-
Notifications
You must be signed in to change notification settings - Fork 64
executable file
·158 lines (129 loc) · 4.02 KB
/
demo.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
name: build
on:
push:
branches: [ "master" ]
schedule:
- cron: "59 23 * * 6"
env:
AUTHOR: AUTHOR
permissions:
contents: read
security-events: write
jobs:
notify-me:
name: Notify ME
runs-on: ubuntu-latest
steps:
- name: Push intial notifiation to SLACK
id: slack
uses: slackapi/[email protected]
with:
channel-id: 'C05CN71FX0F'
slack-message: |
Workflow Triggered for Subrake / SubTAP
Triggered By: ${{ github.actor }}
Commit: ${{ github.sha }}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
build-and-test:
name: Build and Test
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.9'
- name: Install package
run: |
pip install -r ./requirements.txt
python setup.py install
- name: Print the manual
run: |
subrake --help
# deploy:
# name: Deploy
# runs-on: ubuntu-latest
# environment: demo
# needs: build-and-test
# steps:
# - name: Checkout
# uses: actions/checkout@v3
# - name: Setup SSH Keys
# uses: webfactory/[email protected]
# with:
# ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
# - name: Add Public Keys to hosts files
# run: |
# ssh-keyscan -H ${{secrets.SERVER}} > ~/.ssh/known_hosts
# - name: Push code to the Server
# run: |
# rsync -r --progress --delete ./ ${{ secrets.USER }}@${{ secrets.SERVER }}:/home/${{ secrets.USER }}/subrake
final-notify:
name: Success Notification
runs-on: ubuntu-latest
needs: build-and-test
steps:
- name: Sending the success notification
id: slack
uses: slackapi/[email protected]
with:
channel-id: 'C05CN71FX0F'
slack-message: |
Build Successful for Subrake / SubTAP
Run the following command on demo server to for final deploy:
Command: ./installer.sh --deploy
Triggered By: ${{ github.actor }}
Commit: ${{ github.sha }}
Repository: ${{ github.repositoryUrl }}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
deploy-error:
name: Error while building and deploying
runs-on: ubuntu-latest
if: ${{ needs.build.result == 'failure' || needs.test.result == 'failure' }}
steps:
- name: Push Error Notification to SLACK!
id: slack
uses: slackapi/[email protected]
with:
channel-id: 'C05CN71FX0F'
slack-message: |
Build Failed for Subrake / SubTAP
Triggered By: ${{ github.actor }}
Commit: ${{ github.sha }}
Repository: ${{ github.repositoryUrl }}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
sast-process:
name: Static Analaysis of CODE
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/python@master
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --sarif-file-output=snyk.sarif
- name: Push Notifcation for the Security Error
id: slack
uses: slackapi/[email protected]
if: failure()
with:
channel-id: 'C05CN71FX0F'
slack-message: |
Vulnerability discovered for Subrake / SubTAP
Results are uploaded to Github Security section as well.
Triggered By: ${{ github.actor }}
Commit: ${{ github.sha }}
Repository: ${{ github.repositoryUrl }}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: snyk.sarif