change actions path

[amadrizwan]

PR Type

enhancement

---

Description

• Added a new continuous deployment (CD) workflow for the 'develop' branch, including Docker image publishing and Kubernetes manifest updates.
• Implemented a CD pipeline for the 'master' branch with steps for building and deploying Docker images and updating Kubernetes manifests.
• Established a continuous integration (CI) pipeline with SonarQube and Codium AI analysis for 'master' and 'develop' branches.
• Introduced a release workflow for the 'master' branch that triggers on pull request merges, automating version bumping and release creation.

---

Changes walkthrough 📝

Relevant files

Enhancement

cd-develop.yml Add CD workflow for develop branch with Docker and BunnyCDN .github/workflows/cd-develop.yml Added a new GitHub Actions workflow for continuous deployment on the 'develop' branch. Defined jobs for publishing to BunnyCDN and Docker, and updating Kubernetes manifests. Configured environment variables and permissions for the workflow. +111/-1  cd-master.yml Implement CD pipeline for master branch with Docker            .github/workflows/cd-master.yml Introduced a new GitHub Actions workflow for the 'master' branch. Included steps for building, publishing, and deploying Docker images. Added steps for updating Kubernetes manifests in production. +136/-1  ci.yml Establish CI pipeline with SonarQube and Codium AI              .github/workflows/ci.yml Created a new CI pipeline with SonarQube analysis and Codium AI analysis. Configured triggers for pull requests and issue comments on 'master' and 'develop' branches. +63/-1    master-release.yml Add release workflow for master branch merges                        .github/workflows/master-release.yml Added a workflow for releasing on merge to the 'master' branch. Utilized a GitHub Action to bump version and create a release. +27/-1

---

💡 PR-Agent usage: Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[github-actions[bot]]

PR Reviewer Guide 🔍

🏅 Score: 75

🧪 No relevant tests

🔒 Security concerns Hardcoded Secrets: The workflows contain hardcoded secrets for BunnyCDN, which could lead to security risks if the repository is public or becomes public in the future.

⚡ Key issues to review Hardcoded Secrets The workflow contains hardcoded secrets for BunnyCDN, which could lead to security risks if the repository is public or becomes public in the future. Hardcoded Secrets The workflow contains hardcoded secrets for BunnyCDN, which could lead to security risks if the repository is public or becomes public in the future.

Code feedback:

---

relevant file	.github/workflows/cd-develop.yml
suggestion	Consider using environment variables for sensitive information such as `BCDN_STAGE_STORAGE_NAME`, `BCDN_STAGE_STORAGE_PASSWORD`, and `BCDN_STAGE_ACCESS_KEY` instead of directly placing them in the workflow file. This enhances security by not exposing sensitive details in the codebase. [important]
relevant line	storageZoneName: "${{ secrets.BCDN_STAGE_STORAGE_NAME }}"

---

relevant file	.github/workflows/cd-master.yml
suggestion	It's recommended to use environment variables for sensitive data like `BCDN_PROD_STORAGE_NAME`, `BCDN_PROD_STORAGE_PASSWORD`, and `BCDN_PROD_ACCESS_KEY`. This approach prevents the exposure of critical information and maintains the confidentiality of your deployment details. [important]
relevant line	storageZoneName: "${{ secrets.BCDN_PROD_STORAGE_NAME }}"

---

[github-actions[bot]]

PR Code Suggestions ✨

No code suggestions found for the PR.