db update 1

RamaRaju-personal-org · Feb 14, 2024 · 5a0863e · 5a0863e
1 parent 07fe3d3
commit 5a0863e
Showing 1 changed file with 27 additions and 33 deletions.
diff --git a/.github/workflows/compile.yml b/.github/workflows/compile.yml
@@ -6,63 +6,57 @@ on:
       - main
 
 jobs:
-  build:
-    name: Compile check
+  setup-mysql:
     runs-on: ubuntu-latest
-
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: '14'
-
-      - name: Cache dependencies
-        uses: actions/cache@v3
-        with:
-          path: ~/.npm
-          key: npm-deps-${{ hashFiles('**/package-lock.json') }}
-
-      - name: Install dependencies
-        run: npm install
-
-      - name: Setup .env file
-        run: |
-          echo "DB_USER=${{ secrets.DB_USER }}" >> .env
-          echo "DB_PASSWORD=${{ secrets.DB_PASSWORD }}" >> .env
-          echo "DB_NAME=${{ secrets.DB_NAME }}" >> .env
-          echo "DB_HOST=${{ secrets.DB_HOST }}" >> .env
-          echo "PORT=${{ secrets.PORT }}" >> .env
-          echo "TOKEN_SECRET=${{ secrets.TOKEN_SECRET }}" >> .env
-
-      - name: Install MySQL
+
+      - name: Install MySQL Server
         run: |
           sudo apt-get update
           sudo apt-get install -y mysql-server
 
-      - name: Start MySQL service
+      - name: Start MySQL Service
         run: |
           sudo systemctl start mysql
           sudo systemctl status mysql
 
-      - name: Apply security enhancements
+      - name: Verify MySQL Root Access (Without Password)
+        run: |
+          sudo mysql -e "SELECT user, authentication_string, plugin, host FROM mysql.user;"
+
+      - name: Configure Root User for Password Authentication (Optional)
+        run: |
+          sudo mysql -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '${{ secrets.MYSQL_ROOT_PASSWORD }}';"
+          sudo mysql -e "FLUSH PRIVILEGES;"
+
+      - name: Delete Anonymous Users
         run: |
-          sudo mysql -e "ALTER USER 'root'@'localhost' IDENTIFIED BY '${{ secrets.MYSQL_ROOT_PASSWORD }}';"
           sudo mysql -e "DELETE FROM mysql.user WHERE User='';"
+          sudo mysql -e "FLUSH PRIVILEGES;"
+
+      - name: Disallow Remote Root Access
+        run: |
           sudo mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
+          sudo mysql -e "FLUSH PRIVILEGES;"
+
+      - name: Drop Test Database
+        run: |
           sudo mysql -e "DROP DATABASE IF EXISTS test;"
-          sudo mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';"
           sudo mysql -e "FLUSH PRIVILEGES;"
 
-      - name: Setup MySQL Database and User
+      - name: Create Application Database
         run: |
           sudo mysql -e "CREATE DATABASE IF NOT EXISTS restapi;"
+
+      - name: Create Application User and Grant Privileges
+        run: |
           sudo mysql -e "CREATE USER IF NOT EXISTS '${{ secrets.DB_USER }}'@'localhost' IDENTIFIED BY '${{ secrets.DB_PASSWORD }}';"
           sudo mysql -e "GRANT ALL PRIVILEGES ON restapi.* TO '${{ secrets.DB_USER }}'@'localhost';"
           sudo mysql -e "FLUSH PRIVILEGES;"
 
+
       - name: Test App
         run: npm test healthz.test.js