Update CI CD

Author: DucBaoUIT

.github/workflows/deploymentCD.yaml

@@ -19,24 +19,36 @@ jobs:
           distribution: 'corretto'
           java-version: 17
 
-      - name: Authenticate
-        uses: google-github-actions/auth@v2
-        with: 
-          credentials_json: ${{ secrets.GCP_SA_KEY }}
-          
-      - name: Configure gcloud
-        uses: google-github-actions/setup-gcloud@v2
+      - name: Install OpenVPN
+        run: sudo apt-get update && sudo apt-get install -y openvpn
+    
+      - name: Connect to VPN
+        env:
+          VPN_USERNAME: ${{ secrets.VPN_USERNAME }}
+          VPN_PASSWORD: ${{ secrets.VPN_PASSWORD }}
+        run: |
+          echo "${{ secrets.VPN_PROFILE_BASE64 }}" | base64 --decode > profile-559.ovpn
+          echo -e "${VPN_USERNAME}\n${VPN_PASSWORD}" > vpn-auth.txt
+          sudo openvpn --config profile-559.ovpn --auth-user-pass vpn-auth.txt --daemon
+          sleep 10
+          rm vpn-auth.txt
+          rm profile-559.ovpn
+
+      - name: Deploy to Server
+        uses: appleboy/[email protected]
         with:
-          project_id: ${{ env.PROJECT_ID }}
-          install_components: 'gke-gcloud-auth-plugin'
+          host: ${{ secrets.SERVER_HOST }}
+          username: ${{ secrets.SERVER_USERNAME }}
+          key: ${{ secrets.SERVER_SSH_KEY }}
+          script: |
+            cd /home/ubuntu/K8S
+            sudo kubectl apply -f comment-mongo-deployment.yaml
+            sudo kubectl apply -f comment-service-deployment.yaml
 
-      - name: Set cluster context
-        run: |
-          gcloud container clusters get-credentials ${{ env.CLUSTER_NAME }} --zone ${{ env.ZONE }}  --project ${{ env.PROJECT_ID }}
 
-      - name: Apply Kubernetes manifests for application
-        run: |
-          kubectl apply -f resources.yaml
+      # - name: Apply Kubernetes manifests
+      #   run: |
+      #     kubectl apply -f resources.yaml
 
   notify:
     needs: deploy

.github/workflows/main.yaml

@@ -26,11 +26,11 @@ jobs:
       - name: Unit Tests
         run: mvn -B test --file pom.xml
 
-  # sonarQube-scan:
-  #     needs: testing
-  #     uses: ./.github/workflows/sonarqube.yaml
-  #     secrets:
-  #       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+  sonarQube-scan:
+      needs: testing
+      uses: ./.github/workflows/sonarqube.yaml
+      secrets:
+        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 
 
   build-image:
@@ -39,12 +39,12 @@ jobs:
     secrets:
       DOCKER_HUB_ACCESS_TOKEN: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
 
-  # scan-image:
-  #   needs: build-image
-  #   uses: ./.github/workflows/scan-image.yaml
+  scan-image:
+    needs: build-image
+    uses: ./.github/workflows/scan-image.yaml
 
-  # notify:
-  #   needs: scan-image
-  #   uses: ./.github/workflows/notifyCI.yaml
-  #   secrets:
-  #     SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+  notify:
+    needs: scan-image
+    uses: ./.github/workflows/notifyCI.yaml
+    secrets:
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}

.github/workflows/scan-image.yaml

@@ -40,7 +40,7 @@ jobs:
           ' scan-results.json > vulnerability-report.md
 
       - name: Upload vulnerability report
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         with:
           name: vulnerability-report
           path: vulnerability-report.md