From 398d434ec3a180d0d4721e90029e387abec47954 Mon Sep 17 00:00:00 2001 From: satyadeep-del Date: Tue, 26 Aug 2025 12:48:16 +0530 Subject: [PATCH 01/11] Update cicd.yml --- .github/workflows/cicd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 0cea9618..258dc889 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -1,6 +1,6 @@ name: CICD Pipeline -on: +# on: push: branches: [ "main" ] From c51be87453d1aac80a7be895ba1013be0a0cc214 Mon Sep 17 00:00:00 2001 From: satyadeep-del Date: Tue, 26 Aug 2025 12:49:17 +0530 Subject: [PATCH 02/11] Create ci.yml --- .github/workflows/ci.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..a09a8cac --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,20 @@ +name: CICD Pipeline + +on: + push: + branches: [ "main" ] + +jobs: + compile: + runs-on: self-hosted + + steps: + - uses: actions/checkout@v4 + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'temurin' + cache: maven + - name: Build with Maven + run: mvn clean install From 01f459b4649ec422205cb6767449885e6fae415c Mon Sep 17 00:00:00 2001 From: satyadeep-del Date: Tue, 26 Aug 2025 12:59:30 +0530 Subject: [PATCH 03/11] Delete .github/workflows/ci.yml --- .github/workflows/ci.yml | 20 -------------------- 1 file changed, 20 deletions(-) delete mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index a09a8cac..00000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: CICD Pipeline - -on: - push: - branches: [ "main" ] - -jobs: - compile: - runs-on: self-hosted - - steps: - - uses: actions/checkout@v4 - - name: Set up JDK 17 - uses: actions/setup-java@v4 - with: - java-version: '17' - distribution: 'temurin' - cache: maven - - name: Build with Maven - run: mvn clean install From 63a77803cc4699a528844d25fb00ffdac8333fec Mon Sep 17 00:00:00 2001 From: satyadeep-del Date: Tue, 26 Aug 2025 13:15:57 +0530 Subject: [PATCH 04/11] ver001_cicd.yml --- .github/workflows/cicd.yml | 134 +------------------------------------ 1 file changed, 1 insertion(+), 133 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 258dc889..c7b347df 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -17,137 +17,5 @@ jobs: distribution: 'temurin' cache: maven - name: Build with Maven - run: mvn compile - - security-check: - runs-on: self-hosted - needs: compile - - steps: - - uses: actions/checkout@v4 - - name: Trivy Installation - run: | - sudo apt-get install -y wget apt-transport-https gnupg lsb-release - wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add - - echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list - sudo apt-get update -y - sudo apt-get install -y trivy - - - name: Trivy FS Scan - run: trivy fs --format table -o fs-report.json . - - - name: Gitleaks Installation - run: sudo apt install gitleaks -y - - name: Gitleaks Code Scan - run: gitleaks detect source . -r gitleaks-report.json -f json - - test: - runs-on: self-hosted - needs: security-check - steps: - - uses: actions/checkout@v4 - - name: Set up JDK 17 - uses: actions/setup-java@v4 - with: - java-version: '17' - distribution: 'temurin' - cache: maven - - name: Unit Test Cases - run: mvn test - - build_project_and_sonar_scan: - runs-on: self-hosted - needs: test - steps: - - uses: actions/checkout@v4 - - name: Set up JDK 17 - uses: actions/setup-java@v4 - with: - java-version: '17' - distribution: 'temurin' - cache: maven - - name: Build Project - run: mvn package - - name: Upload JAR artifact - uses: actions/upload-artifact@v4 - with: - name: app-jar - path: target/*.jar - - - uses: actions/checkout@v4 - with: - # Disabling shallow clones is recommended for improving the relevancy of reporting - fetch-depth: 0 - - name: SonarQube Scan - uses: SonarSource/sonarqube-scan-action@v5.0.0 # Ex: v4.1.0, See the latest version at https://github.com/marketplace/actions/official-sonarqube-scan - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_HOST_URL: ${{ vars.SONAR_HOST_URL }} - - - name: SonarQube Quality Gate check - id: sonarqube-quality-gate-check - uses: sonarsource/sonarqube-quality-gate-action@master - with: - pollingTimeoutSec: 600 - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - SONAR_HOST_URL: ${{ vars.SONAR_HOST_URL }} - - buils_docker_image_and_push: - runs-on: self-hosted - needs: build_project_and_sonar_scan - steps: - - uses: actions/checkout@v4 - - name: Download JAR artifact - uses: actions/download-artifact@v4 - with: - name: app-jar - path: app # this will download JAR to ./app folder - - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ vars.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Build and Push Docker image - uses: docker/build-push-action@v6 - with: - context: . - push: true - tags: adijaiswal/bankapp:latest - file: ./Dockerfile - - deploy_to_kubernetes: - runs-on: self-hosted - needs: buils_docker_image_and_push - steps: - - name: Checkout Code - uses: actions/checkout@v4 - - name: Install AWS CLI - run: | - curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" - unzip awscliv2.zip - sudo ./aws/install - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v2 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: ap-south-1 - - name: Set up kubectl - uses: azure/setup-kubectl@v3 - with: - version: latest - - name: Configure kubeconfig - run: | - mkdir -p $HOME/.kube - echo "${{ secrets.EKS_KUBECONFIG }}" > $HOME/.kube/config - - name: Deploy to EKS - run: | - kubectl apply -f ds.yml - + run: mvn -B package --file pom.xml From a6333a302caa2da189d2cab56244e9e320cb26df Mon Sep 17 00:00:00 2001 From: satyadeep-del Date: Tue, 26 Aug 2025 13:17:17 +0530 Subject: [PATCH 05/11] Ver002_ cicd.yml --- .github/workflows/cicd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index c7b347df..4e2b560c 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -1,6 +1,6 @@ name: CICD Pipeline -# on: + on: push: branches: [ "main" ] From 617f24ffb3ba94eb186ebcff3b723c9d5b3ad615 Mon Sep 17 00:00:00 2001 From: satyadeep-del Date: Tue, 26 Aug 2025 13:18:43 +0530 Subject: [PATCH 06/11] Ver003_cicd.yml --- .github/workflows/cicd.yml | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 4e2b560c..76d28ad1 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -1,6 +1,6 @@ -name: CICD Pipeline +name: CICD Pipeline - on: +on: push: branches: [ "main" ] @@ -9,13 +9,12 @@ jobs: runs-on: self-hosted steps: - - uses: actions/checkout@v4 - - name: Set up JDK 17 - uses: actions/setup-java@v4 - with: - java-version: '17' - distribution: 'temurin' - cache: maven - - name: Build with Maven - run: mvn -B package --file pom.xml - + - uses: actions/checkout@v4 + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'temurin' + cache: maven + - name: Build with Maven + run: mvn -B package --file pom.xml From c0006b24fdcd0e88ee816abfd2972fec494f7f86 Mon Sep 17 00:00:00 2001 From: satyadeep-del Date: Tue, 26 Aug 2025 13:28:41 +0530 Subject: [PATCH 07/11] Ver005_cicd.yml --- .github/workflows/cicd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 76d28ad1..30a18c54 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -6,7 +6,7 @@ on: jobs: compile: - runs-on: self-hosted + runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 From 652a07a93f7c03429c5c5069ae5dc54c38d950ab Mon Sep 17 00:00:00 2001 From: satyadeep-del Date: Wed, 27 Aug 2025 09:03:41 +0530 Subject: [PATCH 08/11] ver006_cicd.yml --- .github/workflows/cicd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 30a18c54..49e380dd 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -1,4 +1,4 @@ -name: CICD Pipeline +name: CICD Pipeline example on: push: From 9454259d666c0acf558c22d296accf8c3aadc314 Mon Sep 17 00:00:00 2001 From: satyadeep-del Date: Wed, 27 Aug 2025 09:11:37 +0530 Subject: [PATCH 09/11] PR_submitted_ cicd.yml --- .github/workflows/cicd.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 49e380dd..3e8f3360 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -1,8 +1,7 @@ -name: CICD Pipeline example - +name: Automated deploy for Dev environment on: - push: - branches: [ "main" ] + pull_request_review: + types: [submitted] jobs: compile: From 1ab8b4d69e48e803705cc6a92e76554bbb3a51c7 Mon Sep 17 00:00:00 2001 From: satyadeep-del Date: Wed, 27 Aug 2025 10:28:58 +0530 Subject: [PATCH 10/11] example_sonar.yml --- .github/workflows/sonay.yml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 .github/workflows/sonay.yml diff --git a/.github/workflows/sonay.yml b/.github/workflows/sonay.yml new file mode 100644 index 00000000..0947abf1 --- /dev/null +++ b/.github/workflows/sonay.yml @@ -0,0 +1,28 @@ +name: sonarscan + +on: + workflow_dispatch: + inputs: + branch: + description: 'Branch to build from' + required: true + default: 'develop' + +jobs: + Checkout: + runs-on: sdvtc-runner + steps: + - name: Checkout Source Code + uses: actions/checkout@v4 + with: + ref: ${{ inputs.branch }} + + - name: Build Source + run: | + echo "Building in environment from branch ${{ inputs.branch }}" + + - name: Official SonarQube Scan + uses: SonarSource/sonarqube-scan-action@v2.3.0 + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: ${{ vars.SONAR_HOST_URL }} From 94008101972806a9904b054419f971dbc8b7fb14 Mon Sep 17 00:00:00 2001 From: satyadeep-del Date: Wed, 27 Aug 2025 10:29:15 +0530 Subject: [PATCH 11/11] Rename sonay.yml to sonar.yml --- .github/workflows/{sonay.yml => sonar.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{sonay.yml => sonar.yml} (100%) diff --git a/.github/workflows/sonay.yml b/.github/workflows/sonar.yml similarity index 100% rename from .github/workflows/sonay.yml rename to .github/workflows/sonar.yml