Skip to content

Commit

Permalink
Create netflix.yaml
Browse files Browse the repository at this point in the history
  • Loading branch information
Bisharsh authored Jun 23, 2024
1 parent 3dae951 commit 03fe854
Showing 1 changed file with 98 additions and 0 deletions.
98 changes: 98 additions & 0 deletions .github/workflows/netflix.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
name: Netflix Pipeline

on:
push:
branches:
- main

jobs:
build:
runs-on: ubuntu-latest

env:
SCANNER_HOME: /usr/local/bin/sonar-scanner
TMDB_V3_API_KEY: ${{ secrets.TMDB_V3_API_KEY }}
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
KUBECONFIG: ${{ secrets.KUBECONFIG }}

steps:
- name: Clean workspace
run: rm -rf $GITHUB_WORKSPACE/*

- name: Checkout from Git
uses: actions/checkout@v2

- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: 17

- name: Set up Node.js 16
uses: actions/setup-node@v3
with:
node-version: 16

- name: SonarQube Analysis
env:
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
$SCANNER_HOME/bin/sonar-scanner -Dsonar.projectName=Netflix -Dsonar.projectKey=Netflix
- name: Quality Gate
run: |
sonar-quality-gate.sh
env:
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

- name: Install Dependencies
run: npm install

- name: OWASP Dependency Check
run: dependency-check --scan ./ --disableYarnAudit --disableNodeAudit

- name: Publish OWASP Dependency Check Report
uses: actions/upload-artifact@v3
with:
name: dependency-check-report
path: '**/dependency-check-report.xml'

- name: TRIVY FS Scan
run: trivy fs . > trivyfs.txt

- name: Docker Build & Push
run: |
echo $DOCKERHUB_PASSWORD | docker login -u $DOCKERHUB_USERNAME --password-stdin
docker build --build-arg TMDB_V3_API_KEY=$TMDB_V3_API_KEY -t netflix .
docker tag netflix $DOCKERHUB_USERNAME/netflix:latest
docker push $DOCKERHUB_USERNAME/netflix:latest
- name: TRIVY Image Scan
run: trivy image $DOCKERHUB_USERNAME/netflix:latest > trivyimage.txt

- name: Deploy to Container
run: docker run -d -p 8081:80 $DOCKERHUB_USERNAME/netflix:latest

- name: Deploy to Kubernetes
run: |
echo $KUBECONFIG > $HOME/.kube/config
kubectl apply -f Kubernetes/deployment.yml
kubectl apply -f Kubernetes/service.yml
- name: Send Email Notification
uses: dawidd6/action-send-mail@v3
with:
server_address: smtp.example.com
server_port: 587
username: ${{ secrets.EMAIL_USERNAME }}
password: ${{ secrets.EMAIL_PASSWORD }}
subject: 'Build ${{ github.run_number }} - ${{ job.status }}'
body: |
Project: Netflix Clone
Build Number: ${{ github.run_number }}
URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
to: [email protected]
attachments: trivyfs.txt, trivyimage.txt

0 comments on commit 03fe854

Please sign in to comment.