Update CI, CD

Author: DucBaoUIT

.github/workflows/deploymentCd.yaml

@@ -30,26 +30,32 @@ jobs:
           mvn clean
           mvn -B package --file pom.xml
       
-      - name: Authenticate
-        uses: google-github-actions/auth@v2
-        with: 
-          credentials_json: ${{ secrets.GCP_SA_KEY }}
-          
-      - name: Configure gcloud
-        uses: google-github-actions/setup-gcloud@v2
-        with:
-          project_id: ${{ env.PROJECT_ID }}
-          install_components: 'gke-gcloud-auth-plugin'
-
-
-      - name: Set cluster context
+      - name: Install OpenVPN
+        run: sudo apt-get update && sudo apt-get install -y openvpn
+    
+      - name: Connect to VPN
+        env:
+          VPN_USERNAME: ${{ secrets.VPN_USERNAME }}
+          VPN_PASSWORD: ${{ secrets.VPN_PASSWORD }}
         run: |
-          gcloud container clusters get-credentials ${{ env.CLUSTER_NAME }} --zone ${{ env.ZONE }} --project ${{ env.PROJECT_ID }}
+          echo "${{ secrets.VPN_PROFILE_BASE64 }}" | base64 --decode > profile-559.ovpn
+          echo -e "${VPN_USERNAME}\n${VPN_PASSWORD}" > vpn-auth.txt
+          sudo openvpn --config profile-559.ovpn --auth-user-pass vpn-auth.txt --daemon
+          sleep 10
+          rm vpn-auth.txt
+          rm profile-559.ovpn
+
+      - name: Deploy to Server
+        uses: appleboy/[email protected]
+        with:
+          host: ${{ secrets.SERVER_HOST }}
+          username: ${{ secrets.SERVER_USERNAME }}
+          key: ${{ secrets.SERVER_SSH_KEY }}
+          script: |
+            cd /home/ubuntu/K8S
+            sudo kubectl apply -f video-mongo-deployment.yaml
+            sudo kubectl apply -f video-service-deployment.yaml
 
-      - name: Apply Kubernetes manifests
-        run: |
-          kubectl apply -f resources.yaml
-  
   notifications:
     needs: deploy
     uses: ./.github/workflows/notifyCD.yaml

.github/workflows/main.yaml

@@ -27,24 +27,24 @@ jobs:
       - name: Unit Tests
         run: mvn -B test --file pom.xml
 
-  # sonar_cloud_scan:
-  #   needs: testing
-  #   uses: ./.github/workflows/SonarQube.yaml
-  #   secrets:
-  #     SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+  sonar_cloud_scan:
+    needs: testing
+    uses: ./.github/workflows/SonarQube.yaml
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 
   build-image:
     needs: testing
     uses: ./.github/workflows/build-image.yaml
     secrets:
       DOCKER_HUB_ACCESS_TOKEN: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
 
-  # scan-image:
-  #   needs: build-image
-  #   uses: ./.github/workflows/scan-image.yaml
+  scan-image:
+    needs: build-image
+    uses: ./.github/workflows/scan-image.yaml
 
-  # notify:
-  #   needs: scan-image
-  #   uses: ./.github/workflows/notifyCI.yaml
-  #   secrets:
-  #     SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+  notify:
+    needs: scan-image
+    uses: ./.github/workflows/notifyCI.yaml
+    secrets:
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}

.github/workflows/scan-image.yaml

@@ -40,7 +40,7 @@ jobs:
           ' scan-results.json > vulnerability-report.md
 
       - name: Upload vulnerability report
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         with:
           name: vulnerability-report
           path: vulnerability-report.md