Update CDCI-master.yml

MartinMeer · web-flow · commit 34046bf98b16 · 2025-02-03T14:16:16.000+03:00
diff --git a/.github/workflows/CDCI-master.yml b/.github/workflows/CDCI-master.yml
@@ -1,87 +1,54 @@
-# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
-# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle
-
-name: Java CI with Gradle
-#run-name: ${{ github.actor }}'s own workflow Java CI with Gradle
+name: CI/CD Pipeline for Java Project
 
 on:
   push:
     branches:
-      - '*'
+     - master
   pull_request:
     branches:
-      - '*'
-#defaults:
- #run:
-  #working-directory: ./app
+      - master
+
 jobs:
   build:
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    steps:
-    - uses: actions/checkout@v4
-    - name: Set up JDK 21
-      uses: actions/setup-java@v4
-      with:
-        java-version: "21"
-        distribution: temurin
-        cache: gradle
-    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5
-      id: setup-gradle
-      with:
-        gradle-version: current
-      
-        
-   
-    - run: gradle build --dry-run
-    - run: echo "The current Gradle version was ${{ steps.setup-gradle.outputs.gradle-version }}"
-          
-    - name: Test with Gradle Wrapper
-      run: make run-test
-    - run: echo "Test was sucsessful!"
-        #cache-dependency-path: | # optional
-          #sub-project/*.gradle*
-          #sub-project/**/gradle-wrapper.properties
-
-    # Configure Gradle for optimal use in GitHub Actions, including caching of downloaded dependencies.
-    # See: https://github.com/gradle/actions/blob/main/setup-gradle/README.md
-    # NOTE: The Gradle Wrapper is the default and recommended way to run Gradle (https://docs.gradle.org/current/userguide/gradle_wrapper.html).
-    # If your project does not have the Gradle Wrapper configured, you can use the following configuration to run Gradle with a specified version.
-    
-    # - name: Setup Gradle
-    #   uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0
-    #   with:
-    #     gradle-version: '8.5'
-    #
-    # - name: Build with Gradle 8.5
-    #   run: gradle build
-
-  dependency-submission:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: write
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
+#JDK     
       - name: Set up JDK 21
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v3
         with:
-          java-version: "21"
-          distribution: temurin
-      - name: Generate and submit dependency graph        
-        uses: gradle/actions/dependency-submission@417ae3ccd767c252f5661f1ace9f835f9654f2b5
-        #with:
-          #build-root-directory: ./app
-        
-        
+          java-version: '21'
+          distribution: 'corretto'
+          #cache: 'gradle'
+#Gradle         
+      - name: Setup Gradle
+        uses: gradle/actions/setup-gradle@v4      
+      - name: Validate Gradle wrapper
+        uses: gradle/actions/wrapper-validation@v4      
+
+#Build       
+      - name: Build with Gradle
+        run: make mkBuild
+      - name: Test with Gradle
+        run: make mkTest
+      
+#UploadArtifact     
+      
+      - name: Upload artifacts
+        uses: actions/upload-artifact@v3
+        with:
+          name: build-output
+          path: build/libs/*.war
+  
+#Snyk 
   snyk:
     runs-on: ubuntu-latest
     permissions: write-all
     steps:
       - uses: actions/checkout@v4
       - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/gradle-jdk21@master
+        uses: snyk/actions/gradle@master
+        continue-on-error: true
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
@@ -94,13 +61,43 @@ jobs:
         with:
           sarif_file: snyk.sarif
 
-    # Generates and submits a dependency graph, enabling Dependabot Alerts for all project dependencies.
-    # See: https://github.com/gradle/actions/blob/main/dependency-submission/README.md
-    
+# Generates and submits a dependency graph, enabling Dependabot Alerts for all project dependencies.
+# See: https://github.com/gradle/actions/blob/main/dependency-submission/README.md   
+  dependency-submission:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: "17"
+          distribution: temurin
+      - name: Generate and submit dependency graph        
+        uses: gradle/actions/dependency-submission@417ae3ccd767c252f5661f1ace9f835f9654f2b5
 
-#run-on multiOS
-       #runs-on: ${{ matrix.os }}
-    #strategy:
-       #matrix:
-         #os: [ubuntu-latest, macos-latest]
-         
+  deploy:
+    needs: build
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/main'
+    steps:
+      - uses: actions/checkout@v3
+      - name: Download artifacts
+        uses: actions/download-artifact@v3
+        with:
+          name: build-output
+      - name: Setup SSH key
+        env:
+          SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
+          SSH_KNOWN_HOSTS: ${{ secrets.SSH_KNOWN_HOSTS }}
+        run: |
+          mkdir -p ~/.ssh/
+          echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+          echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
+          chmod 644 ~/.ssh/known_hosts
+      - name: Deploy to Server
+        run: |
+          scp -o StrictHostKeyChecking=no build/libs/*.jar user@server:/path/to/project/
+          ssh user@server "cd /path/to/project && java -jar your-app.jar &"
