https://github.com/codeby-nurgul/dotnet-sample
https://github.com/codeby-nurgul/dotnet-sample
Last synced: 3 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/codeby-nurgul/dotnet-sample
- Owner: codeby-nurgul
- Created: 2025-06-17T11:02:32.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2025-06-17T12:14:03.000Z (about 1 year ago)
- Last Synced: 2025-06-17T12:41:55.504Z (about 1 year ago)
- Language: C#
- Size: 81.1 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# dotnet-sample
This is a sample .NET Web API project containerized with Docker and equipped with a GitHub Actions CI/CD pipeline. It demonstrates environment-specific deployment workflows using `test` and `main` branches.
---
## ๐ Project Overview
- Built with **ASP.NET Core Web API**
- Containerized using **Docker**
- CI/CD implemented via **GitHub Actions**
- Quality and security checks powered by **SonarCloud** and **Trivy**
- Images are automatically pushed to **Docker Hub** with `test` and `main` tags
---
## ๐ ๏ธ Technologies Used
- [.NET 8](https://dotnet.microsoft.com/)
- Docker & Docker Compose
- GitHub Actions
- [SonarCloud](https://sonarcloud.io)
- [Trivy](https://aquasecurity.github.io/trivy/)
---
## ๐ Branch-based Deployment
| Branch | Action Trigger | Docker Tag | Description |
|--------|--------------------|------------|--------------------------------|
| `test` | Push | `:test` | For testing and staging builds |
| `main` | Merge from `test` | `:main` | For production-ready builds |
Each branch has its own GitHub Actions workflow that builds, scans, and pushes the Docker image to Docker Hub.
---
## ๐ฆ Docker Hub
View published images on Docker Hub:
๐ [https://hub.docker.com/r/codebynurgul/dotnet-sample](https://hub.docker.com/r/codebynurgul/dotnet-sample)
---
## ๐งช Quality & Security Automation
This project includes automatic checks as part of the CI pipeline:
### ๐ SonarCloud Analysis
- Performs **static code analysis** on every push to `main`
- Checks for:
- Bugs
- Code smells
- Maintainability issues
- Security hotspots
- Results visible publicly on SonarCloud
๐ [SonarCloud Dashboard](https://sonarcloud.io/project/overview?id=codeby-nurgul_dotnet-sample)
### ๐ Trivy Security Scan
- Scans the **project file system** during each CI build
- Detects:
- Known vulnerabilities (CVEs)
- Dependency flaws in NuGet packages
- Ensures secure and compliant builds
---
## ๐ณ Running Locally
Clone the repository and use Docker Compose depending on the environment you want to simulate.
### โถ๏ธ For test image
```bash
docker-compose -f docker-compose.test.yml up -d