws-eks-github-actions:latest
+        env:
+          DOCKER_CLI_ACI: 1
+
+
+      - name: Pull the Docker image On AWS EC2 For tetsing of website
+        run: docker pull sevenajay/tic-tac-toe:latest
+      
+
+      - name: Stop and remove existing container
+        run: |
+            docker stop react-aws-eks-github-actions || true
+            docker rm react-aws-eks-github-actions || true
+  
+      - name: Run the container on AWS EC2 for testing
+        run: docker run -d --name react-aws-eks-github-actions -p 3000:3000 codewithmuh/react-aws-eks-github-actions:latest
+  
diff --git a/.github/workflows/4_trivy.yml b/.github/workflows/4_trivy.yml
@@ -0,0 +1,25 @@
+name: Trivy Image Scan Workflow
+
+on:
+    workflow_run:
+      workflows: 
+        # runs-on: ubuntu-latest -- Used to run on Github hosting
+        - Code Build Workflow
+      types:
+        - completed
+  
+jobs:
+    build:
+      name: Docker Image Scan
+      runs-on: self-hosted
+      steps:
+        - name: Checkout Repository
+          uses: actions/checkout@v2
+
+        - name: Pull the Docker image From DockerHub
+          run: docker pull codewithmuh/react-aws-eks-github-actions:latest
+
+  
+        - name: Trivy image scan
+          run: trivy image codewithmuh/react-aws-eks-github-actions:latest
+  
diff --git a/.github/workflows/5_deploy.yml b/.github/workflows/5_deploy.yml
@@ -0,0 +1,41 @@
+name: Deploy To EKS
+
+on:
+    workflow_run:
+      workflows: 
+        - Trivy Image Scan Workflow
+      types:
+        - completed
+  
+jobs:
+    build:
+      name: Docker Image Scan
+      # runs-on: ubuntu-latest -- Used to run on Github hosting
+      runs-on: self-hosted
+      steps:
+        - name: Checkout Repository
+          uses: actions/checkout@v2
+
+        - name: Pull the Docker image
+          run: docker pull codewithmuh/react-aws-eks-github-actions:latest
+
+  
+        - name: Update kubeconfig
+          run: aws eks --region us-west-1 update-kubeconfig --name EKS_cluster_codewithmuh
+  
+        - name: Deploy to EKS
+          run: kubectl apply -f deployment-service.yml 
+
+
+        - name: Send a Slack Notification
+          if: always()
+          uses: act10ns/slack@v1
+          with:
+            status: ${{ job.status }}
+            steps: ${{ toJson(steps) }}
+            channel: '#git'
+          env:
+            SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+  
+  
+  
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,40 @@
+FROM python:3.12-slim
+
+ENV PYTHONUNBUFFERED 1
+ENV DJANGO_SETTINGS_MODULE=backend.settings
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+        git-core \
+        build-essential \
+        binutils \
+        libproj-dev \
+        gdal-bin \
+        supervisor && \
+    rm -rf /var/lib/apt/lists/*
+
+COPY ./requirements /home/codewithmuh-backend/requirements
+RUN mkdir -p /home/codewithmuh-backend/media
+WORKDIR /home/codewithmuh-backend
+
+
+RUN pip install --upgrade pip
+RUN pip install -r ./requirements/requirements.txt
+
+
+
+EXPOSE 8080
+
+RUN mkdir -p /var/logs/codewithmuh
+
+
+COPY ./build-process/docker-backend-django/scripts /home/docker/scripts
+
+RUN sed -i 's/\r$//' /home/docker/scripts/boot.sh  && \
+        chmod +x /home/docker/scripts/boot.sh
+
+ENTRYPOINT /home/docker/scripts/boot.sh
+
+COPY ./ /home/codewithmuh-backend
+
+
diff --git a/build-process/Dockerfile b/build-process/Dockerfile
@@ -0,0 +1,40 @@
+FROM python:3.12-slim
+
+ENV PYTHONUNBUFFERED 1
+ENV DJANGO_SETTINGS_MODULE=backend.settings
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+        git-core \
+        build-essential \
+        binutils \
+        libproj-dev \
+        gdal-bin \
+        supervisor && \
+    rm -rf /var/lib/apt/lists/*
+
+COPY ./requirements /home/codewithmuh-backend/requirements
+RUN mkdir -p /home/codewithmuh-backend/media
+WORKDIR /home/codewithmuh-backend
+
+
+RUN pip install --upgrade pip
+RUN pip install -r ./requirements/requirements.txt
+
+
+
+EXPOSE 8080
+
+RUN mkdir -p /var/logs/codewithmuh
+
+
+COPY ./build-process/docker-backend-django/scripts /home/docker/scripts
+
+RUN sed -i 's/\r$//' /home/docker/scripts/boot.sh  && \
+        chmod +x /home/docker/scripts/boot.sh
+
+ENTRYPOINT /home/docker/scripts/boot.sh
+
+COPY ./ /home/codewithmuh-backend
+
+
diff --git a/build-process/config/supervisor-backend.conf b/build-process/config/supervisor-backend.conf
@@ -0,0 +1,14 @@
+[supervisord]
+nodaemon=true
+
+[program:backend]
+command=gunicorn --worker-class "sync" --workers "8"  --max-requests "33" --threads "4" --limit-request-line 8190 backend.wsgi:application -b 0.0.0.0:8080 --access-logfile -
+directory=/home/codewithmuh-backend
+user=root
+autostart=true
+autorestart=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+
diff --git a/build-process/scripts/boot.sh b/build-process/scripts/boot.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+set -e
+
+echo "codewithmuh-backend:boot:env:${APP_ENVIRONMENT}"
+
+python manage.py makemigrations
+
+python manage.py migrate
+python manage.py collectstatic --noinput
+
+if [ "$APP_ENVIRONMENT" == "Local" ]; then
+  echo "codewithmuh-backend:run:local" && python manage.py runserver 0.0.0.0:8080 --insecure
+fi
+
+if [ "$APP_ENVIRONMENT" == "Production" ]; then
+  echo "codewithmuh-backend:run:prod" && /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisor-backend.conf
+fi
diff --git a/sonar-project.properties b/sonar-project.properties
@@ -0,0 +1,2 @@
+sonar.projectKey=django_project
+

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+sonar.projectKey=django_project`
	`2`	`+`