COG-GTM · devin-ai-integration · Apr 29, 2026
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
@@ -0,0 +1,63 @@
+name: CD Pipeline
+
+on:
+  workflow_dispatch:
+    inputs:
+      DOCKER_TAG:
+        description: "Docker tag of the image built by the CI job"
+        required: true
+        type: string
+  repository_dispatch:
+    types: [trigger-cd]
+
+jobs:
+  cd:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: DevOps
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Verify Docker Image Tag
+        run: echo "DOCKER TAG RECEIVED: ${{ inputs.DOCKER_TAG || github.event.client_payload.DOCKER_TAG }}"
+
+      - name: Update Kubernetes manifest
+        run: |
+          sed -i -e 's|trainwithshubham/bankapp-eks:.*|trainwithshubham/bankapp-eks:${{ inputs.DOCKER_TAG || github.event.client_payload.DOCKER_TAG }}|g' kubernetes/bankapp-deployment.yml
+
+      - name: Git commit and push
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git add .
+          git commit -m "Updated K8s Deployment Docker Image Version"
+          git push origin DevOps
+
+      - name: Send email notification
+        if: always()
+        uses: dawidd6/action-send-mail@v3
+        with:
+          server_address: smtp.gmail.com
+          server_port: 587
+          username: ${{ secrets.MAIL_USERNAME }}
+          password: ${{ secrets.MAIL_PASSWORD }}
+          subject: "BankApp Application has been updated and deployed - ${{ job.status }}"
+          to: trainwithshubham@gmail.com
+          from: trainwithshubham@gmail.com
+          html_body: |
+            <html>
+            <body>
+                <div style="background-color: #FFA07A; padding: 10px; margin-bottom: 10px;">
+                    <p style="color: black; font-weight: bold;">Project: ${{ github.job }}</p>
+                </div>
+                <div style="background-color: #90EE90; padding: 10px; margin-bottom: 10px;">
+                    <p style="color: black; font-weight: bold;">Build Number: ${{ github.run_number }}</p>
+                </div>
+                <div style="background-color: #87CEEB; padding: 10px; margin-bottom: 10px;">
+                    <p style="color: black; font-weight: bold;">URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}</p>
+                </div>
+            </body>
+            </html>
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,77 @@
+name: CI Pipeline
+
+on:
+  workflow_dispatch:
+    inputs:
+      DOCKER_TAG:
+        description: "Setting docker image for latest push"
+        required: true
+        type: string
+  push:
+    branches:
+      - DevOps
+
+jobs:
+  ci:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: DevOps
+
+      - name: Trivy filesystem scan
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: "fs"
+          scan-ref: "."
+
+      - name: OWASP Dependency Check
+        uses: dependency-check/Dependency-Check_Action@main
+        with:
+          project: "bankapp"
+          path: "."
+          format: "XML"
+          out: "reports"
+
+      - name: Upload OWASP Dependency Check report
+        uses: actions/upload-artifact@v4
+        with:
+          name: dependency-check-report
+          path: reports/
+
+      - name: SonarQube Analysis
+        uses: SonarSource/sonarqube-scan-action@master
+        with:
+          args: >
+            -Dsonar.projectKey=bankapp
+            -Dsonar.projectName=bankapp
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+
+      - name: SonarQube Quality Gate
+        uses: SonarSource/sonarqube-quality-gate-action@master
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
+      - name: Docker Login
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Docker Build & Push
+        uses: docker/build-push-action@v5
+        with:
+          push: true
+          tags: madhupdevops/bankapp:${{ inputs.DOCKER_TAG }}
+
+      - name: Trigger CD workflow
+        run: |
+          gh workflow run cd.yml \
+            -r DevOps \
+            -f DOCKER_TAG="${{ inputs.DOCKER_TAG }}"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}