Skip to content

feat: ajout du dockerfile pour l'init de la database#1283

Open
marccyprien wants to merge 3 commits intomainfrom
feat/dockerfile-database-init
Open

feat: ajout du dockerfile pour l'init de la database#1283
marccyprien wants to merge 3 commits intomainfrom
feat/dockerfile-database-init

Conversation

@marccyprien
Copy link
Copy Markdown

No description provided.

@revu-bot revu-bot Bot requested a review from revu-bot April 21, 2026 12:47
Copy link
Copy Markdown
Collaborator

@revu-bot revu-bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review Summary

This PR introduces a Dockerfile for database initialization and a GitHub Actions workflow to build and push the resulting image to GHCR.

File Lines Severity Issue
.github/workflows/build-database-init.yaml 6 CRITICAL Workflow only triggers on a feature branch — will never run on main
.github/workflows/build-database-init.yaml 38–41 IMPORTANT latest tag logic is broken because the default branch is never in the trigger
.github/workflows/build-database-init.yaml 14 IMPORTANT IMAGE_NAME uses the full repo name, producing a wrong/ambiguous image path for a sub-image
Dockerfile-database-init 1 IMPORTANT Base image pinned to a floating major tag — no digest pinning, reproducibility risk
Dockerfile-database-init 3–5 IMPORTANT Entire pg/ directory is copied into the image; sensitive files (credentials, configs) may be leaked

Comment thread .github/workflows/build-database-init.yaml Outdated
Comment thread .github/workflows/build-database-init.yaml
Comment thread .github/workflows/build-database-init.yaml
Comment thread Dockerfile-database-init Outdated
Comment thread Dockerfile-database-init
Co-authored-by: Revu <dnum.fabrique@sg.social.gouv.fr>
@sonarqubecloud
Copy link
Copy Markdown

Quality Gate Failed Quality Gate failed

Failed conditions
5 Security Hotspots

See analysis details on SonarQube Cloud

@tokenbureau
Copy link
Copy Markdown

tokenbureau Bot commented Apr 21, 2026

🎉 Deployment for commit 6299d99 :

Ingresses
Docker images
  • 📦 docker pull harbor.fabrique.social.gouv.fr/vao/vao/backend:sha-6299d991167db142f978ba11ae533f333942c97b
  • 📦 docker pull harbor.fabrique.social.gouv.fr/vao/vao/cron:sha-6299d991167db142f978ba11ae533f333942c97b
  • 📦 docker pull harbor.fabrique.social.gouv.fr/vao/vao/external-api:sha-6299d991167db142f978ba11ae533f333942c97b
  • 📦 docker pull harbor.fabrique.social.gouv.fr/vao/vao/frontend-bo:sha-6299d991167db142f978ba11ae533f333942c97b
  • 📦 docker pull harbor.fabrique.social.gouv.fr/vao/vao/frontend-usagers:sha-6299d991167db142f978ba11ae533f333942c97b
  • 📦 docker pull harbor.fabrique.social.gouv.fr/vao/vao/migrations:sha-6299d991167db142f978ba11ae533f333942c97b
  • 📦 docker pull maildev/maildev:2.1.0
Debug

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants