Fix Docker build and dependencies #153

Workflow file for this run

.github/workflows/ci-checks.yml at 46d4769

	on:
	push:
	branches:
	- master
	pull_request:

	name: Standard CI checks

	jobs:
	Hadolint:
	runs-on: ubuntu-latest
	strategy:
	matrix:
	image: ["server", "ui", "base"]
	steps:
	- uses: actions/checkout@v2
	- uses: hadolint/hadolint-action@v1.5.0
	with:
	dockerfile: docker-builds/${{ matrix.image }}/Dockerfile

	Prettier:
	runs-on: ubuntu-latest
	steps:
	- name: Prettier Action
	uses: creyD/prettier_action@v3.3

	Code_security:
	name: Code security
	runs-on: ubuntu-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@v2

	- name: Scan project
	uses: ShiftLeftSecurity/scan-action@master

	nodejs-lint:
	runs-on: ubuntu-latest
	strategy:
	matrix:
	node-version: ["11.14.0"]
	steps:
	- uses: actions/checkout@v2
	- name: Lint code using Node.js ${{ matrix.node-version }}
	uses: actions/setup-node@v1
	with:
	node-version: ${{ matrix.node-version }}
	- run: npm i -g yarn
	- run: yarn deps
	- run: yarn lint

	docker_checks:
	runs-on: ubuntu-latest

	strategy:
	fail-fast: false
	matrix:
	image: [ 'server', 'ui' ]
	environment: ['qa', 'prod']
	steps:
	- name: Checkout code
	uses: actions/checkout@v2

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: ${{ secrets.AWS_DEFAULT_REGION }}

	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v1

	- name: Build ${{ matrix.image }} Docker image
	env:
	ECR_REGISTRY: ${{ secrets.ECR_REGISTRY }}
	ECR_REPOSITORY: "memefactory"
	run: \|
	echo "Building on ${GITHUB_REF} branch"
	DOCKER_BUILDKIT=1 docker build --build-arg BUILD_ENV=${{ matrix.environment }} -t ${{ matrix.image }}:${{ github.sha }}-${{ matrix.environment }} -t ${ECR_REGISTRY}/${ECR_REPOSITORY}-${{matrix.image}}:latest-${{ matrix.environment }} -t ${ECR_REGISTRY}/${ECR_REPOSITORY}-${{matrix.image}}:${{ github.sha }}-${{ matrix.environment }} -f docker-builds/${{ matrix.image }}/Dockerfile .
	echo "Successfully built docker image"

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	image-ref: '${{ matrix.image }}:${{ github.sha }}-${{ matrix.environment }}'
	format: 'table'
	exit-code: '0'
	ignore-unfixed: true
	vuln-type: 'os,library'
	severity: 'CRITICAL'

	- name: Push docker images
	env:
	ECR_REGISTRY: ${{ secrets.ECR_REGISTRY }}
	ECR_REPOSITORY: "memefactory"
	run: \|
	echo "Pushing docker images"
	echo "Will push to the registry image with latest-${{ matrix.environment }} and ${{ github.sha }}-${{ matrix.environment }} tags"
	if [[ ${{ matrix.environment }} == "prod" && ${GITHUB_REF} == "refs/heads/master" ]]; then
	docker push ${ECR_REGISTRY}/${ECR_REPOSITORY}-${{matrix.image}}:${{ github.sha }}-${{ matrix.environment }}
	docker push ${ECR_REGISTRY}/${ECR_REPOSITORY}-${{matrix.image}}:latest-${{ matrix.environment }}
	else
	docker push ${ECR_REGISTRY}/${ECR_REPOSITORY}-${{matrix.image}}:${{ github.sha }}-${{ matrix.environment }}
	docker push ${ECR_REGISTRY}/${ECR_REPOSITORY}-${{matrix.image}}:latest-${{ matrix.environment }}
	fi

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix Docker build and dependencies #153

Workflow file

Fix Docker build and dependencies #153

Jobs

Run details

Workflow file for this run