Merge pull request #6 from my0373/test

Added Simple and complex workflows
2025-07-21 23:35:50 +00:00 · 2023-10-15 18:20:18 +01:00 · 2023-10-15 18:20:18 +01:00 · bd0b37de8d
commit bd0b37de8d
parent 6d3602fcb4 b3e3dbf31e
4 changed files with 99 additions and 36 deletions
--- a/.github/workflows/ci-learning.yml
+++ b/.github/workflows/ci-learning.yml
@ -29,13 +29,7 @@ jobs:
          java-version: ${{matrix.java}}
          distribution: 'adopt'
          cache: maven
-
-      - name: Setup JFrog CLI
-        uses: jfrog/setup-jfrog-cli@v3
-        env:
-          JF_URL: ${{ secrets.JF_URL }}
-          JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
-            
+          
      - name: Build with Maven Wrapper
        run: ./mvnw -B package

@ -100,9 +94,6 @@ jobs:
        run: |
          docker load --input /tmp/petclinic/petclinic.tar 

-      - name: List all the container images on the runner 
-        run: docker image ls
-        

      - name: Setup JFrog CLI
        uses: jfrog/setup-jfrog-cli@v3
@ -115,24 +106,24 @@ jobs:
          jf docker scan my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT   
            

-      - name: Build Tag and push Docker Image
+      - name: Push Docker Image to the Artifactory repository
        env:
          IMAGE_NAME: my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT
        run:
          jf docker push $IMAGE_NAME


-      - name: Publish Build info With JFrog CLI
-        env:
-          # Generated and maintained by GitHub
-          JFROG_CLI_BUILD_NAME: spring-petclinic
-          # JFrog organization secret
-          JFROG_CLI_BUILD_NUMBER : ${{ github.run_number }}
-        run: |
-          # Export the build name and build nuber
-          # Collect environment variables for the build
-          # jf rt build-collect-env
-          # Collect VCS details from git and add them to the build
-          # jf rt build-add-git
-          # Publish build info
-          # jf rt build-publish
+      # - name: Publish Build info With JFrog CLI
+      #   env:
+      #     # Generated and maintained by GitHub
+      #     JFROG_CLI_BUILD_NAME: spring-petclinic
+      #     # JFrog organization secret
+      #     JFROG_CLI_BUILD_NUMBER : ${{ github.run_number }}
+      #   run: |
+      #     # Export the build name and build nuber
+      #     # Collect environment variables for the build
+      #     # jf rt build-collect-env
+      #     # Collect VCS details from git and add them to the build
+      #     # jf rt build-add-git
+      #     # Publish build info
+      #     # jf rt build-publish
--- a/.github/workflows/ci-minimal.yml
+++ b/.github/workflows/ci-minimal.yml
@ -1,7 +1,7 @@
 # This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
 # For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven

-name: Minimal build requirements for the petclinic application.
+name: Java CI with Maven (minimal)

 # The workflow will execute on Push / PR as well as manually running.
 on:
--- a/Docs/learning.md
+++ b/Docs/learning.md
@ -0,0 +1,77 @@
+# The "more complex" GitHub Actions pipeline
+
+This repository makes use of multiple jobs withing a GitHub actions pipeline. We'll be using a workflow to achieve this.
+
+This workflow runs the source build, test and dependency validation job. It then runs the container build jobs in parallel. 
+
+## The trigger
+The workflow is configured to run when the "main" branch is pushed, or when a PR for the "main" branch is raised.
+  
+## The steps
+In order to successfully build, our workflow must 
+
+### "source-build" job
+
+1. Pull the code from the main branch of the git repo [here](https://github.com/spring-projects/spring-petclinic).
+1. Ensure that Java 17 is installed on the GitHub runner.
+1. Use the Maven wrapper to build the source.
+1. Run the Maven tests for the source
+1. Use Maven to check dependencies
+
+### "container-build" job
+1. Pull the code from the main branch of the git repo [here](https://github.com/spring-projects/spring-petclinic).
+1. Ensure that Java 17 is installed on the GitHub runner.
+1. Package the code into a docker container
+1. Tag the container with the required name
+1. Store the container as a binary artifact in the GitHub action.
+
+### "publish-build" job
+
+1. Retrieve the container as a binary artifact from GitHub.
+1. Restore the container from a tarfile.
+1. Setup the JFrog CLI tool
+1. Use the jfrog scanner to scan the image for known vulnerabilities.
+1. Push the tested, scanned image to the Artifactory repository.
+
+
+
+
+# Using the image
+In order to use the image, you will first need docker installed on your local system.
+
+__Authenticate to your container registry with your login__
+```console
+foo@bar:~$ docker login -u [your-login] my0373.jfrog.io
+```
+__Note:__
+*Please replace ```[your-login]``` with your artifactory login.*
+
+
+__Pull the container image to your local system__
+```console
+foo@bar:~$ docker pull my0373.jfrog.io/my0373-docker/spring-petclinic:3.1.0-SNAPSHOT
+```
+
+__Run the container image.__ 
+```console
+foo@bar:~$ docker run -d -p 8080:8080 spring-petclinic:3.1.0-SNAPSHOT
+```
+
+__Note:__
+*Here I am exposing the site on port 8080. Please change to your requirements.*
+
+
+The Image can be viewed in  artifactory [here](https://my0373.jfrog.io/ui/repos/tree/General/my0373-docker-local/spring-petclinic).
+
+# Testing the application
+Once the container is running, you should be able to connect on port 8080 on the target system.
+
+Assuming this is your local system, open a browser to http://127.0.0.1:8080/.
+
+
+
+
+# Security scan
+As part of the build, I've executed an xray scan of the repository and attached the scans in the Scan directory of the repository  [here](https://github.com/my0373/spring-petclinic/tree/main/Scan).
+
+
--- a/Docs/simple.md
+++ b/Docs/simple.md
@ -2,6 +2,9 @@

 This repository makes use of a GitHub actions pipeline. We'll be using a workflow to achieve this. 

+## The trigger
+The workflow is configured to run when the "main" branch is pushed, or when a PR for the "main" branch is raised.
+  
 ## The steps
 In order to successfully build, our workflow must 

@ -11,7 +14,7 @@ In order to successfully build, our workflow must
 1. Run the Maven tests for the source
 1. Use Maven to check dependencies
 1. Package the code into a docker container
-1. tag the container with the required name
+1. Tag the container with the required name
 1. Push the container into the Artifactory Repository


@ -52,14 +55,6 @@ Assuming this is your local system, open a browser to http://127.0.0.1:8080/.


 # Security scan
-As part of the build, I've executed an xray scan of the repository and attached the scans in the 
+As part of the build, I've executed an xray scan of the repository and attached the scans in the Scan directory of the repository  [here](https://github.com/my0373/spring-petclinic/tree/main/Scan).

-### Code Compilation
-The first step of the build process is to build

-GitHub link to the repo including
-
-Github Actions workflow files within that repo
-Docker file within that repo
-readme.md file explaining the work and how to run the project
-Bonus Deliverable: XRay Scan Data export (JSON format) for your image