Refactor CI workflows by removing security scan steps for API Docs, API Gateway, Frontend, and Service Adapters; update Docker build configurations for improved clarity and maintainability.

2025-09-15 09:42:07 +02:00
parent 63a3139896
commit 4ae22d4f5f
6 changed files with 4 additions and 220 deletions
--- a/.gitea/workflows/docker-build.yml
+++ b/.gitea/workflows/docker-build.yml
@@ -90,80 +90,3 @@ jobs:
        labels: ${{ steps.meta.outputs.labels }}
        cache-from: type=gha,scope=frontend
        cache-to: type=gha,mode=max,scope=frontend
-
-  security-scan:
-    runs-on: ubuntu-latest
-    needs: build-and-push
-    
-    steps:
-    - name: Checkout code
-      uses: actions/checkout@v4
-      
-    - name: Extract metadata for security scan
-      id: meta
-      uses: docker/metadata-action@v5
-      with:
-        images: |
-          ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/api-gateway
-          ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/service-adapters
-          ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/api-docs
-          ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/frontend
-        tags: |
-          type=ref,event=branch
-          type=ref,event=pr
-          type=semver,pattern={{version}}
-          type=semver,pattern={{major}}.{{minor}}
-          type=semver,pattern={{major}}
-          type=sha,prefix={{branch}}-
-          type=raw,value=latest,enable={{is_default_branch}}
-      
-    - name: Run Trivy vulnerability scanner
-      uses: aquasecurity/trivy-action@master
-      with:
-        image-ref: |
-          ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/api-gateway:${{ steps.meta.outputs.version }}
-          ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/service-adapters:${{ steps.meta.outputs.version }}
-          ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/api-docs:${{ steps.meta.outputs.version }}
-          ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/frontend:${{ steps.meta.outputs.version }}
-        format: 'sarif'
-        output: 'trivy-results.sarif'
-        
-    - name: Upload Trivy scan results
-      uses: github/codeql-action/upload-sarif@v2
-      if: always()
-      with:
-        sarif_file: 'trivy-results.sarif'
-
-  deploy-staging:
-    runs-on: ubuntu-latest
-    needs: [build-and-push, security-scan]
-    if: github.ref == 'refs/heads/develop'
-    
-    steps:
-    - name: Deploy to staging
-      run: |
-        echo "Deploying to staging environment..."
-        # Add your staging deployment commands here
-        # This could include:
-        # - Updating Kubernetes manifests
-        # - Running helm charts
-        # - Updating Docker Compose files
-        # - Running database migrations
-
-  deploy-production:
-    runs-on: ubuntu-latest
-    needs: [build-and-push, security-scan]
-    if: startsWith(github.ref, 'refs/tags/v')
-    
-    steps:
-    - name: Deploy to production
-      run: |
-        echo "Deploying to production environment..."
-        # Add your production deployment commands here
-        # This could include:
-        # - Updating Kubernetes manifests
-        # - Running helm charts
-        # - Updating Docker Compose files
-        # - Running database migrations
-        # - Health checks
-        # - Rollback procedures