DevFW-CICD/edp-doc
17
0
Fork 1
Code Issues Pull requests 2 Projects Releases Packages Wiki Activity Actions
edp-doc/docs/user-documentation/ci-workflow.md
franz.germann1 d0e2f54eec styling fix
2024-12-19 15:49:40 +01:00

53 lines
2.2 KiB
Markdown
Raw Blame History

# 🚀 Continuous Integration (CI) Workflow
Our repository includes a **Continuous Integration (CI) workflow** that runs automatically whenever changes are pushed to the codebase. By leveraging Forgejo and GitHub Actions, we ensure that every update is thoroughly validated, resulting in a reliable and error-free image being delivered to the Forgejo registry.
---
## How It Works
### Automatic Trigger on Code Changes
Each time you push a new commit or open a pull request, a CI workflow is initiated. You can monitor these runs by navigating to the Actions tab within your GitHub project.
![step 2](../ressources/5.png)
### Workflow Steps
The CI pipeline consists of several predefined steps designed to ensure quality and security before publishing the final image:
- **📥 Checkout:**
Retrieves the latest version of the repository to ensure the workflow is working with the most recent code.
- **📝 Linting (using [golangci-lint](https://github.com/golangci/golangci-lint)):**
Analyzes the code for potential issues, formatting errors, or stylistic inconsistencies.
- **🔑 Docker Login:**
Authenticates with your Docker registry so that the newly built image can be pushed securely.
- **🔧 Build Application & Image:**
Constructs the application and packages it into a Docker image.
- **🛡️ Vulnerability Scanning (using [trivy](https://github.com/aquasecurity/trivy)):**
Scans the final image for known security vulnerabilities, ensuring any issues are identified and addressed early on.
- **⬆️ Push Image to Registry:**
Uploads the successfully built image to the Forgejo registry, making it available for deployment.
### Monitoring Workflow Progress and Logs
Once the workflow starts, you can visit the **Actions** page to:
- view the current status and total runtime of the entire workflow
- check individual action runtimes and results
- access detailed logs by clicking on each action (provides insights into what happened in each action, making debugging and auditing easier)
---
By utilizing this CI workflow, you benefit from a fully automated, transparent, and secure process that maintains the highest quality standards for your code and images.
Reference in a new issue View git blame Copy permalink