Skip to content

Add Docker support and update CI/CD workflows #18

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 21, 2025
Merged

Add Docker support and update CI/CD workflows #18

merged 2 commits into from
Apr 21, 2025

Conversation

CalinL
Copy link
Contributor

@CalinL CalinL commented Apr 21, 2025

  • Introduced Dockerfile for building the web application.
  • Added .dockerignore to exclude unnecessary files from Docker context.
  • Updated CI workflow to build and push Docker images to Azure Container Registry.
  • Enhanced CI/CD workflow to deploy Docker images to Azure Web App.
  • Modified launchSettings.json to support Docker configuration.
  • Updated webapp01.csproj to include Docker-related properties and dependencies.

@CalinL
Add Docker support and update CI/CD workflows
a37a498 
- Introduced Dockerfile for building the web application.
- Added .dockerignore to exclude unnecessary files from Docker context.
- Updated CI workflow to build and push Docker images to Azure Container Registry.
- Enhanced CI/CD workflow to deploy Docker images to Azure Web App.
- Modified launchSettings.json to support Docker configuration.
- Updated webapp01.csproj to include Docker-related properties and dependencies.
@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 21, 2025
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

License Issues

src/webapp01/webapp01.csproj

PackageVersionLicenseIssue Type
Microsoft.VisualStudio.Azure.Containers.Tools.Targets1.21.0NullUnknown License
Allowed Licenses: MIT, Apache-2.0

OpenSSF Scorecard

PackageVersionScoreDetails
actions/azure/docker-login 1.*.* UnknownUnknown
actions/azure/webapps-deploy 2.*.* UnknownUnknown
nuget/Microsoft.VisualStudio.Azure.Containers.Tools.Targets 1.21.0 UnknownUnknown

Scanned Files

  • .github/workflows/cicd.yml
  • src/webapp01/webapp01.csproj

github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 21, 2025
View reviewed changes
.github/workflows/cicd.yml
@@ -52,6 +52,20 @@
app-name: ${{ env.AZURE_WEBAPP_NAME }} # Replace with your app name
package: '${{ env.AZURE_WEBAPP_PACKAGE_PATH }}/webapp01/bin/publish'

- uses: azure/docker-login@v1

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'CI/CD for Azure Web App' step
Uses Step
Loading
uses 'azure/docker-login' with ref 'v1', not a pinned commit hash
.github/workflows/cicd.yml
docker build . -t crdevsecopscldev.azurecr.io/webapp01:${{ github.sha }}
docker push crdevsecopscldev.azurecr.io/webapp01:${{ github.sha }}

- uses: azure/webapps-deploy@v2

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'CI/CD for Azure Web App' step
Uses Step
Loading
uses 'azure/webapps-deploy' with ref 'v2', not a pinned commit hash
github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 21, 2025
View reviewed changes
src/webapp01/Dockerfile
Comment on lines +1 to +30
# See https://aka.ms/customizecontainer to learn how to customize your debug container and how Visual Studio uses this Dockerfile to build your images for faster debugging.

# This stage is used when running from VS in fast mode (Default for Debug configuration)
FROM mcr.microsoft.com/dotnet/aspnet:9.0 AS base
USER $APP_UID
WORKDIR /app
EXPOSE 8080
EXPOSE 8081


# This stage is used to build the service project
FROM mcr.microsoft.com/dotnet/sdk:9.0 AS build
ARG BUILD_CONFIGURATION=Release
WORKDIR /src
COPY ["webapp01.csproj", "."]
RUN dotnet restore "./webapp01.csproj"
COPY . .
WORKDIR "/src/."
RUN dotnet build "./webapp01.csproj" -c $BUILD_CONFIGURATION -o /app/build

# This stage is used to publish the service project to be copied to the final stage
FROM build AS publish
ARG BUILD_CONFIGURATION=Release
RUN dotnet publish "./webapp01.csproj" -c $BUILD_CONFIGURATION -o /app/publish /p:UseAppHost=false

# This stage is used in production or when running from VS in regular mode (Default when not using the Debug configuration)
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "webapp01.dll"]

Check notice

Code scanning / checkov

Ensure that HEALTHCHECK instructions have been added to container images Note

Ensure that HEALTHCHECK instructions have been added to container images
@CalinL CalinL merged commit 87369ed into main Apr 21, 2025
13 checks passed
@CalinL CalinL deleted the feature/updates branch April 21, 2025 13:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@CalinL