From 2f2a2a74ff99e8acb3a1903815d211ea77736a63 Mon Sep 17 00:00:00 2001
From: ethanandrews <eandrews@whoi.edu>
Date: Thu, 15 Aug 2024 16:28:49 -0400
Subject: [PATCH] update github actions to use docker compose command

---
 .github/workflows/zap-publish-image-rdb.yml | 60 ++++++++++-----------
 1 file changed, 29 insertions(+), 31 deletions(-)

diff --git a/.github/workflows/zap-publish-image-rdb.yml b/.github/workflows/zap-publish-image-rdb.yml
index b0209f56..b782dc50 100644
--- a/.github/workflows/zap-publish-image-rdb.yml
+++ b/.github/workflows/zap-publish-image-rdb.yml
@@ -1,32 +1,31 @@
 name: Create and publish a package
 on:
   push:
-    branches: 
-      - 'release-**'
-      - 'automated_tests'
+    branches:
+      - "release-**"
+      - "automated_tests"
 
 env:
   IMAGE_NAME: ooicgsn-roundabout
 
 jobs:
-
- # OWASP Dependency Check & ZAP Scan
- depchecktest:
+  # OWASP Dependency Check & ZAP Scan
+  depchecktest:
     runs-on: ubuntu-latest
     name: OWASP
     steps:
       - name: Checkout
         uses: actions/checkout@v4
-      - name: Build RDB project 
+      - name: Build RDB project
         run: |
-          
+
       - name: OWASP Dependency Check
         uses: dependency-check/Dependency-Check_Action@main
         id: Depcheck
         with:
-          project: 'ooicgsn-roundabout'
-          path: '.'
-          format: 'HTML'    
+          project: "ooicgsn-roundabout"
+          path: "."
+          format: "HTML"
           args: >
             --failOnCVSS 7
             --enableRetired
@@ -34,17 +33,17 @@ jobs:
       - name: Upload Test results
         uses: actions/upload-artifact@master
         with:
-           name: Dependency Check Report
-           path: ${{github.workspace}}/reports
+          name: Dependency Check Report
+          path: ${{github.workspace}}/reports
 
       - name: OWASP ZAP Scan
         # Full scan runs spider and then performs attacks on target website
         # uses: zaproxy/action-full-scan@v0.3.0
-        run:  |
+        run: |
           # Build and Run RDB
           mv .envs.example .envs
-          docker-compose -f docker-compose-testing.yml build
-          docker-compose -f docker-compose-testing.yml up --detach
+          docker compose -f docker compose-testing.yml build
+          docker compose -f docker compose-testing.yml up --detach
           sh -c "until curl -Is http://localhost:8000; do echo 'waiting for http://localhost:8000'; sleep 10; done"
 
           # Pull the OWASP ZAP Docker Image
@@ -67,22 +66,22 @@ jobs:
              -n rdb.context \
              -U admin
 
-         # -t zaproxy/zap-stable zap-baseline.py -j  \  no high alerts
-         # -t zaproxy/zap-stable zap-full-scan.py \ runs 6+ hrs and timesout, includes high alerts
-         # -t zaproxy/zap-weekly zap-full-scan.py -j  \ runs for 6+ hours - times out
+        # -t zaproxy/zap-stable zap-baseline.py -j  \  no high alerts
+        # -t zaproxy/zap-stable zap-full-scan.py \ runs 6+ hrs and timesout, includes high alerts
+        # -t zaproxy/zap-weekly zap-full-scan.py -j  \ runs for 6+ hours - times out
 
       - name: Archive production artifacts
         uses: actions/upload-artifact@v4
         with:
           name: Zap Report
           path: |
-             ./rdb-zap-baseline-scan.html
+            ./rdb-zap-baseline-scan.html
 
       - name: Stopping RDB application
-        run:  docker-compose --file docker-compose-testing.yml down
+        run: docker compose --file docker compose-testing.yml down
 
- # RDB Automated Testing and Tagging
- setup-build-publish:
+  # RDB Automated Testing and Tagging
+  setup-build-publish:
     name: RDB Setup, Build, and Publish
     runs-on: ubuntu-latest
 
@@ -91,25 +90,25 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Running Automated tests
-        run:  |
+        run: |
 
           # Build and run development version of Django
           mv .envs.example .envs
-          docker-compose -f docker-compose-testing.yml build
-    
-          docker-compose -f docker-compose-testing.yml up --detach
+          docker compose -f docker compose-testing.yml build
+
+          docker compose -f docker compose-testing.yml up --detach
           #sleep 60
           sh -c "until curl -Is http://localhost:8000; do echo 'waiting for http://localhost:8000'; sleep 10; done"
 
           # Run automated tests
-          docker-compose -f docker-compose-testing.yml run tests ./RunAllTests-Chrome-Linux.bat
+          docker compose -f docker compose-testing.yml run tests ./RunAllTests-Chrome-Linux.bat
 
       - name: Build, Tag & Push Production Image
         if: contains(github.ref, 'release')
         run: |
           echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
           IMAGE_ID=ghcr.io/${{ github.repository }}
-        
+
           # Change all uppercase to lowercase
           IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
 
@@ -134,5 +133,4 @@ jobs:
           docker push $IMAGE_ID:$VERSION
 
       - name: Stopping RDB application
-        run:  docker-compose --file docker-compose-testing.yml down
-
+        run: docker compose --file docker compose-testing.yml down