diff --git a/.github/workflows/deploy-dev.yaml b/.github/workflows/deploy-dev.yaml index 540b8751e..7fe8e5ad4 100644 --- a/.github/workflows/deploy-dev.yaml +++ b/.github/workflows/deploy-dev.yaml @@ -80,20 +80,13 @@ jobs: registry.cn-hongkong.aliyuncs.com/secnium/dongtai-server:${{ steps.version.outputs.GITHUB_REF }}-latest registry.cn-hongkong.aliyuncs.com/secnium/dongtai-server:${{ steps.version.outputs.GITHUB_REF }}-1.0.${{github.run_number}} - - name: Set the value - id: release - run: | - if [ ${{ steps.version.outputs.GITHUB_REF }} = develop ] ; then echo "helm_ns=test" >> $GITHUB_ENV; echo "helm_mysql=test" >> $GITHUB_ENV - elif [ ${{ steps.version.outputs.GITHUB_REF }} = beta ] ; then echo "helm_ns=beta" >> $GITHUB_ENV; echo "helm_mysql=beta" >> $GITHUB_ENV - else echo "helm_ns=main" >> $GITHUB_ENV ; echo "helm_mysql=temp" >> $GITHUB_ENV ;fi - name: deploy to cluster - uses: wahyd4/kubectl-helm-action@master + uses: tscuite/kubectl-helm-action@main env: + MAX: false + PROJECT: server + RUN_NUMBER: ${{github.run_number}} KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_TEST_DATA }} - with: - args: | - git clone https://github.com/HXSecurity/DongTai.git - helm upgrade --install huoxian --create-namespace -n iast-${{ env.helm_ns }} ./DongTai/deploy/kubernetes/helm/ \ - --set sca.sca_token=${{ secrets.TOKEN_SCA }} --set usb.usb_token=${{ secrets.TOKEN_SCA }} --set mysql.host=iast-mysql-${{ env.helm_mysql }}.huoxian.cn \ - --set tag=${{ steps.version.outputs.GITHUB_REF }}-latest --set build.server_number=iast${{github.run_number}} --set develop.agentZip=${{ env.helm_ns }} --values https://charts.dongtai.io/devops.yaml \ No newline at end of file + GITHUB_REF: ${{ steps.version.outputs.GITHUB_REF }} + TOKEN_SCA: ${{ secrets.TOKEN_SCA }} \ No newline at end of file diff --git a/deploy/kubernetes/helm/templates/_helpers.tpl b/deploy/kubernetes/helm/templates/_helpers.tpl index f7d318144..bbc841c43 100644 --- a/deploy/kubernetes/helm/templates/_helpers.tpl +++ b/deploy/kubernetes/helm/templates/_helpers.tpl @@ -227,17 +227,17 @@ Create the name of the service account to use {{- define "config.ini" -}} [mysql] - host = {{.Values.mysql.host}} - port = {{.Values.mysql.port}} - name = {{.Values.mysql.name}} - user = {{.Values.mysql.user}} - password = {{.Values.mysql.password}} + host ={{.Values.mysql.host}} + port ={{.Values.mysql.port}} + name ={{.Values.mysql.name}} + user ={{.Values.mysql.user}} + password ={{.Values.mysql.password}} [redis] - host = {{.Values.redis.host}} - port = {{.Values.redis.port}} - password = {{.Values.redis.password}} - db = {{.Values.redis.db}} + host ={{.Values.redis.host}} + port ={{.Values.redis.port}} + password ={{.Values.redis.password}} + db ={{.Values.redis.db}} [engine] url = http://dongtai-engine:8000 @@ -246,22 +246,22 @@ Create the name of the service account to use url = http://dongtai-server:8000 [security] - csrf_trust_origins = {{.Values.csrfTrustOrigins}} - secret_key = {{.Values.secretKey}} + csrf_trust_origins ={{.Values.csrfTrustOrigins}} + secret_key ={{.Values.secretKey}} [smtp] - server = {{.Values.smtp.server}} - user = {{.Values.smtp.user}} - password = {{.Values.smtp.password}} - from_addr = {{.Values.smtp.from_addr}} - ssl = {{.Values.smtp.ssl}} - cc_addr = {{.Values.smtp.cc_addr}} - port = {{.Values.smtp.port}} + server ={{.Values.smtp.server}} + user ={{.Values.smtp.user}} + password ={{.Values.smtp.password}} + from_addr ={{.Values.smtp.from_addr}} + ssl ={{.Values.smtp.ssl}} + cc_addr ={{.Values.smtp.cc_addr}} + port ={{.Values.smtp.port}} [sca] - base_url = {{.Values.sca.sca_url}} - timeout = 5 - token = {{.Values.sca.sca_token}} + base_url ={{.Values.sca.sca_url}} + timeout =5 + token ={{.Values.sca.sca_token}} [task] retryable = true @@ -290,10 +290,11 @@ Create the name of the service account to use asset_vul_index = dongtai-iast-alias-dongtai-v1-asset-vul [other] - logging_level = {{.Values.logging_level}} - cache_preheat = True - domain_vul = {{.Values.Dongtai_url}} - dast_token = {{.Values.usb.usb_token}} + logging_level ={{.Values.logging_level}} + cache_preheat =True + domain ={{.Values.Dongtai_url}} + domain_vul ={{.Values.Dongtai_url}} + dast_token ={{.Values.usb.usb_token}} {{- end -}} {{/* diff --git a/deploy/kubernetes/helm/templates/configmaps/dongtai-logstash.yaml b/deploy/kubernetes/helm/templates/configmaps/dongtai-logstash.yaml index 6c9519288..1b8199d06 100644 --- a/deploy/kubernetes/helm/templates/configmaps/dongtai-logstash.yaml +++ b/deploy/kubernetes/helm/templates/configmaps/dongtai-logstash.yaml @@ -30,20 +30,20 @@ data: mutate { remove_field => ["timestamp","@version","host","date","headers"] } - # grok { - # match => { - # "log" => ".*\[%{DATA:agent_log_level}\].*" - # } - # } + #grok { + #match => { + #"log" => ".*\[%{DATA:agent_log_level}\].*" + #} + #} } if [type] == "log"{ - # ruby { - # init => "require 'base64'" - # code => "event.set('message', Base64.decode64(event.get('message')))" - # } - # ruby { - # code => "puts event.to_hash" - # } + #ruby { + #init => "require 'base64'" + #code => "event.set('message', Base64.decode64(event.get('message')))" + #} + #ruby { + #code => "puts event.to_hash" + #} json{ source => ["message"] remove_field => ["message"] @@ -55,14 +55,14 @@ data: file { path => ["/tmp/logstash/agent/%{[agent]}/%{+YYYY.MM.dd}.log"] } - # elasticsearch { - # hosts => ["10.12.9.20:9200"] - # index => "agent-log-%{+YYYY.MM.dd}" - # } + #elasticsearch { + #hosts => ["10.12.9.20:9200"] + #index => "agent-log-%{+YYYY.MM.dd}" + #} } if [type] == "log"{ - #stdout { - # codec => rubydebug + #stdout { + #codec => rubydebug #} analyticdb { driver_class => "com.mysql.jdbc.Driver"