Skip to content
πŸš€πŸš€ Basic πŸ‘¨β€πŸ’»Dev - SecπŸͺ² OpsπŸ“‰ Workflow πŸš€πŸš€

Update main.yaml #2

Sign in to view logs

Update main.yaml

Update main.yaml #2

Workflow file for this run

.github/workflows/main.yaml at 813c4e9
# Actions Workflow setup completed
name: πŸš€πŸš€ Basic πŸ‘¨β€πŸ’»Dev - SecπŸͺ² OpsπŸ“‰ Workflow πŸš€πŸš€
on:
workflow_run:
workflows: [Pre Work]
types:
- completed
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: βœ… Build Workflow
run: echo "βœ… Dummy Step, compile, package, create container for application and ..."
test:
runs-on: ubuntu-latest
needs: build
steps:
- name: βœ… Checkout
uses: actions/checkout@v2
- name: βœ… SAST
run: |
env | grep -E "GITHUB_ACTIONS|GITHUB_RUN_NUMBER|GITHUB_REF_NAME|GITHUB_SHA" > /tmp/env
docker pull registry.fortidevsec.forticloud.com/fdevsec_sast:latest
docker run --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest
deploy:
runs-on: ubuntu-latest
needs: test
steps:
- name: βœ… Azure Login
uses: azure/login@v1
with:
creds: '{"clientId":"${{ secrets.CLIENT_ID }}","clientSecret":"${{ secrets.CLIENT_SECRET }}","subscriptionId":"${{ secrets.SUBSCRIPTION_ID }}","tenantId":"${{ secrets.TENANT_ID }}"}'
- name: βœ… Deploy the App
uses: Azure/[email protected]
with:
azcliversion: 2.30.0
inlineScript: |
az group create -n ${{ vars.AZ_ACI_DNS_PREFIX }}-rg -l eastus
az container create --name ${{ vars.AZ_ACI_DNS_PREFIX }} --dns-name-label ${{ vars.AZ_ACI_DNS_PREFIX }} --image ${{ vars.IMAGE_NAME }} -g ${{ vars.AZ_ACI_DNS_PREFIX }}-rg --registry-username ${{ secrets.ACR_USERNAME }} --registry-password ${{ secrets.ACR_USERPASSWORD }}
dast:
runs-on: ubuntu-latest
needs: deploy
steps:
- name: βœ… Checkout
uses: actions/checkout@v2
- name: βœ… DAST
run: |
env | grep -E "GITHUB_ACTIONS|GITHUB_RUN_NUMBER|GITHUB_REF_NAME|GITHUB_SHA" > /tmp/env
docker pull registry.fortidevsec.forticloud.com/fdevsec_dast:latest
docker run --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest
clean-up-az:
runs-on: ubuntu-latest
needs: dast
steps:
- name: βœ… Azure Login
uses: azure/login@v1
with:
creds: '{"clientId":"${{ secrets.CLIENT_ID }}","clientSecret":"${{ secrets.CLIENT_SECRET }}","subscriptionId":"${{ secrets.SUBSCRIPTION_ID }}","tenantId":"${{ secrets.TENANT_ID }}"}'
- name: βœ… Clean Up Azure Container Instances App
uses: Azure/[email protected]
with:
azcliversion: 2.30.0
inlineScript: |
az group delete -n ${{ vars.AZ_ACI_DNS_PREFIX }}-rg -y