sayoungestguy · sayoungestguy · Sep 19, 2024 · Sep 19, 2024 · Sep 19, 2024 · Sep 19, 2024
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -1,11 +1,37 @@
 name: ScaleUp Application CI workflow
-on: [push, pull_request]
+on:
+  push:
+    branches:
+      - '**' # Trigger on any branch push
 jobs:
-  build:
-    name: Build Stage
+  set-env:
+    name: Setup Environment
     runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20.15.0
+      - uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: 17
+      - name: Install Node.js packages
+        run: npm install
+      - name: Cache Node Modules
+        uses: actions/cache@v3
+        with:
+          path: node_modules
+          key: ${{ runner.os }}-node-${{ hashFiles('package-lock.json') }}
+          restore-keys: |
+            ${{ runner.os }}-node-
+
+  package:
+    name: Package App
+    runs-on: ubuntu-latest
+    needs: set-env
     if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]') && !contains(github.event.pull_request.title, '[skip ci]') && !contains(github.event.pull_request.title, '[ci skip]')"
-    timeout-minutes: 40
+    timeout-minutes: 10
     env:
       NODE_VERSION: 20.15.0
       SPRING_OUTPUT_ANSI_ENABLED: DETECT
@@ -20,15 +46,30 @@ jobs:
         with:
           distribution: 'temurin'
           java-version: 17
-      - name: Install Node.js packages
-        run: npm install
       - name: Package application
         run: npm run java:jar:prod
+      - name: Upload Build Artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: packaged-application
+          path: |
+            target/*.jar
+            target/classes
+          retention-days: 1 # Retain the build artifacts for 1 day
+
+  # Push to Docker
+  #  jib-build:
+  #    name: containerize
+  #    runs-on: ubuntu-latest
+  #    needs: package
+  #    steps:
+  #      - name: Push to Docker registry
+  #        run: ./mvnw package -Pprod verify jib:build -Djib.to.image=<dockerhub-username>/<artifact-id>
 
   backend-test:
     name: Backend Test Stage
     runs-on: ubuntu-latest
-    needs: build
+    needs: package
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-java@v4
@@ -39,28 +80,41 @@ jobs:
         run: |
           chmod +x mvnw
           npm run ci:backend:test
+      - name: Upload Backend Test Report
+        uses: actions/upload-artifact@v4
+        with:
+          name: backend-test-report
+          path: target/surefire-reports/*.xml
+          retention-days: 1
 
   frontend-test:
     name: Frontend Test Stage
     runs-on: ubuntu-latest
-    needs: build
+    needs: package
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
           node-version: 20.15.0
-      - name: Install Node.js packages
+      - name: Install Node.js Packages
         run: npm install
       - name: Run frontend test
         run: npm run ci:frontend:test
+      - name: Upload Frontend Test Report
+        uses: actions/upload-artifact@v4
+        with:
+          name: jest-test-reports
+          path: ./target/test-results/TESTS-results-jest.xml # Adjusted to match your Jest output configuration
+          retention-days: 1
+
   sonar:
     name: Sonar SAST Scan
     runs-on: ubuntu-latest
     needs: [backend-test, frontend-test]
     steps:
       - uses: actions/checkout@v3
         with:
-          fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
+          fetch-depth: 1 # Shallow clones should be disabled for a better relevancy of analysis
       - name: Set up JDK 17
         uses: actions/setup-java@v3
         with:
@@ -100,51 +154,22 @@ jobs:
   #        uses: github/codeql-action/upload-sarif@v3
   #        with:
   #          sarif_file: snyk.sarif
-  eslint:
-    name: ESLint Code Quality
-    runs-on: ubuntu-latest
-    needs: [backend-test, frontend-test]
-    steps:
-      - name: Checkout Code
-        uses: actions/checkout@v4
-      - name: Set up Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: 20.15.0
-      - name: Install Node.js packages
-        run: npm install
-      - name: Install ESLint
-        run: npm install eslint --save-dev
-
-      - name: Run ESLint
-        run: |
-          npx eslint . -f json -o eslint-report.json
-          npx eslint . -f html -o eslint-report.html
 
-      - name: Upload ESLint Report
-        uses: actions/upload-artifact@v4
-        with:
-          name: eslint-report
-          path: |
-            ./eslint-report.json
-            ./eslint-report.html
   dast-scan:
     name: DAST OWASP ZAP Scans
     runs-on: ubuntu-latest
     needs: [backend-test, frontend-test]
-    strategy:
-      matrix:
-        node-version: [20.x]
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - name: Change script permission
         run: |
           chmod +x script/zap-script.sh
       - name: ZAP scan
         run: script/zap-script.sh
       - name: Archive production artifacts
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         with:
           name: zap report
           path: |
-            ./zap_baseline_report.html
+            ./target/test-reports/zap_baseline_report.html
+          retention-days: 1
diff --git a/script/zap-script.sh b/script/zap-script.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
 docker pull zaproxy/zap-stable
-docker run -i zaproxy/zap-stable zap-baseline.py -t "https://github.com/sayoungestguy/scaleup" -l PASS > zap_baseline_report.html
+docker run -i zaproxy/zap-stable zap-baseline.py -t "https://github.com/sayoungestguy/scaleup" -l PASS > ./target/test-reports/zap_baseline_report.html
 
 echo $? > /dev/null