# CI/CD Pipeline Audit - 20251123-104219 == CI/CD Configurations Found == /home/administrator/projects/coppertone.tech/.gitea/workflows/build-frontend.yml /home/administrator/projects/coppertone.tech/.gitea/workflows/build-backend-payment.yml /home/administrator/projects/coppertone.tech/.gitea/workflows/build-backend-auth.yml /home/administrator/projects/coppertone.tech/.gitea/workflows/build-backend-work.yml /home/administrator/projects/coppertone.tech/frontend/pnpm-lock.yaml /home/administrator/projects/coppertone.tech/.gopath/pkg/mod/github.com/google/uuid@v1.6.0/.github/workflows/tests.yaml /home/administrator/projects/coppertone.tech/.gopath/pkg/mod/github.com/google/uuid@v1.6.0/.github/workflows/apidiff.yaml /home/administrator/projects/coppertone.tech/.gopath/pkg/mod/github.com/lib/pq@v1.10.9/.github/workflows/test.yml /home/administrator/projects/coppertone.tech/.gopath/pkg/mod/github.com/lib/pq@v1.10.9/.github/workflows/codeql-analysis.yml /home/administrator/projects/coppertone.tech/.gopath/pkg/mod/github.com/golang-jwt/jwt/v5@v5.3.0/.github/workflows/lint.yml /home/administrator/projects/coppertone.tech/.gopath/pkg/mod/github.com/golang-jwt/jwt/v5@v5.3.0/.github/workflows/codeql-analysis.yml /home/administrator/projects/coppertone.tech/.gopath/pkg/mod/github.com/golang-jwt/jwt/v5@v5.3.0/.github/workflows/build.yml == Gitea Actions == total 24 drwxr-xr-x 2 administrator administrator 4096 Nov 21 09:03 . drwxr-xr-x 3 administrator administrator 4096 Nov 20 15:08 .. -rw-r--r-- 1 administrator administrator 2125 Nov 21 09:03 build-backend-auth.yml -rw-r--r-- 1 administrator administrator 2238 Nov 21 09:03 build-backend-payment.yml -rw-r--r-- 1 administrator administrator 2329 Nov 21 09:03 build-backend-work.yml -rw-r--r-- 1 administrator administrator 1624 Nov 21 09:03 build-frontend.yml === build-backend-auth.yml === name: Build and Test Auth Service on: push: branches: [ main, develop, 'feature/**' ] paths: - 'backend/functions/auth-service/**' - '.gitea/workflows/build-backend-auth.yml' pull_request: branches: [ main, develop ] paths: - 'backend/functions/auth-service/**' jobs: build-and-test: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up Go uses: actions/setup-go@v5 with: go-version: '1.25' - name: Cache Go modules uses: actions/cache@v4 with: path: | ~/.cache/go-build ~/go/pkg/mod key: ${{ runner.os }}-go-auth-${{ hashFiles('backend/functions/auth-service/go.sum') }} restore-keys: | ${{ runner.os }}-go-auth- - name: Download dependencies working-directory: ./backend/functions/auth-service run: go mod download - name: Verify dependencies working-directory: ./backend/functions/auth-service run: go mod verify - name: Run go vet working-directory: ./backend/functions/auth-service run: go vet ./... - name: Run tests working-directory: ./backend/functions/auth-service run: go test -v -race -coverprofile=coverage.out ./... - name: Build binary working-directory: ./backend/functions/auth-service run: go build -v -o auth-service main.go - name: Build container image working-directory: ./backend/functions/auth-service run: | podman build -t coppertone-auth-service:${{ github.sha }} -f Containerfile . podman build -t coppertone-auth-service:latest -f Containerfile . - name: Upload coverage uses: actions/upload-artifact@v4 with: name: auth-service-coverage path: backend/functions/auth-service/coverage.out - name: Upload binary uses: actions/upload-artifact@v4 with: name: auth-service-binary path: backend/functions/auth-service/auth-service === build-backend-payment.yml === name: Build and Test Payment Service on: push: branches: [ main, develop, 'feature/**' ] paths: - 'backend/functions/payment-service/**' - 'backend/pkg/**' - '.gitea/workflows/build-backend-payment.yml' pull_request: branches: [ main, develop ] paths: - 'backend/functions/payment-service/**' - 'backend/pkg/**' jobs: build-and-test: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up Go uses: actions/setup-go@v5 with: go-version: '1.25' - name: Cache Go modules uses: actions/cache@v4 with: path: | ~/.cache/go-build ~/go/pkg/mod key: ${{ runner.os }}-go-payment-${{ hashFiles('backend/functions/payment-service/go.sum') }} restore-keys: | ${{ runner.os }}-go-payment- - name: Download dependencies working-directory: ./backend/functions/payment-service run: go mod download - name: Verify dependencies working-directory: ./backend/functions/payment-service run: go mod verify - name: Run go vet working-directory: ./backend/functions/payment-service run: go vet ./... - name: Run tests working-directory: ./backend/functions/payment-service run: go test -v -race -coverprofile=coverage.out ./... - name: Build binary working-directory: ./backend/functions/payment-service run: go build -v -o payment-service main.go - name: Build container image working-directory: ./backend/functions/payment-service run: | podman build -t coppertone-payment-service:${{ github.sha }} -f Containerfile . podman build -t coppertone-payment-service:latest -f Containerfile . - name: Upload coverage uses: actions/upload-artifact@v4 with: name: payment-service-coverage path: backend/functions/payment-service/coverage.out - name: Upload binary uses: actions/upload-artifact@v4 with: name: payment-service-binary path: backend/functions/payment-service/payment-service === build-backend-work.yml === name: Build and Test Work Management Service on: push: branches: [ main, develop, 'feature/**' ] paths: - 'backend/functions/work-management-service/**' - 'backend/pkg/**' - '.gitea/workflows/build-backend-work.yml' pull_request: branches: [ main, develop ] paths: - 'backend/functions/work-management-service/**' - 'backend/pkg/**' jobs: build-and-test: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Set up Go uses: actions/setup-go@v5 with: go-version: '1.25' - name: Cache Go modules uses: actions/cache@v4 with: path: | ~/.cache/go-build ~/go/pkg/mod key: ${{ runner.os }}-go-work-${{ hashFiles('backend/functions/work-management-service/go.sum') }} restore-keys: | ${{ runner.os }}-go-work- - name: Download dependencies working-directory: ./backend/functions/work-management-service run: go mod download - name: Verify dependencies working-directory: ./backend/functions/work-management-service run: go mod verify - name: Run go vet working-directory: ./backend/functions/work-management-service run: go vet ./... - name: Run tests working-directory: ./backend/functions/work-management-service run: go test -v -race -coverprofile=coverage.out ./... - name: Build binary working-directory: ./backend/functions/work-management-service run: go build -v -o work-management-service main.go - name: Build container image working-directory: ./backend/functions/work-management-service run: | podman build -t coppertone-work-service:${{ github.sha }} -f Containerfile . podman build -t coppertone-work-service:latest -f Containerfile . - name: Upload coverage uses: actions/upload-artifact@v4 with: name: work-service-coverage path: backend/functions/work-management-service/coverage.out - name: Upload binary uses: actions/upload-artifact@v4 with: name: work-service-binary path: backend/functions/work-management-service/work-management-service === build-frontend.yml === name: Build and Test Frontend on: push: branches: [ main, develop, 'feature/**' ] paths: - 'frontend/**' - '.gitea/workflows/build-frontend.yml' pull_request: branches: [ main, develop ] paths: - 'frontend/**' jobs: build-and-test: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: 'lts/*' cache: 'npm' cache-dependency-path: './frontend/package-lock.json' - name: Install dependencies working-directory: ./frontend run: npm ci - name: Run linter working-directory: ./frontend run: npm run lint - name: Run type check working-directory: ./frontend run: npm run type-check - name: Run unit tests working-directory: ./frontend run: npm run test:unit - name: Build Frontend working-directory: ./frontend run: npm run build - name: Build container image working-directory: ./frontend run: | podman build -t coppertone-frontend:${{ github.sha }} -f Containerfile . podman build -t coppertone-frontend:latest -f Containerfile . - name: Archive production artifacts uses: actions/upload-artifact@v4 with: name: frontend-dist path: ./frontend/dist - name: Archive Nginx config uses: actions/upload-artifact@v4 with: name: frontend-nginx-config path: ./frontend/nginx.conf == GitHub Actions == No GitHub Actions found == Security in CI/CD == None found