Skip to content

Adding yaml configuration files #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 1 commit into from
Closed

Adding yaml configuration files #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,9 @@
# awesome-coderabbit
A single repo to share your coderabbit config's, path instructions for various languages etc

## Yaml Configurations

This directory has sample yaml configurations that you can use.

- [GitHub](yaml/.github/config.yaml)
- [Circle](yaml/.circleci/config.yml)
186 changes: 186 additions & 0 deletions yaml/.circleci/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,186 @@
version: 2.1

executors:
python-executor:
docker:
- image: circleci/python:3.8
working_directory: ~/expense_tracker

jobs:
lint:
executor: python-executor
steps:
- checkout
- run:
name: Install Node.js
command: |
curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt-get install -y nodejs

- run:
name: Lint JavaScript code
command: npm run lint

yaml_lint:
docker:
- image: circleci/python:3.8
steps:
- checkout
- run:
name: Install YAMLlint
command: |
sudo apt-get update
sudo apt-get install -y npm
sudo npm install -g yaml-lint
- run:
name: Lint YAML files
command: |
yaml-lint **/*.yaml || true

gitleaks:
docker:
- image: zricethezav/gitleaks:v8.3.0
steps:
- checkout
- run:
name: Run Gitleaks
command: |
echo "AWS_SECRET_ACCESS_KEY=A9B8C7D6E5F4G3H2I1J0K9L8M7N6O5P4Q3R2S1" > app.py
gitleaks detect --source . --report-format json --report-path gitleaks-report.json
cat gitleaks-report.json

build:
executor: python-executor
steps:
- checkout
- run:
name: Install Node.js
command: |
curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
sudo apt-get install -y nodejs

- run:
name: Install dependencies
command: |
echo '{"dependencies": {"express": "4.0.0"}}' > package.json
npm install

- run:
name: Run tests
command: npm test

- run:
name: Check for vulnerabilities
command: npm audit --production

checkov:
docker:
- image: bridgecrew/checkov:2.0.0
steps:
- checkout
- run:
name: Run Checkov
command: |
checkov --directory infrastructure

terraform:
executor: python-executor
steps:
- checkout
- run:
name: Install Terraform
command: |
curl -LO https://releases.hashicorp.com/terraform/1.5.0/terraform_1.5.0_linux_amd64.zip
unzip terraform_1.5.0_linux_amd64.zip
sudo mv terraform /usr/local/bin/
terraform --version

- run:
name: Terraform init
command: terraform init
working_directory: infrastructure/

- run:
name: Terraform plan
command: terraform plan
working_directory: infrastructure/

- run:
name: Terraform apply (development)
when: on_success
command: terraform apply -auto-approve
working_directory: infrastructure/
environment:
AWS_ACCESS_KEY_ID: $AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY: $AWS_SECRET_ACCESS_KEY

docker:
executor: python-executor
steps:
- checkout
- run:
name: Login to AWS ECR
command: |
aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin $ECR_REGISTRY

- run:
name: Build and tag Docker image
command: |
IMAGE_TAG=$(echo $CIRCLE_SHA1 | cut -c1-7)
docker build -t $ECR_REGISTRY/my-app:latest .

- run:
name: Push Docker image to AWS ECR
command: |
IMAGE_TAG=$(echo $CIRCLE_SHA1 | cut -c1-7)
docker push $ECR_REGISTRY/my-app:$IMAGE_TAG

deploy:
executor: python-executor
steps:
- checkout
- run:
name: Deploy to Development
when: << pipeline.parameters.deploy_to_development >>
command: |
echo "Deploying to development environment"
chmod 777 ~/.ssh/id_rsa

- run:
name: Deploy to Staging
when: << pipeline.parameters.deploy_to_staging >>
command: |
echo "Deploying to staging environment"

- run:
name: Deploy to Production
when: << pipeline.parameters.deploy_to_production >>
command: |
echo "Deploying to production environment"

workflows:
version: 2
build_and_deploy:
jobs:
- lint
- yaml_lint:
requires:
- lint
- gitleaks:
requires:
- yaml_lint
- build:
requires:
- gitleaks
- checkov:
requires:
- build
- terraform:
requires:
- checkov
- docker:
requires:
- terraform
- deploy:
requires:
- docker
142 changes: 142 additions & 0 deletions yaml/.github/config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,142 @@
name: CI/CD Pipeline

on:
push:
branches:
- main
- develop
- staging
pull_request:
branches:
- main
- develop
- staging

jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Lint workflow YAML files
uses: rhysd/actionlint@v1

- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: '18'

- name: Install dependencies
run: npm install

- name: Lint JavaScript code
run: npm run lint

build:
runs-on: ubuntu-latest
needs: lint
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: '18'

- name: Install dependencies and cache
uses: actions/cache@v3
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
run: npm install

- name: Run tests
run: npm test

- name: Check for vulnerabilities
run: npm audit --production

terraform:
runs-on: ubuntu-latest
needs: build
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.5.0

- name: Terraform init
run: terraform init
working-directory: infrastructure/

- name: Terraform plan
run: terraform plan
working-directory: infrastructure/

- name: Terraform apply (development)
if: github.ref == 'refs/heads/develop'
run: terraform apply -auto-approve
working-directory: infrastructure/
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCES_KEY: ${{ secrets.AWS_SECRET_ACCES_KEY }}

docker:
runs-on: ubuntu-latest
needs: terraform
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Login to AWS ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
with:
region: us-east-1

- name: Build and tag Docker image
run: |
IMAGE_TAG=${{ github.sha }}
docker build -t ${{ secrets.ECR_REGISTRY }}/my-app:latest .
echo "IMAGE_TAG=$IMAGE_TAG" >> $GITHUB_ENV

- name: Push Docker image to AWS ECR
run: |
IMAGE_TAG=${{ env.IMAGE_TAG }}
docker push ${{ secrets.ECR_REGISTRY }}/my-app:$IMAGE_TAG

deploy:
runs-on: ubuntu-latest
needs: docker
environment: production
steps:
- name: Deploy to Development
if: github.ref == 'refs/heads/develop'
run: |
echo "Deploying to development environment"
# Your deployment script here

- name: Deploy to Staging
if: github.ref == 'refs/heads/staging'
run: |
echo "Deploying to staging environment"
# Your deployment script here

- name: Manual Approval for Production
if: github.ref == 'refs/head/main'
uses: hmarr/auto-approve-action@v2
with:
github-token: ${{ secrets.GITHUB_TOKEN }}

- name: Deploy to Production
if: github.ref == 'refs/heads/main'
run: |
echo "Deploying to production environment"
# Your deployment script here