test: trigger CI pipeline#9
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| "docker:run:staging": "docker-compose -f docker/docker-compose.staging.yml up -d", | ||
| "docker:stop": "docker-compose -f docker/docker-compose.prod.yml down", | ||
| "docker:logs": "docker-compose -f docker/docker-compose.prod.yml logs -f", | ||
| "health:check": "curl -f http://localhost:3001/api/health || exit 1", |
Check notice
Code scanning / devskim
Accessing localhost could indicate debug code, or could hinder scaling. Note
There was a problem hiding this comment.
CodeQL found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.
| docker run -d --name worknow-test \ | ||
| -p 3001:3001 \ | ||
| -e NODE_ENV=test \ | ||
| -e DATABASE_URL="postgresql://test:test@localhost:5432/test" \ |
Check notice
Code scanning / devskim
Accessing localhost could indicate debug code, or could hinder scaling. Note
| sleep 30 | ||
|
|
||
| # Run basic performance tests | ||
| curl -w "@curl-format.txt" -o /dev/null -s "http://localhost:3001/api/health" || echo "Health check failed" |
Check notice
Code scanning / devskim
Accessing localhost could indicate debug code, or could hinder scaling. Note
| "CMD", | ||
| "node", | ||
| "-e", | ||
| "require('http').get('http://localhost:${PORT:-8000}/api/health', (res) => { process.exit(res.statusCode === 200 ? 0 : 1) })", |
Check notice
Code scanning / devskim
Accessing localhost could indicate debug code, or could hinder scaling. Note
- Fix type=pr to type=ref,event=pr in all workflows - Resolves 'Unknown tag type attribute: pr' error - Affects deploy-staging.yml, docker-simple.yml, docker-optimized.yml, deploy-production.yml
- Change IMAGE_NAME from ${{ github.repository }} to ${{ github.repository_owner }}/worknow
- Resolves 'installation not allowed to Create organization package' error
- Allows pushing to personal GHCR package instead of organization package
- Change type=sha,prefix={{branch}}- to type=sha,prefix=sha-
- Resolves 'invalid tag format' error when branch name is empty
- Prevents tags starting with hyphen like :-6565500
- Affects all Docker workflows: staging, simple, optimized, production
- Change IMAGE_NAME from ${{ github.repository_owner }}/worknow to symonbaikov/worknow
- Resolves 403 Forbidden error when pushing to organization package
- Uses personal GHCR package instead of organization package
- Affects all Docker workflows: staging, simple, optimized, production
- Set push: false in docker-simple.yml to test Docker build without push - Disable security scan that requires pushed image - This will help verify Docker build works before fixing package permissions - Build should complete successfully without push errors
- Keep push: true to test if GitHub Actions can create package automatically - According to GitHub docs, GITHUB_TOKEN should auto-link repository to package - This will test if the package gets created automatically on first push
- Change IMAGE_NAME from symonbaikov/worknow to worknow-s-r-o/worknow - Organization packages have better automatic creation support - GITHUB_TOKEN should have permissions for organization packages - This should resolve permission_denied error
- Add org.opencontainers.image.source label to Dockerfile.prod - Add org.opencontainers.image.description and org.opencontainers.image.licenses labels - Re-enable push: true in docker-simple.yml - Use organization package worknow-s-r-o/worknow - Follows GitHub documentation for proper package connection
- Add contents: read and packages: write permissions to docker-simple.yml - Matches GitHub's official Docker workflow example - Should resolve package creation permission issues
- Move LABEL instructions from top of file to production stage - Fixes 'no build stage in current context' error - Labels must be placed after FROM statement in Docker - Maintains GitHub Container Registry metadata
symonbaikov
had a problem deploying
to
staging
GitHub Actions
Failure
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
symonbaikov
had a problem deploying
to
production
GitHub Actions
Failure
symonbaikov
temporarily deployed
to
production
GitHub Actions
Inactive
symonbaikov
force-pushed
the
test-cicd-pipeline
branch
from
0c9ae6f to
3ceda22
Compare
symonbaikov
force-pushed
the
test-cicd-pipeline
branch
from
e1c6a47 to
d34bf36
Compare
2 participants
No description provided.