Skip to content

Chore/setup backend environment #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Eaglewings966 wants to merge 2 commits into
base: dev
Choose a base branch
from
Open

Chore/setup backend environment #6

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1ee51dd
Upgrade project to use `Java 21` using openrewrite.
Eaglewings966 Dec 13, 2025
965f19c
Integrate unit tests and Trivy security scan into backend CI/CD pipeline
Eaglewings966 Dec 13, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
130 changes: 48 additions & 82 deletions .github/workflows/cicd.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,83 +1,49 @@
name: Backend CI/CD Pipeline

on:
push:
branches: [ main ]
pull_request:
branches: [ main ]

jobs:
backend-ci:
runs-on: ubuntu-latest

steps:
- name: Checkout source code
uses: actions/checkout@v4

# ---- Java & Maven Setup ----
- name: Set up JDK 17
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'

- name: Run Unit Tests
run: ./mvnw test

# ---- Docker Build ----
- name: Build Docker image
run: docker build -t bank-backend:latest .

# ---- Trivy Security Scan ----
- name: Scan Docker image with Trivy
uses: aquasecurity/trivy-action@master
with:
image-ref: bank-backend:latest
format: table
severity: CRITICAL,HIGH
exit-code: 1

# ---- Push Image (Optional) ----
- name: Login to Docker Registry
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Push Docker image
run: docker push your-dockerhub-username/bank-backend:latest

# name: Bank Backend Pipeline.

# on:
# push:
# branches:
# - main
# # pull_request:
# # branches:
# # - cicd

# jobs:
# Continues-Integration_build_and_push:
# runs-on: ubuntu-latest
# env:
# REGISTRY_NAME: ${{ secrets.REGISTRY_NAME }}
# AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
# AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# AWS_REGION: us-east-1

# steps:
# - name: Checkout repository
# uses: actions/checkout@v3
# with:
# repository: digitalwitchdemo/main_bank_app_backend
# ref: main


# - name: Log in to awscli
# uses: aws-actions/configure-aws-credentials@v3
# with:
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws-region: us-east-1


# - name: Build container image
# run: docker build -t bank-app-backend:latest .

# - name: Log in to ECR with short-lived credentials
# run: |
# aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin ${{ vars.ECR_REPO }}

# - name: Tag Docker image
# run: docker tag bank-app-backend:latest ${{ vars.ECR_REPO }}/bank-backendapi:${{ github.run_number }}

# - name: Push image to ECR
# run: docker push ${{ vars.ECR_REPO }}/bank-backendapi:${{ github.run_number }}


# - name: Clean up Docker image locally
# run: |
# docker rmi bank-app-backend:latest
# docker rmi ${{ vars.ECR_REPO }}/bank-backendapi:${{ github.run_number }}

# - name: Clean up GitHub repo on runner
# run: rm -rf ./*



# Continues-Update_k8s_manifest:
# runs-on: ubuntu-latest
# needs: Continues-Integration_build_and_push
# steps:
# - name: Checkout repository
# env:
# GIT_USERNAME: ${{ secrets.GIT_USERNAME }}
# GIT_PASSWORD: ${{ secrets.GIT_PASSWORD }}
# run: |
# git clone https://${GIT_USERNAME}:${GIT_PASSWORD}@github.com/digitalwitchdemo/kubernetes-manifest.git

# cd kubernetes-manifest
# git config --global user.email "chukwunonsosmartagbawo@gmail.com"
# git config --global user.name "smartcloud2023"

# sed -i "s+${{ vars.ECR_REPO }}/bank-backendapi:.*+${{ vars.ECR_REPO }}/bank-backendapi:${{ github.run_number }}+g" ./bank-project/backendapi.yaml

# cat ./bank-project/backendapi.yaml | grep -q "${{ vars.ECR_REPO }}/bank-backendapi:${{ github.run_number }}"

# git add bank-project/backendapi.yaml
# git commit -m "Update. backendapi image to version ${{ github.run_number }}"
# git push origin main

3 changes: 3 additions & 0 deletions .vscode/settings.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
{
"java.compile.nullAnalysis.mode": "automatic"
}
Loading