From 97d6a662c66cf1815bfd996306cf5c19eca9f535 Mon Sep 17 00:00:00 2001 From: Wesley Fideles Date: Mon, 8 Aug 2022 20:52:00 -0300 Subject: [PATCH 1/7] Primeiro Commit add-pipeline --- .github/workflows/cicd.yml | 81 ++++++-------------------------------- 1 file changed, 13 insertions(+), 68 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 5864bbfd..92c9fe8c 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -1,70 +1,15 @@ -name: CI - -on: [ push, pull_request ] - +name: "Pipeline para build de imagem docker" +on: + push: + release: + types: [created] jobs: - build: - runs-on: ubuntu-18.04 - steps: - - uses: actions/checkout@v2 - - name: Set up Python - uses: actions/setup-python@v2 - with: - python-version: 3.8 - - name: Install Dependencies - run: | - python -m pip install --upgrade pip - pip install -r dev_requirements.txt - - name: Lint - run: | - black --check . - flake8 . - - name: Check migrations - env: - DJANGO_SETTINGS_MODULE: "web.settings" - DATABASE_URL: "postgres://postgres:postgres@localhost:5432/mariaquiteria" - run: python manage.py makemigrations --check - - name: Run Tests - env: - DJANGO_SETTINGS_MODULE: "web.settings" - DJANGO_CONFIGURATION: "Test" - DATABASE_URL: "postgres://postgres:postgres@localhost:5432/mariaquiteria" - run: | - python manage.py collectstatic - pytest - services: - postgres: - image: library/postgres:11-alpine - env: - POSTGRES_PASSWORD: postgres - POSTGRES_DB: mariaquiteria - ports: - - 5432:5432 - options: >- - --health-cmd pg_isready - --health-interval 10s - --health-timeout 5s - --health-retries 5 - rabbitmq: - image: rabbitmq - env: - RABBITMQ_DEFAULT_USER: guest - RABBITMQ_DEFAULT_PASS: guest - ports: - - 5672:5672 - deploy: - runs-on: ubuntu-18.04 - if: github.ref == 'refs/heads/main' + docker: + uses: "mentoriaiac/cicd_centralizado/.github/workflows/docker_build.yaml@docker/v1" + with: + image: wf975621/mariaqueteria - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Push to dokku - uses: dokku/github-action@v1.0.2 - with: - branch: main - ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }} - git_remote_url: ${{ secrets.DOKKU_REMOTE_URL }} - ssh_host_key: ${{ secrets.SSH_HOST_KEY }} - needs: [build] + push_image: ${{github.event_name == 'release'}} + secrets: + docker_user: ${{secrets.DOCKER_LOGIN}} + docker_password: ${{secrets.TOKEN_DOCKERHUB}} \ No newline at end of file From f33e25f1756222e07809aeb8039682a4c21ab47a Mon Sep 17 00:00:00 2001 From: Wesley Fideles Date: Mon, 8 Aug 2022 21:09:48 -0300 Subject: [PATCH 2/7] Ajuste de TAG do Pipeline --- .github/workflows/cicd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 92c9fe8c..8f0f65b2 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -5,7 +5,7 @@ on: types: [created] jobs: docker: - uses: "mentoriaiac/cicd_centralizado/.github/workflows/docker_build.yaml@docker/v1" + uses: "mentoriaiac/cicd_centralizado/.github/workflows/docker_build.yaml@v1" with: image: wf975621/mariaqueteria From b24dd3c2299f4aa0944fcf62f5bbd13a0be4c0f8 Mon Sep 17 00:00:00 2001 From: Wesley Fideles Date: Mon, 8 Aug 2022 21:19:47 -0300 Subject: [PATCH 3/7] Adicionando hadolint ignore no Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 0be22dcc..ce1ed754 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ WORKDIR /code COPY requirements.txt . COPY dev_requirements.txt . - +# hadolint ignore=DL3008,DL3042,DL3027 RUN apt-get update && \ apt-get install -y netcat-openbsd gcc && \ apt-get clean && \ From 71abed4ad481d01ab18296aa76cd02144690ea3a Mon Sep 17 00:00:00 2001 From: Wesley Fideles Date: Mon, 8 Aug 2022 21:20:57 -0300 Subject: [PATCH 4/7] Adicionando hadolint ignore no Dockerfile dnv --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index ce1ed754..7c60ff6f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ WORKDIR /code COPY requirements.txt . COPY dev_requirements.txt . -# hadolint ignore=DL3008,DL3042,DL3027 +# hadolint ignore=DL3008,DL3042,DL3027,DL3015 RUN apt-get update && \ apt-get install -y netcat-openbsd gcc && \ apt-get clean && \ From 7d7e09d5e47c0565bc523fbfe179ac9961a9aace Mon Sep 17 00:00:00 2001 From: Wesley Fideles Date: Mon, 8 Aug 2022 21:34:28 -0300 Subject: [PATCH 5/7] Adicionando .trivyignore --- .trivyignore | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 .trivyignore diff --git a/.trivyignore b/.trivyignore new file mode 100644 index 00000000..b0cf91dd --- /dev/null +++ b/.trivyignore @@ -0,0 +1,12 @@ +CVE-2022-1304 +CVE-2021-3999 +CVE-2019-8457 +CVE-2021-33560 +CVE-2022-2509 +CVE-2022-29458 +CVE-2022-1586 +CVE-2022-1587 +CVE-2022-2097 +CVE-2020-16156 +CVE-2022-34265 +CVE-2017-14158 \ No newline at end of file From b237ab8a594d843721acaf445a00cbe5ac5ce660 Mon Sep 17 00:00:00 2001 From: Wesley Fideles Date: Tue, 9 Aug 2022 14:23:58 -0300 Subject: [PATCH 6/7] testando --- .github/workflows/cicd.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 8f0f65b2..f729e770 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -7,6 +7,7 @@ jobs: docker: uses: "mentoriaiac/cicd_centralizado/.github/workflows/docker_build.yaml@v1" with: + image: wf975621/mariaqueteria push_image: ${{github.event_name == 'release'}} From faa4061b37d06d2223671e28ea0050b68d0646ab Mon Sep 17 00:00:00 2001 From: Wesley Fideles Date: Tue, 9 Aug 2022 17:33:40 -0300 Subject: [PATCH 7/7] Testando git no Linux --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 93081098..a10f97f5 100644 --- a/.gitignore +++ b/.gitignore @@ -22,3 +22,5 @@ __pycache__ # scrapy files/ + +teste