From c765d6316fb380d15d81206ede83b0042cdac377 Mon Sep 17 00:00:00 2001 From: Ashwin Sangem Date: Thu, 21 Oct 2021 14:27:06 +0530 Subject: [PATCH 01/12] Added new templates for 3 clouds. --- deployments/aws_docker.yml | 92 +++++++++++++++++++ deployments/aws_node.yml | 92 +++++++++++++++++++ deployments/azure_docker.yml | 51 ++++++++++ deployments/azure_node.yml | 51 ++++++++++ deployments/google_java.yml | 81 ++++++++++++++++ deployments/google_python.yml | 81 ++++++++++++++++ .../properties/aws_docker.properties.json | 7 ++ .../properties/aws_node.properties.json | 7 ++ .../properties/azure_docker.properties.json | 7 ++ .../properties/azure_node.properties.json | 7 ++ .../properties/google_java.properties.json | 7 ++ .../properties/google_python.properties.json | 7 ++ 12 files changed, 490 insertions(+) create mode 100644 deployments/aws_docker.yml create mode 100644 deployments/aws_node.yml create mode 100644 deployments/azure_docker.yml create mode 100644 deployments/azure_node.yml create mode 100644 deployments/google_java.yml create mode 100644 deployments/google_python.yml create mode 100644 deployments/properties/aws_docker.properties.json create mode 100644 deployments/properties/aws_node.properties.json create mode 100644 deployments/properties/azure_docker.properties.json create mode 100644 deployments/properties/azure_node.properties.json create mode 100644 deployments/properties/google_java.properties.json create mode 100644 deployments/properties/google_python.properties.json diff --git a/deployments/aws_docker.yml b/deployments/aws_docker.yml new file mode 100644 index 0000000..dab851f --- /dev/null +++ b/deployments/aws_docker.yml @@ -0,0 +1,92 @@ +# This workflow will build and push a new container image to Amazon ECR, +# and then will deploy a new task definition to Amazon ECS, when there is a push to the $default-branch branch. +# +# To use this workflow, you will need to complete the following set-up steps: +# +# 1. Create an ECR repository to store your images. +# For example: `aws ecr create-repository --repository-name my-ecr-repo --region us-east-2`. +# Replace the value of the `ECR_REPOSITORY` environment variable in the workflow below with your repository's name. +# Replace the value of the `AWS_REGION` environment variable in the workflow below with your repository's region. +# +# 2. Create an ECS task definition, an ECS cluster, and an ECS service. +# For example, follow the Getting Started guide on the ECS console: +# https://us-east-2.console.aws.amazon.com/ecs/home?region=us-east-2#/firstRun +# Replace the value of the `ECS_SERVICE` environment variable in the workflow below with the name you set for the Amazon ECS service. +# Replace the value of the `ECS_CLUSTER` environment variable in the workflow below with the name you set for the cluster. +# +# 3. Store your ECS task definition as a JSON file in your repository. +# The format should follow the output of `aws ecs register-task-definition --generate-cli-skeleton`. +# Replace the value of the `ECS_TASK_DEFINITION` environment variable in the workflow below with the path to the JSON file. +# Replace the value of the `CONTAINER_NAME` environment variable in the workflow below with the name of the container +# in the `containerDefinitions` section of the task definition. +# +# 4. Store an IAM user access key in GitHub Actions secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`. +# See the documentation for each action used below for the recommended IAM policies for this IAM user, +# and best practices on handling the access key credentials. + +name: Deploy to Amazon ECS + +on: + push: + branches: + - $default-branch + +env: + AWS_REGION: MY_AWS_REGION # set this to your preferred AWS region, e.g. us-west-1 + ECR_REPOSITORY: MY_ECR_REPOSITORY # set this to your Amazon ECR repository name + ECS_SERVICE: MY_ECS_SERVICE # set this to your Amazon ECS service name + ECS_CLUSTER: MY_ECS_CLUSTER # set this to your Amazon ECS cluster name + ECS_TASK_DEFINITION: MY_ECS_TASK_DEFINITION # set this to the path to your Amazon ECS task definition + # file, e.g. .aws/task-definition.json + CONTAINER_NAME: MY_CONTAINER_NAME # set this to the name of the container in the + # containerDefinitions section of your task definition + +jobs: + deploy: + name: Deploy + runs-on: ubuntu-latest + environment: production + + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ env.AWS_REGION }} + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + + - name: Build, tag, and push image to Amazon ECR + id: build-image + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + IMAGE_TAG: ${{ github.sha }} + run: | + # Build a docker container and + # push it to ECR so that it can + # be deployed to ECS. + docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . + docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG + echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" + + - name: Fill in the new image ID in the Amazon ECS task definition + id: task-def + uses: aws-actions/amazon-ecs-render-task-definition@v1 + with: + task-definition: ${{ env.ECS_TASK_DEFINITION }} + container-name: ${{ env.CONTAINER_NAME }} + image: ${{ steps.build-image.outputs.image }} + + - name: Deploy Amazon ECS task definition + uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + with: + task-definition: ${{ steps.task-def.outputs.task-definition }} + service: ${{ env.ECS_SERVICE }} + cluster: ${{ env.ECS_CLUSTER }} + wait-for-service-stability: true diff --git a/deployments/aws_node.yml b/deployments/aws_node.yml new file mode 100644 index 0000000..dab851f --- /dev/null +++ b/deployments/aws_node.yml @@ -0,0 +1,92 @@ +# This workflow will build and push a new container image to Amazon ECR, +# and then will deploy a new task definition to Amazon ECS, when there is a push to the $default-branch branch. +# +# To use this workflow, you will need to complete the following set-up steps: +# +# 1. Create an ECR repository to store your images. +# For example: `aws ecr create-repository --repository-name my-ecr-repo --region us-east-2`. +# Replace the value of the `ECR_REPOSITORY` environment variable in the workflow below with your repository's name. +# Replace the value of the `AWS_REGION` environment variable in the workflow below with your repository's region. +# +# 2. Create an ECS task definition, an ECS cluster, and an ECS service. +# For example, follow the Getting Started guide on the ECS console: +# https://us-east-2.console.aws.amazon.com/ecs/home?region=us-east-2#/firstRun +# Replace the value of the `ECS_SERVICE` environment variable in the workflow below with the name you set for the Amazon ECS service. +# Replace the value of the `ECS_CLUSTER` environment variable in the workflow below with the name you set for the cluster. +# +# 3. Store your ECS task definition as a JSON file in your repository. +# The format should follow the output of `aws ecs register-task-definition --generate-cli-skeleton`. +# Replace the value of the `ECS_TASK_DEFINITION` environment variable in the workflow below with the path to the JSON file. +# Replace the value of the `CONTAINER_NAME` environment variable in the workflow below with the name of the container +# in the `containerDefinitions` section of the task definition. +# +# 4. Store an IAM user access key in GitHub Actions secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`. +# See the documentation for each action used below for the recommended IAM policies for this IAM user, +# and best practices on handling the access key credentials. + +name: Deploy to Amazon ECS + +on: + push: + branches: + - $default-branch + +env: + AWS_REGION: MY_AWS_REGION # set this to your preferred AWS region, e.g. us-west-1 + ECR_REPOSITORY: MY_ECR_REPOSITORY # set this to your Amazon ECR repository name + ECS_SERVICE: MY_ECS_SERVICE # set this to your Amazon ECS service name + ECS_CLUSTER: MY_ECS_CLUSTER # set this to your Amazon ECS cluster name + ECS_TASK_DEFINITION: MY_ECS_TASK_DEFINITION # set this to the path to your Amazon ECS task definition + # file, e.g. .aws/task-definition.json + CONTAINER_NAME: MY_CONTAINER_NAME # set this to the name of the container in the + # containerDefinitions section of your task definition + +jobs: + deploy: + name: Deploy + runs-on: ubuntu-latest + environment: production + + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ env.AWS_REGION }} + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + + - name: Build, tag, and push image to Amazon ECR + id: build-image + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + IMAGE_TAG: ${{ github.sha }} + run: | + # Build a docker container and + # push it to ECR so that it can + # be deployed to ECS. + docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . + docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG + echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" + + - name: Fill in the new image ID in the Amazon ECS task definition + id: task-def + uses: aws-actions/amazon-ecs-render-task-definition@v1 + with: + task-definition: ${{ env.ECS_TASK_DEFINITION }} + container-name: ${{ env.CONTAINER_NAME }} + image: ${{ steps.build-image.outputs.image }} + + - name: Deploy Amazon ECS task definition + uses: aws-actions/amazon-ecs-deploy-task-definition@v1 + with: + task-definition: ${{ steps.task-def.outputs.task-definition }} + service: ${{ env.ECS_SERVICE }} + cluster: ${{ env.ECS_CLUSTER }} + wait-for-service-stability: true diff --git a/deployments/azure_docker.yml b/deployments/azure_docker.yml new file mode 100644 index 0000000..904ff25 --- /dev/null +++ b/deployments/azure_docker.yml @@ -0,0 +1,51 @@ +# This workflow will build and push a node.js application to an Azure Web App when there is a push to the $default-branch branch. +# +# This workflow assumes you have already created the target Azure App Service web app. +# For instructions see https://docs.microsoft.com/azure/app-service/app-service-plan-manage#create-an-app-service-plan +# +# To configure this workflow: +# +# 1. For Linux apps, add an app setting called WEBSITE_WEBDEPLOY_USE_SCM and set it to true in your app **before downloading the file**. +# For more instructions see: https://docs.microsoft.com/azure/app-service/configure-common#configure-app-settings +# +# 2. Set up a secret in your repository named AZURE_WEBAPP_PUBLISH_PROFILE with the value of your Azure publish profile. +# For instructions on obtaining the publish profile see: https://docs.microsoft.com/azure/app-service/deploy-github-actions#configure-the-github-secret +# +# 3. Change the values for the AZURE_WEBAPP_NAME, AZURE_WEBAPP_PACKAGE_PATH and NODE_VERSION environment variables (below). +# +# For more information on GitHub Actions for Azure, refer to https://github.com/Azure/Actions +# For more samples to get started with GitHub Action workflows to deploy to Azure, refer to https://github.com/Azure/actions-workflow-samples +on: + push: + branches: + - $default-branch + +env: + AZURE_WEBAPP_NAME: your-app-name # set this to your application's name + AZURE_WEBAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root + NODE_VERSION: '10.x' # set this to the node version to use + +jobs: + build-and-deploy: + name: Build and Deploy + runs-on: ubuntu-latest + environment: production + steps: + - uses: actions/checkout@v2 + - name: Use Node.js ${{ env.NODE_VERSION }} + uses: actions/setup-node@v2 + with: + node-version: ${{ env.NODE_VERSION }} + - name: npm install, build, and test + run: | + # Build and test the project, then + # deploy to Azure Web App. + npm install + npm run build --if-present + npm run test --if-present + - name: 'Deploy to Azure WebApp' + uses: azure/webapps-deploy@v2 + with: + app-name: ${{ env.AZURE_WEBAPP_NAME }} + publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} + package: ${{ env.AZURE_WEBAPP_PACKAGE_PATH }} diff --git a/deployments/azure_node.yml b/deployments/azure_node.yml new file mode 100644 index 0000000..904ff25 --- /dev/null +++ b/deployments/azure_node.yml @@ -0,0 +1,51 @@ +# This workflow will build and push a node.js application to an Azure Web App when there is a push to the $default-branch branch. +# +# This workflow assumes you have already created the target Azure App Service web app. +# For instructions see https://docs.microsoft.com/azure/app-service/app-service-plan-manage#create-an-app-service-plan +# +# To configure this workflow: +# +# 1. For Linux apps, add an app setting called WEBSITE_WEBDEPLOY_USE_SCM and set it to true in your app **before downloading the file**. +# For more instructions see: https://docs.microsoft.com/azure/app-service/configure-common#configure-app-settings +# +# 2. Set up a secret in your repository named AZURE_WEBAPP_PUBLISH_PROFILE with the value of your Azure publish profile. +# For instructions on obtaining the publish profile see: https://docs.microsoft.com/azure/app-service/deploy-github-actions#configure-the-github-secret +# +# 3. Change the values for the AZURE_WEBAPP_NAME, AZURE_WEBAPP_PACKAGE_PATH and NODE_VERSION environment variables (below). +# +# For more information on GitHub Actions for Azure, refer to https://github.com/Azure/Actions +# For more samples to get started with GitHub Action workflows to deploy to Azure, refer to https://github.com/Azure/actions-workflow-samples +on: + push: + branches: + - $default-branch + +env: + AZURE_WEBAPP_NAME: your-app-name # set this to your application's name + AZURE_WEBAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root + NODE_VERSION: '10.x' # set this to the node version to use + +jobs: + build-and-deploy: + name: Build and Deploy + runs-on: ubuntu-latest + environment: production + steps: + - uses: actions/checkout@v2 + - name: Use Node.js ${{ env.NODE_VERSION }} + uses: actions/setup-node@v2 + with: + node-version: ${{ env.NODE_VERSION }} + - name: npm install, build, and test + run: | + # Build and test the project, then + # deploy to Azure Web App. + npm install + npm run build --if-present + npm run test --if-present + - name: 'Deploy to Azure WebApp' + uses: azure/webapps-deploy@v2 + with: + app-name: ${{ env.AZURE_WEBAPP_NAME }} + publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} + package: ${{ env.AZURE_WEBAPP_PACKAGE_PATH }} diff --git a/deployments/google_java.yml b/deployments/google_java.yml new file mode 100644 index 0000000..267d3cb --- /dev/null +++ b/deployments/google_java.yml @@ -0,0 +1,81 @@ +# This workflow will build a docker container, publish it to Google Container Registry, and deploy it to GKE when there is a push to the $default-branch branch. +# +# To configure this workflow: +# +# 1. Ensure that your repository contains the necessary configuration for your Google Kubernetes Engine cluster, including deployment.yml, kustomization.yml, service.yml, etc. +# +# 2. Set up secrets in your workspace: GKE_PROJECT with the name of the project and GKE_SA_KEY with the Base64 encoded JSON service account key (https://github.com/GoogleCloudPlatform/github-actions/tree/docs/service-account-key/setup-gcloud#inputs). +# +# 3. Change the values for the GKE_ZONE, GKE_CLUSTER, IMAGE, and DEPLOYMENT_NAME environment variables (below). +# +# For more support on how to run the workflow, please visit https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke + +name: Build and Deploy to GKE + +on: + push: + branches: + - $default-branch + +env: + PROJECT_ID: ${{ secrets.GKE_PROJECT }} + GKE_CLUSTER: cluster-1 # TODO: update to cluster name + GKE_ZONE: us-central1-c # TODO: update to cluster zone + DEPLOYMENT_NAME: gke-test # TODO: update to deployment name + IMAGE: static-site + +jobs: + setup-build-publish-deploy: + name: Setup, Build, Publish, and Deploy + runs-on: ubuntu-latest + environment: production + + steps: + - name: Checkout + uses: actions/checkout@v2 + + # Setup gcloud CLI + - uses: google-github-actions/setup-gcloud@v0.2.0 + with: + service_account_key: ${{ secrets.GKE_SA_KEY }} + project_id: ${{ secrets.GKE_PROJECT }} + + # Configure Docker to use the gcloud command-line tool as a credential + # helper for authentication + - run: |- + gcloud --quiet auth configure-docker + + # Get the GKE credentials so we can deploy to the cluster + - uses: google-github-actions/get-gke-credentials@v0.2.1 + with: + cluster_name: ${{ env.GKE_CLUSTER }} + location: ${{ env.GKE_ZONE }} + credentials: ${{ secrets.GKE_SA_KEY }} + + # Build the Docker image + - name: Build + run: |- + docker build \ + --tag "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" \ + --build-arg GITHUB_SHA="$GITHUB_SHA" \ + --build-arg GITHUB_REF="$GITHUB_REF" \ + . + + # Push the Docker image to Google Container Registry + - name: Publish + run: |- + docker push "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" + + # Set up kustomize + - name: Set up Kustomize + run: |- + curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64 + chmod u+x ./kustomize + + # Deploy the Docker image to the GKE cluster + - name: Deploy + run: |- + ./kustomize edit set image gcr.io/PROJECT_ID/IMAGE:TAG=gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA + ./kustomize build . | kubectl apply -f - + kubectl rollout status deployment/$DEPLOYMENT_NAME + kubectl get services -o wide diff --git a/deployments/google_python.yml b/deployments/google_python.yml new file mode 100644 index 0000000..267d3cb --- /dev/null +++ b/deployments/google_python.yml @@ -0,0 +1,81 @@ +# This workflow will build a docker container, publish it to Google Container Registry, and deploy it to GKE when there is a push to the $default-branch branch. +# +# To configure this workflow: +# +# 1. Ensure that your repository contains the necessary configuration for your Google Kubernetes Engine cluster, including deployment.yml, kustomization.yml, service.yml, etc. +# +# 2. Set up secrets in your workspace: GKE_PROJECT with the name of the project and GKE_SA_KEY with the Base64 encoded JSON service account key (https://github.com/GoogleCloudPlatform/github-actions/tree/docs/service-account-key/setup-gcloud#inputs). +# +# 3. Change the values for the GKE_ZONE, GKE_CLUSTER, IMAGE, and DEPLOYMENT_NAME environment variables (below). +# +# For more support on how to run the workflow, please visit https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke + +name: Build and Deploy to GKE + +on: + push: + branches: + - $default-branch + +env: + PROJECT_ID: ${{ secrets.GKE_PROJECT }} + GKE_CLUSTER: cluster-1 # TODO: update to cluster name + GKE_ZONE: us-central1-c # TODO: update to cluster zone + DEPLOYMENT_NAME: gke-test # TODO: update to deployment name + IMAGE: static-site + +jobs: + setup-build-publish-deploy: + name: Setup, Build, Publish, and Deploy + runs-on: ubuntu-latest + environment: production + + steps: + - name: Checkout + uses: actions/checkout@v2 + + # Setup gcloud CLI + - uses: google-github-actions/setup-gcloud@v0.2.0 + with: + service_account_key: ${{ secrets.GKE_SA_KEY }} + project_id: ${{ secrets.GKE_PROJECT }} + + # Configure Docker to use the gcloud command-line tool as a credential + # helper for authentication + - run: |- + gcloud --quiet auth configure-docker + + # Get the GKE credentials so we can deploy to the cluster + - uses: google-github-actions/get-gke-credentials@v0.2.1 + with: + cluster_name: ${{ env.GKE_CLUSTER }} + location: ${{ env.GKE_ZONE }} + credentials: ${{ secrets.GKE_SA_KEY }} + + # Build the Docker image + - name: Build + run: |- + docker build \ + --tag "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" \ + --build-arg GITHUB_SHA="$GITHUB_SHA" \ + --build-arg GITHUB_REF="$GITHUB_REF" \ + . + + # Push the Docker image to Google Container Registry + - name: Publish + run: |- + docker push "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" + + # Set up kustomize + - name: Set up Kustomize + run: |- + curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64 + chmod u+x ./kustomize + + # Deploy the Docker image to the GKE cluster + - name: Deploy + run: |- + ./kustomize edit set image gcr.io/PROJECT_ID/IMAGE:TAG=gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA + ./kustomize build . | kubectl apply -f - + kubectl rollout status deployment/$DEPLOYMENT_NAME + kubectl get services -o wide diff --git a/deployments/properties/aws_docker.properties.json b/deployments/properties/aws_docker.properties.json new file mode 100644 index 0000000..1b5955a --- /dev/null +++ b/deployments/properties/aws_docker.properties.json @@ -0,0 +1,7 @@ +{ + "name": "Deploy to Amazon ECS", + "description": "Deploy a container to an Amazon ECS service powered by AWS Fargate or Amazon EC2.", + "creator": "Amazon Web Services", + "iconName": "aws", + "categories": ["Deployment", "Dockerfile"] +} diff --git a/deployments/properties/aws_node.properties.json b/deployments/properties/aws_node.properties.json new file mode 100644 index 0000000..d099e52 --- /dev/null +++ b/deployments/properties/aws_node.properties.json @@ -0,0 +1,7 @@ +{ + "name": "Deploy to Amazon ECS", + "description": "Deploy a container to an Amazon ECS service powered by AWS Fargate or Amazon EC2.", + "creator": "Amazon Web Services", + "iconName": "aws", + "categories": ["Deployment", "JavaScript", "npm"] +} diff --git a/deployments/properties/azure_docker.properties.json b/deployments/properties/azure_docker.properties.json new file mode 100644 index 0000000..a5fd8ea --- /dev/null +++ b/deployments/properties/azure_docker.properties.json @@ -0,0 +1,7 @@ +{ + "name": "Deploy Node.js to Azure Web App", + "description": "Build a Node.js project and deploy it to an Azure Web App.", + "creator": "Microsoft Azure", + "iconName": "azure", + "categories": ["Deployment", "Dockerfile"] +} \ No newline at end of file diff --git a/deployments/properties/azure_node.properties.json b/deployments/properties/azure_node.properties.json new file mode 100644 index 0000000..90a3717 --- /dev/null +++ b/deployments/properties/azure_node.properties.json @@ -0,0 +1,7 @@ +{ + "name": "Deploy Node.js to Azure Web App", + "description": "Build a Node.js project and deploy it to an Azure Web App.", + "creator": "Microsoft Azure", + "iconName": "azure", + "categories": ["Deployment", "JavaScript", "npm"] +} \ No newline at end of file diff --git a/deployments/properties/google_java.properties.json b/deployments/properties/google_java.properties.json new file mode 100644 index 0000000..cc17c30 --- /dev/null +++ b/deployments/properties/google_java.properties.json @@ -0,0 +1,7 @@ +{ + "name": "Build and Deploy to GKE", + "description": "Build a docker container, publish it to Google Container Registry, and deploy to GKE.", + "creator": "Google Cloud", + "iconName": "googlegke", + "categories": ["Deployment", "Java"] +} \ No newline at end of file diff --git a/deployments/properties/google_python.properties.json b/deployments/properties/google_python.properties.json new file mode 100644 index 0000000..3ded1a9 --- /dev/null +++ b/deployments/properties/google_python.properties.json @@ -0,0 +1,7 @@ +{ + "name": "Build and Deploy to GKE", + "description": "Build a docker container, publish it to Google Container Registry, and deploy to GKE.", + "creator": "Google Cloud", + "iconName": "googlegke", + "categories": ["Deployment", "Python"] +} \ No newline at end of file From e3fc80f30e9fe153a43658a7b96ec53b75be6ac7 Mon Sep 17 00:00:00 2001 From: Ashwin Sangem Date: Thu, 21 Oct 2021 08:59:43 +0000 Subject: [PATCH 02/12] Revert "Added new templates for 3 clouds." This reverts commit c765d6316fb380d15d81206ede83b0042cdac377. --- deployments/aws_docker.yml | 92 ------------------- deployments/aws_node.yml | 92 ------------------- deployments/azure_docker.yml | 51 ---------- deployments/azure_node.yml | 51 ---------- deployments/google_java.yml | 81 ---------------- deployments/google_python.yml | 81 ---------------- .../properties/aws_docker.properties.json | 7 -- .../properties/aws_node.properties.json | 7 -- .../properties/azure_docker.properties.json | 7 -- .../properties/azure_node.properties.json | 7 -- .../properties/google_java.properties.json | 7 -- .../properties/google_python.properties.json | 7 -- 12 files changed, 490 deletions(-) delete mode 100644 deployments/aws_docker.yml delete mode 100644 deployments/aws_node.yml delete mode 100644 deployments/azure_docker.yml delete mode 100644 deployments/azure_node.yml delete mode 100644 deployments/google_java.yml delete mode 100644 deployments/google_python.yml delete mode 100644 deployments/properties/aws_docker.properties.json delete mode 100644 deployments/properties/aws_node.properties.json delete mode 100644 deployments/properties/azure_docker.properties.json delete mode 100644 deployments/properties/azure_node.properties.json delete mode 100644 deployments/properties/google_java.properties.json delete mode 100644 deployments/properties/google_python.properties.json diff --git a/deployments/aws_docker.yml b/deployments/aws_docker.yml deleted file mode 100644 index dab851f..0000000 --- a/deployments/aws_docker.yml +++ /dev/null @@ -1,92 +0,0 @@ -# This workflow will build and push a new container image to Amazon ECR, -# and then will deploy a new task definition to Amazon ECS, when there is a push to the $default-branch branch. -# -# To use this workflow, you will need to complete the following set-up steps: -# -# 1. Create an ECR repository to store your images. -# For example: `aws ecr create-repository --repository-name my-ecr-repo --region us-east-2`. -# Replace the value of the `ECR_REPOSITORY` environment variable in the workflow below with your repository's name. -# Replace the value of the `AWS_REGION` environment variable in the workflow below with your repository's region. -# -# 2. Create an ECS task definition, an ECS cluster, and an ECS service. -# For example, follow the Getting Started guide on the ECS console: -# https://us-east-2.console.aws.amazon.com/ecs/home?region=us-east-2#/firstRun -# Replace the value of the `ECS_SERVICE` environment variable in the workflow below with the name you set for the Amazon ECS service. -# Replace the value of the `ECS_CLUSTER` environment variable in the workflow below with the name you set for the cluster. -# -# 3. Store your ECS task definition as a JSON file in your repository. -# The format should follow the output of `aws ecs register-task-definition --generate-cli-skeleton`. -# Replace the value of the `ECS_TASK_DEFINITION` environment variable in the workflow below with the path to the JSON file. -# Replace the value of the `CONTAINER_NAME` environment variable in the workflow below with the name of the container -# in the `containerDefinitions` section of the task definition. -# -# 4. Store an IAM user access key in GitHub Actions secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`. -# See the documentation for each action used below for the recommended IAM policies for this IAM user, -# and best practices on handling the access key credentials. - -name: Deploy to Amazon ECS - -on: - push: - branches: - - $default-branch - -env: - AWS_REGION: MY_AWS_REGION # set this to your preferred AWS region, e.g. us-west-1 - ECR_REPOSITORY: MY_ECR_REPOSITORY # set this to your Amazon ECR repository name - ECS_SERVICE: MY_ECS_SERVICE # set this to your Amazon ECS service name - ECS_CLUSTER: MY_ECS_CLUSTER # set this to your Amazon ECS cluster name - ECS_TASK_DEFINITION: MY_ECS_TASK_DEFINITION # set this to the path to your Amazon ECS task definition - # file, e.g. .aws/task-definition.json - CONTAINER_NAME: MY_CONTAINER_NAME # set this to the name of the container in the - # containerDefinitions section of your task definition - -jobs: - deploy: - name: Deploy - runs-on: ubuntu-latest - environment: production - - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ env.AWS_REGION }} - - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 - - - name: Build, tag, and push image to Amazon ECR - id: build-image - env: - ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} - IMAGE_TAG: ${{ github.sha }} - run: | - # Build a docker container and - # push it to ECR so that it can - # be deployed to ECS. - docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . - docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG - echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" - - - name: Fill in the new image ID in the Amazon ECS task definition - id: task-def - uses: aws-actions/amazon-ecs-render-task-definition@v1 - with: - task-definition: ${{ env.ECS_TASK_DEFINITION }} - container-name: ${{ env.CONTAINER_NAME }} - image: ${{ steps.build-image.outputs.image }} - - - name: Deploy Amazon ECS task definition - uses: aws-actions/amazon-ecs-deploy-task-definition@v1 - with: - task-definition: ${{ steps.task-def.outputs.task-definition }} - service: ${{ env.ECS_SERVICE }} - cluster: ${{ env.ECS_CLUSTER }} - wait-for-service-stability: true diff --git a/deployments/aws_node.yml b/deployments/aws_node.yml deleted file mode 100644 index dab851f..0000000 --- a/deployments/aws_node.yml +++ /dev/null @@ -1,92 +0,0 @@ -# This workflow will build and push a new container image to Amazon ECR, -# and then will deploy a new task definition to Amazon ECS, when there is a push to the $default-branch branch. -# -# To use this workflow, you will need to complete the following set-up steps: -# -# 1. Create an ECR repository to store your images. -# For example: `aws ecr create-repository --repository-name my-ecr-repo --region us-east-2`. -# Replace the value of the `ECR_REPOSITORY` environment variable in the workflow below with your repository's name. -# Replace the value of the `AWS_REGION` environment variable in the workflow below with your repository's region. -# -# 2. Create an ECS task definition, an ECS cluster, and an ECS service. -# For example, follow the Getting Started guide on the ECS console: -# https://us-east-2.console.aws.amazon.com/ecs/home?region=us-east-2#/firstRun -# Replace the value of the `ECS_SERVICE` environment variable in the workflow below with the name you set for the Amazon ECS service. -# Replace the value of the `ECS_CLUSTER` environment variable in the workflow below with the name you set for the cluster. -# -# 3. Store your ECS task definition as a JSON file in your repository. -# The format should follow the output of `aws ecs register-task-definition --generate-cli-skeleton`. -# Replace the value of the `ECS_TASK_DEFINITION` environment variable in the workflow below with the path to the JSON file. -# Replace the value of the `CONTAINER_NAME` environment variable in the workflow below with the name of the container -# in the `containerDefinitions` section of the task definition. -# -# 4. Store an IAM user access key in GitHub Actions secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`. -# See the documentation for each action used below for the recommended IAM policies for this IAM user, -# and best practices on handling the access key credentials. - -name: Deploy to Amazon ECS - -on: - push: - branches: - - $default-branch - -env: - AWS_REGION: MY_AWS_REGION # set this to your preferred AWS region, e.g. us-west-1 - ECR_REPOSITORY: MY_ECR_REPOSITORY # set this to your Amazon ECR repository name - ECS_SERVICE: MY_ECS_SERVICE # set this to your Amazon ECS service name - ECS_CLUSTER: MY_ECS_CLUSTER # set this to your Amazon ECS cluster name - ECS_TASK_DEFINITION: MY_ECS_TASK_DEFINITION # set this to the path to your Amazon ECS task definition - # file, e.g. .aws/task-definition.json - CONTAINER_NAME: MY_CONTAINER_NAME # set this to the name of the container in the - # containerDefinitions section of your task definition - -jobs: - deploy: - name: Deploy - runs-on: ubuntu-latest - environment: production - - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ env.AWS_REGION }} - - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 - - - name: Build, tag, and push image to Amazon ECR - id: build-image - env: - ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} - IMAGE_TAG: ${{ github.sha }} - run: | - # Build a docker container and - # push it to ECR so that it can - # be deployed to ECS. - docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . - docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG - echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" - - - name: Fill in the new image ID in the Amazon ECS task definition - id: task-def - uses: aws-actions/amazon-ecs-render-task-definition@v1 - with: - task-definition: ${{ env.ECS_TASK_DEFINITION }} - container-name: ${{ env.CONTAINER_NAME }} - image: ${{ steps.build-image.outputs.image }} - - - name: Deploy Amazon ECS task definition - uses: aws-actions/amazon-ecs-deploy-task-definition@v1 - with: - task-definition: ${{ steps.task-def.outputs.task-definition }} - service: ${{ env.ECS_SERVICE }} - cluster: ${{ env.ECS_CLUSTER }} - wait-for-service-stability: true diff --git a/deployments/azure_docker.yml b/deployments/azure_docker.yml deleted file mode 100644 index 904ff25..0000000 --- a/deployments/azure_docker.yml +++ /dev/null @@ -1,51 +0,0 @@ -# This workflow will build and push a node.js application to an Azure Web App when there is a push to the $default-branch branch. -# -# This workflow assumes you have already created the target Azure App Service web app. -# For instructions see https://docs.microsoft.com/azure/app-service/app-service-plan-manage#create-an-app-service-plan -# -# To configure this workflow: -# -# 1. For Linux apps, add an app setting called WEBSITE_WEBDEPLOY_USE_SCM and set it to true in your app **before downloading the file**. -# For more instructions see: https://docs.microsoft.com/azure/app-service/configure-common#configure-app-settings -# -# 2. Set up a secret in your repository named AZURE_WEBAPP_PUBLISH_PROFILE with the value of your Azure publish profile. -# For instructions on obtaining the publish profile see: https://docs.microsoft.com/azure/app-service/deploy-github-actions#configure-the-github-secret -# -# 3. Change the values for the AZURE_WEBAPP_NAME, AZURE_WEBAPP_PACKAGE_PATH and NODE_VERSION environment variables (below). -# -# For more information on GitHub Actions for Azure, refer to https://github.com/Azure/Actions -# For more samples to get started with GitHub Action workflows to deploy to Azure, refer to https://github.com/Azure/actions-workflow-samples -on: - push: - branches: - - $default-branch - -env: - AZURE_WEBAPP_NAME: your-app-name # set this to your application's name - AZURE_WEBAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - NODE_VERSION: '10.x' # set this to the node version to use - -jobs: - build-and-deploy: - name: Build and Deploy - runs-on: ubuntu-latest - environment: production - steps: - - uses: actions/checkout@v2 - - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v2 - with: - node-version: ${{ env.NODE_VERSION }} - - name: npm install, build, and test - run: | - # Build and test the project, then - # deploy to Azure Web App. - npm install - npm run build --if-present - npm run test --if-present - - name: 'Deploy to Azure WebApp' - uses: azure/webapps-deploy@v2 - with: - app-name: ${{ env.AZURE_WEBAPP_NAME }} - publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} - package: ${{ env.AZURE_WEBAPP_PACKAGE_PATH }} diff --git a/deployments/azure_node.yml b/deployments/azure_node.yml deleted file mode 100644 index 904ff25..0000000 --- a/deployments/azure_node.yml +++ /dev/null @@ -1,51 +0,0 @@ -# This workflow will build and push a node.js application to an Azure Web App when there is a push to the $default-branch branch. -# -# This workflow assumes you have already created the target Azure App Service web app. -# For instructions see https://docs.microsoft.com/azure/app-service/app-service-plan-manage#create-an-app-service-plan -# -# To configure this workflow: -# -# 1. For Linux apps, add an app setting called WEBSITE_WEBDEPLOY_USE_SCM and set it to true in your app **before downloading the file**. -# For more instructions see: https://docs.microsoft.com/azure/app-service/configure-common#configure-app-settings -# -# 2. Set up a secret in your repository named AZURE_WEBAPP_PUBLISH_PROFILE with the value of your Azure publish profile. -# For instructions on obtaining the publish profile see: https://docs.microsoft.com/azure/app-service/deploy-github-actions#configure-the-github-secret -# -# 3. Change the values for the AZURE_WEBAPP_NAME, AZURE_WEBAPP_PACKAGE_PATH and NODE_VERSION environment variables (below). -# -# For more information on GitHub Actions for Azure, refer to https://github.com/Azure/Actions -# For more samples to get started with GitHub Action workflows to deploy to Azure, refer to https://github.com/Azure/actions-workflow-samples -on: - push: - branches: - - $default-branch - -env: - AZURE_WEBAPP_NAME: your-app-name # set this to your application's name - AZURE_WEBAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root - NODE_VERSION: '10.x' # set this to the node version to use - -jobs: - build-and-deploy: - name: Build and Deploy - runs-on: ubuntu-latest - environment: production - steps: - - uses: actions/checkout@v2 - - name: Use Node.js ${{ env.NODE_VERSION }} - uses: actions/setup-node@v2 - with: - node-version: ${{ env.NODE_VERSION }} - - name: npm install, build, and test - run: | - # Build and test the project, then - # deploy to Azure Web App. - npm install - npm run build --if-present - npm run test --if-present - - name: 'Deploy to Azure WebApp' - uses: azure/webapps-deploy@v2 - with: - app-name: ${{ env.AZURE_WEBAPP_NAME }} - publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} - package: ${{ env.AZURE_WEBAPP_PACKAGE_PATH }} diff --git a/deployments/google_java.yml b/deployments/google_java.yml deleted file mode 100644 index 267d3cb..0000000 --- a/deployments/google_java.yml +++ /dev/null @@ -1,81 +0,0 @@ -# This workflow will build a docker container, publish it to Google Container Registry, and deploy it to GKE when there is a push to the $default-branch branch. -# -# To configure this workflow: -# -# 1. Ensure that your repository contains the necessary configuration for your Google Kubernetes Engine cluster, including deployment.yml, kustomization.yml, service.yml, etc. -# -# 2. Set up secrets in your workspace: GKE_PROJECT with the name of the project and GKE_SA_KEY with the Base64 encoded JSON service account key (https://github.com/GoogleCloudPlatform/github-actions/tree/docs/service-account-key/setup-gcloud#inputs). -# -# 3. Change the values for the GKE_ZONE, GKE_CLUSTER, IMAGE, and DEPLOYMENT_NAME environment variables (below). -# -# For more support on how to run the workflow, please visit https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke - -name: Build and Deploy to GKE - -on: - push: - branches: - - $default-branch - -env: - PROJECT_ID: ${{ secrets.GKE_PROJECT }} - GKE_CLUSTER: cluster-1 # TODO: update to cluster name - GKE_ZONE: us-central1-c # TODO: update to cluster zone - DEPLOYMENT_NAME: gke-test # TODO: update to deployment name - IMAGE: static-site - -jobs: - setup-build-publish-deploy: - name: Setup, Build, Publish, and Deploy - runs-on: ubuntu-latest - environment: production - - steps: - - name: Checkout - uses: actions/checkout@v2 - - # Setup gcloud CLI - - uses: google-github-actions/setup-gcloud@v0.2.0 - with: - service_account_key: ${{ secrets.GKE_SA_KEY }} - project_id: ${{ secrets.GKE_PROJECT }} - - # Configure Docker to use the gcloud command-line tool as a credential - # helper for authentication - - run: |- - gcloud --quiet auth configure-docker - - # Get the GKE credentials so we can deploy to the cluster - - uses: google-github-actions/get-gke-credentials@v0.2.1 - with: - cluster_name: ${{ env.GKE_CLUSTER }} - location: ${{ env.GKE_ZONE }} - credentials: ${{ secrets.GKE_SA_KEY }} - - # Build the Docker image - - name: Build - run: |- - docker build \ - --tag "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" \ - --build-arg GITHUB_SHA="$GITHUB_SHA" \ - --build-arg GITHUB_REF="$GITHUB_REF" \ - . - - # Push the Docker image to Google Container Registry - - name: Publish - run: |- - docker push "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" - - # Set up kustomize - - name: Set up Kustomize - run: |- - curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64 - chmod u+x ./kustomize - - # Deploy the Docker image to the GKE cluster - - name: Deploy - run: |- - ./kustomize edit set image gcr.io/PROJECT_ID/IMAGE:TAG=gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA - ./kustomize build . | kubectl apply -f - - kubectl rollout status deployment/$DEPLOYMENT_NAME - kubectl get services -o wide diff --git a/deployments/google_python.yml b/deployments/google_python.yml deleted file mode 100644 index 267d3cb..0000000 --- a/deployments/google_python.yml +++ /dev/null @@ -1,81 +0,0 @@ -# This workflow will build a docker container, publish it to Google Container Registry, and deploy it to GKE when there is a push to the $default-branch branch. -# -# To configure this workflow: -# -# 1. Ensure that your repository contains the necessary configuration for your Google Kubernetes Engine cluster, including deployment.yml, kustomization.yml, service.yml, etc. -# -# 2. Set up secrets in your workspace: GKE_PROJECT with the name of the project and GKE_SA_KEY with the Base64 encoded JSON service account key (https://github.com/GoogleCloudPlatform/github-actions/tree/docs/service-account-key/setup-gcloud#inputs). -# -# 3. Change the values for the GKE_ZONE, GKE_CLUSTER, IMAGE, and DEPLOYMENT_NAME environment variables (below). -# -# For more support on how to run the workflow, please visit https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke - -name: Build and Deploy to GKE - -on: - push: - branches: - - $default-branch - -env: - PROJECT_ID: ${{ secrets.GKE_PROJECT }} - GKE_CLUSTER: cluster-1 # TODO: update to cluster name - GKE_ZONE: us-central1-c # TODO: update to cluster zone - DEPLOYMENT_NAME: gke-test # TODO: update to deployment name - IMAGE: static-site - -jobs: - setup-build-publish-deploy: - name: Setup, Build, Publish, and Deploy - runs-on: ubuntu-latest - environment: production - - steps: - - name: Checkout - uses: actions/checkout@v2 - - # Setup gcloud CLI - - uses: google-github-actions/setup-gcloud@v0.2.0 - with: - service_account_key: ${{ secrets.GKE_SA_KEY }} - project_id: ${{ secrets.GKE_PROJECT }} - - # Configure Docker to use the gcloud command-line tool as a credential - # helper for authentication - - run: |- - gcloud --quiet auth configure-docker - - # Get the GKE credentials so we can deploy to the cluster - - uses: google-github-actions/get-gke-credentials@v0.2.1 - with: - cluster_name: ${{ env.GKE_CLUSTER }} - location: ${{ env.GKE_ZONE }} - credentials: ${{ secrets.GKE_SA_KEY }} - - # Build the Docker image - - name: Build - run: |- - docker build \ - --tag "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" \ - --build-arg GITHUB_SHA="$GITHUB_SHA" \ - --build-arg GITHUB_REF="$GITHUB_REF" \ - . - - # Push the Docker image to Google Container Registry - - name: Publish - run: |- - docker push "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" - - # Set up kustomize - - name: Set up Kustomize - run: |- - curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64 - chmod u+x ./kustomize - - # Deploy the Docker image to the GKE cluster - - name: Deploy - run: |- - ./kustomize edit set image gcr.io/PROJECT_ID/IMAGE:TAG=gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA - ./kustomize build . | kubectl apply -f - - kubectl rollout status deployment/$DEPLOYMENT_NAME - kubectl get services -o wide diff --git a/deployments/properties/aws_docker.properties.json b/deployments/properties/aws_docker.properties.json deleted file mode 100644 index 1b5955a..0000000 --- a/deployments/properties/aws_docker.properties.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "name": "Deploy to Amazon ECS", - "description": "Deploy a container to an Amazon ECS service powered by AWS Fargate or Amazon EC2.", - "creator": "Amazon Web Services", - "iconName": "aws", - "categories": ["Deployment", "Dockerfile"] -} diff --git a/deployments/properties/aws_node.properties.json b/deployments/properties/aws_node.properties.json deleted file mode 100644 index d099e52..0000000 --- a/deployments/properties/aws_node.properties.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "name": "Deploy to Amazon ECS", - "description": "Deploy a container to an Amazon ECS service powered by AWS Fargate or Amazon EC2.", - "creator": "Amazon Web Services", - "iconName": "aws", - "categories": ["Deployment", "JavaScript", "npm"] -} diff --git a/deployments/properties/azure_docker.properties.json b/deployments/properties/azure_docker.properties.json deleted file mode 100644 index a5fd8ea..0000000 --- a/deployments/properties/azure_docker.properties.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "name": "Deploy Node.js to Azure Web App", - "description": "Build a Node.js project and deploy it to an Azure Web App.", - "creator": "Microsoft Azure", - "iconName": "azure", - "categories": ["Deployment", "Dockerfile"] -} \ No newline at end of file diff --git a/deployments/properties/azure_node.properties.json b/deployments/properties/azure_node.properties.json deleted file mode 100644 index 90a3717..0000000 --- a/deployments/properties/azure_node.properties.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "name": "Deploy Node.js to Azure Web App", - "description": "Build a Node.js project and deploy it to an Azure Web App.", - "creator": "Microsoft Azure", - "iconName": "azure", - "categories": ["Deployment", "JavaScript", "npm"] -} \ No newline at end of file diff --git a/deployments/properties/google_java.properties.json b/deployments/properties/google_java.properties.json deleted file mode 100644 index cc17c30..0000000 --- a/deployments/properties/google_java.properties.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "name": "Build and Deploy to GKE", - "description": "Build a docker container, publish it to Google Container Registry, and deploy to GKE.", - "creator": "Google Cloud", - "iconName": "googlegke", - "categories": ["Deployment", "Java"] -} \ No newline at end of file diff --git a/deployments/properties/google_python.properties.json b/deployments/properties/google_python.properties.json deleted file mode 100644 index 3ded1a9..0000000 --- a/deployments/properties/google_python.properties.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "name": "Build and Deploy to GKE", - "description": "Build a docker container, publish it to Google Container Registry, and deploy to GKE.", - "creator": "Google Cloud", - "iconName": "googlegke", - "categories": ["Deployment", "Python"] -} \ No newline at end of file From 042eac38589af8f0329cea45533e79e4b75eb8ba Mon Sep 17 00:00:00 2001 From: David Verdeguer Date: Thu, 21 Oct 2021 22:11:00 +0200 Subject: [PATCH 03/12] Add ruby and update workflow --- code-scanning/codeql.yml | 3 +-- code-scanning/properties/codeql.properties.json | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/code-scanning/codeql.yml b/code-scanning/codeql.yml index b32675e..57b4b69 100644 --- a/code-scanning/codeql.yml +++ b/code-scanning/codeql.yml @@ -34,8 +34,7 @@ jobs: matrix: language: [ $detected-codeql-languages ] # CodeQL supports [ $supported-codeql-languages ] - # Learn more: - # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed + # Learn more about CodeQL language support at https://git.io/codeql-language-support steps: - name: Checkout repository diff --git a/code-scanning/properties/codeql.properties.json b/code-scanning/properties/codeql.properties.json index cb9305a..2919e98 100644 --- a/code-scanning/properties/codeql.properties.json +++ b/code-scanning/properties/codeql.properties.json @@ -1,7 +1,7 @@ { "name": "CodeQL Analysis", "creator": "GitHub", - "description": "Security analysis from GitHub for C, C++, C#, Java, JavaScript, TypeScript, Python, and Go developers.", + "description": "Security analysis from GitHub for C, C++, C#, Java, JavaScript, TypeScript, Python, Go and Ruby developers. \n ", "iconName": "octicon mark-github", - "categories": ["Code Scanning", "C", "C#", "C++", "Go", "Java", "JavaScript", "TypeScript", "Python"] + "categories": ["Code Scanning", "C", "C#", "C++", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby"] } From bafed29a86e2e7f904577674c70739ef99c7da55 Mon Sep 17 00:00:00 2001 From: Daniel Winsor Date: Thu, 21 Oct 2021 14:14:02 -0700 Subject: [PATCH 04/12] Add workflow for Microsoft C++ Code Analysis --- code-scanning/msvc.yml | 57 +++++++++++++++++++ code-scanning/properties/msvc.properties.json | 7 +++ icons/microsoft.svg | 34 +++++++++++ 3 files changed, 98 insertions(+) create mode 100644 code-scanning/msvc.yml create mode 100644 code-scanning/properties/msvc.properties.json create mode 100644 icons/microsoft.svg diff --git a/code-scanning/msvc.yml b/code-scanning/msvc.yml new file mode 100644 index 0000000..85cb475 --- /dev/null +++ b/code-scanning/msvc.yml @@ -0,0 +1,57 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. +# +# Find more information at: +# https://github.com/microsoft/msvc-code-analysis-action + +name: Microsoft C++ Code Analysis + +on: + push: + branches: [ $default-branch, $protected-branches ] + pull_request: + branches: [ $default-branch ] + schedule: + - cron: $cron-weekly + +env: + # Path to the CMake build directory. + build: '${{ github.workspace }}/build' + +jobs: + build: + steps: + # Configure project with CMake + - name: Configure CMake + uses: lukka/run-cmake@v3 + with: + buildDirectory: ${{ env.build }} + # Build is not require unless generated source files are used + buildWithCMake: false + cmakeGenerator: 'VS16Win64' + cmakeListsTxtPath: ${{ github.workspace }}/CMakeLists.txt + + # Run Microsoft Visual C++ code analysis + - name: Initialize MSVC Code Analysis + uses: microsoft/msvc-code-analysis-action + # Provide a unique ID to access the sarif output path + id: run-analysis + with: + cmakeBuildDirectory: ${{ env.build }} + # Ruleset file that will determine what checks will be run + ruleset: NativeRecommendRules.ruleset + + # Upload SARIF file to GitHub Code Scanning Alerts + - name: Upload SARIF to Github + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: ${{ steps.run-analysis.outputs.sarif }} + + # Upload SARIF file as an Artifact to download and view + # - name: Upload SARIF as an Artifact + # uses: actions/upload-artifact@v2 + # with: + # name: sarif-file + # path: ${{ steps.run-analysis.outputs.sarif }} diff --git a/code-scanning/properties/msvc.properties.json b/code-scanning/properties/msvc.properties.json new file mode 100644 index 0000000..03c4500 --- /dev/null +++ b/code-scanning/properties/msvc.properties.json @@ -0,0 +1,7 @@ +{ + "name": "Microsoft C++ Code Analysis", + "creator": "Microsoft", + "description": "Code Analysis with the Microsoft C & C++ Compiler for CMake base projects.", + "iconName": "microsoft", + "categories": ["Code Scanning", "C", "C++"] +} diff --git a/icons/microsoft.svg b/icons/microsoft.svg new file mode 100644 index 0000000..990fa84 --- /dev/null +++ b/icons/microsoft.svg @@ -0,0 +1,34 @@ +microsoft + + + + + image/svg+xml + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file From 9fccb15dc69faf8e0b7ce3d05701675a51d780d9 Mon Sep 17 00:00:00 2001 From: Daniel Winsor Date: Thu, 21 Oct 2021 16:18:11 -0700 Subject: [PATCH 05/12] Updated action to meet guidelines --- code-scanning/msvc.yml | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/code-scanning/msvc.yml b/code-scanning/msvc.yml index 85cb475..c6bb29f 100644 --- a/code-scanning/msvc.yml +++ b/code-scanning/msvc.yml @@ -21,21 +21,23 @@ env: build: '${{ github.workspace }}/build' jobs: - build: - steps: - # Configure project with CMake - - name: Configure CMake - uses: lukka/run-cmake@v3 - with: - buildDirectory: ${{ env.build }} - # Build is not require unless generated source files are used - buildWithCMake: false - cmakeGenerator: 'VS16Win64' - cmakeListsTxtPath: ${{ github.workspace }}/CMakeLists.txt + analyze: + name: Analyze + runs-on: windows-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Configure CMake + run: cmake -B ${{ env.build }} + + # Build is not required unless generated source files are used + # - name: Build CMake + # run: cmake --build ${{ env.build }} - # Run Microsoft Visual C++ code analysis - name: Initialize MSVC Code Analysis - uses: microsoft/msvc-code-analysis-action + uses: microsoft/msvc-code-analysis-action@502db28262ba134c9a621d5a509b9f7e696c99b6 # Provide a unique ID to access the sarif output path id: run-analysis with: @@ -44,7 +46,7 @@ jobs: ruleset: NativeRecommendRules.ruleset # Upload SARIF file to GitHub Code Scanning Alerts - - name: Upload SARIF to Github + - name: Upload SARIF to GitHub uses: github/codeql-action/upload-sarif@v1 with: sarif_file: ${{ steps.run-analysis.outputs.sarif }} From 149db50d434d371436226749011c7e56fb556195 Mon Sep 17 00:00:00 2001 From: Nick Fyson Date: Fri, 22 Oct 2021 09:33:24 +0100 Subject: [PATCH 06/12] correct typo in msvc.properties.json --- code-scanning/properties/msvc.properties.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/properties/msvc.properties.json b/code-scanning/properties/msvc.properties.json index 03c4500..641d5e6 100644 --- a/code-scanning/properties/msvc.properties.json +++ b/code-scanning/properties/msvc.properties.json @@ -1,7 +1,7 @@ { "name": "Microsoft C++ Code Analysis", "creator": "Microsoft", - "description": "Code Analysis with the Microsoft C & C++ Compiler for CMake base projects.", + "description": "Code Analysis with the Microsoft C & C++ Compiler for CMake based projects.", "iconName": "microsoft", "categories": ["Code Scanning", "C", "C++"] } From dcdce00205973405ccc4e12ee599432018005edc Mon Sep 17 00:00:00 2001 From: David Verdeguer <47184891+Daverlo@users.noreply.github.com> Date: Fri, 22 Oct 2021 10:54:14 +0200 Subject: [PATCH 07/12] Update codeql.properties.json --- code-scanning/properties/codeql.properties.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/properties/codeql.properties.json b/code-scanning/properties/codeql.properties.json index 2919e98..219f517 100644 --- a/code-scanning/properties/codeql.properties.json +++ b/code-scanning/properties/codeql.properties.json @@ -1,7 +1,7 @@ { "name": "CodeQL Analysis", "creator": "GitHub", - "description": "Security analysis from GitHub for C, C++, C#, Java, JavaScript, TypeScript, Python, Go and Ruby developers. \n ", + "description": "Security analysis from GitHub for C, C++, C#, Java, JavaScript, TypeScript, Python, Go and Ruby developers.", "iconName": "octicon mark-github", "categories": ["Code Scanning", "C", "C#", "C++", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby"] } From 281a35c5efb80a3e487989aaf181825136c93d66 Mon Sep 17 00:00:00 2001 From: David Verdeguer <47184891+Daverlo@users.noreply.github.com> Date: Fri, 22 Oct 2021 11:37:35 +0200 Subject: [PATCH 08/12] Update code-scanning/properties/codeql.properties.json Co-authored-by: Arthur Baars --- code-scanning/properties/codeql.properties.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/properties/codeql.properties.json b/code-scanning/properties/codeql.properties.json index 219f517..e9acea5 100644 --- a/code-scanning/properties/codeql.properties.json +++ b/code-scanning/properties/codeql.properties.json @@ -1,7 +1,7 @@ { "name": "CodeQL Analysis", "creator": "GitHub", - "description": "Security analysis from GitHub for C, C++, C#, Java, JavaScript, TypeScript, Python, Go and Ruby developers.", + "description": "Security analysis from GitHub for C, C++, C#, Go, Java, JavaScript, TypeScript, Python and Ruby developers.", "iconName": "octicon mark-github", "categories": ["Code Scanning", "C", "C#", "C++", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby"] } From 3a3f99717d9571d5f89d1334e5cce9e6691a31bd Mon Sep 17 00:00:00 2001 From: David Verdeguer <47184891+Daverlo@users.noreply.github.com> Date: Fri, 22 Oct 2021 11:40:38 +0200 Subject: [PATCH 09/12] Update codeql.properties.json --- code-scanning/properties/codeql.properties.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/properties/codeql.properties.json b/code-scanning/properties/codeql.properties.json index e9acea5..f8082c7 100644 --- a/code-scanning/properties/codeql.properties.json +++ b/code-scanning/properties/codeql.properties.json @@ -1,7 +1,7 @@ { "name": "CodeQL Analysis", "creator": "GitHub", - "description": "Security analysis from GitHub for C, C++, C#, Go, Java, JavaScript, TypeScript, Python and Ruby developers.", + "description": "Security analysis from GitHub for C, C++, C#, Go, Java, JavaScript, TypeScript, Python, and Ruby developers.", "iconName": "octicon mark-github", "categories": ["Code Scanning", "C", "C#", "C++", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby"] } From 4a9a12a0998bfea1d52c1ba1f04f2ed83165a434 Mon Sep 17 00:00:00 2001 From: David Verdeguer <47184891+Daverlo@users.noreply.github.com> Date: Fri, 22 Oct 2021 11:52:12 +0200 Subject: [PATCH 10/12] Update codeql.properties.json --- code-scanning/properties/codeql.properties.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/properties/codeql.properties.json b/code-scanning/properties/codeql.properties.json index f8082c7..ddb4627 100644 --- a/code-scanning/properties/codeql.properties.json +++ b/code-scanning/properties/codeql.properties.json @@ -3,5 +3,5 @@ "creator": "GitHub", "description": "Security analysis from GitHub for C, C++, C#, Go, Java, JavaScript, TypeScript, Python, and Ruby developers.", "iconName": "octicon mark-github", - "categories": ["Code Scanning", "C", "C#", "C++", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby"] + "categories": ["Code Scanning", "C", "C++", "C#", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby"] } From 83bdb0fcd6967ac99c2187051cd2e28defc282fb Mon Sep 17 00:00:00 2001 From: Daniel Winsor Date: Tue, 26 Oct 2021 21:37:36 -0700 Subject: [PATCH 11/12] Fixed typo in workflow that will cause every run to fail --- code-scanning/msvc.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/msvc.yml b/code-scanning/msvc.yml index c6bb29f..2cd7b0f 100644 --- a/code-scanning/msvc.yml +++ b/code-scanning/msvc.yml @@ -43,7 +43,7 @@ jobs: with: cmakeBuildDirectory: ${{ env.build }} # Ruleset file that will determine what checks will be run - ruleset: NativeRecommendRules.ruleset + ruleset: NativeRecommendedRules.ruleset # Upload SARIF file to GitHub Code Scanning Alerts - name: Upload SARIF to GitHub From d9dc2c2f72f5b952d02905df5d9cbd586e8eb62b Mon Sep 17 00:00:00 2001 From: Daniel Winsor Date: Tue, 26 Oct 2021 21:48:19 -0700 Subject: [PATCH 12/12] Update commit SHA --- code-scanning/msvc.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/msvc.yml b/code-scanning/msvc.yml index 2cd7b0f..1503319 100644 --- a/code-scanning/msvc.yml +++ b/code-scanning/msvc.yml @@ -37,7 +37,7 @@ jobs: # run: cmake --build ${{ env.build }} - name: Initialize MSVC Code Analysis - uses: microsoft/msvc-code-analysis-action@502db28262ba134c9a621d5a509b9f7e696c99b6 + uses: microsoft/msvc-code-analysis-action@04825f6d9e00f87422d6bf04e1a38b1f3ed60d99 # Provide a unique ID to access the sarif output path id: run-analysis with: