Bunnings azure

.dockerignore

@@ -5,7 +5,7 @@
 **/.vscode
 **/npm-debug.log
 **/coverage
-**/.env
+# **/.env
 **/.editorconfig
 **/dist
 **/*.pem

.github/workflows/deploy.yml

@@ -0,0 +1,28 @@
+name: Deploy to ECS
+
+on:
+  push:
+    branches:
+      - aws-ecs-dynamodb
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ap-southeast-2
+      - name: Build and push Docker image
+        run: |
+          aws ecr get-login-password --region ap-southeast-2 | docker login --username AWS --password-stdin 240243041622.dkr.ecr.ap-southeast-2.amazonaws.com
+          docker build -t veracode-github-app-repo .
+          docker tag veracode-github-app-repo:latest 240243041622.dkr.ecr.ap-southeast-2.amazonaws.com/veracode-github-app-repo:latest
+          docker push 240243041622.dkr.ecr.ap-southeast-2.amazonaws.com/veracode-github-app-repo:latest
+      - name: Update ECS service
+        run: |
+          aws ecs update-service --cluster veracode-github-app-cluster --service veracode-github-app-service --force-new-deployment

README.md

@@ -18,7 +18,7 @@ npm start
 # 1. Build container
 docker build -t veracode-github-app .
 
-# 2. Start container
+# 2. Start containers
 docker run -e APP_ID=<app-id> -e PRIVATE_KEY=<pem-value> veracode-github-app
 ```
 

action.yml

@@ -4,9 +4,6 @@ branding:
   icon: 'check-circle'
   color: 'white'
 inputs:
-  id: 
-    description: 'ID of run (provided by GitHub app via `github.event.client_payload.id`)'
-    required: true
   run_id: 
     description: 'ID of workflow run (provided via GitHub syntax `github.run_id`)'
     required: true
@@ -19,6 +16,18 @@ inputs:
   sha: 
     description: 'Sha of original commit (provided by GitHub app via `github.event.client_payload.sha`)'
     required: true
+  branch: 
+    description: 'branch of original commit (provided by GitHub app via `github.event.client_payload.branch`)'
+    required: true
+  repository_owner:
+    description: 'repositroy_owner of original commit (provided by GitHub app via `github.event.client_payload.repository.owner`)'
+    required: true
+  repository_name:
+    description: 'repositroy_name of original commit (provided by GitHub app via `github.event.client_payload.repository.name`)'
+    required: true
+  event_type:
+    description: 'event_type triggered by the GitHub App (provided by GitHub app via `github.event.client_payload.event_type`)'
+    required: true
   enforce: 
     description: 'Enforce [required status check](https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/enabling-required-status-checks)'
     required: false
@@ -27,20 +36,19 @@ inputs:
     description: 'Enforce [required status check](https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/enabling-required-status-checks) for admins'
     required: false
     default: false
-  documentation: 
-    description: 'Link to documentation of this check. This is shown with the status check on the original commit. (eg `.github/workflows/compliance-info.md`)'
-    required: false
 runs:
   using: "composite"
   steps: 
     - run: |
         curl -G \
           "${{ inputs.callback_url }}" \
-          -d id=${{ inputs.id }} \
           -d run_id=${{ inputs.run_id }} \
           -d sha=${{ inputs.sha }} \
+          -d branch=${{ inputs.branch }} \
+          -d event_type=${{ inputs.event_type }} \
+          --data-urlencode "repository_owner=${{ inputs.repository_owner }}" \
+          --data-urlencode "repository_name=${{ inputs.repository_name }}" \
           -d enforce=${{ inputs.enforce }} \
           -d enforce_admin=${{ inputs.enforce_admin }} \
-          --data-urlencode "name=${{ env.name || github.workflow }}" \
-          --data-urlencode "documentation=${{ inputs.documentation }}"
+          --data-urlencode "name=${{ env.name || github.workflow }}"
       shell: bash