juice-shop/juice-shop

View on GitHub
.github/workflows/release.yml

Summary

Maintainability
Test Coverage
name: "Release Pipeline"
on:
  push:
    tags:
      - v*
env:
  ANGULAR_CLI_VERSION: 17
  CYCLONEDX_NPM_VERSION: '^1.12.0'
jobs:
  package:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [ubuntu-latest, windows-latest, macos-latest]
        node-version: [18, 20, 21]
    steps:
      - name: "Check out Git repository"
        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac #v4.0.0
      - name: "Use Node.js ${{ matrix.node-version }}"
        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d #v3.8.1
        with:
          node-version: ${{ matrix.node-version }}
      - name: "Install CLI tools"
        run: |
          npm install -g @angular/cli@$ANGULAR_CLI_VERSION
          npm install -g @cyclonedx/cyclonedx-npm@$CYCLONEDX_NPM_VERSION
          npm install -g grunt-cli
      - name: "Set packaging options for Grunt"
        run: |
          if [ "$RUNNER_OS" == "Windows" ]; then
          echo "PCKG_OS_NAME=win32" >> $GITHUB_ENV
          elif [ "$RUNNER_OS" == "macOS" ]; then
          echo "PCKG_OS_NAME=darwin" >> $GITHUB_ENV
          else
          echo "PCKG_OS_NAME=linux" >> $GITHUB_ENV
          fi
          echo "PCKG_CPU_ARCH=x64" >> $GITHUB_ENV
          echo "PCKG_NODE_VERSION=${{ matrix.node-version }}" >> $GITHUB_ENV
        shell: bash
      - name: "Package application"
        run: |
          npm install --production
          npm run package:ci
      - name: 'Attach packaged archive to tag release'
        uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 #v0.1.15
        with:
          draft: true
          files: dist/*
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  docker:
    runs-on: ubuntu-latest
    steps:
      - name: "Check out Git repository"
        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac #v4.0.0
      - name: "Set up QEMU"
        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
      - name: "Set up Docker Buildx"
        uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 #v3.0.0
      - name: "Login to DockerHub"
        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d #v3.0.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: "Get tag name"
        id: tag
        uses: dawidd6/action-get-tag@727a6f0a561be04e09013531e73a3983a65e3479 #v1.1.0 TODO Action is archived and should be replaced eventually
      - name: "Set labels for ${{ github.ref }}"
        run: |
          echo "VCS_REF=`git rev-parse --short HEAD`" >> $GITHUB_ENV
          echo "BUILD_DATE=`date -u +”%Y-%m-%dT%H:%M:%SZ”`" >> $GITHUB_ENV
      - name: "Build and push for AMD64 and ARM64 processors"
        uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 #v5.0.0
        with:
          context: .
          file: ./Dockerfile
          platforms: linux/amd64,linux/arm64
          push: true
          tags: |
            bkimminich/juice-shop:${{ steps.tag.outputs.tag }}
          build-args: |
            VCS_REF=${{ env.VCS_REF }}
            BUILD_DATE=${{ env.BUILD_DATE }}
            CYCLONEDX_NPM_VERSION=${{ env.CYCLONEDX_NPM_VERSION }}
  notify-slack:
    if: always()
    needs:
      - package
      - docker
    runs-on: ubuntu-latest
    steps:
      - name: "Slack workflow notification"
        uses: Gamesight/slack-workflow-status@26a36836c887f260477432e4314ec3490a84f309 #v1.2.0
        with:
          repo_token: ${{ secrets.GITHUB_TOKEN }}
          slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }}