持续集成 #141
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 持续集成 | |
| on: | |
| push: | |
| branches: | |
| - 'feature/**' | |
| workflow_dispatch: # 允许手动触发 | |
| inputs: | |
| environment: | |
| type: choice | |
| description: 'Environment' | |
| required: false | |
| default: uat01 | |
| options: | |
| - dev01 | |
| - dev02 | |
| - dev03 | |
| - uat01 | |
| - uat02 | |
| - uat03 | |
| config-file: | |
| type: string | |
| description: 'Config File' | |
| default: 'value-uat.yaml' | |
| required: false | |
| action-Deploy-Validate: | |
| type: boolean | |
| description: Deploy-Validate | |
| default: true | |
| action-SCAN: | |
| type: boolean | |
| description: SAST-DAST-CONT-FOSS-SCAN | |
| default: false | |
| action-Regression-Test: | |
| type: boolean | |
| description: Regression-Test | |
| default: true | |
| action-Performance-Test: | |
| type: boolean | |
| description: Performance-Test | |
| default: false | |
| action-Notification-Email: | |
| type: boolean | |
| description: Notification-Email | |
| default: true | |
| jobs: | |
| Auto-Integration: | |
| name: Auto-Integration | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Pull Code | |
| uses: actions/checkout@master | |
| continue-on-error: true | |
| - name: Auto Create PR | |
| if: ${{ github.event.before != '0000000000000000000000000000000000000000' }} | |
| uses: peter-evans/create-pull-request@v5 | |
| with: | |
| token: ${{ secrets.TOKEN_GITHUB }} | |
| delete-branch: true | |
| base: main | |
| branch: ${{ github.ref }} | |
| Unit-Test: | |
| needs: Auto-Integration | |
| name: Unit-Test | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event.before != '0000000000000000000000000000000000000000' }} | |
| steps: | |
| - name: 开始扫描 | |
| run: | | |
| echo Unit-Test | |
| - name: 完成扫描 | |
| run: | | |
| echo upload evidence | |
| Sonar-Qube-Scan: | |
| needs: Auto-Integration | |
| name: Sonar-Qube-Scan | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event.before != '0000000000000000000000000000000000000000' }} | |
| steps: | |
| - name: 开始扫描 | |
| run: | | |
| echo SonarQube Scan | |
| - name: 完成扫描 | |
| run: | | |
| echo upload evidence | |
| Build-Package: | |
| needs: Auto-Integration | |
| name: Build-Package | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event.before != '0000000000000000000000000000000000000000' }} | |
| steps: | |
| - name: 开始构建包 | |
| run: | | |
| echo mvn clean package | |
| - name: 开始上传制品 | |
| run: | | |
| echo upload package | |
| Build-Image: | |
| needs: Build-Package | |
| name: Build-Image | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 开始构建镜像 | |
| run: | | |
| echo docker build . | |
| - name: 开始上传制品 | |
| run: | | |
| echo upload image | |
| Build-Chart: | |
| needs: Build-Image | |
| name: Build-Chart | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 开始构建Chart | |
| run: | | |
| echo helm build . | |
| - name: 开始上传制品 | |
| run: | | |
| echo upload chart | |
| Deploy-Validate: | |
| needs: [Build-Package,Build-Image,Build-Chart] | |
| name: Deploy-Validate | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 开始部署 | |
| run: | | |
| echo helm build . | |
| - name: 部署完成 | |
| run: | | |
| echo upload chart | |
| SAST-SCAN: | |
| needs: Deploy-Validate | |
| name: SAST-Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: SAST-Scan Start | |
| run: | | |
| echo SAST-SCAN | |
| - name: SAST-Scan Completed | |
| run: | | |
| echo SAST-SCAN | |
| DAST-SCAN: | |
| needs: Deploy-Validate | |
| name: DAST-Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: DAST-Scan Start | |
| run: | | |
| echo DAST-SCAN | |
| - name: DAST-Scan Completed | |
| run: | | |
| echo DAST-SCAN | |
| CONT-SCAN: | |
| needs: Deploy-Validate | |
| name: CONT-Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: CONT-Scan Start | |
| run: | | |
| echo CONT-SCAN | |
| - name: CONT-Scan Completed | |
| run: | | |
| echo CONT-SCAN | |
| FOSS-SCAN: | |
| needs: Deploy-Validate | |
| name: FOSS-Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: FOSS-Scan Start | |
| run: | | |
| echo FOSS-SCAN | |
| - name: FOSS-Scan Completed | |
| run: | | |
| echo FOSS-SCAN | |
| Regression-Test: | |
| needs: Deploy-Validate | |
| name: Regression-Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Regression-Test Start | |
| run: | | |
| echo Regression-Test | |
| - name: Regression-Test Completed | |
| run: | | |
| echo Regression-Test | |
| Performance-Test: | |
| needs: Deploy-Validate | |
| name: Performance-Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Performance-Test Start | |
| run: | | |
| echo Performance-Test | |
| - name: Performance-Test Completed | |
| run: | | |
| echo Performance-Test | |
| Notification-Email: | |
| needs: [Regression-Test,Performance-Test,FOSS-SCAN,CONT-SCAN,DAST-SCAN,SAST-SCAN] | |
| name: Notification-Email | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Notification-Email | |
| run: | | |
| echo Send an email. |