Delete .idea directory #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI Tests | |
| on: | |
| push: | |
| branches: [ main, develop ] | |
| pull_request: | |
| branches: [ main ] | |
| jobs: | |
| validate-compose: | |
| name: Validate Docker Compose | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Create .env from example | |
| run: cp .env.example .env | |
| - name: Validate docker-compose.yaml | |
| run: docker-compose config > /dev/null | |
| yaml-lint: | |
| name: YAML Linting | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: YAML Lint | |
| uses: ibiqlik/action-yamllint@v3 | |
| with: | |
| config_file: .yamllint.yml | |
| file_or_dir: docker-compose.yaml | |
| strict: true | |
| secrets-scan: | |
| name: Secrets Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Gitleaks scan | |
| uses: gitleaks/gitleaks-action@v2 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }} | |
| security-check: | |
| name: Security Best Practices | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Check for .env in git | |
| run: | | |
| if git ls-files | grep -q "^\.env$"; then | |
| echo "❌ ERROR: .env file should not be committed!" | |
| exit 1 | |
| else | |
| echo "✅ .env file is not tracked in git" | |
| fi | |
| - name: Check .env.example exists | |
| run: | | |
| if [ ! -f .env.example ]; then | |
| echo "❌ ERROR: .env.example is missing!" | |
| exit 1 | |
| else | |
| echo "✅ .env.example exists" | |
| fi | |
| - name: Check .gitignore exists | |
| run: | | |
| if [ ! -f .gitignore ]; then | |
| echo "❌ ERROR: .gitignore is missing!" | |
| exit 1 | |
| else | |
| echo "✅ .gitignore exists" | |
| fi | |
| stack-build-test: | |
| name: Test Stack Build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Create Docker network | |
| run: docker network create traefik_proxy_network | |
| - name: Create .env file | |
| run: | | |
| cat > .env << EOF | |
| COMPOSE_PROJECT_NAME=portainer-test | |
| HOSTRULE=Host(\`portainer.test.local\`) | |
| PROXY_NETWORK=traefik_proxy_network | |
| RESTART=unless-stopped | |
| EOF | |
| - name: Pull images | |
| run: docker-compose pull | |
| - name: Validate service starts | |
| run: | | |
| # Start container | |
| docker-compose up -d | |
| # Wait for container to be healthy | |
| sleep 10 | |
| # Check if container is running | |
| if docker-compose ps | grep -q "Up"; then | |
| echo "✅ Portainer container started successfully" | |
| else | |
| echo "❌ ERROR: Portainer container failed to start" | |
| docker-compose logs | |
| exit 1 | |
| fi | |
| - name: Cleanup | |
| if: always() | |
| run: | | |
| docker-compose down -v | |
| docker network rm traefik_proxy_network || true |