build.yml file updated #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Deploy to EKS | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| inputs: | |
| destroy: | |
| description: 'Destroy the EKS Cluster' | |
| required: false | |
| default: 'false' | |
| jobs: | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 # Disable shallow clones for better SonarQube analysis | |
| - name: SonarQube Scan | |
| uses: sonarsource/[email protected] | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
| - name: NPM Install | |
| run: npm install | |
| #working-directory: ./frontend # Adjust this if necessary | |
| - name: Docker build and push | |
| run: | | |
| docker build --no-cache -t swiggy-clone . | |
| docker tag swiggy-clone gyenoch/swiggy-clone:latest | |
| echo "${{ secrets.Dockerhub_token }}" | docker login -u ${{ secrets.Dockerhub_username }} --password-stdin | |
| docker push gyenoch/swiggy-clone:latest | |
| env: | |
| DOCKER_CLI_EXPERIMENTAL: enabled | |
| terraform: | |
| needs: build | |
| name: Terraform Apply or Destroy | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Set up Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| terraform_version: 1.5.3 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_REGION }} | |
| - name: Initialize Terraform | |
| run: terraform init | |
| working-directory: ./Eks-terraform | |
| - name: Validate Terraform | |
| run: terraform validate | |
| working-directory: ./Eks-terraform | |
| - name: Plan Terraform | |
| id: plan | |
| run: terraform plan -out=tfplan | |
| working-directory: ./Eks-terraform | |
| - name: Apply Terraform | |
| if: github.event.inputs.destroy != 'true' && github.ref == 'refs/heads/main' | |
| run: terraform apply -auto-approve tfplan | |
| working-directory: ./Eks-terraform | |
| - name: Save Terraform Plan | |
| if: github.ref != 'refs/heads/main' | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: terraform-plan | |
| path: ./Eks-terraform/tfplan | |
| - name: Terraform Destroy | |
| if: github.event.inputs.destroy == 'true' | |
| run: terraform destroy -auto-approve | |
| working-directory: ./Eks-terraform | |
| deploy: | |
| needs: terraform | |
| if: github.event.inputs.destroy != 'true' # Skip deploy if we're destroying | |
| runs-on: [self-hosted] | |
| steps: | |
| - name: Docker pull image | |
| run: docker pull gyenoch/swiggy-clone:latest | |
| - name: Image scan with Trivy | |
| run: trivy image gyenoch/swiggy-clone:latest > trivyimagedeploy.txt | |
| - name: Deploy to container | |
| run: docker run -d --name swiggy-clone1 -p 3000:3000 gyenoch/swiggy-clone:latest | |
| - name: Update kubeconfig | |
| run: aws eks --region us-east-1 update-kubeconfig --name EKS_CLOUD | |
| - name: Deploy to Kubernetes | |
| run: kubectl apply -f ./deployment-service.yml |