Create main.yml

fabiliria280802 · web-flow · commit 47117ca0dae5 · 2025-01-16T10:08:59.000-05:00
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -0,0 +1,86 @@
+name: CI/CD Pipeline for Flask App
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  build-and-test:
+    runs-on: ubuntu-latest
+
+    steps:
+    # 1. Checkout Code
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # 2. Set up Python
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: "3.9"
+
+    # 3. Install dependencies
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r requirements.txt
+
+    # 4. Run tests with coverage
+    - name: Run tests and generate coverage report
+      run: |
+        pytest --cov=app tests/
+      env:
+        CI: true
+
+    # 5. Upload coverage to Codecov
+    - name: Upload coverage report
+      uses: codecov/codecov-action@v5
+      with:
+        token: ${{ secrets.CODECOV_TOKEN }}
+        files: ./coverage.xml
+
+  static-analysis:
+    runs-on: ubuntu-latest
+
+    steps:
+    # 1. Checkout Code
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # 2. SonarCloud Analysis
+    - name: Run SonarCloud Scan
+      uses: SonarSource/sonarcloud-github-action@v2
+      env:
+        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        SONAR_PROJECT_KEY: ${{ secrets.SONAR_PROJECT_KEY }}
+        SONAR_ORGANIZATION: ${{ secrets.SONAR_ORGANIZATION }}
+
+  dynamic-analysis:
+    runs-on: ubuntu-latest
+
+    steps:
+    # 1. Checkout Code
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # 2. Start Flask App
+    - name: Start Flask Application
+      run: |
+        python app.py &
+        sleep 10
+
+    # 3. Run OWASP ZAP
+    - name: Run OWASP ZAP
+      uses: zaproxy/action-full-scan@v0.5.0
+      with:
+        token: ${{ secrets.ZAP_API_KEY }}
+        target: "http://127.0.0.1:5500"
+
+    # 4. Stop Flask Application
+    - name: Stop Flask Application
+      run: |
+        pkill -f app.py
