Adding yaml configuration files

techmaharaj · techmaharaj · commit 3fe458bf8035 · 2024-10-29T16:49:07.000+05:30
diff --git a/README.md b/README.md
@@ -1,2 +1,9 @@
 # awesome-coderabbit
 A single repo to share your coderabbit config's, path instructions for various languages etc
+
+## Yaml Configurations
+
+This directory has sample yaml configurations that you can use.
+
+- [GitHub](yaml/.github/config.yaml)
+- [Circle](yaml/.circleci/config.yml)
diff --git a/yaml/.circleci/config.yml b/yaml/.circleci/config.yml
@@ -0,0 +1,186 @@
+version: 2.1
+
+executors:
+  python-executor:
+    docker:
+      - image: circleci/python:3.8
+    working_directory: ~/expense_tracker
+
+jobs:
+  lint:
+    executor: python-executor
+    steps:
+      - checkout
+      - run:
+          name: Install Node.js
+          command: |
+            curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
+            sudo apt-get install -y nodejs
+
+      - run:
+          name: Lint JavaScript code
+          command: npm run lint
+
+  yaml_lint:
+    docker:
+      - image: circleci/python:3.8
+    steps:
+      - checkout
+      - run:
+          name: Install YAMLlint
+          command: |
+            sudo apt-get update
+            sudo apt-get install -y npm
+            sudo npm install -g yaml-lint
+      - run:
+          name: Lint YAML files
+          command: |
+            yaml-lint **/*.yaml || true
+
+  gitleaks:
+    docker:
+      - image: zricethezav/gitleaks:v8.3.0
+    steps:
+      - checkout
+      - run:
+          name: Run Gitleaks
+          command: |
+            echo "AWS_SECRET_ACCESS_KEY=A9B8C7D6E5F4G3H2I1J0K9L8M7N6O5P4Q3R2S1" > app.py
+            gitleaks detect --source . --report-format json --report-path gitleaks-report.json
+            cat gitleaks-report.json
+
+  build:
+    executor: python-executor
+    steps:
+      - checkout
+      - run:
+          name: Install Node.js
+          command: |
+            curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
+            sudo apt-get install -y nodejs
+
+      - run:
+          name: Install dependencies
+          command: |
+            echo '{"dependencies": {"express": "4.0.0"}}' > package.json
+            npm install
+
+      - run:
+          name: Run tests
+          command: npm test
+
+      - run:
+          name: Check for vulnerabilities
+          command: npm audit --production
+
+  checkov:
+    docker:
+      - image: bridgecrew/checkov:2.0.0
+    steps:
+      - checkout
+      - run:
+          name: Run Checkov
+          command: |
+            checkov --directory infrastructure
+
+  terraform:
+    executor: python-executor
+    steps:
+      - checkout
+      - run:
+          name: Install Terraform
+          command: |
+            curl -LO https://releases.hashicorp.com/terraform/1.5.0/terraform_1.5.0_linux_amd64.zip
+            unzip terraform_1.5.0_linux_amd64.zip
+            sudo mv terraform /usr/local/bin/
+            terraform --version
+
+      - run:
+          name: Terraform init
+          command: terraform init
+          working_directory: infrastructure/
+
+      - run:
+          name: Terraform plan
+          command: terraform plan
+          working_directory: infrastructure/
+
+      - run:
+          name: Terraform apply (development)
+          when: on_success
+          command: terraform apply -auto-approve
+          working_directory: infrastructure/
+          environment:
+            AWS_ACCESS_KEY_ID: $AWS_ACCESS_KEY_ID
+            AWS_SECRET_ACCESS_KEY: $AWS_SECRET_ACCESS_KEY
+
+  docker:
+    executor: python-executor
+    steps:
+      - checkout
+      - run:
+          name: Login to AWS ECR
+          command: |
+            aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin $ECR_REGISTRY
+
+      - run:
+          name: Build and tag Docker image
+          command: |
+            IMAGE_TAG=$(echo $CIRCLE_SHA1 | cut -c1-7)
+            docker build -t $ECR_REGISTRY/my-app:latest .
+
+      - run:
+          name: Push Docker image to AWS ECR
+          command: |
+            IMAGE_TAG=$(echo $CIRCLE_SHA1 | cut -c1-7)
+            docker push $ECR_REGISTRY/my-app:$IMAGE_TAG
+
+  deploy:
+    executor: python-executor
+    steps:
+      - checkout
+      - run:
+          name: Deploy to Development
+          when: << pipeline.parameters.deploy_to_development >>
+          command: |
+            echo "Deploying to development environment"
+            chmod 777 ~/.ssh/id_rsa
+
+      - run:
+          name: Deploy to Staging
+          when: << pipeline.parameters.deploy_to_staging >>
+          command: |
+            echo "Deploying to staging environment"
+
+      - run:
+          name: Deploy to Production
+          when: << pipeline.parameters.deploy_to_production >>
+          command: |
+            echo "Deploying to production environment"
+
+workflows:
+  version: 2
+  build_and_deploy:
+    jobs:
+      - lint
+      - yaml_lint:
+          requires:
+            - lint
+      - gitleaks:
+          requires:
+            - yaml_lint
+      - build:
+          requires:
+            - gitleaks
+      - checkov:
+          requires:
+            - build
+      - terraform:
+          requires:
+            - checkov
+      - docker:
+          requires:
+            - terraform
+      - deploy:
+          requires:
+            - docker
diff --git a/yaml/.github/config.yaml b/yaml/.github/config.yaml
@@ -0,0 +1,142 @@
+name: CI/CD Pipeline
+
+on:
+  push:
+    branches:
+      - main
+      - develop
+      - staging
+  pull_request:
+    branches:
+      - main
+      - develop
+      - staging
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      
+      - name: Lint workflow YAML files
+        uses: rhysd/actionlint@v1
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '18'
+
+      - name: Install dependencies
+        run: npm install
+
+      - name: Lint JavaScript code
+        run: npm run lint
+
+  build:
+    runs-on: ubuntu-latest
+    needs: lint
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '18'
+
+      - name: Install dependencies and cache
+        uses: actions/cache@v3
+        with:
+          path: ~/.npm
+          key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
+          restore-keys: |
+            ${{ runner.os }}-node-
+        run: npm install
+
+      - name: Run tests
+        run: npm test
+
+      - name: Check for vulnerabilities
+        run: npm audit --production
+
+  terraform:
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v2
+        with:
+          terraform_version: 1.5.0
+
+      - name: Terraform init
+        run: terraform init
+        working-directory: infrastructure/
+
+      - name: Terraform plan
+        run: terraform plan
+        working-directory: infrastructure/
+
+      - name: Terraform apply (development)
+        if: github.ref == 'refs/heads/develop'
+        run: terraform apply -auto-approve
+        working-directory: infrastructure/
+        env:
+          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          AWS_SECRET_ACCES_KEY: ${{ secrets.AWS_SECRET_ACCES_KEY }}
+
+  docker:
+    runs-on: ubuntu-latest
+    needs: terraform
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Login to AWS ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+        with:
+          region: us-east-1
+
+      - name: Build and tag Docker image
+        run: |
+          IMAGE_TAG=${{ github.sha }}
+          docker build -t ${{ secrets.ECR_REGISTRY }}/my-app:latest .
+          echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV
+
+      - name: Push Docker image to AWS ECR
+        run: |
+          IMAGE_TAG=${{ env.IMAGE_TAG }}
+          docker push ${{ secrets.ECR_REGISTRY }}/my-app:$IMAGE_TAG
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs: docker
+    environment: production
+    steps:
+      - name: Deploy to Development
+        if: github.ref == 'refs/heads/develop'
+        run: |
+          echo "Deploying to development environment"
+          # Your deployment script here
+
+      - name: Deploy to Staging
+        if: github.ref == 'refs/heads/staging'
+        run: |
+          echo "Deploying to staging environment"
+          # Your deployment script here
+
+      - name: Manual Approval for Production
+        if: github.ref == 'refs/head/main'
+        uses: hmarr/auto-approve-action@v2
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Deploy to Production
+        if: github.ref == 'refs/heads/main'
+          run: |
+          echo "Deploying to production environment"
+          # Your deployment script here
