Create main.yml

Author: usman-ce

.github/workflows/main.yml

@@ -0,0 +1,50 @@
+name: Vulnerability
+
+on:  
+  push:  
+    branches: 
+      - main 
+
+jobs:  
+  deployment:  
+    runs-on: ubuntu-latest  
+
+    steps:  
+      - name: Checkout Repository  
+        uses: actions/checkout@v3  
+
+      - name: Set up SSH with Password Authentication  
+        run: |
+          echo "$PASSWORD" | sudo -S echo "Password authentication is set up"  # Use PASSWORD secret for sudo
+        env:
+          PASSWORD: ${{ secrets.PASSWORD }}
+
+      - name: Add VM to known_hosts  
+        run: |  
+          mkdir -p ~/.ssh  
+          ssh-keyscan -H ${{ secrets.VM_HOST }} >> ~/.ssh/known_hosts  
+
+      - name: Verify known_hosts Entry  
+        run: |
+          cat ~/.ssh/known_hosts  # Optional step to confirm the host is added
+
+      - name: Synchronize Code with VM Using rsync  
+        env:
+          RSYNC_RSH: "ssh"  
+        run: |
+          rsync -avz --exclude='.git' --exclude='.env' --exclude='nuclei-templates/' --exclude='.env' ./ ${{ secrets.VM_USER }}@${{ secrets.VM_HOST }}:/home/dev/CAPEC-Rag/
+
+      - name: Restart Docker Compose Services  
+        uses: appleboy/[email protected]  
+        with:  
+          host: ${{ secrets.VM_HOST }}  
+          username: ${{ secrets.VM_USER }}
+          password: ${{ secrets.PASSWORD }}  # Using the PASSWORD secret for SSH login
+          script: |  
+            echo "Stopping existing Docker Compose services..."  
+            cd /home/dev/CAPEC-Rag/ 
+            sudo docker-compose down  
+            echo "Starting Docker Compose services..." 
+            sudo docker-compose build --no-cache
+            sudo docker-compose up -d  
+            echo "Successfully deployed the application!"