Skip to content

Commit

Permalink
fix: added coderabbit suggestions
Browse files Browse the repository at this point in the history
  • Loading branch information
@codechirag123
codechirag123 committed Nov 28, 2024
1 parent d5da7b2 commit 662486b
Show file tree
Hide file tree
Showing 3 changed files with 52 additions and 46 deletions.
30 changes: 18 additions & 12 deletions .github/workflows/build-preview-environment.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@ on:

permissions:
id-token: write
contents: write
pull-requests: write
contents: read
pull-requests: read

env:
REF: ${{ github.event_name == 'workflow_dispatch' && github.ref_name || github.event_name == 'pull_request' && github.event.pull_request.head.ref }}
Expand Down Expand Up @@ -43,7 +43,7 @@ jobs:
id: sanitize_env
shell: bash
run: |
SANITIZED_BRANCH_NAME=$(echo -n ${{ steps.clean-ref.outputs.ref }} | tr "/" "-")
SANITIZED_BRANCH_NAME=$(echo -n "${{ steps.clean-ref.outputs.ref }}" | tr "/" "-")
echo "Sanitized branch name: $SANITIZED_BRANCH_NAME"
TRIMMED_BRANCH_NAME=$(echo -n "$SANITIZED_BRANCH_NAME" | cut -c 1-8)
echo "sanitized_env_name=$SANITIZED_BRANCH_NAME" >> $GITHUB_OUTPUT;
Expand Down Expand Up @@ -101,15 +101,21 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Trigger workflow in another repo
uses: actions/github-script@v6
uses: actions/github-script@v7
with:
github-token: ${{ secrets.GIT_TOKEN }}
script: |
await github.rest.repos.createDispatchEvent({
owner: 'ballerine-io',
repo: 'cloud-infra-config',
event_type: 'deploy-preview',
client_payload: {
'ref': '${{ needs.deploy-dev-pr-environment.outputs.env_name }}'
}
});
try {
await github.rest.repos.createDispatchEvent({
owner: 'ballerine-io',
repo: 'cloud-infra-config',
event_type: 'deploy-preview',
client_payload: {
'ref': '${{ needs.deploy-dev-pr-environment.outputs.env_name }}'
}
});
console.log('Successfully triggered deploy-preview event');
} catch (error) {
console.error('Failed to trigger deploy-preview event:', error);
throw error;
}
44 changes: 19 additions & 25 deletions .github/workflows/build-push-docker-images.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,15 +24,22 @@ on:
description: "Tag name of the Preview Image"
type: string

permissions:
id-token: write
contents: write
pull-requests: write

jobs:
build-and-push:
runs-on: ubuntu-latest

steps:
- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
ref: ${{ inputs.ref }}
fetch-depth: 1
persist-credentials: false
sparse-checkout: |
${{ inputs.context }}
sparse-checkout-cone-mode: true
Expand Down Expand Up @@ -60,16 +67,16 @@ jobs:
tag: ${{ steps.version.outputs.tag }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3

- name: Set up QEMU
uses: docker/setup-qemu-action@v2
uses: docker/setup-qemu-action@v3
with:
platforms: 'arm64,arm'

- name: Cache Docker layers
id: cache
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-docker-${{ hashFiles('**/Dockerfile') }}
Expand All @@ -96,14 +103,13 @@ jobs:
- name: Print docker version outputs
run: |
echo "Metadata: ${{ steps.docker_meta.outputs.tags }}"
echo "sha_short: ${{ steps.version.outputs.sha_short }}"
echo "docker_meta-tags: ${{ steps.docker_meta.outputs.tags }}"
echo "bump-version-version: ${{ steps.bump-version.outputs.version }}"
echo "bump-version-tag: ${{ steps.bump-version.outputs.tag }}"
if [[ "${{ inputs.image_name }}" == "workflows-service" ]]; then
echo "sha_short: ${{ steps.version.outputs.sha_short }}"
echo "bump-version-version: ${{ steps.bump-version.outputs.version }}"
echo "bump-version-tag: ${{ steps.bump-version.outputs.tag }}"
fi
- name: Build and push Docker image
if: ${{ inputs.image_name }} == 'workflows-service'
uses: docker/build-push-action@v5
with:
context: ${{ inputs.context }}
Expand All @@ -113,20 +119,7 @@ jobs:
cache-to: type=local,dest=/tmp/.buildx-cache
tags: ${{ steps.docker_meta.outputs.tags }}
build-args: |
"RELEASE=${{ steps.version.outputs.tag }}"
"SHORT_SHA=${{ steps.version.outputs.sha_short }}"

- name: Build and push Docker image
if: ${{ inputs.image_name }} != 'workflows-service'
uses: docker/build-push-action@v5
with:
context: ${{ inputs.context }}
platforms: linux/amd64
push: true
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
tags: ${{ steps.docker_meta.outputs.tags }}
${{ inputs.image_name == 'workflows-service' && format('"RELEASE={0}"\n"SHORT_SHA={1}"', steps.version.outputs.tag, steps.version.outputs.sha_short) || '' }}
- name: Scan Docker Image
uses: aquasecurity/trivy-action@master
Expand All @@ -137,4 +130,5 @@ jobs:
ignore-unfixed: true
exit-code: 1
vuln-type: 'os,library'
severity: 'CRITICAL'
severity: 'CRITICAL,HIGH'
timeout: '5m'
24 changes: 15 additions & 9 deletions .github/workflows/destroy-preview-environment.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,15 +64,21 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Trigger workflow in another repo
uses: actions/github-script@v6
uses: actions/github-script@v7
with:
github-token: ${{ secrets.GIT_TOKEN }}
script: |
await github.rest.repos.createDispatchEvent({
owner: 'ballerine-io',
repo: 'cloud-infra-config',
event_type: 'destroy-preview',
client_payload: {
'ref': '${{ needs.deploy-dev-pr-environment.outputs.env_name }}'
}
});
try {
await github.rest.repos.createDispatchEvent({
owner: 'ballerine-io',
repo: 'cloud-infra-config',
event_type: 'destroy-preview',
client_payload: {
'ref': '${{ needs.deploy-dev-pr-environment.outputs.env_name }}'
}
});
console.log('Successfully triggered deploy-preview event');
} catch (error) {
console.error('Failed to trigger deploy-preview event:', error);
throw error;
}

0 comments on commit 662486b

Please sign in to comment.