Skip to content

Commit 3b47788

Browse files
simonredfernsimonredfern
authored
Merge pull request #365 from tawoe/develop
Develop
2 parents 661c9b8 + add2080 commit 3b47788

File tree

53 files changed

+263
-183
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

53 files changed

+263
-183
lines changed

.github/dependabot.yml

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
2+
version: 2
3+
updates:
4+
5+
- package-ecosystem: "github-actions"
6+
directory: "/"
7+
schedule:
8+
interval: "weekly"
9+
10+
- package-ecosystem: "pip"
11+
directory: "/"
12+
schedule:
13+
interval: "weekly"

.github/workflows/build_container_image.yml

Lines changed: 10 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,9 @@
1-
name: build and publish container
1+
name: build and publish container develop branch
22

3-
on: [push]
3+
on:
4+
push:
5+
branches:
6+
- develop
47
env:
58
DOCKER_HUB_ORGANIZATION: ${{ vars.DOCKER_HUB_ORGANIZATION }}
69
DOCKER_HUB_REPOSITORY_NGINX: apimanager-nginx
@@ -17,20 +20,20 @@ jobs:
1720
run: echo "branch=$(echo ${GITHUB_REF#refs/heads/})" >>$GITHUB_OUTPUT
1821
id: extract_branch
1922

20-
- uses: actions/checkout@v2
23+
- uses: actions/checkout@v4
2124
- name: Build the Docker image
2225
run: |
2326
echo "${{ secrets.DOCKER_HUB_TOKEN }}" | docker login -u "${{ secrets.DOCKER_HUB_USERNAME }}" --password-stdin docker.io
24-
docker build . --file .github/Dockerfile_nginx_OC --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:${{ steps.extract_branch.outputs.branch }}-OC
27+
docker build . --file .github/Dockerfile_nginx_OC --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:${{ steps.extract_branch.outputs.branch }}-OC --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:latest-OC
2528
docker push docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }} --all-tags
2629
echo docker apimanager-nginx-OC done
27-
docker build . --file .github/Dockerfile_OC --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:${{ steps.extract_branch.outputs.branch }}-OC
30+
docker build . --file .github/Dockerfile_OC --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:${{ steps.extract_branch.outputs.branch }}-OC --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:latest-OC
2831
docker push docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }} --all-tags
2932
echo docker api-manager-OC done
30-
docker build . --file Dockerfile_nginx --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:${{ steps.extract_branch.outputs.branch }}
33+
docker build . --file Dockerfile_nginx --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:${{ steps.extract_branch.outputs.branch }} --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:latest
3134
docker push docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }} --all-tags
3235
echo docker apimanager-nginx done
33-
docker build . --file Dockerfile --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:${{ steps.extract_branch.outputs.branch }}
36+
docker build . --file Dockerfile --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:${{ steps.extract_branch.outputs.branch }} --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:latest
3437
docker push docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }} --all-tags
3538
echo docker api-manager done
3639
- uses: sigstore/cosign-installer@main

.github/workflows/build_container_image_non_develop_branches.yml

Lines changed: 69 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,69 @@
1+
name: build and publish container non develop branches
2+
3+
on:
4+
push:
5+
branches:
6+
- '*'
7+
- '!develop'
8+
env:
9+
DOCKER_HUB_ORGANIZATION: ${{ vars.DOCKER_HUB_ORGANIZATION }}
10+
DOCKER_HUB_REPOSITORY_NGINX: apimanager-nginx
11+
DOCKER_HUB_REPOSITORY: api-manager
12+
13+
14+
jobs:
15+
build:
16+
runs-on: ubuntu-latest
17+
18+
steps:
19+
- name: Extract branch name
20+
shell: bash
21+
run: echo "branch=$(echo ${GITHUB_REF#refs/heads/})" >>$GITHUB_OUTPUT
22+
id: extract_branch
23+
24+
- uses: actions/checkout@v4
25+
- name: Build the Docker image
26+
run: |
27+
echo "${{ secrets.DOCKER_HUB_TOKEN }}" | docker login -u "${{ secrets.DOCKER_HUB_USERNAME }}" --password-stdin docker.io
28+
docker build . --file .github/Dockerfile_nginx_OC --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:${{ steps.extract_branch.outputs.branch }}-OC
29+
docker push docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }} --all-tags
30+
echo docker apimanager-nginx-OC done
31+
docker build . --file .github/Dockerfile_OC --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:${{ steps.extract_branch.outputs.branch }}-OC
32+
docker push docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }} --all-tags
33+
echo docker api-manager-OC done
34+
docker build . --file Dockerfile_nginx --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:${{ steps.extract_branch.outputs.branch }}
35+
docker push docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }} --all-tags
36+
echo docker apimanager-nginx done
37+
docker build . --file Dockerfile --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:$GITHUB_SHA --tag docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:${{ steps.extract_branch.outputs.branch }}
38+
docker push docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }} --all-tags
39+
echo docker api-manager done
40+
- uses: sigstore/cosign-installer@main
41+
- name: Write signing key to disk (only needed for `cosign sign --key`)
42+
run: echo "${{ secrets.COSIGN_PRIVATE_KEY }}" > cosign.key
43+
- name: Sign container image with annotations from our environment
44+
env:
45+
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
46+
run: |
47+
cosign sign -y --key cosign.key \
48+
-a "repo=${{ github.repository }}" \
49+
-a "workflow=${{ github.workflow }}" \
50+
-a "ref=${{ github.sha }}" \
51+
docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:${{ steps.extract_branch.outputs.branch }}-OC
52+
cosign sign -y --key cosign.key \
53+
-a "repo=${{ github.repository }}" \
54+
-a "workflow=${{ github.workflow }}" \
55+
-a "ref=${{ github.sha }}-nginx" \
56+
docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:${{ steps.extract_branch.outputs.branch }}-OC
57+
cosign sign -y --key cosign.key \
58+
-a "repo=${{ github.repository }}" \
59+
-a "workflow=${{ github.workflow }}" \
60+
-a "ref=${{ github.sha }}" \
61+
docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY }}:${{ steps.extract_branch.outputs.branch }}
62+
cosign sign -y --key cosign.key \
63+
-a "repo=${{ github.repository }}" \
64+
-a "workflow=${{ github.workflow }}" \
65+
-a "ref=${{ github.sha }}-nginx" \
66+
docker.io/${{ env.DOCKER_HUB_ORGANIZATION }}/${{ env.DOCKER_HUB_REPOSITORY_NGINX }}:${{ steps.extract_branch.outputs.branch }}
67+
68+
69+

.github/workflows/run_trivy.yml

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,8 @@ name: scan container image
22

33
on:
44
workflow_run:
5-
workflows: [build and publish container]
6-
types:
7-
- completed
5+
workflows: [build and publish container develop branch, build and publish container non develop branches]
6+
types: [completed]
87
env:
98
## Sets environment variable
109
DOCKER_HUB_ORGANIZATION: ${{ vars.DOCKER_HUB_ORGANIZATION }}
@@ -40,7 +39,6 @@ jobs:
4039
format: 'template'
4140
template: '@/contrib/sarif.tpl'
4241
output: 'trivy-results.sarif'
43-
security-checks: 'vuln'
4442
severity: 'CRITICAL,HIGH'
4543
timeout: '30m'
4644
cache-dir: .trivy

apimanager/accountlist/apps.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,4 +2,4 @@
22

33

44
class AccountConfig(AppConfig):
5-
name = 'account-list'
5+
name = 'accountlist'

apimanager/accountlist/urls.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,14 +3,14 @@
33
URLs for Account list app
44
"""
55

6-
from django.conf.urls import url
6+
from django.urls import re_path
77
from .views import AccountListView, ExportCsvView
88

99
urlpatterns = [
10-
url(r'^$',
10+
re_path(r'^$',
1111
AccountListView.as_view(),
1212
name='account-list'),
13-
url(r'^export_csv$',
13+
re_path(r'^export_csv$',
1414
ExportCsvView.as_view(),
1515
name='export-csv-account')
1616
]

apimanager/accounts/forms.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
"""
44

55
from django import forms
6-
from django.utils.translation import ugettext_lazy as _
6+
from django.utils.translation import gettext_lazy as _
77

88
import random
99

apimanager/accounts/urls.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,11 +3,11 @@
33
URLs for Account app
44
"""
55

6-
from django.conf.urls import url
6+
from django.urls import re_path
77
from .views import IndexAccountsView
88

99
urlpatterns = [
10-
url(r'^create',
10+
re_path(r'^create',
1111
IndexAccountsView.as_view(),
1212
name='accounts-create'),
1313

apimanager/accounts/views.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@
1313
from django.views.generic import FormView
1414
from obp.api import API, APIError
1515
from .forms import CreateAccountForm
16-
from django.utils.translation import ugettext_lazy as _
16+
from django.utils.translation import gettext_lazy as _
1717

1818
class IndexAccountsView(LoginRequiredMixin, FormView):
1919

apimanager/apicollectionlist/apps.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
from django.apps import AppConfig
22

33

4-
class CustomersConfig(AppConfig):
5-
name = 'customers_list'
4+
class ApiCollectionListConfig(AppConfig):
5+
name = 'apicollectionlist'

0 commit comments

Comments
 (0)