Migrate Jenkins Pipelines to GitHub Actions Workflows #67
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Add CI workflow (.github/workflows/ci.yml) that: - Triggers on push to DevOps branch and manual dispatch - Sets up JDK 17 - Runs Trivy filesystem scan - Runs OWASP Dependency Check - Runs SonarQube analysis - Builds with Maven - Builds and pushes Docker image to Docker Hub - Triggers CD workflow via repository dispatch - Archives OWASP reports as artifacts - Add CD workflow (.github/workflows/cd.yml) that: - Triggers on repository dispatch from CI workflow - Updates Kubernetes manifest with new Docker image tag - Commits and pushes changes - Sends email notification Co-Authored-By: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Author
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR migrates the existing Jenkins CI/CD pipelines to GitHub Actions by adding two new workflow files:
CI Pipeline (
.github/workflows/ci.yml): Replaces the rootJenkinsfilewith equivalent GitHub Actions steps including Trivy scanning, OWASP dependency check, SonarQube analysis, Maven build, Docker image build/push, and CD workflow triggering via repository dispatch.CD Pipeline (
.github/workflows/cd.yml): ReplacesGitOps/Jenkinsfilewith a workflow that updates the Kubernetes manifest with the new Docker image tag, commits/pushes changes, and sends email notification.Review & Testing Checklist for Human
http://your-sonarqube-server:9000that needs to be updated to the actual SonarQube server URL before useSONAR_TOKEN,DOCKER_USERNAME,DOCKER_PASSWORD,EMAIL_USERNAME,EMAIL_PASSWORDtrainwithshubham@gmail.com- confirm this is the intended recipientRecommended test plan:
workflow_dispatchto verify the pipeline runsNotes
DevOpsbranch (matching the original Jenkins setup)github.shainstead of the manualDOCKER_TAGparameter from JenkinsJenkinsfileandGitOps/Jenkinsfile) are preserved and can be removed after validating the GitHub Actions workflowsLink to Devin run: https://app.devin.ai/sessions/6489e975cd5e4227b4f85e0d0a2773af
Requested by: Shawn Azman (@ShawnAzman)