-
Notifications
You must be signed in to change notification settings - Fork 197
92 lines (83 loc) · 2.61 KB
/
forms-flow-web-cd.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
name: forms-flow-web-CD
on:
workflow_dispatch:
push:
branches:
- master
- develop
- release/*
paths:
- "forms-flow-web/**"
- "VERSION"
defaults:
run:
shell: bash
jobs:
build:
if: github.repository == 'AOT-Technologies/forms-flow-ai'
name: Build and push artifacts to s3
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '16.20.0'
- run: npm ci
working-directory: ./forms-flow-web
- run: npm run build
working-directory: ./forms-flow-web
- uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.REGION }}
- name: Set version
if: ${{ github.ref != 'refs/heads/master' }}
working-directory: .
run: |
VER=$(cat VERSION)
echo "VERSION=$VER" >> $GITHUB_ENV
- name: Set version
if: ${{ github.ref == 'refs/heads/master' }}
working-directory: .
run: |
VER=$(cat VERSION)
VER=${VER/-alpha/''}
echo "VERSION=$VER" >> $GITHUB_ENV
- run: echo ${{ env.VERSION }}
- run: npm ci
working-directory: ./forms-flow-web/scripts
- run: node index
env:
BUCKET: ${{ secrets.BUCKET}}
VERSION: ${{ env.VERSION }}
working-directory: ./forms-flow-web/scripts
zap_scan:
runs-on: ubuntu-latest
name: Scan the web application
steps:
- name: Checkout
uses: actions/checkout@v2
with:
ref: master
- name: ZAP Scan
uses: zaproxy/action-full-scan@v0.8.0
with:
working-directory: zap-reports
token: ${{ secrets.GITHUB_TOKEN }}
docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
target: ${{ secrets.WEB_TARGET_URL }}
rules_file_name: '.zap/rules.tsv'
- name: Install AWS CLI
run: |
sudo apt-get update
sudo apt-get install -y awscli
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.REGION }}
- name: Upload ZAP Report to S3
run: |
aws s3 cp report_html.html s3://zap-report-formsflow/zap-reports/zap-report-$(date +%Y-%m-%d_%H-%M-%S).html