Skip to content
This repository has been archived by the owner on Mar 4, 2024. It is now read-only.

Revert "chore: change FE pipelines (#298)" #415

Revert "chore: change FE pipelines (#298)"

Revert "chore: change FE pipelines (#298)" #415

Workflow file for this run

name: Build and push dev-latest image
on:
workflow_dispatch:
inputs:
tag:
description: An image tag
required: false
push:
branches:
- main
env:
NODE_OPTIONS: "--max_old_space_size=4096"
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Configure git for private modules
env:
ROBOT_TOKEN: ${{ secrets.ROBOT_TOKEN }}
run: git config --global url."https://percona-platform-robot:${ROBOT_TOKEN}@github.com".insteadOf "https://github.com"
- name: Check out frontend repo
uses: actions/checkout@v4
with:
repository: percona/percona-everest-frontend
ref: 'main'
path: percona-everest-frontend
token: ${{ secrets.ROBOT_TOKEN }}
- name: Run with Node 16
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- name: Install Bit Version Manager
run: npm i -g @teambit/bvm
- name: Install latest Bit version
run: bvm install 1.1.0
- name: Add bvm bin folder to path
run: echo "$HOME/bin" >> $GITHUB_PATH
- name: Set up bit config
env:
BIT_TOKEN: ${{ secrets.BIT_TOKEN }}
run: bit config set user.token $BIT_TOKEN
- name: Build Everest Frontend app
run: |
cd ${GITHUB_WORKSPACE}/percona-everest-frontend
bit install --recurring-install
bit snap --build
bit artifacts percona.apps/everest --out-dir ./build
mkdir ${GITHUB_WORKSPACE}/front
cp -rf ./build/percona.apps_everest/artifacts/apps/react-common-js/everest/public/* ${GITHUB_WORKSPACE}/front/
- name: Check out Everest Backend
uses: actions/checkout@v4
with:
path: ./backend
- name: Embed Everest Frontend app into backend
run: |
cp -rf ${GITHUB_WORKSPACE}/front/* ${GITHUB_WORKSPACE}/backend/public/dist/
- uses: actions/setup-go@v4
with:
go-version-file: './backend/go.mod'
- name: Build Everest
run: |
cd ${GITHUB_WORKSPACE}/backend
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 make build
- name: Set tag from inputs
run: echo "IMAGE_TAG=${{ github.event.inputs.tag }}" >> $GITHUB_ENV
if: ${{ github.event.inputs.tag != '' }}
- name: Set tag from inputs
run: echo "IMAGE_TAG=dev-latest" >> $GITHUB_ENV
if: ${{ github.event.inputs.tag == '' }}
- name: Setup docker build metadata
uses: docker/metadata-action@v5
id: meta
with:
images: perconalab/everest
tags: ${{ env.IMAGE_TAG }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and Push everest dev-latest image
uses: docker/build-push-action@v5
with:
context: backend
push: true
tags: ${{ steps.meta.outputs.tags }}
scan:
runs-on: ubuntu-latest
needs: [build]
steps:
- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
with:
image-ref: 'docker.io/perconalab/everest:dev-latest'
format: 'table'
exit-code: '1'
severity: 'CRITICAL,HIGH'