Workflow Overview
Last updated
Last updated
Adding a CI/CD capability into a project repository requires connecting a workflow yml script created and managed in GitHub with the iCR server offering the analysis. It is assumed that there is a DevOps engineer, or someone with equivalent skill, who is already familiar with GitHub Actions and who will prepare iCR for integration into GitHub. The diagram below will be used as the reference for the steps.
Step 1. GitHub Actions employs a framework where customizable functionality can be easily added and controlled. Packages which implement custom behavior as a Docker image can be executed by GitHub Actions. This package, supplied by OpenRefactory, communicates securely with the iCR Navigator to identify and manage the automated workflow. The first step is to prepare the Docker package and register it with a GitHub user. OpenRefactory provides a convenient script to help with this step.
Step 2. Once the Docker image is ready, it needs to be registered as a package within the User’s package registry.
Step 3. As a registered package available to the User, it now needs to be made available to any repository within which an Actions workflow is desired.
Step 4. With the image registered and associated with one or more desired repositories, the DevOps engineer creates the required main.yml file in the repository’s .github/workflows folder. The script will identify the manner in which it will be triggered. The script provides the iCR server with necessary details about the project. GitHub Actions “secrets” specify the arguments to the script.
Step 5. When the trigger specified in the main.yml occurs, the script is executed. The Navigator will be requested to start an analysis using information provided from the script secrets.
Step 6. The Navigator will use that information to determine the correct branch to be analyzed. The Navigator will automatically fetch the source code of the configured repository in GitHub and initiate an analysis.
Step 7. Once the analysis completes, the user is notified via an email message. The email is sent to the address defined by one of the secrets from Step 4. An email address MUST be provided so that iCR has a way of not only signaling completion, but also a way of communicating any errors that may have occurred.
Step 8. Once notified that analysis is complete and that results are available, the user may login directly to the iCR server which ran the analysis. From that login, the user can enter the Reviewer to process results in exactly the same manner as described in the User Guide for Private Platforms.
