Create main.yml #20

	name: Vulnerability

	on:
	push:
	branches:
	- main

	jobs:
	deployment:
	runs-on: ubuntu-latest

	steps:
	- name: Checkout Repository
	uses: actions/checkout@v3

	- name: Set up SSH with Password Authentication
	run: \|
	echo "$PASSWORD" \| sudo -S echo "Password authentication is set up" # Use PASSWORD secret for sudo
	env:
	PASSWORD: ${{ secrets.PASSWORD }}

	- name: Add VM to known_hosts
	run: \|
	mkdir -p ~/.ssh
	ssh-keyscan -H ${{ secrets.VM_HOST }} >> ~/.ssh/known_hosts

	- name: Verify known_hosts Entry
	run: \|
	cat ~/.ssh/known_hosts # Optional step to confirm the host is added

	- name: Synchronize Code with VM Using rsync
	env:
	RSYNC_RSH: "ssh"
	run: \|
	rsync -avz --exclude='.git' --exclude='.env' --exclude='nuclei-templates/' --exclude='.env' ./ ${{ secrets.VM_USER }}@${{ secrets.VM_HOST }}:/home/dev/CAPEC-Rag/

	- name: Restart Docker Compose Services
	uses: appleboy/[email protected]
	with:
	host: ${{ secrets.VM_HOST }}
	username: ${{ secrets.VM_USER }}
	password: ${{ secrets.PASSWORD }} # Using the PASSWORD secret for SSH login
	script: \|
	echo "Stopping existing Docker Compose services..."
	cd /home/dev/CAPEC-Rag/
	sudo docker-compose down
	echo "Starting Docker Compose services..."
	sudo docker-compose build --no-cache
	sudo docker-compose up -d
	echo "Successfully deployed the application!"

Provide feedback