Merge branch 'main' into phantsure/lint-fix

This commit is contained in:
Sampark Sharma
2022-12-13 18:04:36 +05:30
committed by GitHub
7 changed files with 61 additions and 6 deletions
+1 -1
View File
@@ -26,7 +26,7 @@ It is not:
- [ ] Should use sentence case for the names of workflows and steps (for example, "Run tests").
- [ ] Should be named _only_ by the name of the language or platform (for example, "Go", not "Go CI" or "Go Build").
- [ ] Should include comments in the workflow for any parts that are not obvious or could use clarification.
- [ ] Should specify least priviledge [permissions](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token) for `GITHUB_TOKEN` so that the workflow runs successfully.
- [ ] Should specify least privileged [permissions](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token) for `GITHUB_TOKEN` so that the workflow runs successfully.
**For _CI_ workflows, the workflow:**
+2
View File
@@ -34,6 +34,8 @@ jobs:
matrix:
language: [ $detected-codeql-languages ]
# CodeQL supports [ $supported-codeql-languages ]
# Use only 'java' to analyze code written in Java, Kotlin or both
# Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
steps:
+47
View File
@@ -0,0 +1,47 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# A sample workflow which checks out your code and scans your desired k8s config files for misconfigurations using the Datree CLI.
# The results are then uploaded to GitHub Security Code Scanning.
#
# For more information and configurations options, see https://github.com/datreeio/action-datree/
name: Datree
on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ $default-branch ]
permissions:
contents: read
jobs:
datree:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run Datree policy check
continue-on-error: true
uses: datreeio/action-datree@de67ae7a5133d719dc794e1b75682cd4c5f94d8a
env:
# In order to use the Datree action you will need to have a Datree token.
# See https://hub.datree.io/setup/account-token#1-get-your-account-token-from-the-dashboard to acquire your token.
DATREE_TOKEN: ${{ secrets.DATREE_TOKEN }}
with:
# Add the path to the configuration file/s that you would like to test.
# See https://github.com/datreeio/action-datree#usage for all available options.
path: test-file.yaml
# Setting a SARIF output will generate a file named "datree.sarif" containing your test results
cliArguments: "-o sarif"
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: datree.sarif
@@ -0,0 +1,7 @@
{
"name": "Datree",
"creator": "Datree",
"description": "Detect misconfigurations in your Kubernetes manifests and present them in Github code scanning",
"iconName": "datree",
"categories": ["Code Scanning", "YAML"]
}
+2 -4
View File
@@ -34,7 +34,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Run SOOS DAST Scan
uses: soos-io/soos-dast-github-action@5b9c65687cee49aee1c776759f25561f908be565 # Use latest version from https://github.com/marketplace/actions/soos-dast
uses: soos-io/soos-dast-github-action@3e71b27756f4ed77d7ad3c0ad92afddb47a40e4d # Use latest version from https://github.com/marketplace/actions/soos-dast
with:
client_id: ${{ secrets.SOOS_CLIENT_ID }}
api_key: ${{ secrets.SOOS_API_KEY }}
@@ -45,6 +45,4 @@ jobs:
- name: Upload SOOS DAST SARIF Report
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif
sarif_file: results.sarif
+1
View File
@@ -0,0 +1 @@
<svg id="Layer_1" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 85 100"><defs><style>.cls-1{fill:#05ccc2;}.cls-1,.cls-2{fill-rule:evenodd;}.cls-2{fill:#00141e;}</style></defs><path class="cls-1" d="M59.2,45.29,49,55.47a12.15,12.15,0,0,0-1.67,2.06,12.63,12.63,0,0,0-1.22,2.37,14.44,14.44,0,0,0-.71,2.56,15.69,15.69,0,0,0-.24,2.77V88.38h5.45V65.23a10,10,0,0,1,.14-1.76,8.39,8.39,0,0,1,.44-1.6,6.59,6.59,0,0,1,.7-1.34,7.22,7.22,0,0,1,1-1.19L63.07,49.16Z"/><path class="cls-1" d="M73.4,31.89a8,8,0,0,0-1.72-2.57l-16-16a7.95,7.95,0,0,0-11.24,0l-1.82,1.83L19.16,38.66,23,42.53,46.52,19.05l1.83-1.83a2.44,2.44,0,0,1,.79-.53,2.64,2.64,0,0,1,1-.19,2.6,2.6,0,0,1,.95.19,2.48,2.48,0,0,1,.8.53l16,16a2.59,2.59,0,0,1,.53.8,2.64,2.64,0,0,1,.19.95,2.5,2.5,0,0,1-.72,1.75L66,38.51l-.15.15L62,42.53l3.88,3.87,5.84-5.84A8,8,0,0,0,73.4,38a8.19,8.19,0,0,0,.6-3v-.1A8.19,8.19,0,0,0,73.4,31.89Z"/><path class="cls-1" d="M16.66,51.07a2.54,2.54,0,0,1-.19-.94v-.21h0a2.23,2.23,0,0,1,.15-.63h0l-4-4a7.81,7.81,0,0,0-1,1.78,8.16,8.16,0,0,0-.6,2.84h0v.21a7.89,7.89,0,0,0,2.31,5.61L30.54,73V65.21L17.2,51.87A2.46,2.46,0,0,1,16.66,51.07Z"/><path class="cls-2" d="M69.71,42.53l.15.15,1.82,1.83A7.9,7.9,0,0,1,74,49.92h0v.21a8,8,0,0,1-.6,3,7.67,7.67,0,0,1-1.71,2.56L54.48,73V65.21L67.81,51.87a2.46,2.46,0,0,0,.54-.8,2.36,2.36,0,0,0,.19-.94v-.21h0a2.29,2.29,0,0,0-.18-.74,2.33,2.33,0,0,0-.53-.8L66,46.55l-4.17-4.17L45.21,25.78l3.87-3.87,16.61,16.6.15.15h0ZM11,34.89V35a8.19,8.19,0,0,0,.6,3,8,8,0,0,0,1.72,2.57L32.1,59.34a7.22,7.22,0,0,1,1,1.19,6.59,6.59,0,0,1,.7,1.34,9.19,9.19,0,0,1,.44,1.6,10,10,0,0,1,.14,1.76V88.38H39.8V65.23a15.69,15.69,0,0,0-.24-2.77,14.44,14.44,0,0,0-.71-2.56,12.63,12.63,0,0,0-1.22-2.37A12.15,12.15,0,0,0,36,55.47L23.19,42.68,23,42.53l-3.87-3.87L19,38.51l-1.83-1.82a2.5,2.5,0,0,1-.72-1.75,2.64,2.64,0,0,1,.19-.95,2.59,2.59,0,0,1,.53-.8l16-16a2.48,2.48,0,0,1,.8-.53,2.6,2.6,0,0,1,.95-.19,2.64,2.64,0,0,1,1,.19,2.44,2.44,0,0,1,.79.53l1.83,1.83.15.15,4-4-.15.15-.15-.15-1.82-1.83a7.95,7.95,0,0,0-11.24,0l-16,16a8,8,0,0,0-1.72,2.57A8.19,8.19,0,0,0,11,34.89Z"/><path class="cls-2" d="M69.71,42.53l.15.15,1.82,1.83A7.9,7.9,0,0,1,74,49.92h0v.21a8,8,0,0,1-.6,3,7.67,7.67,0,0,1-1.71,2.56L54.48,73V65.21L67.81,51.87a2.46,2.46,0,0,0,.54-.8,2.36,2.36,0,0,0,.19-.94v-.21h0a2.29,2.29,0,0,0-.18-.74,2.33,2.33,0,0,0-.53-.8L66,46.55l-4.17-4.17L45.21,25.78l3.87-3.87,16.61,16.6.15.15h0Z"/></svg>

After

Width:  |  Height:  |  Size: 2.3 KiB

+1 -1
View File
@@ -61,7 +61,7 @@ async function checkWorkflows(
const enabled =
!isPartnerWorkflow &&
(workflowProperties.enterprise === true || folder !== 'code-scanning') &&
(workflowProperties.enterprise === true || basename(folder) !== 'code-scanning') &&
(await checkWorkflow(workflowFilePath, enabledActions));
const workflowDesc: WorkflowDesc = {