1+ name : Backend CI
2+
3+ on :
4+ push :
5+ branches-ignore :
6+ - main
7+
8+ jobs :
9+ test :
10+ runs-on : ubuntu-latest
11+ steps :
12+ - name : Checkout code
13+ uses : actions/checkout@v4
14+
15+ - name : Set up JDK 21
16+ uses : actions/setup-java@v4
17+ with :
18+ distribution : temurin
19+ java-version : 21
20+
21+ - name : Run Unit Tests
22+ run : |
23+ chmod +x gradlew
24+ ./gradlew clean test
25+
26+ name : Run SonarQube Analysis
27+ run : |
28+ ./gradlew sonar \
29+ -Dsonar.projectKey=nus-mtechse-dmss_${{ github.event.repository.name }} \
30+ -Dsonar.organization=nus-mtechse-dmss \
31+ -Dsonar.host.url=https://sonarcloud.io \
32+ -Dsonar.token=${{ secrets.SONAR_TOKEN }}
33+
34+ integration-test :
35+ runs-on : ubuntu-latest
36+ steps :
37+ - name : Checkout code
38+ uses : actions/checkout@v4
39+
40+ - name : Set up JDK 21
41+ uses : actions/setup-java@v4
42+ with :
43+ distribution : temurin
44+ java-version : 21
45+
46+ - name : Install tools
47+ run : |
48+ sudo apt-get update
49+ sudo apt-get install -y curl unzip netcat-openbsd
50+
51+ name : Install AWS CLI v2
52+ run : |
53+ curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
54+ unzip awscliv2.zip
55+ sudo ./aws/install --update
56+
57+ name : Install SSM plugin
58+ run : |
59+ curl "https://s3.amazonaws.com/session-manager-downloads/plugin/latest/ubuntu_64bit/session-manager-plugin.deb" -o "ssm.deb"
60+ sudo dpkg -i ssm.deb
61+
62+ name : Configure AWS credentials
63+ uses : aws-actions/configure-aws-credentials@v4
64+ with :
65+ aws-access-key-id : ${{ secrets.AWS_ACCESS_KEY_ID }}
66+ aws-secret-access-key : ${{ secrets.AWS_SECRET_ACCESS_KEY }}
67+ aws-region : ap-southeast-1
68+
69+ - name : Check AWS identity
70+ run : aws sts get-caller-identity
71+
72+ # 8️⃣ Start SSM tunnel
73+ - name : Start SSM tunnel
74+ run : |
75+ aws ssm start-session \
76+ --target i-061983d3385eb80db \
77+ --document-name AWS-StartPortForwardingSessionToRemoteHost \
78+ --parameters '{"host":["swe5006-nus-g3-pg-dev.clee6i664xzo.ap-southeast-1.rds.amazonaws.com"],"portNumber":["5432"],"localPortNumber":["5432"]}' \
79+ > ssm.log 2>&1 &
80+
81+ echo "Waiting for tunnel..."
82+ for i in $(seq 1 30); do
83+ nc -z localhost 5432 && echo "Tunnel is up" && break
84+ echo "Waiting... ($i)"
85+ sleep 2
86+ done
87+
88+ echo "Tunnel log:"
89+ cat ssm.log || true
90+
91+ name : Run Integration Tests
92+ env :
93+ DB_HOST : localhost
94+ DB_PORT : 5432
95+ DB_NAME : appdb
96+ DB_USERNAME : ${{ secrets.DB_USERNAME }}
97+ DB_PASSWORD : ${{ secrets.DB_PASSWORD }}
98+ run : |
99+ chmod +x gradlew
100+ ./gradlew clean integrationTest --info --stacktrace
101+
102+ snyk-test :
103+ runs-on : ubuntu-latest
104+ steps :
105+ - name : Checkout code
106+ uses : actions/checkout@v4
107+
108+ - name : Set up JDK 21
109+ uses : actions/setup-java@v4
110+ with :
111+ distribution : temurin
112+ java-version : 21
113+
114+ - name : Install Snyk
115+ run : npm install -g snyk
116+
117+ - name : Snyk Auth
118+ run : snyk auth ${{ secrets.SNYK_TOKEN }}
119+
120+ - name : Snyk Scan
121+ run : snyk test --all-sub-projects --severity-threshold=critical
0 commit comments