{"id":32712464,"url":"https://github.com/ar-ecommerce-platform/ci-workflows","last_synced_at":"2026-04-13T09:31:34.477Z","repository":{"id":313726539,"uuid":"1027051548","full_name":"ar-ecommerce-platform/ci-workflows","owner":"ar-ecommerce-platform","description":"Centralized shared CI/CD workflows and composite actions","archived":false,"fork":false,"pushed_at":"2025-10-16T01:12:51.000Z","size":19,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-10-16T05:55:15.145Z","etag":null,"topics":["checkstyle","docker-image","github-actions","integration-testing","owasp","slack","snyk","sonarcloud","spotless","tagging","unit-testing","versioning"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ar-ecommerce-platform.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-07-27T07:49:23.000Z","updated_at":"2025-10-10T03:27:48.000Z","dependencies_parsed_at":"2025-10-16T03:34:01.936Z","dependency_job_id":"976e551e-bd00-4ba9-908a-147834961de5","html_url":"https://github.com/ar-ecommerce-platform/ci-workflows","commit_stats":null,"previous_names":["ar-ecommerce-platform/ci-workflows"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ar-ecommerce-platform/ci-workflows","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ar-ecommerce-platform%2Fci-workflows","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ar-ecommerce-platform%2Fci-workflows/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ar-ecommerce-platform%2Fci-workflows/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ar-ecommerce-platform%2Fci-workflows/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ar-ecommerce-platform","download_url":"https://codeload.github.com/ar-ecommerce-platform/ci-workflows/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ar-ecommerce-platform%2Fci-workflows/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31746292,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-13T09:16:15.125Z","status":"ssl_error","status_checked_at":"2026-04-13T09:16:05.023Z","response_time":93,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["checkstyle","docker-image","github-actions","integration-testing","owasp","slack","snyk","sonarcloud","spotless","tagging","unit-testing","versioning"],"created_at":"2025-11-02T09:00:51.759Z","updated_at":"2026-04-13T09:31:34.472Z","avatar_url":"https://github.com/ar-ecommerce-platform.png","language":null,"readme":"# 🛠️ CI/CD Workflows\n\nThis repository centralizes **shared CI/CD workflows** and **composite actions** for all services in the platform.\n\n---\n\n## 📂 Project Structure\n\n```text\nci-workflows/\n├── .github/\n│   ├── actions/        # Composite actions (e.g., wait-for-health)\n│   └── workflows/      # All shared CI/CD workflow YAMLs\n├── gradle/\n│   ├── checkstyle/               # Checkstyle config (XML rules)\n│   │   └── checkstyle.xml\n│   └── build-quality.gradle      # Shared Gradle config (Spotless, Checkstyle, OWASP, Snyk, JaCoCo)\n├── .gitignore\n└── README.md\n```\n\n---\n\n## 📋 Available Workflows\n\n| Workflow               | Purpose                                                                                                             |\n|------------------------|---------------------------------------------------------------------------------------------------------------------|\n| **CI Template**        | Template workflow that all services will use.                                                                       |\n| **Setup**              | Builds the service artifact, pushes a test (`:ci`) Docker image, and verifies it starts with a smoke test.          |\n| **Code Quality**       | Runs Spotless and Checkstyle to enforce code style \u0026 conventions.                                                   |\n| **Security Scan**      | Runs OWASP Dependency Check and Snyk container scan.                                                                |\n| **Unit Tests**         | Runs unit tests and uploads coverage reports as artifacts.                                                          |\n| **Integration Tests**  | Spins up services + runs integration tests.                                                                         |\n| **Quality Scan**       | SonarCloud analysis for bugs, smells, coverage.                                                                     |\n| **Check Dependencies** | Verifies all required jobs passed/skipped before continuing.                                                        |\n| **Test Reports**       | Collects and uploads all CI reports (unit tests, integration tests, security scans, coverage) to test reports repo. |\n| **Docker Release**     | Auto-bumps version, tags commit, retags image for release.                                                          |\n| **Notify Slack**       | Sends CI summary to Slack.                                                                                          |\n\n---\n\n## 🧩 Composite Actions\n\n- **wait-for-health**  \n  Polls container health status up to 10 times and fails if it never becomes healthy.  \n  Useful for databases, config server, API gateways, or other services that need to be ready before tests run.\n\n---\n\n## 🚀 Usage\nAll services(e.g., auth, user, product) will use `ci-template.yml`. Example:\n\n```yaml\njobs:\n  call-ci-template:\n    uses: ar-ecommerce-platform/ci-workflows/.github/workflows/ci-template.yml@main\n    with:\n      run_integration_tests: false # Input to skip integration tests\n    secrets:\n      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}           # Default GitHub token (tags, releases)\n      PAT_REPORTS_TOKEN: ${{ secrets.PAT_REPORTS_TOKEN }} # Token for pushing reports\n      OWASP_API_KEY: ${{ secrets.OWASP_API_KEY }}         # OWASP Dependency Check API\n      OSSINDEX_USERNAME: ${{ secrets.OSSINDEX_USERNAME }} # OSS Index auth (user)\n      OSSINDEX_TOKEN: ${{ secrets.OSSINDEX_TOKEN }}       # OSS Index auth (token)\n      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}             # SonarCloud analysis\n      SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}               # Snyk container scanning\n      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} # Slack notifications\n```\n\n### 🔑 Secrets\n\n| Secret                | Required        | Used In                          | Condition (Input Flag)         |\n|------------------------|-----------------|----------------------------------|--------------------------------|\n| `GITHUB_TOKEN`         | ✅ Always       | Tagging commits, pushing releases | Always provided by GitHub      |\n| `PAT_REPORTS_TOKEN`| ✅ Always       |    Token for pushing reports    | Always                         |\n| `SLACK_WEBHOOK_URL`    | ✅ Always       | Slack notifications               | Always                         |\n| `SONAR_TOKEN`          | ⚠️ Conditional | SonarCloud analysis               | `run_quality_scan: true`       |\n| `OWASP_API_KEY`        | ⚠️ Conditional | OWASP Dependency Check (NVD feed) | `run_security_scan: true`      |\n| `OSSINDEX_USERNAME`    | ⚠️ Conditional | OSS Index vulnerability scan      | `run_security_scan: true`      |\n| `OSSINDEX_TOKEN`       | ⚠️ Conditional | OSS Index vulnerability scan      | `run_security_scan: true`      |\n| `SNYK_TOKEN`           | ⚠️ Conditional | Snyk container scan               | `run_security_scan: true`      |\n\n### ⚙️ Inputs\nThese flags let each service control which parts of the CI pipeline should run.  \nBy default, all are enabled (`true`). You can override them when calling the template.\n\n| Flag                   | Type    | Default | Description                                                    | Requires Secrets                |\n|-------------------------|---------|---------|----------------------------------------------------------------|---------------------------------|\n| `enable_database`       | boolean | true    | Start a database for integration tests.                        | —                               |\n| `run_code_quality`      | boolean | true    | Run code quality checks (Spotless, Checkstyle).                | —                               |\n| `run_unit_tests`        | boolean | true    | Run unit tests with coverage reports.                          | —                               |\n| `run_integration_tests` | boolean | true    | Run integration tests.                                         | —                               |\n| `run_quality_scan`      | boolean | true    | Run SonarCloud analysis (bugs, smells, coverage).              | `SONAR_TOKEN`                   |\n| `run_security_scan`     | boolean | true    | Run security scans (OWASP Dependency Check + OSS Index + Snyk).| `OWASP_API_KEY`, `OSSINDEX_USERNAME`, `OSSINDEX_TOKEN`, `SNYK_TOKEN` |\n---\n\n## 📌 Notes\n1. **Modularity \u0026 Reusability**\n   - Each workflow (Setup, Code Quality, Unit Tests, etc.) is independent.\n   - Services opt in/out easily via ci-template.yml.\n   - Composite actions like wait-for-health can be reused anywhere.\n2. **Fail Fast Principle**\n   - Smoke test immediately after building the Docker image prevents wasting resources.\n   - Gradle caching and skipping unnecessary steps make CI efficient.\n3. **Security \u0026 Quality**\n   - OWASP \u0026 Snyk scans ensure security compliance.\n   - Spotless / Checkstyle enforce coding standards.\n   - SonarCloud tracks code quality and coverage.\n4. **Versioning \u0026 Release Automation**\n   - Uses Conventional Commits to auto-bump versions.\n   - Publish workflow updates version.txt, tags commits, and tags Docker images.\n   - Only triggers on merges to main.\n5. **Observability \u0026 Reporting**\n   - Gives developers quick feedback on CI/CD runs.\n   - Uploads coverage reports and artifacts. \n   - Sends Slack messages with workflow status. \n   - Maintains logs for traceability of workflow steps.\n6. **Compliance \u0026 Test Tracking**\n   - Centralizes test results in the test-reports repository.\n   - Tracks unit, integration, and security tests across services.\n   - Helps with audits and keeps a record for compliance purposes.\n7. **Scalability**\n   - Works for multiple microservices in the platform.\n   - New services can plug in easily with the same template.\n   - Optional steps allow flexible workflows.\n\n\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Far-ecommerce-platform%2Fci-workflows","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Far-ecommerce-platform%2Fci-workflows","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Far-ecommerce-platform%2Fci-workflows/lists"}