Merge pull request #1637 from tscuite/develop

feat: update ci

.github/workflows/deploy-dev.yaml

@@ -80,20 +80,13 @@ jobs:
             registry.cn-hongkong.aliyuncs.com/secnium/dongtai-server:${{ steps.version.outputs.GITHUB_REF }}-latest
             registry.cn-hongkong.aliyuncs.com/secnium/dongtai-server:${{ steps.version.outputs.GITHUB_REF }}-1.0.${{github.run_number}}
 
-      - name: Set the value
-        id: release
-        run: |
-          if [ ${{ steps.version.outputs.GITHUB_REF }} = develop ] ; then echo "helm_ns=test" >> $GITHUB_ENV; echo "helm_mysql=test" >> $GITHUB_ENV 
-          elif [ ${{ steps.version.outputs.GITHUB_REF }} = beta ] ; then echo "helm_ns=beta" >> $GITHUB_ENV; echo "helm_mysql=beta" >> $GITHUB_ENV 
-          else echo "helm_ns=main" >> $GITHUB_ENV ; echo "helm_mysql=temp" >> $GITHUB_ENV ;fi
 
       - name: deploy to cluster
-        uses: wahyd4/kubectl-helm-action@master
+        uses: tscuite/kubectl-helm-action@main
         env:
+          MAX: false
+          PROJECT: server
+          RUN_NUMBER: ${{github.run_number}}
           KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_TEST_DATA }}
-        with:
-          args: |
-            git clone https://github.com/HXSecurity/DongTai.git
-            helm upgrade --install huoxian --create-namespace -n iast-${{ env.helm_ns }} ./DongTai/deploy/kubernetes/helm/ \
-            --set sca.sca_token=${{ secrets.TOKEN_SCA }} --set usb.usb_token=${{ secrets.TOKEN_SCA }} --set mysql.host=iast-mysql-${{ env.helm_mysql }}.huoxian.cn \
-            --set tag=${{ steps.version.outputs.GITHUB_REF }}-latest --set build.server_number=iast${{github.run_number}} --set develop.agentZip=${{ env.helm_ns }} --values https://charts.dongtai.io/devops.yaml
+          GITHUB_REF: ${{ steps.version.outputs.GITHUB_REF }}
+          TOKEN_SCA: ${{ secrets.TOKEN_SCA }}

deploy/kubernetes/helm/templates/_helpers.tpl

@@ -227,17 +227,17 @@ Create the name of the service account to use
 
 {{- define "config.ini" -}}
     [mysql]
-    host = {{.Values.mysql.host}}
-    port = {{.Values.mysql.port}}
-    name = {{.Values.mysql.name}}
-    user = {{.Values.mysql.user}}
-    password = {{.Values.mysql.password}}
+    host ={{.Values.mysql.host}}
+    port ={{.Values.mysql.port}}
+    name ={{.Values.mysql.name}}
+    user ={{.Values.mysql.user}}
+    password ={{.Values.mysql.password}}
 
     [redis]
-    host = {{.Values.redis.host}}
-    port = {{.Values.redis.port}}
-    password = {{.Values.redis.password}}
-    db = {{.Values.redis.db}}
+    host ={{.Values.redis.host}}
+    port ={{.Values.redis.port}}
+    password ={{.Values.redis.password}}
+    db ={{.Values.redis.db}}
 
     [engine]
     url = http://dongtai-engine:8000
@@ -246,22 +246,22 @@ Create the name of the service account to use
     url = http://dongtai-server:8000
 
     [security]
-    csrf_trust_origins = {{.Values.csrfTrustOrigins}}
-    secret_key = {{.Values.secretKey}}
+    csrf_trust_origins ={{.Values.csrfTrustOrigins}}
+    secret_key ={{.Values.secretKey}}
 
     [smtp]
-    server = {{.Values.smtp.server}}
-    user = {{.Values.smtp.user}}
-    password = {{.Values.smtp.password}}
-    from_addr = {{.Values.smtp.from_addr}}
-    ssl = {{.Values.smtp.ssl}}
-    cc_addr = {{.Values.smtp.cc_addr}}
-    port = {{.Values.smtp.port}}
+    server ={{.Values.smtp.server}}
+    user ={{.Values.smtp.user}}
+    password ={{.Values.smtp.password}}
+    from_addr ={{.Values.smtp.from_addr}}
+    ssl ={{.Values.smtp.ssl}}
+    cc_addr ={{.Values.smtp.cc_addr}}
+    port ={{.Values.smtp.port}}
 
     [sca]
-    base_url = {{.Values.sca.sca_url}}
-    timeout = 5
-    token = {{.Values.sca.sca_token}}
+    base_url ={{.Values.sca.sca_url}}
+    timeout =5
+    token ={{.Values.sca.sca_token}}
 
     [task]
     retryable = true
@@ -290,10 +290,11 @@ Create the name of the service account to use
     asset_vul_index = dongtai-iast-alias-dongtai-v1-asset-vul
 
     [other]
-    logging_level = {{.Values.logging_level}}
-    cache_preheat = True
-    domain_vul = {{.Values.Dongtai_url}}
-    dast_token = {{.Values.usb.usb_token}}
+    logging_level ={{.Values.logging_level}}
+    cache_preheat =True
+    domain ={{.Values.Dongtai_url}}
+    domain_vul ={{.Values.Dongtai_url}}
+    dast_token ={{.Values.usb.usb_token}}
 {{- end -}}
 
 {{/*

deploy/kubernetes/helm/templates/configmaps/dongtai-logstash.yaml

@@ -30,20 +30,20 @@ data:
         mutate {
            remove_field => ["timestamp","@version","host","date","headers"]
         }
-        # grok {
-        #   match => {
-        #     "log" => ".*\[%{DATA:agent_log_level}\].*"
-        #   }
-        # }
+        #grok {
+        #match => {
+        #"log" => ".*\[%{DATA:agent_log_level}\].*"
+        #}
+        #}
       }
       if [type] == "log"{
-        # ruby {
-        #   init => "require 'base64'"
-        #   code => "event.set('message', Base64.decode64(event.get('message')))"
-        # }
-        # ruby {
-        #   code => "puts event.to_hash"
-        # }
+        #ruby {
+        #init => "require 'base64'"
+        #code => "event.set('message', Base64.decode64(event.get('message')))"
+        #}
+        #ruby {
+        #code => "puts event.to_hash"
+        #}
         json{
           source => ["message"]
           remove_field => ["message"]
@@ -55,14 +55,14 @@ data:
         file {
             path => ["/tmp/logstash/agent/%{[agent]}/%{+YYYY.MM.dd}.log"]
         }
-        # elasticsearch {
-        #   hosts => ["10.12.9.20:9200"]
-        #   index => "agent-log-%{+YYYY.MM.dd}"
-        # }
+        #elasticsearch {
+        #hosts => ["10.12.9.20:9200"]
+        #index => "agent-log-%{+YYYY.MM.dd}"
+        #}
       }
       if [type] == "log"{
-        #stdout { 
-        #  codec => rubydebug
+        #stdout {
+        #codec => rubydebug
         #}
         analyticdb {
             driver_class => "com.mysql.jdbc.Driver"