Update CI and ENV

Author: DucBaoUIT

.env

@@ -1 +1 @@
-REACT_APP_API_URL=http://192.168.120.131:32020
+REACT_APP_API_URL=http://192.168.120.131:31122

.github/workflows/deployCD.yaml

@@ -1,58 +1,58 @@
-# name: Continuous Deployment for Frontend
-
-# on:
-#   workflow_run:
-#     workflows: ["Continuous Integration for Frontend"]
-#     types:
-#       - completed
-# env:
-#   PROJECT_ID: gke-project-423206
-#   CLUSTER_NAME: autopilot-cluster-1
-#   ZONE: us-central1
+name: Continuous Deployment for Frontend
+
+on:
+  workflow_run:
+    workflows: ["Continuous Integration for Frontend"]
+    types:
+      - completed
+env:
+  PROJECT_ID: gke-project-423206
+  CLUSTER_NAME: autopilot-cluster-1
+  ZONE: us-central1
 
 
-# jobs:
-#   deploy:
-#     name: Deploy to GKE Autopilot
-#     runs-on: ubuntu-latest
-
-#     strategy:
-#       matrix:
-#         node-version: [18.x]
-
-#     steps:
-#       - name: Checkout code
-#         uses: actions/checkout@v3
-
-#       - name: Build the application
-#         run: |
-#           npm ci
-#           npm run build 
-#         env:
-#           CI: ""
-
-#       - name: Authenticate
-#         uses: google-github-actions/auth@v2
-#         with:
-#           credentials_json: '${{ secrets.GCP_SA_KEY }}'
-
-#       - name: Configure gcloud SDK
-#         uses: google-github-actions/setup-gcloud@v2
-#         with:
-#           project_id: ${{ env.PROJECT_ID }}
-#           install_components: 'gke-gcloud-auth-plugin'
-
-
-#       - name: Set cluster context 
-#         run: |
-#           gcloud container clusters get-credentials ${{ env.CLUSTER_NAME }} --zone ${{ env.ZONE }} --project ${{ env.PROJECT_ID }}
-
-#       - name: Apply Kubernetes manifests
-#         run: |
-#           kubectl apply -f resources.yaml 
+jobs:
+  deploy:
+    name: Deploy to GKE Autopilot
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [18.x]
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Build the application
+        run: |
+          npm ci
+          npm run build 
+        env:
+          CI: ""
+
+      - name: Authenticate
+        uses: google-github-actions/auth@v2
+        with:
+          credentials_json: '${{ secrets.GCP_SA_KEY }}'
+
+      - name: Configure gcloud SDK
+        uses: google-github-actions/setup-gcloud@v2
+        with:
+          project_id: ${{ env.PROJECT_ID }}
+          install_components: 'gke-gcloud-auth-plugin'
+
+
+      - name: Set cluster context 
+        run: |
+          gcloud container clusters get-credentials ${{ env.CLUSTER_NAME }} --zone ${{ env.ZONE }} --project ${{ env.PROJECT_ID }}
+
+      - name: Apply Kubernetes manifests
+        run: |
+          kubectl apply -f resources.yaml 
         
-#   notifications:
-#       needs: deploy
-#       uses: ./.github/workflows/notifyCD.yaml
-#       secrets:
-#         SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+  notifications:
+      needs: deploy
+      uses: ./.github/workflows/notifyCD.yaml
+      secrets:
+        SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}

.github/workflows/notifyCD.yaml

@@ -1,36 +1,36 @@
-# name: Send Slack Notification for Frontend
+name: Send Slack Notification for Frontend
 
-# on:
-#   workflow_call:
-#     secrets:
-#       SLACK_WEBHOOK_URL:
-#         required: true
+on:
+  workflow_call:
+    secrets:
+      SLACK_WEBHOOK_URL:
+        required: true
 
-# jobs:
-#   success_notifier:
-#     if: success()
-#     runs-on: ubuntu-latest
-#     steps:
-#       - name: Send success notification on Slack
-#         uses: slackapi/[email protected]
-#         with:
-#           payload: |
-#             {
-#               "text": "The Continuous Deployment for Frontend workflow has completed successfully."
-#             }
-#         env:
-#           SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+jobs:
+  success_notifier:
+    if: success()
+    runs-on: ubuntu-latest
+    steps:
+      - name: Send success notification on Slack
+        uses: slackapi/[email protected]
+        with:
+          payload: |
+            {
+              "text": "The Continuous Deployment for Frontend workflow has completed successfully."
+            }
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
 
-#   failure_notifier:
-#     if: failure()
-#     runs-on: ubuntu-latest
-#     steps:
-#       - name: Send failure notification on Slack
-#         uses: slackapi/[email protected]
-#         with:
-#           payload: |
-#             {
-#               "text": "The Continuous Deployment for Frontend workflow has failed."
-#             }
-#         env:
-#           SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+  failure_notifier:
+    if: failure()
+    runs-on: ubuntu-latest
+    steps:
+      - name: Send failure notification on Slack
+        uses: slackapi/[email protected]
+        with:
+          payload: |
+            {
+              "text": "The Continuous Deployment for Frontend workflow has failed."
+            }
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}

.github/workflows/notifyCI.yaml

@@ -1,36 +1,36 @@
-# name: Send Slack Notification for Frontend
+name: Send Slack Notification for Frontend
 
-# on:
-#   workflow_call:
-#     secrets:
-#       SLACK_WEBHOOK_URL:
-#         required: true
+on:
+  workflow_call:
+    secrets:
+      SLACK_WEBHOOK_URL:
+        required: true
 
-# jobs:
-#   success_notifier:
-#     if: success()
-#     runs-on: ubuntu-latest
-#     steps:
-#       - name: Send success notification on Slack
-#         uses: slackapi/[email protected]
-#         with:
-#           payload: |
-#             {
-#               "text": "The Continuous Integration for Frontend workflow has completed successfully."
-#             }
-#         env:
-#           SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+jobs:
+  success_notifier:
+    if: success()
+    runs-on: ubuntu-latest
+    steps:
+      - name: Send success notification on Slack
+        uses: slackapi/[email protected]
+        with:
+          payload: |
+            {
+              "text": "The Continuous Integration for Frontend workflow has completed successfully."
+            }
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
 
-#   failure_notifier:
-#     if: failure()
-#     runs-on: ubuntu-latest
-#     steps:
-#       - name: Send failure notification on Slack
-#         uses: slackapi/[email protected]
-#         with:
-#           payload: |
-#             {
-#               "text": "The Continuous Integration for Frontend workflow has failed."
-#             }
-#         env:
-#           SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+  failure_notifier:
+    if: failure()
+    runs-on: ubuntu-latest
+    steps:
+      - name: Send failure notification on Slack
+        uses: slackapi/[email protected]
+        with:
+          payload: |
+            {
+              "text": "The Continuous Integration for Frontend workflow has failed."
+            }
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}

.github/workflows/scan-image.yaml

@@ -1,47 +1,47 @@
-# name: Scan Image Frontend
-# on:
-#   workflow_call:
+name: Scan Image Frontend
+on:
+  workflow_call:
 
-# jobs:
-#   scan-image:
-#     name: Security Scan
-#     runs-on: ubuntu-latest
-#     steps:
-#       - name: Install Trivy
-#         run: |
-#           sudo apt-get update
-#           sudo apt-get install -y wget
-#           wget https://github.com/aquasecurity/trivy/releases/download/v0.40.0/trivy_0.40.0_Linux-64bit.deb
-#           sudo dpkg -i trivy_0.40.0_Linux-64bit.deb
+jobs:
+  scan-image:
+    name: Security Scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install Trivy
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y wget
+          wget https://github.com/aquasecurity/trivy/releases/download/v0.40.0/trivy_0.40.0_Linux-64bit.deb
+          sudo dpkg -i trivy_0.40.0_Linux-64bit.deb
 
-#       - name: Scan Docker image with Trivy
-#         id: scan-image
-#         run: |
-#           trivy image --format json --output scan-results.json datuits/devops-frontend:latest
+      - name: Scan Docker image with Trivy
+        id: scan-image
+        run: |
+          trivy image --format json --output scan-results.json datuits/devops-frontend:latest
         
-#       - name: Extract high and critical vulnerabilities
-#         id: extract_vulnerabilities
-#         run: |
-#           jq -r '
-#           def hr(severity):
-#             if severity == "HIGH" or severity == "CRITICAL" then true else false end;
-#           def to_md:
-#             "| " + (.VulnerabilityID // "") + " | " + (.PkgName // "") + " | " + (.InstalledVersion // "") + " | " + (.Severity // "") + " | " + (.Title // "") + " |";
-#           [
-#             "# Docker Image Scan Results",
-#             "",
-#             "## High and Critical Vulnerabilities",
-#             "",
-#             "| Vulnerability ID | Package | Version | Severity | Description |",
-#             "|------------------|---------|---------|----------|-------------|",
-#             (.Results[] | .Vulnerabilities[] | select(hr(.Severity)) | to_md),
-#             ""
-#           ] | join("\n")
-#           ' scan-results.json > vulnerability-report.md
+      - name: Extract high and critical vulnerabilities
+        id: extract_vulnerabilities
+        run: |
+          jq -r '
+          def hr(severity):
+            if severity == "HIGH" or severity == "CRITICAL" then true else false end;
+          def to_md:
+            "| " + (.VulnerabilityID // "") + " | " + (.PkgName // "") + " | " + (.InstalledVersion // "") + " | " + (.Severity // "") + " | " + (.Title // "") + " |";
+          [
+            "# Docker Image Scan Results",
+            "",
+            "## High and Critical Vulnerabilities",
+            "",
+            "| Vulnerability ID | Package | Version | Severity | Description |",
+            "|------------------|---------|---------|----------|-------------|",
+            (.Results[] | .Vulnerabilities[] | select(hr(.Severity)) | to_md),
+            ""
+          ] | join("\n")
+          ' scan-results.json > vulnerability-report.md
 
-#       - name: Upload vulnerability report
-#         uses: actions/upload-artifact@v2
-#         with:
-#           name: vulnerability-report
-#           path: vulnerability-report.md
+      - name: Upload vulnerability report
+        uses: actions/upload-artifact@v2
+        with:
+          name: vulnerability-report
+          path: vulnerability-report.md
 

.github/workflows/sonarqube-scan.yaml

@@ -1,18 +1,18 @@
-# name: SonarCloud for Frontend
-# on:
-#   workflow_call:
-#     secrets: 
-#       SONAR_TOKEN: 
-#         required: true
-# jobs:
-#   sonarcloud-scan:
-#     name: SonarCloud
-#     runs-on: ubuntu-latest
-#     steps:
-#       - uses: actions/checkout@v3
-#         with:
-#           fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
-#       - name: SonarCloud Scan
-#         uses: SonarSource/sonarcloud-github-action@master
-#         env:
-#           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+name: SonarCloud for Frontend
+on:
+  workflow_call:
+    secrets: 
+      SONAR_TOKEN: 
+        required: true
+jobs:
+  sonarcloud-scan:
+    name: SonarCloud
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}