.github/workflows/CICD.yml

name: Java CI with Maven

on:
  push:
    branches: [ "master" ]
  pull_request:
    branches: [ "master" ]

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
  
    - name: Set up JDK 17
      uses: actions/setup-java@v3
      with:
        java-version: '17'
        distribution: 'temurin'
        cache: maven

    - name: Build with Maven
      run: mvn -B package --file pom.xml

    - uses: actions/upload-artifact@v4
      with:
        name: RecipeApp
        path: target/*.jar

    - name: Print Environment Variables
      run: env

    - name: Install Trivy
      run: |
        sudo apt-get update
        sudo apt-get install -y wget apt-transport-https gnupg lsb-release
        sudo wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
        echo "deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
        sudo apt-get update
        sudo apt-get install -y trivy

    - name: Run Trivy scan
      run: |
        trivy --version
        trivy fs --format table -o trivy-fs-report.html .
 # - name: SonarQube Scan
#   uses: sonarsource/sonarqube-scan-action@master
#   env:
#       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
#       SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
   
# - name: Install jq
#   run: sudo apt-get update && sudo apt-get install -y jq

# - name: SonarQube Quality Gate check
#   id: sonarqube-quality-gate-check
#   uses: sonarsource/sonarqube-quality-gate-action@master
#   timeout-minutes: 5
#   env:
#     SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
#     SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}


    - name: Set up QEMU
      uses: docker/setup-qemu-action@v3

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3

    - name: Build Docker Image
      run: |
        docker build -t chaden13/recipeapp:latest .

    - name: Trivy Image Scan
      run: |
        trivy image --format table -o trivy-image-report.html chaden13/recipeapp:latest

    - name: Login to Docker Hub
      uses: docker/login-action@v3
      with:
        username: ${{ secrets.DOCKERHUB_USERNAME }}
        password: ${{ secrets.DOCKERHUB_TOKEN }}
     
    - name: Push Docker Image
      run: |
        docker push chaden13/recipeapp:latest

    - name: Kubectl Action
      uses: tale/kubectl-action@v1
      with:
        base64-kube-config: ${{ secrets.KUBE_CONFIG }}
    - name: Print Environment Variables
      run: |
        echo "GitHub Event: $GITHUB_EVENT_NAME"
        echo "GitHub Repository: $GITHUB_REPOSITORY"
        echo "GitHub Ref: $GITHUB_REF"
        echo "GitHub Actor: $GITHUB_ACTOR"
        echo "Current Branch: $(git rev-parse --abbrev-ref HEAD)"
        echo "Kubeconfig Contents:"
        cat $KUBECONFIG

    - name: Debug Kubernetes Cluster
      run: |
        kubectl cluster-info dump
        kubectl get pods --all-namespaces

    - name: Update dependency graph
      uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6