Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
29 commits
Select commit Hold shift + click to select a range
3d85e1b
Test integration.
Sar-py-05 Jun 18, 2026
6fea6c1
Add GitHub Actions workflow for testing
Sar-py-05 Jun 18, 2026
9b23116
mvn code analysis.
Sar-py-05 Jun 19, 2026
d20c55b
Sonar code analysis in workflow.
Sar-py-05 Jun 19, 2026
d554d40
Updated sonar scan code.
Sar-py-05 Jun 19, 2026
66025f5
Minor change.
Sar-py-05 Jun 19, 2026
e46c196
Again minor change.
Sar-py-05 Jun 19, 2026
53b304d
Add SonarQube project key and organization to workflow
Sar-py-05 Jun 19, 2026
7e36ef7
Sonar env variables updated.
Sar-py-05 Jun 19, 2026
7b68c93
Code change.
Sar-py-05 Jun 19, 2026
393285d
Updated tokens
Sar-py-05 Jun 19, 2026
7a4f801
Updated sonar scan.
Sar-py-05 Jun 19, 2026
0701c59
changed sonar scanner
Sar-py-05 Jun 19, 2026
ee8de53
Update SonarCloud configuration
Sar-py-05 Jun 21, 2026
4b367c2
Configure SonarCloud scan
Sar-py-05 Jun 21, 2026
5467d9a
updated mvn verify.
Sar-py-05 Jun 21, 2026
2612890
Added Maven Checkstyle plugin
Sar-py-05 Jun 22, 2026
cbe9a1b
Added Maven Checkstyle plugin
Sar-py-05 Jun 22, 2026
f1027b7
Added SonarCloud Quality Gate enforcement
Sar-py-05 Jun 22, 2026
2ec30d4
Build and upload workflow.
Sar-py-05 Jun 23, 2026
81427e9
Commented sonar scan.
Sar-py-05 Jun 23, 2026
895be58
Updated Dockerfile for ECR build
Sar-py-05 Jun 23, 2026
b4a5c53
Fixed ECR repository name
Sar-py-05 Jun 23, 2026
c568cfa
Fix CVE vulnerabilities: upgrade Spring, Spring Security, Jackson, Lo…
Sar-py-05 Jun 24, 2026
819f832
Upgrade Jackson to 2.14.2 for additional CVE fixes
Sar-py-05 Jun 24, 2026
3090645
Fix indentation in pom.xml
Sar-py-05 Jun 24, 2026
7f507fe
Fix indentation in .github/workflows/main.yml
Sar-py-05 Jun 24, 2026
9b8c213
Updated the deploy code.
Sar-py-05 Jun 24, 2026
e0b786b
Test, Build and Deploy CICD pipeline.Updated the deploy code.
Sar-py-05 Jun 24, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
56 changes: 56 additions & 0 deletions .github/workflows/bkp_main.yml_210626
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
name: Hprofile Action

on:
workflow_dispatch:

jobs:
Testing:
runs-on: ubuntu-latest

steps:
# Checkout source code
- name: Checkout Code
uses: actions/checkout@v4

# Setup Java
- name: Setup Java 11
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "11"
cache: maven

# Run Unit Tests
- name: Maven Test
run: mvn test

# Run Checkstyle
- name: Checkstyle
run: mvn checkstyle:checkstyle

# Setup sonar-scanner
- name: Setup SonarQube
uses: warchant/setup-sonar-scanner@v7

- name: Debug Sonar Values
run: |
echo "ORG=${{ secrets.SONAR_ORGANIZATION }}"
echo "PROJECT=${{ secrets.SONAR_PROJECT_KEY }}"
echo "URL=${{ secrets.SONAR_URL }}"

# Run sonar-scanner
- name: SonarQube Scan
run: |
sonar-scanner \
-Dsonar.host.url=${{ secrets.SONAR_URL }} \
-Dsonar.token=${{ secrets.SONAR_TOKEN }} \
-Dsonar.organization=${{ secrets.SONAR_ORGANIZATION }} \
-Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY }} \
-X

# SonarQube Quality Gate Check
- name: SonarQube Quality Gate Check
uses: SonarSource/sonarqube-quality-gate-action@master
timeout-minutes: 5
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
77 changes: 77 additions & 0 deletions .github/workflows/bkp_main.yml_230626
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
name: Hprofile Action

on:
workflow_dispatch:
env:
AWS_REGION: us-east-1

jobs:
Testing:
runs-on: ubuntu-latest

steps:
- name: Checkout Code
uses: actions/checkout@v4

- name: Setup Java 11
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "11"
cache: maven

- name: Maven Verify
run: mvn clean verify

- name: Verify Sonar Secrets
run: |
echo "ORG=${{ secrets.SONAR_ORGANIZATION }}"
echo "PROJECT=${{ secrets.SONAR_PROJECT_KEY }}"
echo "URL=${{ secrets.SONAR_URL }}"

if [ -n "${{ secrets.SONAR_TOKEN }}" ]; then
echo "SONAR_TOKEN_PRESENT=YES"
else
echo "SONAR_TOKEN_PRESENT=NO"
exit 1
fi

- name: Setup Sonar Scanner
uses: warchant/setup-sonar-scanner@v7

- name: Sonar Scan
run: |
sonar-scanner \
-Dsonar.host.url=${{ secrets.SONAR_URL }} \
-Dsonar.token=${{ secrets.SONAR_TOKEN }}

- name: Quality Gate Check
uses: SonarSource/sonarqube-quality-gate-action@master
timeout-minutes: 5
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

BUILD_AND_PUBLISH:
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4

- name: Update application.properties file
run: |
sed -i "s/^jdbc.username.*$/jdbc.username\=${{ secrets.RDS_USER }}/" src/main/resources/application.properties
sed -i "s/^jdbc.password.*$/jdbc.password\=${{ secrets.RDS_PASS }}/" src/main/resources/application.properties
sed -i "s/db01/${{ secrets.RDS_ENDPOINT }}/" src/main/resources/application.properties

- name: upload image to ECR
uses: appleboy/docker-ecr-action@master
with:
access_key: ${{ secrets.aws_access_key_id }}
secret_key: ${{ secrets.aws_secret_access_key }}
registry: ${{ secrets.registry }}
repo: acctapp
region: ${{ env.AWS_REGION }}
tags: latest,${GITHUB_RUN_NUMBER}
daemon_off: false
dockerfile: ./Dockerfile
context: ./
121 changes: 121 additions & 0 deletions .github/workflows/bkp_main.yml_CICD_240626
Original file line number Diff line number Diff line change
@@ -0,0 +1,121 @@
name: Hprofile Action

on:
workflow_dispatch:

permissions:
contents: read

env:
AWS_REGION: us-east-1
ECR_REPOSITORY: actapp
ECS_SERVICE: vproapp-act-svc
ECS_CLUSTER: vproapp-act
ECS_TASK_DEFINITION: aws-files/taskdef.json
CONTAINER_NAME: vproapp

jobs:
Testing:
runs-on: ubuntu-latest

steps:
- name: Checkout Code
uses: actions/checkout@v4

- name: Setup Java 11
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "11"
cache: maven

- name: Maven Verify
run: mvn clean verify

- name: Verify Sonar Secrets
run: |
echo "ORG=${{ secrets.SONAR_ORGANIZATION }}"
echo "PROJECT=${{ secrets.SONAR_PROJECT_KEY }}"
echo "URL=${{ secrets.SONAR_URL }}"

if [ -n "${{ secrets.SONAR_TOKEN }}" ]; then
echo "SONAR_TOKEN_PRESENT=YES"
else
echo "SONAR_TOKEN_PRESENT=NO"
exit 1
fi

- name: Setup Sonar Scanner
uses: warchant/setup-sonar-scanner@v7

- name: Sonar Scan
run: |
sonar-scanner \
-Dsonar.host.url=${{ secrets.SONAR_URL }} \
-Dsonar.token=${{ secrets.SONAR_TOKEN }}

# Re-enable later after code quality improves
#
# - name: Quality Gate Check
# uses: SonarSource/sonarqube-quality-gate-action@master
# timeout-minutes: 5
# env:
# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

BUILD_AND_PUBLISH:
needs: Testing
runs-on: ubuntu-latest

steps:
- name: Checkout Code
uses: actions/checkout@v4

- name: Update application.properties
run: |
sed -i "s/^jdbc.username.*$/jdbc.username=${{ secrets.RDS_USER }}/" src/main/resources/application.properties
sed -i "s/^jdbc.password.*$/jdbc.password=${{ secrets.RDS_PASS }}/" src/main/resources/application.properties
sed -i "s/db01/${{ secrets.RDS_ENDPOINT }}/" src/main/resources/application.properties

- name: Upload Image to ECR
uses: appleboy/docker-ecr-action@master
with:
access_key: ${{ secrets.AWS_ACCESS_KEY_ID }}
secret_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
registry: ${{ secrets.REGISTRY }}
repo: actapp
region: ${{ env.AWS_REGION }}
tags: latest,${{ github.run_number }}
daemon_off: false
dockerfile: ./Dockerfile
context: ./

Deploy:
needs: BUILD_AND_PUBLISH
runs-on: ubuntu-latest

steps:
- name: Checkout Code
uses: actions/checkout@v4

- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}

- name: Fill in New Image ID in ECS Task Definition
id: task-def
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: ${{ env.ECS_TASK_DEFINITION }}
container-name: ${{ env.CONTAINER_NAME }}
image: ${{ secrets.REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ github.run_number }}

- name: Deploy ECS Task Definition
uses: aws-actions/amazon-ecs-deploy-task-definition@v2
with:
task-definition: ${{ steps.task-def.outputs.task-definition }}
service: ${{ env.ECS_SERVICE }}
cluster: ${{ env.ECS_CLUSTER }}
wait-for-service-stability: true
125 changes: 125 additions & 0 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,125 @@
name: Hprofile Action

on: [push, workflow_dispatch]

permissions:
contents: read

env:
AWS_REGION: us-east-1
ECR_REPOSITORY: actapp

ECS_CLUSTER: vproapp-act
ECS_SERVICE: vproapp-act-svc

ECS_TASK_DEFINITION: aws-files/taskdef.json
CONTAINER_NAME: vproapp

jobs:
Testing:
runs-on: ubuntu-latest

steps:
- name: Checkout Code
uses: actions/checkout@v4

- name: Setup Java 11
uses: actions/setup-java@v4
with:
distribution: temurin
java-version: "11"
cache: maven

- name: Maven Verify
run: mvn clean verify

- name: Verify Sonar Secrets
run: |
echo "ORG=${{ secrets.SONAR_ORGANIZATION }}"
echo "PROJECT=${{ secrets.SONAR_PROJECT_KEY }}"
echo "URL=${{ secrets.SONAR_URL }}"

if [ -n "${{ secrets.SONAR_TOKEN }}" ]; then
echo "SONAR_TOKEN_PRESENT=YES"
else
echo "SONAR_TOKEN_PRESENT=NO"
exit 1
fi

- name: Setup Sonar Scanner
uses: warchant/setup-sonar-scanner@v7

- name: Sonar Scan
run: |
sonar-scanner \
-Dsonar.host.url=${{ secrets.SONAR_URL }} \
-Dsonar.token=${{ secrets.SONAR_TOKEN }}

# Uncomment later after improving coverage
#
# - name: Quality Gate Check
# uses: SonarSource/sonarqube-quality-gate-action@master
# timeout-minutes: 5
# env:
# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

BUILD_AND_PUBLISH:
needs: Testing
runs-on: ubuntu-latest

outputs:
image_tag: ${{ github.run_number }}

steps:
- name: Checkout Code
uses: actions/checkout@v4

- name: Update application.properties
run: |
sed -i "s/^jdbc.username.*$/jdbc.username=${{ secrets.RDS_USER }}/" src/main/resources/application.properties
sed -i "s/^jdbc.password.*$/jdbc.password=${{ secrets.RDS_PASS }}/" src/main/resources/application.properties
sed -i "s/db01/${{ secrets.RDS_ENDPOINT }}/" src/main/resources/application.properties

- name: Build and Push Image to ECR
uses: appleboy/docker-ecr-action@master
with:
access_key: ${{ secrets.AWS_ACCESS_KEY_ID }}
secret_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
registry: ${{ secrets.REGISTRY }}
repo: actapp
region: ${{ env.AWS_REGION }}
tags: latest,${{ github.run_number }}
daemon_off: false
dockerfile: ./Dockerfile
context: ./

Deploy:
needs: BUILD_AND_PUBLISH
runs-on: ubuntu-latest

steps:
- name: Checkout Code
uses: actions/checkout@v4

- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}

- name: Render ECS Task Definition
id: task-def
uses: aws-actions/amazon-ecs-render-task-definition@v1
with:
task-definition: ${{ env.ECS_TASK_DEFINITION }}
container-name: ${{ env.CONTAINER_NAME }}
image: ${{ secrets.REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ github.run_number }}

- name: Deploy to Amazon ECS
uses: aws-actions/amazon-ecs-deploy-task-definition@v2
with:
task-definition: ${{ steps.task-def.outputs.task-definition }}
service: ${{ env.ECS_SERVICE }}
cluster: ${{ env.ECS_CLUSTER }}
wait-for-service-stability: true
4 changes: 4 additions & 0 deletions .vscode/settings.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
{
"java.compile.nullAnalysis.mode": "disabled",
"java.configuration.updateBuildConfiguration": "disabled"
}
Loading