Merge branch 'main' into main
This commit is contained in:
@@ -9,7 +9,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: 'Auto-assign issue'
|
||||
uses: pozil/auto-assign-issue@v1.10.0
|
||||
uses: pozil/auto-assign-issue@v1.11.0
|
||||
with:
|
||||
assignees: phantsure,tiwarishub,anuragc617,vsvipul,bishal-pdmsft
|
||||
numOfAssignee: 1
|
||||
|
||||
@@ -13,7 +13,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/stale@v5
|
||||
- uses: actions/stale@v6
|
||||
with:
|
||||
stale-issue-message: 'This issue has become stale and will be closed automatically within a period of time. Sorry about that.'
|
||||
stale-pr-message: 'This pull request has become stale and will be closed automatically within a period of time. Sorry about that.'
|
||||
|
||||
@@ -2,8 +2,7 @@ name: Sync workflows for GHES
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
workflow_dispatch:
|
||||
branches: [ main ]
|
||||
|
||||
jobs:
|
||||
sync:
|
||||
|
||||
@@ -12,10 +12,11 @@ These are the workflow files for helping people get started with GitHub Actions.
|
||||
|
||||
### Directory structure
|
||||
|
||||
* [ci](ci): solutions for Continuous Integration workflows.
|
||||
* [deployments](deployments): solutions for Deployment workflows.
|
||||
* [automation](automation): solutions for automating workflows.
|
||||
* [code-scanning](code-scanning): starter workflows for [Code Scanning](https://github.com/features/security)
|
||||
* [ci](ci): solutions for Continuous Integration workflows
|
||||
* [deployments](deployments): solutions for Deployment workflows
|
||||
* [automation](automation): solutions for automating workflows
|
||||
* [code-scanning](code-scanning): solutions for [Code Scanning](https://github.com/features/security)
|
||||
* [pages](pages): solutions for Pages workflows
|
||||
* [icons](icons): svg icons for the relevant template
|
||||
|
||||
Each workflow must be written in YAML and have a `.yml` extension. They also need a corresponding `.properties.json` file that contains extra metadata about the workflow (this is displayed in the GitHub.com UI).
|
||||
@@ -40,6 +41,8 @@ For example: `ci/django.yml` and `ci/properties/django.properties.json`.
|
||||
* monitoring
|
||||
* Automation
|
||||
* utilities
|
||||
* Pages
|
||||
* Hugo
|
||||
|
||||
### Variables
|
||||
These variables can be placed in the starter workflow and will be substituted as detailed below:
|
||||
|
||||
+1
-1
@@ -1,5 +1,5 @@
|
||||
# This workflow will build a Java project with Ant
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-ant
|
||||
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-ant
|
||||
|
||||
name: Java CI
|
||||
|
||||
|
||||
+3
-3
@@ -3,7 +3,7 @@
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# This workflow will install Deno then run Deno lint and test.
|
||||
# This workflow will install Deno then run `deno lint` and `deno test`.
|
||||
# For more information see: https://github.com/denoland/setup-deno
|
||||
|
||||
name: Deno
|
||||
@@ -27,7 +27,7 @@ jobs:
|
||||
|
||||
- name: Setup Deno
|
||||
# uses: denoland/setup-deno@v1
|
||||
uses: denoland/setup-deno@004814556e37c54a2f6e31384c9e18e983317366
|
||||
uses: denoland/setup-deno@9db7f66e8e16b5699a514448ce994936c63f0d54
|
||||
with:
|
||||
deno-version: v1.x
|
||||
|
||||
@@ -39,4 +39,4 @@ jobs:
|
||||
run: deno lint
|
||||
|
||||
- name: Run tests
|
||||
run: deno test -A --unstable
|
||||
run: deno test -A
|
||||
|
||||
@@ -41,9 +41,9 @@ jobs:
|
||||
# https://github.com/sigstore/cosign-installer
|
||||
- name: Install cosign
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: sigstore/cosign-installer@7e0881f8fe90b25e305bbf0309761e9314607e25
|
||||
uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0
|
||||
with:
|
||||
cosign-release: 'v1.9.0'
|
||||
cosign-release: 'v1.11.0'
|
||||
|
||||
|
||||
# Workaround: https://github.com/docker/build-push-action/issues/461
|
||||
|
||||
@@ -69,7 +69,7 @@ jobs:
|
||||
|
||||
# Install the .NET Core workload
|
||||
- name: Install .NET Core
|
||||
uses: actions/setup-dotnet@v2
|
||||
uses: actions/setup-dotnet@v3
|
||||
with:
|
||||
dotnet-version: 6.0.x
|
||||
|
||||
|
||||
+4
-1
@@ -1,3 +1,6 @@
|
||||
# This workflow will build a .NET project
|
||||
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-net
|
||||
|
||||
name: .NET
|
||||
|
||||
on:
|
||||
@@ -14,7 +17,7 @@ jobs:
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Setup .NET
|
||||
uses: actions/setup-dotnet@v2
|
||||
uses: actions/setup-dotnet@v3
|
||||
with:
|
||||
dotnet-version: 6.0.x
|
||||
- name: Restore dependencies
|
||||
|
||||
@@ -1,3 +1,6 @@
|
||||
# This workflow will build a golang project
|
||||
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go
|
||||
|
||||
name: Go
|
||||
|
||||
on:
|
||||
|
||||
+1
-1
@@ -3,7 +3,7 @@
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-gradle
|
||||
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle
|
||||
|
||||
name: Java CI with Gradle
|
||||
|
||||
|
||||
+10
-1
@@ -1,5 +1,10 @@
|
||||
# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
|
||||
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
|
||||
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
name: Java CI with Maven
|
||||
|
||||
@@ -24,3 +29,7 @@ jobs:
|
||||
cache: maven
|
||||
- name: Build with Maven
|
||||
run: mvn -B package --file pom.xml
|
||||
|
||||
# Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
|
||||
- name: Update dependency graph
|
||||
uses: advanced-security/maven-dependency-submission-action@571e99aab1055c2e71a1e2309b9691de18d6b7d6
|
||||
|
||||
+1
-1
@@ -1,5 +1,5 @@
|
||||
# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
|
||||
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs
|
||||
|
||||
name: Node.js CI
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/publishing-nodejs-packages
|
||||
# For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages
|
||||
|
||||
name: Node.js Package
|
||||
|
||||
|
||||
+1
-1
@@ -1,5 +1,5 @@
|
||||
# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/publishing-nodejs-packages
|
||||
# For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages
|
||||
|
||||
name: Node.js Package
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
{
|
||||
"name": "Jekyll",
|
||||
"name": "Jekyll using Docker image",
|
||||
"description": "Package a Jekyll site using the jekyll/builder Docker image.",
|
||||
"iconName": "jekyll",
|
||||
"categories": ["Continuous integration", "HTML"]
|
||||
|
||||
+1
-1
@@ -1,5 +1,5 @@
|
||||
# This workflow will install Python dependencies, run tests and lint with a single version of Python
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
|
||||
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python
|
||||
|
||||
name: Python application
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
# This workflow will install Python dependencies, run tests and lint with a variety of Python versions
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
|
||||
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python
|
||||
|
||||
name: Python package
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
# This workflow will upload a Python Package using Twine when a release is created
|
||||
# For more information see: https://help.github.com/en/actions/language-and-framework-guides/using-python-with-github-actions#publishing-to-package-registries
|
||||
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python#publishing-to-package-registries
|
||||
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
|
||||
@@ -1,3 +1,8 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
name: Scala CI
|
||||
|
||||
on:
|
||||
@@ -24,3 +29,6 @@ jobs:
|
||||
cache: 'sbt'
|
||||
- name: Run tests
|
||||
run: sbt test
|
||||
# Optional: This step uploads information to the GitHub dependency graph and unblocking Dependabot alerts for the repository
|
||||
- name: Upload dependency graph
|
||||
uses: scalacenter/sbt-dependency-submission@ab086b50c947c9774b70f39fc7f6e20ca2706c91
|
||||
|
||||
@@ -1,3 +1,6 @@
|
||||
# This workflow will build a Swift project
|
||||
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-swift
|
||||
|
||||
name: Swift
|
||||
|
||||
on:
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
# and parameters, see https://github.com/anchore/scan-action. For more
|
||||
# information on Anchore's container image scanning tool Grype, see
|
||||
# https://github.com/anchore/grype
|
||||
name: Anchore Container Scan
|
||||
name: Anchore Grype vulnerability scan
|
||||
|
||||
on:
|
||||
push:
|
||||
@@ -28,20 +28,21 @@ jobs:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
|
||||
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout the code
|
||||
- name: Check out the code
|
||||
uses: actions/checkout@v3
|
||||
- name: Build the Docker image
|
||||
run: docker build . --file Dockerfile --tag localbuild/testimage:latest
|
||||
- name: Run the Anchore scan action itself with GitHub Advanced Security code scanning integration enabled
|
||||
uses: anchore/scan-action@b08527d5ae7f7dc76f9621edb6e49eaf47933ccd
|
||||
- name: Run the Anchore Grype scan action
|
||||
uses: anchore/scan-action@d5aa5b6cb9414b0c7771438046ff5bcfa2854ed7
|
||||
id: scan
|
||||
with:
|
||||
image: "localbuild/testimage:latest"
|
||||
acs-report-enable: true
|
||||
fail-build: false
|
||||
- name: Upload Anchore Scan Report
|
||||
fail-build: true
|
||||
severity-cutoff: critical
|
||||
- name: Upload vulnerability report
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
sarif_file: ${{ steps.scan.outputs.sarif }}
|
||||
|
||||
@@ -46,7 +46,8 @@ permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
Trigger APIsec scan:
|
||||
|
||||
Trigger_APIsec_scan:
|
||||
permissions:
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
|
||||
@@ -54,7 +55,7 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: APIsec scan
|
||||
uses: apisec-inc/apisec-run-scan@f62d0c6fae8a80f97b091a323befdb56e6ad9993
|
||||
uses: apisec-inc/apisec-run-scan@f748a240d69ca6cd7e9532fd0a47bec4ccd6a73c
|
||||
with:
|
||||
# The APIsec username with which the scans will be executed
|
||||
apisec-username: ${{ secrets.apisec_username }}
|
||||
|
||||
@@ -0,0 +1,55 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# The Checkmarx One GitHub Action enables you to trigger SAST, SCA, and KICS scans directly from the GitHub workflow.
|
||||
# It provides a wrapper around the Checkmarx One CLI Tool which creates a zip archive from your source code repository
|
||||
# and uploads it to Checkmarx One for scanning. The Github Action provides easy integration with GitHub while enabling
|
||||
# scan customization using the full functionality and flexibility of the CLI tool.
|
||||
|
||||
# This is a basic workflow to help you get started with Using Checkmarx One Action,
|
||||
# documentation can be found here : https://checkmarx.com/resource/documents/en/34965-68702-checkmarx-one-github-actions.html
|
||||
|
||||
name: Checkmarx Scan
|
||||
|
||||
# Controls when the workflow will run
|
||||
on:
|
||||
pull_request:
|
||||
types: [opened, reopened, synchronize]
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
|
||||
jobs:
|
||||
# This workflow contains a single job called "build"
|
||||
build:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
actions: read # only required for a private repository by github/codeql-action/upload-sarif
|
||||
|
||||
# The type of runner that the job will run on
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
# Steps represent a sequence of tasks that will be executed as part of the job
|
||||
steps:
|
||||
# This step checks out a copy of your repository.
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
# This step creates the Checkmarx One scan
|
||||
- name: Checkmarx One scan
|
||||
uses: checkmarx/ast-github-action@8e887bb93dacc44e0f5b64ee2b06d5815f89d4fc
|
||||
with:
|
||||
base_uri: https://ast.checkmarx.net # This should be replaced by your base uri for Checkmarx One
|
||||
cx_client_id: ${{ secrets.CX_CLIENT_ID }} # This should be created within your Checkmarx One account : https://checkmarx.com/resource/documents/en/34965-118315-authentication-for-checkmarx-one-cli.html#UUID-a4e31a96-1f36-6293-e95a-97b4b9189060_UUID-4123a2ff-32d0-2287-8dd2-3c36947f675e
|
||||
cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} # This should be created within your Checkmarx One account : https://checkmarx.com/resource/documents/en/34965-118315-authentication-for-checkmarx-one-cli.html#UUID-a4e31a96-1f36-6293-e95a-97b4b9189060_UUID-4123a2ff-32d0-2287-8dd2-3c36947f675e
|
||||
cx_tenant: ${{ secrets.CX_TENANT }} # This should be replaced by your tenant for Checkmarx One
|
||||
additional_params: --report-format sarif --output-path .
|
||||
- name: Upload SARIF file
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
# Path to SARIF file relative to the root of the repository
|
||||
sarif_file: cx_result.sarif
|
||||
@@ -53,7 +53,7 @@ jobs:
|
||||
# queries: security-extended,security-and-quality
|
||||
|
||||
|
||||
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
|
||||
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
|
||||
# If this step fails, then you should remove it and run the build manually (see below)
|
||||
- name: Autobuild
|
||||
uses: github/codeql-action/autobuild@v2
|
||||
|
||||
@@ -0,0 +1,69 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# EthicalCheck addresses the critical need to continuously security test APIs in development and in production.
|
||||
|
||||
# EthicalCheck provides the industry’s only free & automated API security testing service that uncovers security vulnerabilities using OWASP API list.
|
||||
# Developers relies on EthicalCheck to evaluate every update and release, ensuring that no APIs go to production with exploitable vulnerabilities.
|
||||
|
||||
# You develop the application and API, we bring complete and continuous security testing to you, accelerating development.
|
||||
|
||||
# Know your API and Applications are secure with EthicalCheck – our free & automated API security testing service.
|
||||
|
||||
# How EthicalCheck works?
|
||||
# EthicalCheck functions in the following simple steps.
|
||||
# 1. Security Testing.
|
||||
# Provide your OpenAPI specification or start with a public Postman collection URL.
|
||||
# EthicalCheck instantly instrospects your API and creates a map of API endpoints for security testing.
|
||||
# It then automatically creates hundreds of security tests that are non-intrusive to comprehensively and completely test for authentication, authorizations, and OWASP bugs your API. The tests addresses the OWASP API Security categories including OAuth 2.0, JWT, Rate Limit etc.
|
||||
|
||||
# 2. Reporting.
|
||||
# EthicalCheck generates security test report that includes all the tested endpoints, coverage graph, exceptions, and vulnerabilities.
|
||||
# Vulnerabilities are fully triaged, it contains CVSS score, severity, endpoint information, and OWASP tagging.
|
||||
|
||||
|
||||
# This is a starter workflow to help you get started with EthicalCheck Actions
|
||||
|
||||
name: EthicalCheck-Workflow
|
||||
|
||||
# Controls when the workflow will run
|
||||
on:
|
||||
# Triggers the workflow on push or pull request events but only for the $default-branch branch
|
||||
# Customize trigger events based on your DevSecOps processes.
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
# Allows you to run this workflow manually from the Actions tab
|
||||
workflow_dispatch:
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
Trigger_EthicalCheck:
|
||||
permissions:
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: EthicalCheck Free & Automated API Security Testing Service
|
||||
uses: apisec-inc/ethicalcheck-action@005fac321dd843682b1af6b72f30caaf9952c641
|
||||
with:
|
||||
# The OpenAPI Specification URL or Swagger Path or Public Postman collection URL.
|
||||
oas-url: "http://netbanking.apisec.ai:8080/v2/api-docs"
|
||||
# The email address to which the penetration test report will be sent.
|
||||
email: "xxx@apisec.ai"
|
||||
sarif-result-file: "ethicalcheck-results.sarif"
|
||||
|
||||
- name: Upload sarif file to repository
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
sarif_file: ./ethicalcheck-results.sarif
|
||||
|
||||
@@ -0,0 +1,55 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
#
|
||||
# NowSecure: The Mobile Security Experts <https://www.nowsecure.com/>.
|
||||
#
|
||||
# To use this workflow, you must have a token for NowSecure Platform. If you are a NowSecure customer,
|
||||
# you can find it in NowSecure Platform.
|
||||
#
|
||||
# If you *are not* a NowSecure customer, click here to sign up for a free trial to get access:
|
||||
# <https://bit.ly/ns-git-sbom>.
|
||||
#
|
||||
# Instructions:
|
||||
#
|
||||
# 1. In the settings for your repository, click "Secrets" then "New repository secret". Name the secret "NS_TOKEN" and
|
||||
# paste in your Platform token. If you do not have a Platform token, or wish to create a new one for GitHub, visit
|
||||
# NowSecure Platform and go to "Profile & Preferences" then create a token labelled "GitHub".
|
||||
#
|
||||
# 2. Follow the annotated workflow below and make any necessary modifications then save the workflow to your repository
|
||||
# and review the "Dependency graph" tab in the "Insights" pane once the action has run.
|
||||
|
||||
name: "NowSecure Mobile SBOM"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
# The branches below must be a subset of the branches above
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
nowsecure:
|
||||
name: NowSecure Mobile SBOM
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Build your application
|
||||
run: ./gradlew assembleDebug # Update this to build your Android or iOS application
|
||||
|
||||
- name: NowSecure upload app
|
||||
uses: nowsecure/nowsecure-sbom-action@ecb731b6f17a83fa53f756f9dae2ec7034c5ed7c
|
||||
with:
|
||||
token: ${{ secrets.NS_TOKEN }}
|
||||
app_file: app-debug.apk # Update this to a path to your .ipa or .apk
|
||||
group_id: {{ groupId }} # Update this to your desired Platform group ID
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "Anchore Syft SBOM Scan",
|
||||
"organization": "Anchore",
|
||||
"creator": "Anchore",
|
||||
"description": "Produce Software Bills of Materials based on Anchore's open source Syft tool.",
|
||||
"iconName": "anchore",
|
||||
"categories": ["Code Scanning", "dockerfile", "dependency-management"]
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"name": "Anchore Container Scan",
|
||||
"creator": "Indeni Cloudrail",
|
||||
"description": "Produce container image vulnerability and compliance reports based on the open-source Anchore container image scanner.",
|
||||
"name": "Anchore Grype Vulnerability Scan",
|
||||
"creator": "Anchore",
|
||||
"description": "Produce source and container vulnerability reports based on Anchore's open source Grype tool.",
|
||||
"iconName": "anchore",
|
||||
"categories": ["Code Scanning", "dockerfile"]
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Checkmarx",
|
||||
"creator": "Checkmarx",
|
||||
"description": "Beat vulnerabilities with more secure code.Scan your code with Checkmarx One and see results in the GitHub code scanning.",
|
||||
"iconName": "checkmarx",
|
||||
"categories": ["Code Scanning", "javascript", "python", "java", "php", "c#", "c", "c++", "ruby", "swift", "go", "json", "kotlin", "apex", "scala", "perl"]
|
||||
}
|
||||
@@ -1,6 +1,7 @@
|
||||
{
|
||||
"name": "CodeQL Analysis",
|
||||
"creator": "GitHub",
|
||||
"enterprise": true,
|
||||
"description": "Security analysis from GitHub for C, C++, C#, Go, Java, JavaScript, TypeScript, Python, and Ruby developers.",
|
||||
"iconName": "octicon mark-github",
|
||||
"categories": ["Code Scanning", "C", "C++", "C#", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby"]
|
||||
|
||||
@@ -2,10 +2,11 @@
|
||||
"name": "ESLint",
|
||||
"description": "A tool for identifying and reporting the problems found in ECMAScript/JavaScript code.",
|
||||
"iconName": "eslint",
|
||||
"enterprise": false,
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"JavaScript",
|
||||
"EcmaScript",
|
||||
"TypeScript"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,24 @@
|
||||
{
|
||||
"name": "EthicalCheck",
|
||||
"creator": "APIsec",
|
||||
"description": "EthicalCheck provides the industry’s only free & automated API security testing service that uncovers security vulnerabilities using OWASP API list.",
|
||||
"iconName": "apisec",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"C",
|
||||
"C#",
|
||||
"C++",
|
||||
"Go",
|
||||
"Java",
|
||||
"JavaScript",
|
||||
"Kotlin",
|
||||
"Objective C",
|
||||
"PHP",
|
||||
"Python",
|
||||
"Ruby",
|
||||
"Rust",
|
||||
"Scala",
|
||||
"Swift",
|
||||
"TypeScript"
|
||||
]
|
||||
}
|
||||
@@ -0,0 +1,21 @@
|
||||
{
|
||||
"name": "NowSecure Mobile SBOM",
|
||||
"creator": "NowSecure",
|
||||
"description": "Generate a Mobile SBOM for an application and submit to Dependency Graph",
|
||||
"iconName": "nowsecure",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"Java",
|
||||
"Kotlin",
|
||||
"Scala",
|
||||
"Swift",
|
||||
"Objective C",
|
||||
"C",
|
||||
"C++",
|
||||
"C#",
|
||||
"Rust",
|
||||
"JavaScript",
|
||||
"TypeScript",
|
||||
"Node"
|
||||
]
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Zscaler IaC Scan",
|
||||
"creator": "Zscaler CWP",
|
||||
"description": "Scan your Infrastructure as Code files using Zscaler Infrastructure as Code (IaC) Scan app",
|
||||
"iconName": "zscaler",
|
||||
"categories": ["Code Scanning"]
|
||||
}
|
||||
@@ -0,0 +1,14 @@
|
||||
{
|
||||
"name": "zScan",
|
||||
"creator": "Zimperium",
|
||||
"description": "The zimperium-zscan GitHub action scans your mobile app binary (iOS or Android) and identifies security, privacy, and compliance-related vulnerabilities. ",
|
||||
"iconName": "zscan",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"Java",
|
||||
"Kotlin",
|
||||
"Scala",
|
||||
"Swift",
|
||||
"Objective C"
|
||||
]
|
||||
}
|
||||
@@ -1,7 +1,14 @@
|
||||
# This workflow uses actions that are not certified by GitHub. They are provided
|
||||
# by a third-party and are governed by separate terms of service, privacy
|
||||
# policy, and support documentation.
|
||||
|
||||
name: Scorecards supply-chain security
|
||||
on:
|
||||
# Only the default branch is supported.
|
||||
# For Branch-Protection check. Only the default branch is supported. See
|
||||
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
|
||||
branch_protection_rule:
|
||||
# To guarantee Maintained check is occasionally updated. See
|
||||
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
push:
|
||||
@@ -17,20 +24,20 @@ jobs:
|
||||
permissions:
|
||||
# Needed to upload the results to code-scanning dashboard.
|
||||
security-events: write
|
||||
# Used to receive a badge.
|
||||
# Needed to publish results and get a badge (see publish_results below).
|
||||
id-token: write
|
||||
# Needs for private repositories.
|
||||
contents: read
|
||||
actions: read
|
||||
|
||||
# Uncomment the permissions below if installing in a private repository.
|
||||
# contents: read
|
||||
# actions: read
|
||||
|
||||
steps:
|
||||
- name: "Checkout code"
|
||||
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3.0.0
|
||||
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
|
||||
with:
|
||||
persist-credentials: false
|
||||
|
||||
- name: "Run analysis"
|
||||
uses: ossf/scorecard-action@865b4092859256271290c77adbd10a43f4779972 # tag=v2.0.3
|
||||
uses: ossf/scorecard-action@99c53751e09b9529366343771cc321ec74e9bd3d # v2.0.6
|
||||
with:
|
||||
results_file: results.sarif
|
||||
results_format: sarif
|
||||
@@ -40,23 +47,26 @@ jobs:
|
||||
# To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
|
||||
# repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
|
||||
|
||||
# Publish the results for public repositories to enable scorecard badges. For more details, see
|
||||
# https://github.com/ossf/scorecard-action#publishing-results.
|
||||
# For private repositories, `publish_results` will automatically be set to `false`, regardless
|
||||
# of the value entered here.
|
||||
# Public repositories:
|
||||
# - Publish results to OpenSSF REST API for easy access by consumers
|
||||
# - Allows the repository to include the Scorecard badge.
|
||||
# - See https://github.com/ossf/scorecard-action#publishing-results.
|
||||
# For private repositories:
|
||||
# - `publish_results` will always be set to `false`, regardless
|
||||
# of the value entered here.
|
||||
publish_results: true
|
||||
|
||||
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
|
||||
# format to the repository Actions tab.
|
||||
- name: "Upload artifact"
|
||||
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # tag=v3.0.0
|
||||
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
|
||||
with:
|
||||
name: SARIF file
|
||||
path: results.sarif
|
||||
retention-days: 5
|
||||
|
||||
|
||||
# Upload the results to GitHub's code scanning dashboard.
|
||||
- name: "Upload to code-scanning"
|
||||
uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # tag=v1.0.26
|
||||
uses: github/codeql-action/upload-sarif@807578363a7869ca324a79039e6db9c843e0e100 # v2.1.27
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
|
||||
@@ -3,13 +3,18 @@
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
#
|
||||
# SOOS is the easy-to-integrate software security solution for your whole team, learn more at https://soos.io/
|
||||
# SOOS is the easy-to-integrate and affordable software security solution for your whole team.
|
||||
# Learn more at https://soos.io/
|
||||
#
|
||||
# To use this action you need to fill the following requirements:
|
||||
# To use this action, perform the following steps:
|
||||
#
|
||||
# 1. Create an account on https://app.soos.io to obtain a Client ID and API Key (Free 30 days trials for both our SCA/DAST product).
|
||||
# 1. Create an account on https://app.soos.io. SOOS offers a free 30 day trial for our SCA and DAST products.
|
||||
#
|
||||
# 2. Set up your API KEY/Client ID as Github Secrets named SOOS_CLIENT_ID & SOOS_API_KEY. (Also set SOOS_GITHUB_PAT with your Github Personal Access Token if you're going to use sarif upload)
|
||||
# 2. Navigate to the "Integrate" page in the SOOS app (https://app.soos.io/integrate). Note the "API Credentials" section of this page; the keys you will need for the next step are here.
|
||||
#
|
||||
# 3. Set up your SOOS API Key and SOOS Client Id as Github Secrets named SOOS_API_KEY and SOOS_CLIENT_ID.
|
||||
#
|
||||
# 4. (Optional) If you'd like to upload SARIF results of DAST scans to GitHub, set SOOS_GITHUB_PAT with your Github Personal Access Token.
|
||||
#
|
||||
|
||||
name: "SOOS DAST Scan"
|
||||
@@ -29,7 +34,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Run SOOS DAST Scan
|
||||
uses: soos-io/soos-dast-github-action@b524e2cfbc4f4a5733153a7e624f569913f6c6e9
|
||||
uses: soos-io/soos-dast-github-action@093de8c09530d4b96f12322adeb74444def866db # Use latest version from https://github.com/marketplace/actions/soos-dast
|
||||
with:
|
||||
client_id: ${{ secrets.SOOS_CLIENT_ID }}
|
||||
api_key: ${{ secrets.SOOS_API_KEY }}
|
||||
|
||||
@@ -0,0 +1,56 @@
|
||||
#This workflow uses actions that are not certified by GitHub.
|
||||
#They are provided by a third party and are governed by
|
||||
#separate terms of service, privacy policy, and support
|
||||
#documentation.
|
||||
|
||||
#This workflow runs the Zscaler Infrastructure as Code (IaC) Scan app,
|
||||
#which detects security misconfigurations in IaC templates and publishes the findings
|
||||
#under the code scanning alerts section within the repository.
|
||||
|
||||
#Log into the Zscaler Posture Control(ZPC) Portal to begin the onboarding process.
|
||||
#Copy the client ID and client secret key generated during the onboarding process and configure.
|
||||
#GitHub secrets (ZSCANNER_CLIENT_ID, ZSCANNER_CLIENT_SECRET).
|
||||
|
||||
#Refer https://github.com/marketplace/actions/zscaler-iac-scan for additional details on setting up this workflow.
|
||||
#Any issues with this workflow, please raise it on https://github.com/ZscalerCWP/Zscaler-IaC-Action/issues for further investigation.
|
||||
|
||||
name: Zscaler IaC Scan
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
zscaler-iac-scan:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name : Code Checkout
|
||||
uses: actions/checkout@v3
|
||||
- name : Zscaler IAC Scan
|
||||
uses : ZscalerCWP/Zscaler-IaC-Action@8d2afb33b10b4bd50e2dc2c932b37c6e70ac1087
|
||||
id : zscaler-iac-scan
|
||||
with:
|
||||
client_id : ${{ secrets.ZSCANNER_CLIENT_ID }}
|
||||
client_secret : ${{ secrets.ZSCANNER_CLIENT_SECRET }}
|
||||
#This is the user region specified during the onboarding process within the ZPC Admin Portal.
|
||||
region : 'US'
|
||||
iac_dir : #Enter the IaC directory path from root.
|
||||
iac_file : #Enter the IaC file path from root.
|
||||
output_format : #(Optional) By default, the output is provided in a human readable format. However, if you require a different format, you can specify it here.
|
||||
#To fail the build based on policy violations identified in the IaC templates, set the input value (fail_build) to true.
|
||||
fail_build : #Enter true/false
|
||||
#Ensure that the following step is included in order to post the scan results under the code scanning alerts section within the repository.
|
||||
- name: Upload SARIF file
|
||||
if: ${{ success() || failure() && (steps.zscaler-iac-scan.outputs.sarif_file_path != '') }}
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
sarif_file: ${{ steps.zscaler-iac-scan.sarif_file_path }}
|
||||
@@ -0,0 +1,61 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
#
|
||||
# The zimperium-zscan GitHub action scans your mobile app binary (iOS or Android)
|
||||
# and identifies security, privacy, and compliance-related vulnerabilities.
|
||||
#
|
||||
# Prerequisites:
|
||||
# * An active Zimperium zScan account is required. If you are not an existing Zimperium
|
||||
# zScan customer, please request a zSCAN demo by visiting https://www.zimperium.com/contact-us.
|
||||
# * Either GitHub Advanced Security (GHAS) or a public repository is required to display
|
||||
# issues and view the remediation information inside of GitHub code scanning alerts.
|
||||
#
|
||||
# For additional information and setup instructions
|
||||
# please visit: https://github.com/Zimperium/zScanMarketplace#readme
|
||||
|
||||
name: "Zimperium zScan"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
zscan:
|
||||
name: zScan
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Execute gradle build
|
||||
run: ./gradlew build # Change this to build your mobile application
|
||||
|
||||
- name: Run Zimperium zScan
|
||||
uses: zimperium/zscanmarketplace@bfc6670f6648d796098c251ccefcfdb98983174d
|
||||
timeout-minutes: 60
|
||||
with:
|
||||
# REPLACE: Zimperium Client Environment Name
|
||||
client_env: env_string
|
||||
# REPLACE: Zimperium Client ID
|
||||
client_id: id_string
|
||||
# REPLACE: Zimperium Client Secret
|
||||
client_secret: ${{ secrets.ZSCAN_CLIENT_SECRET }}
|
||||
# REPLACE: The path to an .ipa or .apk
|
||||
app_file: app-release-unsigned.apk
|
||||
|
||||
- name: Upload SARIF file
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
sarif_file: Zimperium.sarif
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code
|
||||
#
|
||||
# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR)
|
||||
# The ACR should be attached to the AKS cluster
|
||||
# For instructions see:
|
||||
# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal
|
||||
# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal
|
||||
# - https://learn.microsoft.com/en-us/azure/aks/cluster-container-registry-integration?tabs=azure-cli#configure-acr-integration-for-existing-aks-clusters
|
||||
# - https://github.com/Azure/aks-create-action
|
||||
#
|
||||
# To configure this workflow:
|
||||
#
|
||||
# 1. Set the following secrets in your repository (instructions for getting these
|
||||
# 1. Set the following secrets in your repository (instructions for getting these
|
||||
# https://docs.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-cli%2Clinux)):
|
||||
# - AZURE_CLIENT_ID
|
||||
# - AZURE_TENANT_ID
|
||||
@@ -34,7 +36,7 @@ name: Build and deploy an app to AKS with Helm
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
branches: [$default-branch]
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
@@ -42,7 +44,6 @@ env:
|
||||
CONTAINER_NAME: "your-container-name"
|
||||
RESOURCE_GROUP: "your-resource-group"
|
||||
CLUSTER_NAME: "your-cluster-name"
|
||||
IMAGE_PULL_SECRET_NAME: "your-image-pull-secret-name"
|
||||
CHART_PATH: "your-chart-path"
|
||||
CHART_OVERRIDE_PATH: "your-chart-override-path"
|
||||
|
||||
@@ -53,63 +54,21 @@ jobs:
|
||||
id-token: write
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.3
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Builds and pushes an image up to your Azure Container Registry
|
||||
- name: Build and push image to ACR
|
||||
run: |
|
||||
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
createSecret:
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.3
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.6
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
|
||||
- name: Get K8s context
|
||||
uses: azure/aks-set-context@v2.0
|
||||
with:
|
||||
resource-group: ${{ env.RESOURCE_GROUP }}
|
||||
cluster-name: ${{ env.CLUSTER_NAME }}
|
||||
|
||||
# Retrieves the credentials for pulling images from your Azure Container Registry
|
||||
- name: Get ACR credentials
|
||||
run: |
|
||||
az acr update -n ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} --admin-enabled true
|
||||
ACR_USERNAME=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query username -o tsv)
|
||||
ACR_PASSWORD=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query passwords[0].value -o tsv)
|
||||
echo "::add-mask::${ACR_USERNAME}"
|
||||
echo "::set-output name=username::${ACR_USERNAME}"
|
||||
echo "::add-mask::${ACR_PASSWORD}"
|
||||
echo "::set-output name=password::${ACR_PASSWORD}"
|
||||
id: get-acr-creds
|
||||
|
||||
# Creates a kubernetes secret on your Azure Kubernetes Service cluster that matches up to the credentials from the last step
|
||||
- name: Create K8s secret for pulling image from ACR
|
||||
uses: Azure/k8s-create-secret@v1.1
|
||||
with:
|
||||
container-registry-url: ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io
|
||||
container-registry-username: ${{ steps.get-acr-creds.outputs.username }}
|
||||
container-registry-password: ${{ steps.get-acr-creds.outputs.password }}
|
||||
secret-name: ${{ env.IMAGE_PULL_SECRET_NAME }}
|
||||
# Builds and pushes an image up to your Azure Container Registry
|
||||
- name: Build and push image to ACR
|
||||
run: |
|
||||
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
|
||||
|
||||
deploy:
|
||||
permissions:
|
||||
@@ -117,45 +76,43 @@ jobs:
|
||||
contents: read
|
||||
id-token: write
|
||||
runs-on: ubuntu-latest
|
||||
needs: [buildImage, createSecret]
|
||||
needs: [buildImage]
|
||||
steps:
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.3
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
|
||||
- name: Get K8s context
|
||||
uses: azure/aks-set-context@v2.0
|
||||
with:
|
||||
resource-group: ${{ env.RESOURCE_GROUP }}
|
||||
cluster-name: ${{ env.CLUSTER_NAME }}
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Runs Helm to create manifest files
|
||||
- name: Bake deployment
|
||||
uses: azure/k8s-bake@v2.1
|
||||
with:
|
||||
renderEngine: 'helm'
|
||||
helmChart: ${{ env.CHART_PATH }}
|
||||
overrideFiles: ${{ env.CHART_OVERRIDE_PATH }}
|
||||
overrides: |
|
||||
replicas:2
|
||||
helm-version: 'latest'
|
||||
id: bake
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.6
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Deploys application based on manifest files from previous step
|
||||
- name: Deploy application
|
||||
uses: Azure/k8s-deploy@v3.1
|
||||
with:
|
||||
action: deploy
|
||||
manifests: ${{ steps.bake.outputs.manifestsBundle }}
|
||||
images: |
|
||||
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
|
||||
imagepullsecrets: |
|
||||
${{ env.IMAGE_PULL_SECRET_NAME }}
|
||||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
|
||||
- name: Get K8s context
|
||||
uses: azure/aks-set-context@v3
|
||||
with:
|
||||
resource-group: ${{ env.RESOURCE_GROUP }}
|
||||
cluster-name: ${{ env.CLUSTER_NAME }}
|
||||
|
||||
# Runs Helm to create manifest files
|
||||
- name: Bake deployment
|
||||
uses: azure/k8s-bake@v2
|
||||
with:
|
||||
renderEngine: "helm"
|
||||
helmChart: ${{ env.CHART_PATH }}
|
||||
overrideFiles: ${{ env.CHART_OVERRIDE_PATH }}
|
||||
overrides: |
|
||||
replicas:2
|
||||
helm-version: "latest"
|
||||
id: bake
|
||||
|
||||
# Deploys application based on manifest files from previous step
|
||||
- name: Deploy application
|
||||
uses: Azure/k8s-deploy@v4
|
||||
with:
|
||||
action: deploy
|
||||
manifests: ${{ steps.bake.outputs.manifestsBundle }}
|
||||
images: |
|
||||
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code
|
||||
#
|
||||
# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR)
|
||||
# The ACR should be attached to the AKS cluster
|
||||
# For instructions see:
|
||||
# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal
|
||||
# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal
|
||||
# - https://learn.microsoft.com/en-us/azure/aks/cluster-container-registry-integration?tabs=azure-cli#configure-acr-integration-for-existing-aks-clusters
|
||||
# - https://github.com/Azure/aks-create-action
|
||||
#
|
||||
# To configure this workflow:
|
||||
#
|
||||
# 1. Set the following secrets in your repository (instructions for getting these
|
||||
# 1. Set the following secrets in your repository (instructions for getting these
|
||||
# https://docs.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-cli%2Clinux):
|
||||
# - AZURE_CLIENT_ID
|
||||
# - AZURE_TENANT_ID
|
||||
@@ -33,7 +35,7 @@ name: Build and deploy an app to AKS with Kompose
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
branches: [$default-branch]
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
@@ -41,7 +43,6 @@ env:
|
||||
CONTAINER_NAME: "your-container-name"
|
||||
RESOURCE_GROUP: "your-resource-group"
|
||||
CLUSTER_NAME: "your-cluster-name"
|
||||
IMAGE_PULL_SECRET_NAME: "your-image-pull-secret-name"
|
||||
DOCKER_COMPOSE_FILE_PATH: "your-docker-compose-file-path"
|
||||
|
||||
jobs:
|
||||
@@ -51,106 +52,62 @@ jobs:
|
||||
id-token: write
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.3
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Builds and pushes an image up to your Azure Container Registry
|
||||
- name: Build and push image to ACR
|
||||
run: |
|
||||
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
|
||||
|
||||
createSecret:
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.3
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
|
||||
- name: Get K8s context
|
||||
uses: azure/aks-set-context@v2.0
|
||||
with:
|
||||
resource-group: ${{ env.RESOURCE_GROUP }}
|
||||
cluster-name: ${{ env.CLUSTER_NAME }}
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Retrieves the credentials for pulling images from your Azure Container Registry
|
||||
- name: Get ACR credentials
|
||||
run: |
|
||||
az acr update -n ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} --admin-enabled true
|
||||
ACR_USERNAME=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query username -o tsv)
|
||||
ACR_PASSWORD=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query passwords[0].value -o tsv)
|
||||
echo "::add-mask::${ACR_USERNAME}"
|
||||
echo "::set-output name=username::${ACR_USERNAME}"
|
||||
echo "::add-mask::${ACR_PASSWORD}"
|
||||
echo "::set-output name=password::${ACR_PASSWORD}"
|
||||
id: get-acr-creds
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.6
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Builds and pushes an image up to your Azure Container Registry
|
||||
- name: Build and push image to ACR
|
||||
run: |
|
||||
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
|
||||
|
||||
# Creates a kubernetes secret on your Azure Kubernetes Service cluster that matches up to the credentials from the last step
|
||||
- name: Create K8s secret for pulling image from ACR
|
||||
uses: Azure/k8s-create-secret@v1.1
|
||||
with:
|
||||
container-registry-url: ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io
|
||||
container-registry-username: ${{ steps.get-acr-creds.outputs.username }}
|
||||
container-registry-password: ${{ steps.get-acr-creds.outputs.password }}
|
||||
secret-name: ${{ env.IMAGE_PULL_SECRET_NAME }}
|
||||
|
||||
deploy:
|
||||
permissions:
|
||||
actions: read
|
||||
contents: read
|
||||
id-token: write
|
||||
runs-on: ubuntu-latest
|
||||
needs: [buildImage, createSecret]
|
||||
needs: [buildImage]
|
||||
steps:
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.3
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
|
||||
- name: Get K8s context
|
||||
uses: azure/aks-set-context@v2.0
|
||||
with:
|
||||
resource-group: ${{ env.RESOURCE_GROUP }}
|
||||
cluster-name: ${{ env.CLUSTER_NAME }}
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.6
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Runs Kompose to create manifest files
|
||||
- name: Bake deployment
|
||||
uses: azure/k8s-bake@v2.1
|
||||
with:
|
||||
renderEngine: 'kompose'
|
||||
dockerComposeFile: ${{ env.DOCKER_COMPOSE_FILE_PATH }}
|
||||
kompose-version: 'latest'
|
||||
id: bake
|
||||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
|
||||
- name: Get K8s context
|
||||
uses: azure/aks-set-context@v3
|
||||
with:
|
||||
resource-group: ${{ env.RESOURCE_GROUP }}
|
||||
cluster-name: ${{ env.CLUSTER_NAME }}
|
||||
|
||||
# Deploys application based on manifest files from previous step
|
||||
- name: Deploy application
|
||||
uses: Azure/k8s-deploy@v3.1
|
||||
with:
|
||||
action: deploy
|
||||
manifests: ${{ steps.bake.outputs.manifestsBundle }}
|
||||
images: |
|
||||
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
|
||||
imagepullsecrets: |
|
||||
${{ env.IMAGE_PULL_SECRET_NAME }}
|
||||
# Runs Kompose to create manifest files
|
||||
- name: Bake deployment
|
||||
uses: azure/k8s-bake@v2
|
||||
with:
|
||||
renderEngine: "kompose"
|
||||
dockerComposeFile: ${{ env.DOCKER_COMPOSE_FILE_PATH }}
|
||||
kompose-version: "latest"
|
||||
id: bake
|
||||
|
||||
# Deploys application based on manifest files from previous step
|
||||
- name: Deploy application
|
||||
uses: Azure/k8s-deploy@v4
|
||||
with:
|
||||
action: deploy
|
||||
manifests: ${{ steps.bake.outputs.manifestsBundle }}
|
||||
images: |
|
||||
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code
|
||||
#
|
||||
# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR)
|
||||
# The ACR should be attached to the AKS cluster
|
||||
# For instructions see:
|
||||
# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal
|
||||
# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal
|
||||
# - https://learn.microsoft.com/en-us/azure/aks/cluster-container-registry-integration?tabs=azure-cli#configure-acr-integration-for-existing-aks-clusters
|
||||
# - https://github.com/Azure/aks-create-action
|
||||
#
|
||||
# To configure this workflow:
|
||||
#
|
||||
# 1. Set the following secrets in your repository (instructions for getting these
|
||||
# 1. Set the following secrets in your repository (instructions for getting these
|
||||
# https://docs.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-cli%2Clinux):
|
||||
# - AZURE_CLIENT_ID
|
||||
# - AZURE_TENANT_ID
|
||||
@@ -33,7 +35,7 @@ name: Build and deploy an app to AKS with Kustomize
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
branches: [$default-branch]
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
@@ -41,7 +43,6 @@ env:
|
||||
CONTAINER_NAME: "your-container-name"
|
||||
RESOURCE_GROUP: "your-resource-group"
|
||||
CLUSTER_NAME: "your-cluster-name"
|
||||
IMAGE_PULL_SECRET_NAME: "your-image-pull-secret-name"
|
||||
KUSTOMIZE_PATH: "your-kustomize-path"
|
||||
|
||||
jobs:
|
||||
@@ -51,106 +52,62 @@ jobs:
|
||||
id-token: write
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.3
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Builds and pushes an image up to your Azure Container Registry
|
||||
- name: Build and push image to ACR
|
||||
run: |
|
||||
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
|
||||
|
||||
createSecret:
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.3
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.6
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
|
||||
- name: Get K8s context
|
||||
uses: azure/aks-set-context@v2.0
|
||||
with:
|
||||
resource-group: ${{ env.RESOURCE_GROUP }}
|
||||
cluster-name: ${{ env.CLUSTER_NAME }}
|
||||
# Builds and pushes an image up to your Azure Container Registry
|
||||
- name: Build and push image to ACR
|
||||
run: |
|
||||
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
|
||||
|
||||
# Retrieves the credentials for pulling images from your Azure Container Registry
|
||||
- name: Get ACR credentials
|
||||
run: |
|
||||
az acr update -n ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} --admin-enabled true
|
||||
ACR_USERNAME=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query username -o tsv)
|
||||
ACR_PASSWORD=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query passwords[0].value -o tsv)
|
||||
echo "::add-mask::${ACR_USERNAME}"
|
||||
echo "::set-output name=username::${ACR_USERNAME}"
|
||||
echo "::add-mask::${ACR_PASSWORD}"
|
||||
echo "::set-output name=password::${ACR_PASSWORD}"
|
||||
id: get-acr-creds
|
||||
|
||||
# Creates a kubernetes secret on your Azure Kubernetes Service cluster that matches up to the credentials from the last step
|
||||
- name: Create K8s secret for pulling image from ACR
|
||||
uses: Azure/k8s-create-secret@v1.1
|
||||
with:
|
||||
container-registry-url: ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io
|
||||
container-registry-username: ${{ steps.get-acr-creds.outputs.username }}
|
||||
container-registry-password: ${{ steps.get-acr-creds.outputs.password }}
|
||||
secret-name: ${{ env.IMAGE_PULL_SECRET_NAME }}
|
||||
|
||||
deploy:
|
||||
permissions:
|
||||
actions: read
|
||||
contents: read
|
||||
id-token: write
|
||||
runs-on: ubuntu-latest
|
||||
needs: [buildImage, createSecret]
|
||||
needs: [buildImage]
|
||||
steps:
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.3
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.6
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
|
||||
- name: Get K8s context
|
||||
uses: azure/aks-set-context@v2.0
|
||||
with:
|
||||
resource-group: ${{ env.RESOURCE_GROUP }}
|
||||
cluster-name: ${{ env.CLUSTER_NAME }}
|
||||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
|
||||
- name: Get K8s context
|
||||
uses: azure/aks-set-context@v3
|
||||
with:
|
||||
resource-group: ${{ env.RESOURCE_GROUP }}
|
||||
cluster-name: ${{ env.CLUSTER_NAME }}
|
||||
|
||||
# Runs Kustomize to create manifest files
|
||||
- name: Bake deployment
|
||||
uses: azure/k8s-bake@v2.1
|
||||
with:
|
||||
renderEngine: 'kustomize'
|
||||
kustomizationPath: ${{ env.KUSTOMIZE_PATH }}
|
||||
kubectl-version: latest
|
||||
id: bake
|
||||
# Runs Kustomize to create manifest files
|
||||
- name: Bake deployment
|
||||
uses: azure/k8s-bake@v2
|
||||
with:
|
||||
renderEngine: "kustomize"
|
||||
kustomizationPath: ${{ env.KUSTOMIZE_PATH }}
|
||||
kubectl-version: latest
|
||||
id: bake
|
||||
|
||||
# Deploys application based on manifest files from previous step
|
||||
- name: Deploy application
|
||||
uses: Azure/k8s-deploy@v3.1
|
||||
with:
|
||||
action: deploy
|
||||
manifests: ${{ steps.bake.outputs.manifestsBundle }}
|
||||
images: |
|
||||
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
|
||||
imagepullsecrets: |
|
||||
${{ env.IMAGE_PULL_SECRET_NAME }}
|
||||
# Deploys application based on manifest files from previous step
|
||||
- name: Deploy application
|
||||
uses: Azure/k8s-deploy@v4
|
||||
with:
|
||||
action: deploy
|
||||
manifests: ${{ steps.bake.outputs.manifestsBundle }}
|
||||
images: |
|
||||
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
|
||||
|
||||
@@ -1,9 +1,11 @@
|
||||
# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code
|
||||
#
|
||||
# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR)
|
||||
# The ACR should be attached to the AKS cluster
|
||||
# For instructions see:
|
||||
# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal
|
||||
# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal
|
||||
# - https://learn.microsoft.com/en-us/azure/aks/cluster-container-registry-integration?tabs=azure-cli#configure-acr-integration-for-existing-aks-clusters
|
||||
# - https://github.com/Azure/aks-create-action
|
||||
#
|
||||
# To configure this workflow:
|
||||
@@ -29,7 +31,7 @@ name: Build and deploy an app to AKS
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
branches: [$default-branch]
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
@@ -37,8 +39,7 @@ env:
|
||||
CONTAINER_NAME: "your-container-name"
|
||||
RESOURCE_GROUP: "your-resource-group"
|
||||
CLUSTER_NAME: "your-cluster-name"
|
||||
IMAGE_PULL_SECRET_NAME: "your-image-pull-secret-name"
|
||||
DEPLOYMENT_MANIFEST_PATH: 'your-deployment-manifest-path'
|
||||
DEPLOYMENT_MANIFEST_PATH: "your-deployment-manifest-path"
|
||||
|
||||
jobs:
|
||||
buildImage:
|
||||
@@ -47,63 +48,21 @@ jobs:
|
||||
id-token: write
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.3
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Builds and pushes an image up to your Azure Container Registry
|
||||
- name: Build and push image to ACR
|
||||
run: |
|
||||
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
createSecret:
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.3
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
|
||||
- name: Get K8s context
|
||||
uses: azure/aks-set-context@v2.0
|
||||
with:
|
||||
resource-group: ${{ env.RESOURCE_GROUP }}
|
||||
cluster-name: ${{ env.CLUSTER_NAME }}
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.6
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Retrieves the credentials for pulling images from your Azure Container Registry
|
||||
- name: Get ACR credentials
|
||||
run: |
|
||||
az acr update -n ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} --admin-enabled true
|
||||
ACR_USERNAME=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query username -o tsv)
|
||||
ACR_PASSWORD=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query passwords[0].value -o tsv)
|
||||
echo "::add-mask::${ACR_USERNAME}"
|
||||
echo "::set-output name=username::${ACR_USERNAME}"
|
||||
echo "::add-mask::${ACR_PASSWORD}"
|
||||
echo "::set-output name=password::${ACR_PASSWORD}"
|
||||
id: get-acr-creds
|
||||
|
||||
# Creates a kubernetes secret on your Azure Kubernetes Service cluster that matches up to the credentials from the last step
|
||||
- name: Create K8s secret for pulling image from ACR
|
||||
uses: Azure/k8s-create-secret@v1.1
|
||||
with:
|
||||
container-registry-url: ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io
|
||||
container-registry-username: ${{ steps.get-acr-creds.outputs.username }}
|
||||
container-registry-password: ${{ steps.get-acr-creds.outputs.password }}
|
||||
secret-name: ${{ env.IMAGE_PULL_SECRET_NAME }}
|
||||
# Builds and pushes an image up to your Azure Container Registry
|
||||
- name: Build and push image to ACR
|
||||
run: |
|
||||
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} .
|
||||
|
||||
deploy:
|
||||
permissions:
|
||||
@@ -111,33 +70,31 @@ jobs:
|
||||
contents: read
|
||||
id-token: write
|
||||
runs-on: ubuntu-latest
|
||||
needs: [buildImage, createSecret]
|
||||
needs: [buildImage]
|
||||
steps:
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.3
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
|
||||
- name: Get K8s context
|
||||
uses: azure/aks-set-context@v2.0
|
||||
with:
|
||||
resource-group: ${{ env.RESOURCE_GROUP }}
|
||||
cluster-name: ${{ env.CLUSTER_NAME }}
|
||||
# Checks out the repository this file is in
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Deploys application based on given manifest file
|
||||
- name: Deploys application
|
||||
uses: Azure/k8s-deploy@v3.1
|
||||
with:
|
||||
action: deploy
|
||||
manifests: ${{ env.DEPLOYMENT_MANIFEST_PATH }}
|
||||
images: |
|
||||
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
|
||||
imagepullsecrets: |
|
||||
${{ env.IMAGE_PULL_SECRET_NAME }}
|
||||
# Logs in with your Azure credentials
|
||||
- name: Azure login
|
||||
uses: azure/login@v1.4.6
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
|
||||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
|
||||
- name: Get K8s context
|
||||
uses: azure/aks-set-context@v3
|
||||
with:
|
||||
resource-group: ${{ env.RESOURCE_GROUP }}
|
||||
cluster-name: ${{ env.CLUSTER_NAME }}
|
||||
|
||||
# Deploys application based on given manifest file
|
||||
- name: Deploys application
|
||||
uses: Azure/k8s-deploy@v4
|
||||
with:
|
||||
action: deploy
|
||||
manifests: ${{ env.DEPLOYMENT_MANIFEST_PATH }}
|
||||
images: |
|
||||
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
|
||||
|
||||
@@ -0,0 +1,20 @@
|
||||
<svg width="124" height="124" viewBox="0 0 124 124" fill="none" xmlns="http://www.w3.org/2000/svg">
|
||||
<g clip-path="url(#clip0_1_5)">
|
||||
<path fill-rule="evenodd" clip-rule="evenodd" d="M78.9569 9.16863C79.8984 10.3374 80.3785 11.9147 81.3388 15.0692L102.316 83.981C94.5604 79.9575 86.1289 77.0556 77.2366 75.49L63.5781 29.3336C63.3546 28.5783 62.6609 28.0602 61.8734 28.0602C61.0838 28.0602 60.3888 28.581 60.1671 29.3389L46.6739 75.4667C37.7405 77.0253 29.2704 79.9324 21.4812 83.9706L42.5617 15.0532H42.5618C43.5251 11.9042 44.0066 10.3297 44.9483 9.16295C45.7794 8.13296 46.8607 7.33303 48.0887 6.83939C49.4799 6.28025 51.1264 6.28025 54.4194 6.28025H69.4762C72.7737 6.28025 74.4223 6.28025 75.8147 6.84057C77.0439 7.33522 78.1257 8.13675 78.9569 9.16863Z" fill="url(#paint0_linear_1_5)"/>
|
||||
<path fill-rule="evenodd" clip-rule="evenodd" d="M81.4671 87.2605C78.0089 90.2177 71.1064 92.2344 63.1556 92.2344C53.3972 92.2344 45.2181 89.1964 43.0477 85.1106C42.2718 87.4522 42.0978 90.1321 42.0978 91.8441C42.0978 91.8441 41.5866 100.25 47.4335 106.097C47.4335 103.061 49.8947 100.601 52.9307 100.601C58.1344 100.601 58.1285 105.14 58.1237 108.824C58.1236 108.934 58.1235 109.043 58.1235 109.152C58.1235 114.743 61.5403 119.535 66.3997 121.556C65.6739 120.063 65.2667 118.386 65.2667 116.615C65.2667 111.283 68.397 109.297 72.0351 106.99C74.9298 105.154 78.146 103.115 80.3625 99.0227C81.519 96.8876 82.1757 94.4428 82.1757 91.8441C82.1757 90.2461 81.9274 88.7061 81.4671 87.2605Z" fill="#FF5D01"/>
|
||||
<path fill-rule="evenodd" clip-rule="evenodd" d="M81.4671 87.2605C78.0089 90.2177 71.1064 92.2344 63.1556 92.2344C53.3972 92.2344 45.2181 89.1964 43.0477 85.1106C42.2718 87.4522 42.0978 90.1321 42.0978 91.8441C42.0978 91.8441 41.5866 100.25 47.4335 106.097C47.4335 103.061 49.8947 100.601 52.9307 100.601C58.1344 100.601 58.1285 105.14 58.1237 108.824C58.1236 108.934 58.1235 109.043 58.1235 109.152C58.1235 114.743 61.5403 119.535 66.3997 121.556C65.6739 120.063 65.2667 118.386 65.2667 116.615C65.2667 111.283 68.397 109.297 72.0351 106.99C74.9298 105.154 78.146 103.115 80.3625 99.0227C81.519 96.8876 82.1757 94.4428 82.1757 91.8441C82.1757 90.2461 81.9274 88.7061 81.4671 87.2605Z" fill="url(#paint1_linear_1_5)"/>
|
||||
</g>
|
||||
<defs>
|
||||
<linearGradient id="paint0_linear_1_5" x1="85.5403" y1="2.62659" x2="61.8988" y2="83.9811" gradientUnits="userSpaceOnUse">
|
||||
<stop stop-color="#000014"/>
|
||||
<stop offset="1" stop-color="#150426"/>
|
||||
</linearGradient>
|
||||
<linearGradient id="paint1_linear_1_5" x1="97.0378" y1="63.2061" x2="76.5628" y2="106.069" gradientUnits="userSpaceOnUse">
|
||||
<stop stop-color="#FF1639"/>
|
||||
<stop offset="1" stop-color="#FF1639" stop-opacity="0"/>
|
||||
</linearGradient>
|
||||
<clipPath id="clip0_1_5">
|
||||
<rect width="124" height="124" fill="white"/>
|
||||
</clipPath>
|
||||
</defs>
|
||||
</svg>
|
||||
|
After Width: | Height: | Size: 2.7 KiB |
+72
-13
@@ -1,14 +1,73 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!-- Generator: Adobe Illustrator 24.2.3, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
|
||||
<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
|
||||
viewBox="0 0 128 128" style="enable-background:new 0 0 128 128;" xml:space="preserve">
|
||||
<style type="text/css">
|
||||
.st0{fill:#54B848;}
|
||||
</style>
|
||||
<path class="st0" d="M98.3,72.1c-4.2,0-7.7,3.4-7.7,7.7v2.9c0,4.2-3.4,7.5-7.5,7.5H44.9c-4.2,0-7.5-3.4-7.5-7.5v-37
|
||||
c0-4.2,3.4-7.5,7.5-7.5H83c1,0,1.8,0,2.5,0h0.1c1.9,0.5,3,1.6,3.6,3c0.7,1.6,1.2,3.9-1.4,6.1L65.9,63.2l-6.7-8.5
|
||||
c-2.6-3.3-7.4-4-10.8-1.4c-3.3,2.6-4,7.4-1.4,10.8l11.2,14.5c2.5,3.3,7.2,4,10.6,1.5l25.4-18.6c0.3-0.2,3.6-2.8,3.9-3.1
|
||||
c7.6-6.8,9.2-15.6,6.1-23.3c-3.2-7.8-11.4-12.7-21.3-12.7H44.9C32.3,22.4,22,32.7,22,45.3v37.3c0,12.6,10.3,22.9,22.9,22.9h38.2
|
||||
c12.6,0,22.9-10.2,22.9-22.9v-2.9C106,75.5,102.6,72.1,98.3,72.1z M95.1,39c-0.2-0.1-0.3-0.1-0.5-0.2C94.8,38.9,94.9,38.9,95.1,39
|
||||
L95.1,39z"/>
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<!-- Created with Inkscape (http://www.inkscape.org/) -->
|
||||
|
||||
<svg
|
||||
version="1.1"
|
||||
id="svg888"
|
||||
width="326.66666"
|
||||
height="332"
|
||||
viewBox="0 0 326.66666 332"
|
||||
sodipodi:docname="logo.svg"
|
||||
inkscape:version="1.1.1 (3bf5ae0d25, 2021-09-20)"
|
||||
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
|
||||
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
|
||||
xmlns="http://www.w3.org/2000/svg"
|
||||
xmlns:svg="http://www.w3.org/2000/svg">
|
||||
<defs
|
||||
id="defs892" />
|
||||
<sodipodi:namedview
|
||||
id="namedview890"
|
||||
pagecolor="#ffffff"
|
||||
bordercolor="#666666"
|
||||
borderopacity="1.0"
|
||||
inkscape:pageshadow="2"
|
||||
inkscape:pageopacity="0.0"
|
||||
inkscape:pagecheckerboard="0"
|
||||
showgrid="false"
|
||||
inkscape:zoom="0.62650602"
|
||||
inkscape:cx="-14.365385"
|
||||
inkscape:cy="108.53846"
|
||||
inkscape:window-width="1278"
|
||||
inkscape:window-height="1008"
|
||||
inkscape:window-x="1913"
|
||||
inkscape:window-y="0"
|
||||
inkscape:window-maximized="0"
|
||||
inkscape:current-layer="g894" />
|
||||
<g
|
||||
inkscape:groupmode="layer"
|
||||
inkscape:label="Image"
|
||||
id="g894">
|
||||
<g
|
||||
id="g1071"
|
||||
transform="translate(3.1923058,7.9807692)">
|
||||
<path
|
||||
style="fill:#de97a7;stroke-width:0.666667"
|
||||
d="M 21.174633,318.70543 C 7.5554998,314.35173 -0.16630266,302.27313 0.88225798,286.96369 1.307963,280.7482 3.0561977,275.79769 6.4656402,271.15309 7.8855765,269.21875 25.304936,253.83037 49.75681,232.90937 c 22.503362,-19.25386 41.213995,-35.56532 41.579195,-36.2477 1.023873,-1.91312 0.7818,-5.47089 -0.50618,-7.43939 C 90.190085,188.24453 71.516665,171.933 49.333332,152.97444 25.277137,132.41527 7.9562052,117.1246 6.4135672,115.08549 3.0206443,110.60062 1.6308778,107.25325 0.59008405,101.05915 -1.0532723,91.278987 1.8126922,82.110747 8.6597532,75.244227 19.411462,64.461955 35.987306,63.137219 47.999999,72.100167 c 2.380565,1.776193 15.943097,16.995253 38.666666,43.389423 19.249995,22.3595 35.591755,41.07141 36.315005,41.58202 1.99887,1.4112 5.85794,1.14306 8.22663,-0.57161 1.13967,-0.825 32.10508,-34.05 68.812,-73.833333 36.70693,-39.783334 67.99383,-73.4679857 69.52645,-74.854783 11.84466,-10.717692 31.20357,-10.0490691 42.44224,1.4658807 2.02272,2.0724483 4.57767,5.5577703 5.67767,7.7451613 1.88495,3.748295 1.99797,4.418095 1.96461,11.643741 -0.0422,9.148671 -1.32946,13.175748 -6.19769,19.389295 -1.70514,2.176345 -36.30127,34.553385 -76.88028,71.948968 -58.22422,53.65654 -73.87271,68.414 -74.21963,69.99353 -0.70455,3.20777 0.19453,5.59219 3.19499,8.47334 1.54257,1.48123 19.60467,17.00967 40.138,34.50765 20.53334,17.49797 38.4706,33.06086 39.86059,34.58419 1.39,1.52333 3.75595,5.22836 5.25767,8.23339 2.47221,4.94704 2.76155,6.05917 3.05977,11.76058 0.2704,5.16953 0.076,7.13098 -1.08574,10.95582 -1.57728,5.19284 -5.73539,11.38417 -9.64197,14.35668 -3.6752,2.79644 -10.24662,5.62336 -15.0386,6.46938 -7.49554,1.32332 -17.42847,-1.38625 -23.32448,-6.3626 -1.23535,-1.04266 -17.969,-20.12805 -37.18587,-42.41197 -19.21687,-22.28392 -35.59789,-40.97717 -36.40224,-41.54057 -1.66309,-1.16487 -5.31593,-1.3477 -7.16413,-0.35857 -0.68422,0.36618 -16.96452,18.89118 -36.178468,41.16667 -19.21394,22.27548 -36.170893,41.61289 -37.682111,42.97201 -7.271808,6.53993 -19.301542,8.99059 -28.966448,5.90097 z"
|
||||
id="path1085" />
|
||||
<path
|
||||
style="fill:#96a8d6;stroke-width:0.666667"
|
||||
d="M 21.174633,318.70543 C 7.5554998,314.35173 -0.16630266,302.27313 0.88225798,286.96369 1.307789,280.75074 3.0560946,275.79783 6.4608654,271.1596 7.8747092,269.23356 25.462395,253.69753 50.02247,232.67957 c 22.654722,-19.3874 41.356535,-35.7965 41.559575,-36.46469 0.203046,-0.66819 0.436806,-2.65141 0.51946,-4.40716 0.12378,-2.62909 -0.136547,-3.46623 -1.475607,-4.7451 C 89.731652,186.20857 71.143892,170.22526 49.319768,151.54415 27.495641,132.86303 8.6729178,116.35803 7.4914952,114.86636 5.139144,111.89628 2.0168196,105.64735 2.0065126,103.88889 2.0029306,103.27778 1.65,102.66111 1.2222222,102.51852 0.25813211,102.19715 0.13555608,90.093947 1.0897823,89.441347 1.4447182,89.198607 2.2569273,87.608 2.8946916,85.906667 5.4542554,79.078647 10.244351,73.831333 17.028378,70.423907 28.520751,64.651618 42.46551,67.094767 51.412048,76.448 c 1.693294,1.770267 17.255391,19.718667 34.582437,39.88533 17.327045,20.16667 32.726825,37.93937 34.221735,39.4949 3.06622,3.19053 5.81326,4.03881 9.32546,2.87968 1.80133,-0.59449 16.04925,-15.63636 66.20986,-69.89937 35.15304,-38.02803 66.57621,-71.909012 69.82927,-75.29107 6.20411,-6.4501147 10.30249,-9.4702242 14.75252,-10.8711716 1.46666,-0.4617331 2.86527,-1.146041 3.10801,-1.5206843 0.63636,-0.98214631 12.74741,-0.89267545 13.07717,0.096608 C 296.66111,1.65 297.30485,2 297.94907,2 c 2.2936,0 9.28512,4.0805734 12.62586,7.3690327 4.26608,4.1993223 6.413,7.8417103 7.78982,13.2160043 2.03732,7.95241 -0.79119,19.270905 -6.43318,25.742882 -1.2457,1.428954 -35.32346,33.128741 -75.72837,70.443971 -40.4049,37.31523 -73.75392,68.38861 -74.10893,69.05196 -0.76771,1.43447 0.15753,7.19293 1.40345,8.73483 0.45959,0.56875 18.53561,16.15471 40.16894,34.63545 21.63334,18.48073 40.4706,34.84736 41.86059,36.37027 1.39,1.52291 3.75595,5.2276 5.25767,8.23263 2.47221,4.94704 2.76155,6.05917 3.05977,11.76058 0.2704,5.16953 0.076,7.13098 -1.08574,10.95582 -1.57728,5.19284 -5.73539,11.38417 -9.64197,14.35668 -3.6752,2.79644 -10.24662,5.62336 -15.0386,6.46938 -7.49554,1.32332 -17.42847,-1.38625 -23.32448,-6.3626 -1.23535,-1.04266 -17.969,-20.12805 -37.18587,-42.41197 -19.21687,-22.28392 -35.59789,-40.97717 -36.40224,-41.54057 -1.66309,-1.16487 -5.31593,-1.3477 -7.16413,-0.35857 -0.68422,0.36618 -16.96452,18.89118 -36.178468,41.16667 -19.21394,22.27548 -36.170893,41.61289 -37.682111,42.97201 -7.271808,6.53993 -19.301542,8.99059 -28.966448,5.90097 z"
|
||||
id="path1083" />
|
||||
<path
|
||||
style="fill:#cc7088;stroke-width:0.666667"
|
||||
d="M 20.809439,317.44176 C 11.259316,314.04587 3.4968918,304.90991 2.214937,295.55703 c -0.2155774,-1.5728 -0.652129,-2.69885 -0.9701146,-2.50233 -0.31798569,0.19653 -0.57815575,-1.32809 -0.57815575,-3.38803 0,-2.32714 0.25243966,-3.58934 0.66666665,-3.33334 C 1.7071159,286.56435 2,286.04171 2,285.14371 c 0,-2.06438 2.1213054,-8.2234 3.7408445,-10.86122 2.56302,-4.1745 5.6149135,-6.92969 45.0253925,-40.64804 22.128568,-18.93251 40.758761,-35.3657 41.400428,-36.5182 1.352453,-2.42914 1.489633,-5.01134 0.393986,-7.41604 -0.42498,-0.93272 -19.165839,-17.46019 -41.64636,-36.72772 C 28.433771,133.70497 8.9967371,116.66671 7.7208845,115.1097 5.2569412,112.10279 2.0173715,105.74153 2.0065126,103.88889 2.0029306,103.27778 1.65,102.66111 1.2222222,102.51852 0.25813211,102.19715 0.13555608,90.093947 1.0897823,89.441347 1.4447182,89.198607 2.2569273,87.608 2.8946916,85.906667 5.4542554,79.078647 10.244351,73.831333 17.028378,70.423907 28.520751,64.651618 42.46551,67.094767 51.412048,76.448 c 1.693294,1.770267 17.255391,19.718667 34.582437,39.88533 17.327045,20.16667 32.726825,37.93937 34.221735,39.4949 3.06622,3.19053 5.81326,4.03881 9.32546,2.87968 1.80133,-0.59449 16.04925,-15.63636 66.20986,-69.89937 35.15304,-38.02803 66.57621,-71.909012 69.82927,-75.29107 6.20411,-6.4501147 10.30249,-9.4702242 14.75252,-10.8711716 1.46666,-0.4617331 2.86527,-1.146041 3.10801,-1.5206843 0.63636,-0.98214631 12.74741,-0.89267545 13.07717,0.096608 C 296.66111,1.65 297.30485,2 297.94907,2 c 2.2936,0 9.28512,4.0805734 12.62586,7.3690327 4.26608,4.1993223 6.413,7.8417103 7.78982,13.2160043 2.03732,7.95241 -0.79119,19.270905 -6.43318,25.742882 -1.2457,1.428954 -35.35214,33.155214 -75.79209,70.502811 -46.37375,42.82764 -73.91898,68.72632 -74.58811,70.12949 -1.37217,2.87747 -0.77742,6.12327 1.62002,8.84119 1.00573,1.14018 18.77861,16.54058 39.49527,34.22311 20.71667,17.68254 38.8282,33.23579 40.24784,34.56277 9.55343,8.92995 12.66505,23.73685 7.41119,35.26686 -4.63078,10.16261 -17.61471,17.632 -28.82909,16.58479 -4.47747,-0.41811 -10.7774,-2.67157 -14.55675,-5.2069 -1.28341,-0.86095 -18.54288,-20.35269 -38.35439,-43.31496 -19.8115,-22.96227 -36.76204,-42.08727 -37.66788,-42.5 -2.35752,-1.07415 -4.9528,-0.92761 -7.3716,0.41625 -1.15494,0.64167 -17.44674,19.01667 -36.204022,40.83334 -18.757279,21.81666 -35.507653,40.98882 -37.223052,42.60478 -1.715399,1.61597 -5.068907,3.85952 -7.45224,4.98567 -3.839228,1.81408 -5.131504,2.06979 -11.333333,2.24262 -5.523889,0.15393 -7.743094,-0.0692 -10.523894,-1.05798 z"
|
||||
id="path1081" />
|
||||
<path
|
||||
style="fill:#6b85c7;stroke-width:0.666667"
|
||||
d="M 20.809439,317.44176 C 11.259316,314.04587 3.4968918,304.90991 2.214937,295.55703 c -0.2155774,-1.5728 -0.652129,-2.69885 -0.9701146,-2.50233 -0.31798569,0.19653 -0.57815575,-1.32809 -0.57815575,-3.38803 0,-2.32714 0.25243966,-3.58934 0.66666665,-3.33334 C 1.7071159,286.56435 2,286.04171 2,285.14371 c 0,-2.06438 2.1213054,-8.2234 3.7408445,-10.86122 2.56302,-4.1745 5.6149135,-6.92969 45.0253925,-40.64804 22.128568,-18.93251 40.773521,-35.37038 41.433228,-36.5286 0.73724,-1.29434 1.115806,-3.06925 0.98238,-4.60585 l -0.21708,-2.5 h 33.763175 33.76316 l 0.36231,2.70121 c 0.19927,1.48566 1.06377,3.5698 1.92111,4.63144 0.85735,1.06163 18.65881,16.53482 39.55881,34.38488 20.9,17.85006 39.16153,33.54091 40.58117,34.86856 9.5544,8.93531 12.66504,23.73807 7.41119,35.26806 -4.63078,10.16261 -17.61471,17.632 -28.82909,16.58479 -4.47747,-0.41811 -10.7774,-2.67157 -14.55675,-5.2069 -1.28341,-0.86095 -18.54288,-20.35269 -38.35439,-43.31496 -19.8115,-22.96227 -36.76204,-42.08727 -37.66788,-42.5 -2.35752,-1.07415 -4.9528,-0.92761 -7.3716,0.41625 -1.15494,0.64167 -17.44674,19.01667 -36.204022,40.83334 -18.757279,21.81666 -35.507653,40.98882 -37.223052,42.60478 -1.715399,1.61597 -5.068907,3.85952 -7.45224,4.98567 -3.839228,1.81408 -5.131504,2.06979 -11.333333,2.24262 -5.523889,0.15393 -7.743094,-0.0692 -10.523894,-1.05798 z M 91.914958,187.54934 C 91.411731,186.93481 72.549999,170.61484 49.999999,151.28273 4.4924434,112.26912 4.4624331,112.23837 2.3331219,102.4444 1.668497,99.387393 1.4029056,98.846127 1.297258,100.33333 c -0.1065237,1.49954 -0.2525694,1.20761 -0.58364508,-1.166663 -0.2428634,-1.741667 -0.2428634,-4.591667 0,-6.333334 0.33997078,-2.43806 0.47887128,-2.706493 0.60368888,-1.166666 0.1402001,1.729593 0.2413319,1.594393 0.748,-1 1.6146118,-8.267607 8.1540402,-16.300867 16.4174792,-20.1678 8.508916,-3.981802 19.248794,-3.138034 27.506681,2.16104 2.454337,1.57494 12.783111,13.112806 39.435583,44.051923 38.443515,44.62656 37.779735,43.96094 42.884105,43.00336 1.22224,-0.2293 3.02712,-1.05001 4.01085,-1.82381 0.98373,-0.77381 32.81601,-34.95044 70.73839,-75.948087 68.35823,-73.9016437 68.99122,-74.5615863 73.77903,-76.9209589 2.65608,-1.3088843 6.17924,-2.6414925 7.82924,-2.9613515 2.59052,-0.5021827 2.72701,-0.6036898 1,-0.7436807 -1.56371,-0.1267536 -1.32211,-0.2570135 1.10752,-0.5971259 1.70914,-0.23925377 4.70914,-0.24140931 6.66667,-0.004793 2.32126,0.28058546 2.86354,0.482583 1.55914,0.5807789 -1.69925,0.1279216 -1.4946,0.2733463 1.36097,0.9670904 5.68837,1.3819575 9.78413,3.7825289 14.39236,8.4355247 6.48056,6.543511 8.55855,12.809868 7.26131,21.897017 -0.72441,5.074471 -2.31556,9.408242 -4.88063,13.293289 -0.80704,1.222334 -34.16734,32.39909 -74.134,69.281687 -39.96667,36.8826 -74.05966,68.5075 -75.7622,70.27758 l -3.09552,3.21832 H 126.4861 c -30.678909,0 -33.737115,-0.0988 -34.571142,-1.11733 z"
|
||||
id="path1079" />
|
||||
<path
|
||||
style="fill:#cf687f;stroke-width:0.666667"
|
||||
d="m 189.20446,243.5 c -0.93315,-1.24973 -5.46726,-1.50667 -9.70446,-0.54995 -1.44116,0.32541 -2.16667,0.2404 -2.16667,-0.25387 0,-0.54499 -0.36806,-0.54611 -1.38059,-0.004 -0.99364,0.53178 -1.95555,0.53843 -3.43202,0.0237 -1.29288,-0.4507 -2.33136,-0.48282 -2.80844,-0.0869 -0.467,0.38758 -1.13152,0.39139 -1.73464,0.01 -1.42481,-0.90114 -8.44282,-0.77588 -9.97015,0.17796 -1.09356,0.68294 -1.45496,0.61538 -2.20657,-0.4125 -0.77478,-1.05958 -1.09159,-1.10882 -2.29574,-0.35682 -1.09542,0.68411 -1.60619,0.69871 -2.36655,0.0677 -0.5333,-0.4426 -1.45833,-0.61719 -2.05563,-0.38799 -2.2422,0.86041 -4.25357,-0.51663 -10.02813,-6.86554 -3.26569,-3.5905 -6.564,-6.89256 -7.32958,-7.3379 -0.76558,-0.44534 -2.88714,-0.82034 -4.71459,-0.83333 l -3.32262,-0.0238 -7.18729,7.3836 c -6.86023,7.0476 -7.30144,7.37535 -9.69595,7.20246 -1.37977,-0.0996 -2.87128,0.043 -3.31446,0.31688 -0.4432,0.2739 -1.8228,0.2172 -3.0658,-0.126 -1.295109,-0.3576 -2.650909,-0.3764 -3.175622,-0.044 -1.531787,0.97027 -2.582293,0.67211 -2.582293,-0.73294 0,-1.53542 -1.01642,-1.78745 -1.554427,-0.38543 -0.254887,0.66422 -1.124187,0.86424 -2.90466,0.66835 -2.84084,-0.31256 -8.361293,-0.46185 -8.874246,-0.23999 -0.183334,0.0793 -2.058334,0.19797 -4.166667,0.26374 -3.30608,0.10313 -3.833333,-0.0473 -3.833333,-1.09355 0,-0.66722 -0.3,-1.21312 -0.666667,-1.21312 -0.366666,0 -0.666666,0.45 -0.666666,1 0,1.06718 -1.73852,1.40174 -2.111114,0.40626 -0.12464,-0.33301 -1.682266,-0.36887 -3.547164,-0.0817 -3.01838,0.46484 -12.728495,-0.66091 -14.351263,-1.66383 -0.311243,-0.19236 -1.04488,0.33027 -1.630305,1.16141 -0.798781,1.13404 -1.197798,1.29755 -1.598915,0.65524 -0.318442,-0.50993 -1.025583,-0.66747 -1.749356,-0.38974 -3.85705,1.4801 7.853612,-9.55504 33.654783,-31.71342 5.683333,-4.88092 10.873093,-9.81186 11.5328,-10.95766 0.7395,-1.2844 1.11622,-3.04195 0.98238,-4.58327 l -0.21708,-2.5 h 33.850945 33.85095 v 1.73258 c 0,3.64745 2.15908,6.12307 14.80348,16.97381 26.14078,22.43263 37.86319,33.14988 37.86319,34.61657 0,1.09056 -1.37671,1.47097 -2.36253,0.65281 -0.76318,-0.63339 -1.2001,-0.6154 -2.04294,0.0841 -0.9047,0.75083 -1.19739,0.71852 -1.87402,-0.20683 -0.54757,-0.74884 -1.42325,-0.99257 -2.76119,-0.76853 -3.73953,0.62619 -9.2985,0.7136 -10.38931,0.16336 -0.71624,-0.36129 -1.38053,-0.21115 -1.91497,0.4328 -1.06767,1.28648 -1.72002,1.24414 -2.78391,-0.18067 z M 91.914958,187.54934 C 91.411731,186.93481 72.549999,170.61484 49.999999,151.28273 4.4924434,112.26912 4.4624331,112.23837 2.3331219,102.4444 1.668497,99.387393 1.4029056,98.846127 1.297258,100.33333 c -0.1065237,1.49954 -0.2525694,1.20761 -0.58364508,-1.166663 -0.2428634,-1.741667 -0.2428634,-4.591667 0,-6.333334 0.33997078,-2.43806 0.47887128,-2.706493 0.60368888,-1.166666 0.1402001,1.729593 0.2413319,1.594393 0.748,-1 1.6146118,-8.267607 8.1540402,-16.300867 16.4174792,-20.1678 8.508916,-3.981802 19.248794,-3.138034 27.506681,2.16104 2.454337,1.57494 12.783111,13.112806 39.435583,44.051923 38.443515,44.62656 37.779735,43.96094 42.884105,43.00336 1.22224,-0.2293 3.02712,-1.05001 4.01085,-1.82381 0.98373,-0.77381 32.81601,-34.95044 70.73839,-75.948087 68.35823,-73.9016437 68.99122,-74.5615863 73.77903,-76.9209589 2.65608,-1.3088843 6.17924,-2.6414925 7.82924,-2.9613515 2.59052,-0.5021827 2.72701,-0.6036898 1,-0.7436807 -1.56371,-0.1267536 -1.32211,-0.2570135 1.10752,-0.5971259 1.70914,-0.23925377 4.70914,-0.24140931 6.66667,-0.004793 2.32126,0.28058546 2.86354,0.482583 1.55914,0.5807789 -1.69925,0.1279216 -1.4946,0.2733463 1.36097,0.9670904 5.68837,1.3819575 9.78413,3.7825289 14.39236,8.4355247 6.48056,6.543511 8.55855,12.809868 7.26131,21.897017 -0.72441,5.074471 -2.31556,9.408242 -4.88063,13.293289 -0.80704,1.222334 -34.16734,32.39909 -74.134,69.281687 -39.96667,36.8826 -74.05966,68.5075 -75.7622,70.27758 l -3.09552,3.21832 H 126.4861 c -30.678909,0 -33.737115,-0.0988 -34.571142,-1.11733 z"
|
||||
id="path1077" />
|
||||
<path
|
||||
style="fill:#7080be;stroke-width:0.666667"
|
||||
d="m 189.20446,243.5 c -0.93315,-1.24973 -5.46726,-1.50667 -9.70446,-0.54995 -1.44116,0.32541 -2.16667,0.2404 -2.16667,-0.25387 0,-0.54499 -0.36806,-0.54611 -1.38059,-0.004 -0.99364,0.53178 -1.95555,0.53843 -3.43202,0.0237 -1.29288,-0.4507 -2.33136,-0.48282 -2.80844,-0.0869 -0.467,0.38758 -1.13152,0.39139 -1.73464,0.01 -1.42481,-0.90114 -8.44282,-0.77588 -9.97015,0.17796 -1.09356,0.68294 -1.45496,0.61538 -2.20657,-0.4125 -0.77478,-1.05958 -1.09159,-1.10882 -2.29574,-0.35682 -1.09542,0.68411 -1.60619,0.69871 -2.36655,0.0677 -0.5333,-0.4426 -1.45833,-0.61719 -2.05563,-0.38799 -2.2422,0.86041 -4.25357,-0.51663 -10.02813,-6.86554 -3.26569,-3.5905 -6.564,-6.89256 -7.32958,-7.3379 -0.76558,-0.44534 -2.88714,-0.82034 -4.71459,-0.83333 l -3.32262,-0.0238 -7.18729,7.3836 c -6.86023,7.0476 -7.30144,7.37535 -9.69595,7.20246 -1.37977,-0.0996 -2.87128,0.043 -3.31446,0.31688 -0.4432,0.2739 -1.8228,0.2172 -3.0658,-0.126 -1.295109,-0.3576 -2.650909,-0.3764 -3.175622,-0.044 -1.531787,0.97027 -2.582293,0.67211 -2.582293,-0.73294 0,-1.53542 -1.01642,-1.78745 -1.554427,-0.38543 -0.254887,0.66422 -1.124187,0.86424 -2.90466,0.66835 -2.84084,-0.31256 -8.361293,-0.46185 -8.874246,-0.23999 -0.183334,0.0793 -2.058334,0.19797 -4.166667,0.26374 -3.30608,0.10313 -3.833333,-0.0473 -3.833333,-1.09355 0,-0.66722 -0.3,-1.21312 -0.666667,-1.21312 -0.366666,0 -0.666666,0.45 -0.666666,1 0,1.06718 -1.73852,1.40174 -2.111114,0.40626 -0.12464,-0.33301 -1.682266,-0.36887 -3.547164,-0.0817 -3.01838,0.46484 -12.728495,-0.66091 -14.351263,-1.66383 -0.311243,-0.19236 -1.04488,0.33027 -1.630305,1.16141 -0.798781,1.13404 -1.197798,1.29755 -1.598915,0.65524 -0.318442,-0.50993 -1.025583,-0.66747 -1.749356,-0.38974 -3.85705,1.4801 7.853612,-9.55504 33.654783,-31.71342 5.683333,-4.88092 10.873093,-9.81186 11.5328,-10.95766 0.7395,-1.2844 1.11622,-3.04195 0.98238,-4.58327 l -0.21708,-2.5 h 33.850945 33.85095 v 1.73258 c 0,3.64745 2.15908,6.12307 14.80348,16.97381 26.14078,22.43263 37.86319,33.14988 37.86319,34.61657 0,1.09056 -1.37671,1.47097 -2.36253,0.65281 -0.76318,-0.63339 -1.2001,-0.6154 -2.04294,0.0841 -0.9047,0.75083 -1.19739,0.71852 -1.87402,-0.20683 -0.54757,-0.74884 -1.42325,-0.99257 -2.76119,-0.76853 -3.73953,0.62619 -9.2985,0.7136 -10.38931,0.16336 -0.71624,-0.36129 -1.38053,-0.21115 -1.91497,0.4328 -1.06767,1.28648 -1.72002,1.24414 -2.78391,-0.18067 z"
|
||||
id="path1075" />
|
||||
<path
|
||||
style="fill:#717ebb;stroke-width:0.666667"
|
||||
d="m 164.36892,207.48061 c -0.19289,-0.19349 -13.03128,-0.9833 -15.36892,-0.94548 -0.73334,0.0119 -3.16638,0.19749 -5.40676,0.41251 -3.46643,0.33269 -4.33286,0.18687 -5.81447,-0.97857 -1.43635,-1.12982 -1.99223,-1.23508 -3.17624,-0.60141 -0.78935,0.42245 -5.0271,0.90487 -9.41721,1.07205 -7.04049,0.2681 -8.08238,0.16672 -8.83276,-0.85948 -0.76626,-1.04792 -1.21998,-1.08081 -4.56956,-0.33121 -2.70464,0.60527 -4.0856,0.63595 -5.06372,0.11247 -0.89404,-0.47847 -2.58798,-0.52482 -5.05308,-0.13826 -2.039509,0.31983 -3.826049,0.39081 -3.970089,0.15774 -0.144046,-0.23306 -2.0096,-0.4949 -4.145673,-0.58186 -6.571893,-0.26752 -6.723386,-0.45292 -3.332453,-4.0781 3.242433,-3.46642 4.644413,-7.8786 3.096213,-9.74407 C 92.603791,190.12096 96.732798,190 126.66279,190 c 33.96731,0 34.1574,0.008 33.80649,1.34947 -0.79348,3.03427 0.84139,5.82768 6.49574,11.09894 l 5.5975,5.21826 h -4.00406 c -2.20223,0 -4.08752,-0.0837 -4.18954,-0.18606 z"
|
||||
id="path1073" />
|
||||
</g>
|
||||
</g>
|
||||
</svg>
|
||||
|
||||
|
Before Width: | Height: | Size: 1016 B After Width: | Height: | Size: 18 KiB |
@@ -0,0 +1,3 @@
|
||||
<svg width="250" height="52" viewBox="0 0 250 52" fill="none" xmlns="http://www.w3.org/2000/svg">
|
||||
<path d="M83.3617 26.2877C84.7182 34.5501 77.5226 39.2067 70.2361 39.7434C65.5982 49.2532 49.2595 55.6749 35.0768 48.758C29.0142 49.6727 25.6911 48.1608 23.1259 45.2769C28.3094 38.6246 44.0002 26.6505 63.1694 32.8303C73.4 36.13 76.0524 28.3778 73.4872 25.4712C63.8325 14.5328 42.0374 24.3789 41.2493 25.1991C49.8127 12.1327 80.4402 8.46634 83.3617 26.2877ZM54.0073 11.2709C54.0603 11.252 47.0466 8.78383 37.2366 13.0095C36.8417 12.8634 36.4546 12.6969 36.0771 12.5106C45.512 6.25899 53.7837 3.60563 60.8542 4.63749C56.5725 -0.279907 35.9975 -3.89331 24.2095 7.88804C9.63655 5.0268 -0.556211 17.3449 0.0235256 28.5933C0.603262 39.8417 12.9066 46.8455 19.9165 44.9481C20.0849 44.9254 20.2557 44.9254 20.4242 44.9481C21.9777 37.5134 28.3207 20.2175 54.0073 11.2709ZM112.693 21.5441L114.001 15.8141H92.0539L91.5575 18.0328C90.9854 19.9944 92.5389 21.3854 94.2099 21.34H104.376L86.3551 37.2148L85.1387 42.5404H108.385L109.723 36.7083H95.0208L112.693 21.5441ZM127.334 26.1629C126.304 25.9021 120.533 25.029 120.893 23.0485C121.298 20.8146 124.034 20.603 125.364 20.6446C128.104 20.7239 128.968 21.9259 129.112 22.3492C129.491 23.4831 130.366 24.0539 131.647 24.0539H135.974C136.447 21.3816 136.576 15.2169 126.524 15.2169C123.295 15.2169 118.995 16.0258 116.149 19.2952C114.633 21.049 112 25.4032 114.686 28.6764C116.092 30.3282 119.756 31.6208 123.689 32.3881C126.232 32.887 127.577 33.9 127.297 35.0982C127.126 35.9032 126.114 37.7175 122.371 37.7137C120.696 37.7137 117.066 37.4491 117.759 33.6959H110.916C110.113 37.0976 109.817 43.0356 120.253 43.0356C124.277 43.0356 132.469 42.5253 134.602 33.9907C136.14 27.86 129.21 26.6467 127.334 26.1743V26.1629ZM151.524 35.6122C150.934 36.1561 150.242 36.5784 149.488 36.8547C148.733 37.131 147.932 37.256 147.129 37.2224C141.961 37.2715 142.544 32.1689 143.249 29.0884C143.954 26.008 145.617 21.0452 150.532 21.0565C154.014 21.0565 154.415 23.3055 154.594 23.9669H161.637C161.387 16.5511 155.689 15.1337 151.661 15.232C140.619 15.5042 137.425 24.7115 136.436 28.9902C133.552 41.4897 141.566 43.0507 145.401 43.0507C148.546 43.0507 155.431 42.2947 159.474 34.312H154.446C152.994 34.2591 152.324 34.9016 151.524 35.6084V35.6122ZM180.288 38.1748C178.256 40.5655 175.433 42.1506 172.33 42.6425C166.211 43.6516 157.799 43.3984 159.917 34.6106C160.595 31.806 161.645 29.9691 163.756 28.5857C167.291 26.2688 171.986 25.9399 173.509 25.7736C174.028 25.7169 177.878 25.4297 178.537 23.1581C179.181 20.9469 175.65 20.7655 174.661 20.7542C171.629 20.7202 170.603 21.9259 170.114 22.644H163.369C166.094 15.4928 173.6 15.2131 175.646 15.2131C177.919 15.2131 187.036 15.2131 185.297 22.7499C182.637 34.2628 182.523 35.4119 180.288 38.1748ZM177.256 29.1035C176.173 29.697 173.467 30.279 173.035 30.4038C171.648 30.812 168.996 30.9934 167.708 32.1954C166.605 33.2348 164.657 37.5285 169.284 37.6192C172.149 37.6721 175.725 36.0658 176.741 31.4016C176.953 30.3471 177.271 29.1035 177.271 29.1035H177.256ZM194.61 8.00143H190.973L183.069 42.5442H190.113L197.255 11.3162C197.566 10.3335 197.365 8.09593 194.61 8.00143ZM212.87 34.3082H217.906C216.322 37.4983 212.222 43.0507 203.826 43.0469C193.11 43.0469 193.769 33.5107 194.864 28.9864C197.896 16.4151 206.334 15.2282 210.093 15.2282C215.102 15.2282 222.949 17.2995 218.963 30.9934H201.533C201.109 32.8077 200.745 37.2715 205.55 37.2186C208.077 37.1921 209.024 36.2812 209.252 36.164C209.919 35.8314 210.525 34.3498 212.87 34.3082ZM202.583 26.4767H212.848C213.727 21.563 210.676 21.0528 208.956 21.0528C207.482 21.0528 203.973 21.5857 202.583 26.4767ZM227.97 18.7434C223.253 21.9523 221.691 27.1154 221.15 29.5911C220.718 31.5415 218.183 42.5442 218.183 42.5442H225.234C225.234 42.5442 227.906 30.4491 228.375 28.7898C228.932 26.8508 230.747 21.6084 237.772 21.8238L239.402 15.8254C233.718 15.644 229.967 17.3865 227.966 18.7434H227.97ZM240.27 10.617L240.448 9.7779H244.237L244.055 10.617H242.695L241.937 14.3135H240.914L241.69 10.617H240.27ZM246.506 9.7779L246.855 13.0625L248.606 9.7779H250L249.038 14.3135H248.113L248.947 10.7039L247.022 14.3135H246.264L245.824 10.7039L245.146 14.3135H244.203L245.157 9.7779H246.506Z" fill="#236BF5"/>
|
||||
</svg>
|
||||
|
After Width: | Height: | Size: 4.1 KiB |
@@ -0,0 +1,11 @@
|
||||
<?xml version="1.0" encoding="UTF-8" ?>
|
||||
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
|
||||
<svg width="900pt" height="750pt" viewBox="0 0 900 750" version="1.1" xmlns="http://www.w3.org/2000/svg">
|
||||
<g id="#63788eff">
|
||||
<path fill="#63788e" opacity="1.00" d=" M 169.76 58.08 C 248.92 45.26 328.85 36.97 408.99 34.00 C 434.66 34.01 460.32 33.98 485.98 34.01 C 566.09 36.97 645.97 45.22 725.07 58.14 C 773.12 123.20 820.59 188.70 868.62 253.78 C 857.86 253.89 847.46 250.91 836.96 248.98 C 699.42 221.76 559.34 204.66 418.96 206.84 C 416.92 207.01 414.93 207.43 412.94 207.86 C 389.26 208.73 365.56 209.50 341.91 211.16 C 286.53 214.80 231.34 221.09 176.45 229.24 C 125.58 236.94 74.79 245.53 24.64 257.10 C 25.55 254.66 27.15 252.60 28.71 250.54 C 75.59 186.29 122.48 122.04 169.76 58.08 Z" />
|
||||
<path fill="#63788e" opacity="1.00" d=" M 428.98 510.59 C 522.23 511.26 615.32 501.64 707.12 485.63 C 622.30 560.00 537.49 634.39 452.56 708.65 C 450.19 710.68 448.64 713.49 446.12 715.36 C 441.25 709.40 435.10 704.72 429.35 699.67 C 349.99 630.09 270.59 560.55 191.23 490.97 C 198.21 487.63 205.87 489.81 213.04 491.12 C 273.93 500.89 335.34 507.54 396.96 510.28 C 407.63 510.63 418.31 511.53 428.98 510.59 Z" />
|
||||
</g>
|
||||
<g id="#4b596bff">
|
||||
<path fill="#4b596b" opacity="1.00" d=" M 412.94 207.86 C 414.93 207.43 416.92 207.01 418.96 206.84 C 559.34 204.66 699.42 221.76 836.96 248.98 C 847.46 250.91 857.86 253.89 868.62 253.78 C 869.28 254.66 869.96 255.54 870.64 256.43 C 797.25 290.57 724.44 326.00 652.91 363.93 C 616.99 383.02 581.36 402.69 546.42 423.53 C 504.39 448.39 465.24 477.93 428.98 510.59 C 418.31 511.53 407.63 510.63 396.96 510.28 C 335.34 507.54 273.93 500.89 213.04 491.12 C 205.87 489.81 198.21 487.63 191.23 490.97 C 189.47 489.44 187.72 487.92 185.95 486.42 C 235.44 401.48 297.86 324.65 366.59 254.58 C 381.76 238.73 397.58 223.52 412.94 207.86 Z" />
|
||||
</g>
|
||||
</svg>
|
||||
|
After Width: | Height: | Size: 1.9 KiB |
@@ -0,0 +1,76 @@
|
||||
# Sample workflow for building and deploying an Astro site to GitHub Pages
|
||||
#
|
||||
# To get started with Astro see: https://docs.astro.build/en/getting-started/
|
||||
#
|
||||
name: Deploy Astro site to Pages
|
||||
|
||||
on:
|
||||
# Runs on pushes targeting the default branch
|
||||
push:
|
||||
branches: [$default-branch]
|
||||
|
||||
# Allows you to run this workflow manually from the Actions tab
|
||||
workflow_dispatch:
|
||||
|
||||
# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
|
||||
permissions:
|
||||
contents: read
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
# Allow one concurrent deployment
|
||||
concurrency:
|
||||
group: "pages"
|
||||
cancel-in-progress: true
|
||||
|
||||
env:
|
||||
BUILD_PATH: "." # default value when not using subfolders
|
||||
# BUILD_PATH: subfolder
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
- name: Detect package manager
|
||||
id: detect-package-manager
|
||||
run: |
|
||||
if [ -f "${{ github.workspace }}/yarn.lock" ]; then
|
||||
echo "::set-output name=manager::yarn"
|
||||
echo "::set-output name=command::install"
|
||||
echo "::set-output name=runner::yarn"
|
||||
exit 0
|
||||
elif [ -f "${{ github.workspace }}/package.json" ]; then
|
||||
echo "::set-output name=manager::npm"
|
||||
echo "::set-output name=command::ci"
|
||||
echo "::set-output name=runner::npx --no-install"
|
||||
exit 0
|
||||
else
|
||||
echo "Unable to determine packager manager"
|
||||
exit 1
|
||||
fi
|
||||
- name: Setup Node
|
||||
uses: actions/setup-node@v3
|
||||
with:
|
||||
node-version: "16"
|
||||
cache: ${{ steps.detect-package-manager.outputs.manager }}
|
||||
cache-dependency-path: ${{ env.BUILD_PATH }}/package-lock.json
|
||||
- run: npm install && npm run build
|
||||
working-directory: ${{ env.BUILD_PATH }}
|
||||
- uses: actions/upload-pages-artifact@v1
|
||||
with:
|
||||
path: ${{ env.BUILD_PATH }}/dist
|
||||
|
||||
deploy:
|
||||
environment:
|
||||
name: github-pages
|
||||
url: ${{ steps.deployment.outputs.page_url }}
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
name: Deploy
|
||||
steps:
|
||||
- name: Deploy to GitHub Pages
|
||||
id: deployment
|
||||
uses: actions/deploy-pages@v1
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
"name": "Astro",
|
||||
"description": "Deploy an Astro site.",
|
||||
"iconName": "astro",
|
||||
"categories": ["Pages", "Astro"]
|
||||
}
|
||||
@@ -61,7 +61,7 @@ async function checkWorkflows(
|
||||
|
||||
const enabled =
|
||||
!isPartnerWorkflow &&
|
||||
workflowProperties.enterprise !== false &&
|
||||
(workflowProperties.enterprise === true || folder !== 'code-scanning') &&
|
||||
(await checkWorkflow(workflowFilePath, enabledActions));
|
||||
|
||||
const workflowDesc: WorkflowDesc = {
|
||||
|
||||
Generated
+57
-7
@@ -9,7 +9,7 @@
|
||||
"version": "1.0.0",
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.2.6",
|
||||
"@actions/core": "^1.9.1",
|
||||
"js-yaml": "^3.13.1",
|
||||
"jsonschema": "^1.2.6"
|
||||
},
|
||||
@@ -21,9 +21,21 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@actions/core": {
|
||||
"version": "1.2.6",
|
||||
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.2.6.tgz",
|
||||
"integrity": "sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA=="
|
||||
"version": "1.9.1",
|
||||
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.9.1.tgz",
|
||||
"integrity": "sha512-5ad+U2YGrmmiw6du20AQW5XuWo7UKN2052FjSV7MX+Wfjf8sCqcsZe62NfgHys4QI4/Y+vQvLKYL8jWtA1ZBTA==",
|
||||
"dependencies": {
|
||||
"@actions/http-client": "^2.0.1",
|
||||
"uuid": "^8.3.2"
|
||||
}
|
||||
},
|
||||
"node_modules/@actions/http-client": {
|
||||
"version": "2.0.1",
|
||||
"resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.0.1.tgz",
|
||||
"integrity": "sha512-PIXiMVtz6VvyaRsGY268qvj57hXQEpsYogYOu2nrQhlf+XCGmZstmuZBbAybUl1nQGnvS1k1eEsQ69ZoD7xlSw==",
|
||||
"dependencies": {
|
||||
"tunnel": "^0.0.6"
|
||||
}
|
||||
},
|
||||
"node_modules/@types/js-yaml": {
|
||||
"version": "3.12.4",
|
||||
@@ -153,6 +165,14 @@
|
||||
"typescript": ">=2.7"
|
||||
}
|
||||
},
|
||||
"node_modules/tunnel": {
|
||||
"version": "0.0.6",
|
||||
"resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz",
|
||||
"integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==",
|
||||
"engines": {
|
||||
"node": ">=0.6.11 <=0.7.0 || >=0.7.3"
|
||||
}
|
||||
},
|
||||
"node_modules/typescript": {
|
||||
"version": "3.9.2",
|
||||
"resolved": "https://registry.npmjs.org/typescript/-/typescript-3.9.2.tgz",
|
||||
@@ -166,6 +186,14 @@
|
||||
"node": ">=4.2.0"
|
||||
}
|
||||
},
|
||||
"node_modules/uuid": {
|
||||
"version": "8.3.2",
|
||||
"resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",
|
||||
"integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==",
|
||||
"bin": {
|
||||
"uuid": "dist/bin/uuid"
|
||||
}
|
||||
},
|
||||
"node_modules/yn": {
|
||||
"version": "3.1.1",
|
||||
"resolved": "https://registry.npmjs.org/yn/-/yn-3.1.1.tgz",
|
||||
@@ -178,9 +206,21 @@
|
||||
},
|
||||
"dependencies": {
|
||||
"@actions/core": {
|
||||
"version": "1.2.6",
|
||||
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.2.6.tgz",
|
||||
"integrity": "sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA=="
|
||||
"version": "1.9.1",
|
||||
"resolved": "https://registry.npmjs.org/@actions/core/-/core-1.9.1.tgz",
|
||||
"integrity": "sha512-5ad+U2YGrmmiw6du20AQW5XuWo7UKN2052FjSV7MX+Wfjf8sCqcsZe62NfgHys4QI4/Y+vQvLKYL8jWtA1ZBTA==",
|
||||
"requires": {
|
||||
"@actions/http-client": "^2.0.1",
|
||||
"uuid": "^8.3.2"
|
||||
}
|
||||
},
|
||||
"@actions/http-client": {
|
||||
"version": "2.0.1",
|
||||
"resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.0.1.tgz",
|
||||
"integrity": "sha512-PIXiMVtz6VvyaRsGY268qvj57hXQEpsYogYOu2nrQhlf+XCGmZstmuZBbAybUl1nQGnvS1k1eEsQ69ZoD7xlSw==",
|
||||
"requires": {
|
||||
"tunnel": "^0.0.6"
|
||||
}
|
||||
},
|
||||
"@types/js-yaml": {
|
||||
"version": "3.12.4",
|
||||
@@ -279,12 +319,22 @@
|
||||
"yn": "3.1.1"
|
||||
}
|
||||
},
|
||||
"tunnel": {
|
||||
"version": "0.0.6",
|
||||
"resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz",
|
||||
"integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg=="
|
||||
},
|
||||
"typescript": {
|
||||
"version": "3.9.2",
|
||||
"resolved": "https://registry.npmjs.org/typescript/-/typescript-3.9.2.tgz",
|
||||
"integrity": "sha512-q2ktq4n/uLuNNShyayit+DTobV2ApPEo/6so68JaD5ojvc/6GClBipedB9zNWYxRSAlZXAe405Rlijzl6qDiSw==",
|
||||
"dev": true
|
||||
},
|
||||
"uuid": {
|
||||
"version": "8.3.2",
|
||||
"resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",
|
||||
"integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg=="
|
||||
},
|
||||
"yn": {
|
||||
"version": "3.1.1",
|
||||
"resolved": "https://registry.npmjs.org/yn/-/yn-3.1.1.tgz",
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
"typescript": "^3.9.2"
|
||||
},
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.2.6",
|
||||
"@actions/core": "^1.9.1",
|
||||
"js-yaml": "^3.13.1",
|
||||
"jsonschema": "^1.2.6"
|
||||
}
|
||||
|
||||
@@ -3,7 +3,8 @@
|
||||
"../../ci",
|
||||
"../../automation",
|
||||
"../../deployments",
|
||||
"../../code-scanning"
|
||||
"../../code-scanning",
|
||||
"../../pages"
|
||||
],
|
||||
"allowed_categories": [
|
||||
{
|
||||
@@ -21,6 +22,10 @@
|
||||
{
|
||||
"path": "../../code-scanning",
|
||||
"categories": ["Code Scanning", "Dependency review"]
|
||||
},
|
||||
{
|
||||
"path": "../../pages",
|
||||
"categories": ["Pages"]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user