Merge branch 'main' into main

This commit is contained in:
Sampark Sharma
2022-12-07 17:57:29 +05:30
committed by GitHub
70 changed files with 374 additions and 186 deletions
+3 -3
View File
@@ -5,12 +5,12 @@
version: 2
updates:
- package-ecosystem: "npm"
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
- package-ecosystem: "github-actions"
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
+31
View File
@@ -0,0 +1,31 @@
name: Lint
on:
pull_request:
branches:
- main
jobs:
pre-commit:
name: pre-commit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: 3.8
- name: Cache pre-commit
uses: actions/cache@v3
with:
path: ~/.cache/pre-commit
key: pre-commit-3|${{ env.pythonLocation }}|${{ hashFiles('.pre-commit-config.yaml') }}
- name: Install pre-commit
run: pip3 install pre-commit
- name: Run pre-commit
run: pre-commit run --all-files --show-diff-on-failure --color always
+6
View File
@@ -0,0 +1,6 @@
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.3.0
hooks:
- id: trailing-whitespace
files: (automation/|ci/|code-scanning/|deployments/|pages/).*(yaml|yml|json)$
+20
View File
@@ -50,3 +50,23 @@ These variables can be placed in the starter workflow and will be substituted as
* `$default-branch`: will substitute the branch from the repository, for example `main` and `master`
* `$protected-branches`: will substitute any protected branches from the repository
* `$cron-daily`: will substitute a valid but random time within the day
## How to test templates before publishing
### Disable template for public
The template author adds a `labels` array in the template's `properties.json` file with a label `preview`. This will hide the template from users, unless user uses query parameter `preview=true` in the URL.
Example `properties.json` file:
```json
{
"name": "Node.js",
"description": "Build and test a Node.js project with npm.",
"iconName": "nodejs",
"categories": ["Continuous integration", "JavaScript", "npm", "React", "Angular", "Vue"],
"labels": ["preview"]
}
```
For viewing the templates with `preview` label, provide query parameter `preview=true` to the `new workflow` page URL. Eg. `https://github.com/<owner>/<repo_name>/actions/new?preview=true`.
### Enable template for public
Remove the `labels` array from `properties.json` file to publish the template to public
+1 -1
View File
@@ -17,7 +17,7 @@ jobs:
- name: Set up GNAT toolchain
run: >
sudo apt-get update &&
sudo apt-get update &&
sudo apt-get install gnat gprbuild
- name: Build
+2 -2
View File
@@ -31,7 +31,7 @@ jobs:
- name: Test
working-directory: ${{github.workspace}}/build
# Execute tests defined by the CMake configuration.
# Execute tests defined by the CMake configuration.
# See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail
run: ctest -C ${{env.BUILD_TYPE}}
+4 -4
View File
@@ -3,10 +3,10 @@
# separate terms of service, privacy policy, and support
# documentation.
# This workflow lets you compile your Go project using a SLSA3 compliant builder.
# This workflow will generate a so-called "provenance" file describing the steps
# This workflow lets you compile your Go project using a SLSA3 compliant builder.
# This workflow will generate a so-called "provenance" file describing the steps
# that were performed to generate the final binary.
# The project is an initiative of the OpenSSF (openssf.org) and is developed at
# The project is an initiative of the OpenSSF (openssf.org) and is developed at
# https://github.com/slsa-framework/slsa-github-generator.
# The provenance file can be verified using https://github.com/slsa-framework/slsa-verifier.
# For more information about SLSA and how it improves the supply-chain, visit slsa.dev.
@@ -21,7 +21,7 @@ permissions: read-all
jobs:
# ========================================================================================================================================
# Prerequesite: Create a .slsa-goreleaser.yml in the root directory of your project.
# Prerequesite: Create a .slsa-goreleaser.yml in the root directory of your project.
# See format in https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/go/README.md#configuration-file
#=========================================================================================================================================
build:
+4 -4
View File
@@ -13,15 +13,15 @@ jobs:
steps:
- uses: actions/checkout@v3
- name: configure
run: ./configure
- name: Install dependencies
run: make
- name: Run check
run: make check
- name: Run distcheck
run: make distcheck
+1 -1
View File
@@ -13,7 +13,7 @@ jobs:
strategy:
matrix:
node-version: [14.x, 16.x, 18.x]
steps:
- uses: actions/checkout@v3
+1 -1
View File
@@ -13,7 +13,7 @@ jobs:
strategy:
matrix:
node-version: [14.x, 16.x, 18.x]
steps:
- uses: actions/checkout@v3
+1 -1
View File
@@ -13,7 +13,7 @@ jobs:
strategy:
matrix:
node-version: [14.x, 16.x, 18.x]
steps:
- uses: actions/checkout@v3
+4 -4
View File
@@ -3,8 +3,8 @@
# separate terms of service, privacy policy, and support
# documentation.
# APIsec addresses the critical need to secure APIs before they reach production.
# APIsec provides the industrys only automated and continuous API testing platform that uncovers security vulnerabilities and logic flaws in APIs.
# APIsec addresses the critical need to secure APIs before they reach production.
# APIsec provides the industrys only automated and continuous API testing platform that uncovers security vulnerabilities and logic flaws in APIs.
# Clients rely on APIsec to evaluate every update and release, ensuring that no APIs go to production with vulnerabilities.
# How to Get Started with APIsec.ai
@@ -50,12 +50,12 @@ jobs:
Trigger_APIsec_scan:
permissions:
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- name: APIsec scan
uses: apisec-inc/apisec-run-scan@f62d0c6fae8a80f97b091a323befdb56e6ad9993
uses: apisec-inc/apisec-run-scan@f748a240d69ca6cd7e9532fd0a47bec4ccd6a73c
with:
# The APIsec username with which the scans will be executed
apisec-username: ${{ secrets.apisec_username }}
+1 -1
View File
@@ -25,7 +25,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Brakeman Scan
runs-on: ubuntu-latest
steps:
+55
View File
@@ -0,0 +1,55 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# The Checkmarx One GitHub Action enables you to trigger SAST, SCA, and KICS scans directly from the GitHub workflow.
# It provides a wrapper around the Checkmarx One CLI Tool which creates a zip archive from your source code repository
# and uploads it to Checkmarx One for scanning. The Github Action provides easy integration with GitHub while enabling
# scan customization using the full functionality and flexibility of the CLI tool.
# This is a basic workflow to help you get started with Using Checkmarx One Action,
# documentation can be found here : https://checkmarx.com/resource/documents/en/34965-68702-checkmarx-one-github-actions.html
name: Checkmarx Scan
# Controls when the workflow will run
on:
pull_request:
types: [opened, reopened, synchronize]
branches: [ $default-branch, $protected-branches ]
permissions:
contents: read
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# This step checks out a copy of your repository.
- name: Checkout repository
uses: actions/checkout@v3
# This step creates the Checkmarx One scan
- name: Checkmarx One scan
uses: checkmarx/ast-github-action@8e887bb93dacc44e0f5b64ee2b06d5815f89d4fc
with:
base_uri: https://ast.checkmarx.net # This should be replaced by your base uri for Checkmarx One
cx_client_id: ${{ secrets.CX_CLIENT_ID }} # This should be created within your Checkmarx One account : https://checkmarx.com/resource/documents/en/34965-118315-authentication-for-checkmarx-one-cli.html#UUID-a4e31a96-1f36-6293-e95a-97b4b9189060_UUID-4123a2ff-32d0-2287-8dd2-3c36947f675e
cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} # This should be created within your Checkmarx One account : https://checkmarx.com/resource/documents/en/34965-118315-authentication-for-checkmarx-one-cli.html#UUID-a4e31a96-1f36-6293-e95a-97b4b9189060_UUID-4123a2ff-32d0-2287-8dd2-3c36947f675e
cx_tenant: ${{ secrets.CX_TENANT }} # This should be replaced by your tenant for Checkmarx One
additional_params: --report-format sarif --output-path .
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
with:
# Path to SARIF file relative to the root of the repository
sarif_file: cx_result.sarif
+1 -1
View File
@@ -29,7 +29,7 @@ jobs:
issues: write # for checkmarx-ts/checkmarx-cxflow-github-action to write feedback to github issues
pull-requests: write # for checkmarx-ts/checkmarx-cxflow-github-action to write feedback to PR
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
# Steps require - checkout code, run CxFlow Action, Upload SARIF report (optional)
+2 -2
View File
@@ -16,7 +16,7 @@ on:
permissions:
contents: read
jobs:
clj-holmes:
name: Run clj-holmes scanning
@@ -24,7 +24,7 @@ jobs:
permissions:
contents: read
security-events: write
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v2
+3 -3
View File
@@ -6,7 +6,7 @@
# seeking for vulnerable direct/transitive dependencies and
# build a report with all the information needed to help you
# understand how the vulnerability manifest in your software.
# More details at https://github.com/clj-holmes/clj-watson
# More details at https://github.com/clj-holmes/clj-watson
name: clj-watson
@@ -29,7 +29,7 @@ jobs:
permissions:
contents: read
security-events: write
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v2
@@ -40,7 +40,7 @@ jobs:
clj-watson-sha: "65d928c"
clj-watson-tag: "v4.0.1"
database-strategy: github-advisory
aliases: clojure-lsp,test
aliases: clojure-lsp,test
deps-edn-path: deps.edn
suggest-fix: true
output-type: sarif
+3 -3
View File
@@ -9,7 +9,7 @@ on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
branches: [ $default-branch ]
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
@@ -26,7 +26,7 @@ jobs:
- name: Clone repo
uses: actions/checkout@v3
# For Terraform, Cloudrail requires the plan as input. So we generate it using
# For Terraform, Cloudrail requires the plan as input. So we generate it using
# the Terraform core binary.
- uses: hashicorp/setup-terraform@v1
with:
@@ -53,6 +53,6 @@ jobs:
uses: github/codeql-action/upload-sarif@v2
# Remember that if issues are found, Cloudrail return non-zero exit code, so the if: always()
# is needed to ensure the SARIF file is uploaded
if: always()
if: always()
with:
sarif_file: cloudrail_results.sarif
+1 -1
View File
@@ -30,7 +30,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Codacy Security Scan
runs-on: ubuntu-latest
steps:
+3 -3
View File
@@ -48,11 +48,11 @@ jobs:
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
@@ -61,7 +61,7 @@ jobs:
# ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
# If the Autobuild fails above, remove it and uncomment the following three lines.
# If the Autobuild fails above, remove it and uncomment the following three lines.
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
# - run: |
+1 -1
View File
@@ -25,7 +25,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- name: Checkout repository
+4 -4
View File
@@ -8,7 +8,7 @@
# Contrast Scan currently supports Java, JavaScript and .NET artifacts.
# For more information about the Contrast Scan GitHub Action see here: https://github.com/Contrast-Security-OSS/contrastscan-action
# Pre-requisites:
# Pre-requisites:
# All Contrast related account secrets should be configured as GitHub secrets to be passed as inputs to the Contrast Scan Action.
# The required secrets are CONTRAST_API_KEY, CONTRAST_ORGANIZATION_ID and CONTRAST_AUTH_HEADER.
@@ -30,7 +30,7 @@ jobs:
permissions:
contents: read # for actions/checkout
security-events: write # for github/codeql-action/upload-sarif
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
# check out project
steps:
@@ -38,7 +38,7 @@ jobs:
# Since Contrast Scan is designed to run against your deployable artifact, the steps to build your artifact should go here.
# -name: Build Project
# ...
# Scan Artifact
# Scan Artifact
- name: Contrast Scan Action
uses: Contrast-Security-OSS/contrastscan-action@7352a45d9678ec8a434cf061b07ffb51c1e351a1
with:
@@ -46,7 +46,7 @@ jobs:
apiKey: ${{ secrets.CONTRAST_API_KEY }}
orgId: ${{ secrets.CONTRAST_ORGANIZATION_ID }}
authHeader: ${{ secrets.CONTRAST_AUTH_HEADER }}
#Upload the results to GitHub
#Upload the results to GitHub
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
with:
+2 -2
View File
@@ -69,13 +69,13 @@ jobs:
}
}
' 1> gh_response.json
DETEKT_RELEASE_SHA=$(jq --raw-output '.data.repository.release.releaseAssets.tagCommit.oid' gh_response.json)
if [ $DETEKT_RELEASE_SHA != "37f0a1d006977512f1f216506cd695039607c3e5" ]; then
echo "Release tag doesn't match expected commit SHA"
exit 1
fi
DETEKT_DOWNLOAD_URL=$(jq --raw-output '.data.repository.release.releaseAssets.nodes[0].downloadUrl' gh_response.json)
echo "::set-output name=download_url::$DETEKT_DOWNLOAD_URL"
+1 -1
View File
@@ -27,7 +27,7 @@ jobs:
- name: Run DevSkim scanner
uses: microsoft/DevSkim-Action@v1
- name: Upload DevSkim scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
+2 -2
View File
@@ -25,7 +25,7 @@ jobs:
permissions:
contents: read
security-events: write
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v3
@@ -39,7 +39,7 @@ jobs:
run: npx eslint .
--config .eslintrc.js
--ext .js,.jsx,.ts,.tsx
--format @microsoft/eslint-formatter-sarif
--format @microsoft/eslint-formatter-sarif
--output-file eslint-results.sarif
continue-on-error: true
+4 -4
View File
@@ -44,12 +44,12 @@ on:
permissions:
contents: read
jobs:
Trigger_EthicalCheck:
permissions:
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
@@ -61,9 +61,9 @@ jobs:
# The email address to which the penetration test report will be sent.
email: "xxx@apisec.ai"
sarif-result-file: "ethicalcheck-results.sarif"
- name: Upload sarif file to repository
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ./ethicalcheck-results.sarif
+1 -1
View File
@@ -37,7 +37,7 @@ jobs:
# node-version: "16.x"
- uses: jfrog/frogbot@9304d3b1d8e05a1b5fc0ba9ebf9ffbd495386250
- uses: jfrog/frogbot@b92e53d9631139a697cb71d9e70229a70ca56694
env:
# [Mandatory]
# JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
+1 -1
View File
@@ -42,7 +42,7 @@ jobs:
# The full template list with the required GitHub Actions can be found at https://github.com/jfrog/frogbot/tree/master/templates/github-actions/scan-pull-request
- uses: jfrog/frogbot@9304d3b1d8e05a1b5fc0ba9ebf9ffbd495386250
- uses: jfrog/frogbot@b92e53d9631139a697cb71d9e70229a70ca56694
env:
# [Mandatory]
# JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
+1 -1
View File
@@ -27,7 +27,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v3
+1 -1
View File
@@ -29,7 +29,7 @@ jobs:
permissions:
contents: read # for checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
+2 -2
View File
@@ -9,7 +9,7 @@ on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
branches: [ $default-branch ]
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
@@ -21,7 +21,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
+1 -1
View File
@@ -28,7 +28,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Analyze
runs-on: windows-latest
+2 -2
View File
@@ -50,7 +50,7 @@
#
# `restart_scan`
#
# **Required** when restarting an existing scan by its ID. You can get the scan ID in the Scans section on [nexploit.app](https://nexploit.app/login).<br> Please make sure to only use the necessary parameters. Otherwise, you will get a response with the parameter usage requirements.
# **Required** when restarting an existing scan by its ID. You can get the scan ID in the Scans section on [nexploit.app](https://nexploit.app/login).<br> Please make sure to only use the necessary parameters. Otherwise, you will get a response with the parameter usage requirements.
#
# _Example:_ `restart_scan: ai3LG8DmVn9Rn1YeqCNRGQ)`
#
@@ -95,7 +95,7 @@
#
# `hosts_filter`
#
# **Required** when the the discovery type is set to `archive`. Allows selecting specific hosts for a scan.
# **Required** when the the discovery type is set to `archive`. Allows selecting specific hosts for a scan.
#
# Outputs
#
+1 -1
View File
@@ -25,7 +25,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
name: njsscan code scanning
steps:
+1 -1
View File
@@ -27,7 +27,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: windows-latest
steps:
+3 -3
View File
@@ -2,9 +2,9 @@
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# PHPMD is a spin-off project of PHP Depend and
# PHPMD is a spin-off project of PHP Depend and
# aims to be a PHP equivalent of the well known Java tool PMD.
# What PHPMD does is: It takes a given PHP source code base
# What PHPMD does is: It takes a given PHP source code base
# and look for several potential problems within that source.
# These problems can be things like:
# Possible bugs
@@ -34,7 +34,7 @@ jobs:
permissions:
contents: read # for checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
+1 -1
View File
@@ -21,7 +21,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
+5 -5
View File
@@ -16,7 +16,7 @@ on:
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
permissions:
contents: read
@@ -25,7 +25,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: PSScriptAnalyzer
runs-on: ubuntu-latest
steps:
@@ -37,11 +37,11 @@ jobs:
# Check https://github.com/microsoft/action-psscriptanalyzer for more info about the options.
# The below set up runs PSScriptAnalyzer to your entire repository and runs some basic security rules.
path: .\
recurse: true
# Include your own basic security rules. Removing this option will run all the rules
recurse: true
# Include your own basic security rules. Removing this option will run all the rules
includeRule: '"PSAvoidGlobalAliases", "PSAvoidUsingConvertToSecureStringWithPlainText"'
output: results.sarif
# Upload the SARIF file generated in the previous step
- name: Upload SARIF results file
uses: github/codeql-action/upload-sarif@v2
+1 -1
View File
@@ -29,7 +29,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
name: Run Prisma Cloud IaC Scan to check
steps:
@@ -0,0 +1,7 @@
{
"name": "Checkmarx",
"creator": "Checkmarx",
"description": "Beat vulnerabilities with more secure code.Scan your code with Checkmarx One and see results in the GitHub code scanning.",
"iconName": "checkmarx",
"categories": ["Code Scanning", "javascript", "python", "java", "php", "c#", "c", "c++", "ruby", "swift", "go", "json", "kotlin", "apex", "scala", "perl"]
}
+1 -1
View File
@@ -29,7 +29,7 @@ jobs:
permissions:
contents: read # for checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
+2 -2
View File
@@ -4,7 +4,7 @@
# documentation.
# rust-clippy is a tool that runs a bunch of lints to catch common
# mistakes in your Rust code and help improve your Rust code.
# More details at https://github.com/rust-lang/rust-clippy
# More details at https://github.com/rust-lang/rust-clippy
# and https://rust-lang.github.io/rust-clippy/
name: rust-clippy analyze
@@ -25,7 +25,7 @@ jobs:
permissions:
contents: read
security-events: write
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v2
+2 -2
View File
@@ -41,11 +41,11 @@ jobs:
with:
results_file: results.sarif
results_format: sarif
# (Optional) Read-only PAT token. Uncomment the `repo_token` line below if:
# (Optional) "write" PAT token. Uncomment the `repo_token` line below if:
# - you want to enable the Branch-Protection check on a *public* repository, or
# - you are installing Scorecards on a *private* repository
# To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
# repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
# repo_token: ${{ secrets.SCORECARD_TOKEN }}
# Public repositories:
# - Publish results to OpenSSF REST API for easy access by consumers
+3 -3
View File
@@ -24,11 +24,11 @@ jobs:
- uses: actions/checkout@v3
- uses: nuget/setup-nuget@04b0c2b8d1b97922f67eca497d7cf0bf17b8ffe1
- uses: microsoft/setup-msbuild@v1.0.2
- name: Set up projects for analysis
uses: security-code-scan/security-code-scan-add-action@f8ff4f2763ed6f229eded80b1f9af82ae7f32a0d
- name: Restore dependencies
- name: Restore dependencies
run: dotnet restore
- name: Build
+1 -1
View File
@@ -27,7 +27,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Scan
runs-on: ubuntu-latest
steps:
+1 -1
View File
@@ -30,7 +30,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
+1 -1
View File
@@ -29,7 +29,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
+3 -3
View File
@@ -16,7 +16,7 @@ on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
branches: [ $default-branch ]
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
@@ -28,11 +28,11 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v3
- id: run-action
uses: sobelow/action@1afd6d2cae70ae8bd900b58506f54487ed863912
- name: Upload report
+8 -8
View File
@@ -3,7 +3,7 @@
# separate terms of service, privacy policy, and support
# documentation.
# This workflow helps you trigger a SonarCloud analysis of your code and populates
# This workflow helps you trigger a SonarCloud analysis of your code and populates
# GitHub Code Scanning alerts with the vulnerabilities found.
# Free for open source project.
@@ -11,16 +11,16 @@
# 2. Import your project on SonarCloud
# * Add your GitHub organization first, then add your repository as a new project.
# * Please note that many languages are eligible for automatic analysis,
# * Please note that many languages are eligible for automatic analysis,
# which means that the analysis will start automatically without the need to set up GitHub Actions.
# * This behavior can be changed in Administration > Analysis Method.
#
#
# 3. Follow the SonarCloud in-product tutorial
# * a. Copy/paste the Project Key and the Organization Key into the args parameter below
# (You'll find this information in SonarCloud. Click on "Information" at the bottom left)
#
# * b. Generate a new token and add it to your Github repository's secrets using the name SONAR_TOKEN
# (On SonarCloud, click on your avatar on top-right > My account > Security
# (On SonarCloud, click on your avatar on top-right > My account > Security
# or go directly to https://sonarcloud.io/account/security/)
# Feel free to take a look at our documentation (https://docs.sonarcloud.io/getting-started/github/)
@@ -41,9 +41,9 @@ permissions:
jobs:
Analysis:
runs-on: ubuntu-latest
steps:
- name: Analyze with SonarCloud
- name: Analyze with SonarCloud
# You can pin the exact commit or the version.
# uses: SonarSource/sonarcloud-github-action@de2e56b42aa84d0b1c5b622644ac17e505c9a049
@@ -53,7 +53,7 @@ jobs:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # Generate a token on Sonarcloud.io, add it to the secrets of this repo with the name SONAR_TOKEN (Settings > Secrets > Actions > add new repository secret)
with:
# Additional arguments for the sonarcloud scanner
args:
args:
# Unique keys of your project and organization. You can find them in SonarCloud > Information (bottom-left menu)
# mandatory
-Dsonar.projectKey=
@@ -65,4 +65,4 @@ jobs:
# Comma-separated paths to directories containing test source files.
#-Dsonar.tests= # optional. For more info about Code Coverage, please refer to https://docs.sonarcloud.io/enriching/test-coverage/overview/
# Adds more detail to both client and server-side analysis logs, activating DEBUG mode for the scanner, and adding client-side environment variables and system properties to the server-side log of analysis report processing.
#-Dsonar.verbose= # optional, default is false
#-Dsonar.verbose= # optional, default is false
+3 -3
View File
@@ -12,7 +12,7 @@
#
# 2. Navigate to the "Integrate" page in the SOOS app (https://app.soos.io/integrate). Note the "API Credentials" section of this page; the keys you will need for the next step are here.
#
# 3. Set up your SOOS API Key and SOOS Client Id as Github Secrets named SOOS_API_KEY and SOOS_CLIENT_ID.
# 3. Set up your SOOS API Key and SOOS Client Id as Github Secrets named SOOS_API_KEY and SOOS_CLIENT_ID.
#
# 4. (Optional) If you'd like to upload SARIF results of DAST scans to GitHub, set SOOS_GITHUB_PAT with your Github Personal Access Token.
#
@@ -29,12 +29,12 @@ jobs:
soos:
permissions:
security-events: write # for uploading code scanning alert info
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: SOOS DAST Scan
runs-on: ubuntu-latest
steps:
- name: Run SOOS DAST Scan
uses: soos-io/soos-dast-github-action@093de8c09530d4b96f12322adeb74444def866db # Use latest version from https://github.com/marketplace/actions/soos-dast
uses: soos-io/soos-dast-github-action@5b9c65687cee49aee1c776759f25561f908be565 # Use latest version from https://github.com/marketplace/actions/soos-dast
with:
client_id: ${{ secrets.SOOS_CLIENT_ID }}
api_key: ${{ secrets.SOOS_API_KEY }}
+8 -8
View File
@@ -22,11 +22,11 @@ jobs:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Synopsys Intelligent Security Scan
id: prescription
uses: synopsys-sig/intelligent-security-scan@48eedfcd42bc342a294dc495ac452797b2d9ff08
@@ -36,7 +36,7 @@ jobs:
workflowServerUrl: ${{secrets.WORKFLOW_SERVER_URL}}
additionalWorkflowArgs: --polaris.url=${{secrets.POLARIS_SERVER_URL}} --polaris.token=${{secrets.POLARIS_ACCESS_TOKEN}}
stage: "IO"
# Please note that the ID in previous step was set to prescription
# in order for this logic to work also make sure that POLARIS_ACCESS_TOKEN
# is defined in settings
@@ -48,7 +48,7 @@ jobs:
wget -q ${{ secrets.POLARIS_SERVER_URL}}/api/tools/polaris_cli-linux64.zip
unzip -j polaris_cli-linux64.zip -d /tmp
/tmp/polaris analyze -w
# Please note that the ID in previous step was set to prescription
# in order for this logic to work
- name: Software Composition Analysis with Black Duck
@@ -56,7 +56,7 @@ jobs:
uses: blackducksoftware/github-action@9ea442b34409737f64743781e9adc71fd8e17d38
with:
args: '--blackduck.url="${{ secrets.BLACKDUCK_URL}}" --blackduck.api.token="${{ secrets.BLACKDUCK_TOKEN}}" --detect.tools="SIGNATURE_SCAN,DETECTOR"'
- name: Synopsys Intelligent Security Scan
if: ${{ steps.prescription.outputs.sastScan == 'true' || steps.prescription.outputs.scaScan == 'true' }}
uses: synopsys-sig/intelligent-security-scan@48eedfcd42bc342a294dc495ac452797b2d9ff08
@@ -64,11 +64,11 @@ jobs:
ioServerUrl: ${{secrets.IO_SERVER_URL}}
ioServerToken: ${{secrets.IO_SERVER_TOKEN}}
workflowServerUrl: ${{secrets.WORKFLOW_SERVER_URL}}
additionalWorkflowArgs: --IS_SAST_ENABLED=${{steps.prescription.outputs.sastScan}} --IS_SCA_ENABLED=${{steps.prescription.outputs.scaScan}}
--polaris.project.name={{PROJECT_NAME}} --polaris.url=${{secrets.POLARIS_SERVER_URL}} --polaris.token=${{secrets.POLARIS_ACCESS_TOKEN}}
additionalWorkflowArgs: --IS_SAST_ENABLED=${{steps.prescription.outputs.sastScan}} --IS_SCA_ENABLED=${{steps.prescription.outputs.scaScan}}
--polaris.project.name={{PROJECT_NAME}} --polaris.url=${{secrets.POLARIS_SERVER_URL}} --polaris.token=${{secrets.POLARIS_ACCESS_TOKEN}}
--blackduck.project.name={{PROJECT_NAME}}:{{PROJECT_VERSION}} --blackduck.url=${{secrets.BLACKDUCK_URL}} --blackduck.api.token=${{secrets.BLACKDUCK_TOKEN}}
stage: "WORKFLOW"
- name: Upload SARIF file
if: ${{steps.prescription.outputs.sastScan == 'true' }}
uses: github/codeql-action/upload-sarif@v2
+3 -3
View File
@@ -24,7 +24,7 @@ jobs:
checks: write # for sysdiglabs/scan-action to publish the checks
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
@@ -39,7 +39,7 @@ jobs:
id: scan
uses: sysdiglabs/scan-action@768d7626a14897e0948ea89c8437dd46a814b163
with:
# Tag of the image to analyse.
# Tag of the image to analyse.
# Change ${{ github.repository }} variable by another image name if you want but don't forget changing also image-tag above
image-tag: ${{ github.repository }}:latest
# API token for Sysdig Scanning auth
@@ -47,7 +47,7 @@ jobs:
# Sysdig secure endpoint. Please read: https://docs.sysdig.com/en/docs/administration/saas-regions-and-ip-ranges/
# US-East https://secure.sysdig.com
# US-West https://us2.app.sysdig.com
# EU https://eu1.app.sysdig.com
# EU https://eu1.app.sysdig.com
sysdig-secure-url: https://us2.app.sysdig.com
dockerfile-path: ./Dockerfile
input-type: docker-daemon
+3 -3
View File
@@ -9,7 +9,7 @@ on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
branches: [ $default-branch ]
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
@@ -29,10 +29,10 @@ jobs:
- name: Run tfsec
uses: aquasecurity/tfsec-sarif-action@9a83b5c3524f825c020e356335855741fd02745f
with:
sarif_file: tfsec.sarif
sarif_file: tfsec.sarif
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
with:
# Path to SARIF file relative to the root of the repository
sarif_file: tfsec.sarif
sarif_file: tfsec.sarif
+1 -1
View File
@@ -22,7 +22,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Build
runs-on: "ubuntu-18.04"
steps:
+1 -1
View File
@@ -27,7 +27,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
+1 -1
View File
@@ -51,7 +51,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
+6 -7
View File
@@ -3,16 +3,16 @@
# separate terms of service, privacy policy, and support
# documentation.
#
# The zimperium-zscan GitHub action scans your mobile app binary (iOS or Android)
# The zimperium-zscan GitHub action scans your mobile app binary (iOS or Android)
# and identifies security, privacy, and compliance-related vulnerabilities.
#
# Prerequisites:
# Prerequisites:
# * An active Zimperium zScan account is required. If you are not an existing Zimperium
# zScan customer, please request a zSCAN demo by visiting https://www.zimperium.com/contact-us.
# * Either GitHub Advanced Security (GHAS) or a public repository is required to display
# issues and view the remediation information inside of GitHub code scanning alerts.
# * Either GitHub Advanced Security (GHAS) or a public repository is required to display
# issues and view the remediation information inside of GitHub code scanning alerts.
#
# For additional information and setup instructions
# For additional information and setup instructions
# please visit: https://github.com/Zimperium/zScanMarketplace#readme
name: "Zimperium zScan"
@@ -33,7 +33,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout repository
uses: actions/checkout@v3
@@ -58,4 +58,3 @@ jobs:
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: Zimperium.sarif
+16 -16
View File
@@ -3,7 +3,7 @@
#
# To use this workflow, you will need to complete the following set-up steps:
#
# 1. Create an ACR repository to store your container images.
# 1. Create an ACR repository to store your container images.
# You can use ACR EE instance for more security and better performance.
# For instructions see https://www.alibabacloud.com/help/doc-detail/142168.htm
#
@@ -14,7 +14,7 @@
# 3. Store your AccessKey pair in GitHub Actions secrets named `ACCESS_KEY_ID` and `ACCESS_KEY_SECRET`.
# For instructions on setting up secrets see: https://developer.github.com/actions/managing-workflows/storing-secrets/
#
# 4. Change the values for the REGION_ID, REGISTRY, NAMESPACE, IMAGE, ACK_CLUSTER_ID, and ACK_DEPLOYMENT_NAME.
# 4. Change the values for the REGION_ID, REGISTRY, NAMESPACE, IMAGE, ACK_CLUSTER_ID, and ACK_DEPLOYMENT_NAME.
#
name: Build and Deploy to ACK
@@ -46,12 +46,12 @@ jobs:
build:
runs-on: ubuntu-latest
environment: production
steps:
- name: Checkout
uses: actions/checkout@v3
# 1.1 Login to ACR
# 1.1 Login to ACR
- name: Login to ACR with the AccessKey pair
uses: aliyun/acr-login@v1
with:
@@ -59,13 +59,13 @@ jobs:
access-key-id: "${{ secrets.ACCESS_KEY_ID }}"
access-key-secret: "${{ secrets.ACCESS_KEY_SECRET }}"
# 1.2 Buid and push image to ACR
- name: Build and push image to ACR
# 1.2 Buid and push image to ACR
- name: Build and push image to ACR
run: |
docker build --tag "$REGISTRY/$NAMESPACE/$IMAGE:$TAG" .
docker push "$REGISTRY/$NAMESPACE/$IMAGE:$TAG"
# 1.3 Scan image in ACR
docker build --tag "$REGISTRY/$NAMESPACE/$IMAGE:$TAG" .
docker push "$REGISTRY/$NAMESPACE/$IMAGE:$TAG"
# 1.3 Scan image in ACR
- name: Scan image in ACR
uses: aliyun/acr-scan@v1
with:
@@ -75,7 +75,7 @@ jobs:
repository: "${{ env.NAMESPACE }}/${{ env.IMAGE }}"
tag: "${{ env.TAG }}"
# 2.1 (Optional) Login to ACR EE
# 2.1 (Optional) Login to ACR EE
- uses: actions/checkout@v3
- name: Login to ACR EE with the AccessKey pair
uses: aliyun/acr-login@v1
@@ -86,12 +86,12 @@ jobs:
access-key-secret: "${{ secrets.ACCESS_KEY_SECRET }}"
instance-id: "${{ env.ACR_EE_INSTANCE_ID }}"
# 2.2 (Optional) Build and push image ACR EE
- name: Build and push image to ACR EE
# 2.2 (Optional) Build and push image ACR EE
- name: Build and push image to ACR EE
run: |
docker build -t "$ACR_EE_REGISTRY/$ACR_EE_NAMESPACE/$ACR_EE_IMAGE:$TAG" .
docker push "$ACR_EE_REGISTRY/$ACR_EE_NAMESPACE/$ACR_EE_IMAGE:$TAG"
# 2.3 (Optional) Scan image in ACR EE
# 2.3 (Optional) Scan image in ACR EE
- name: Scan image in ACR EE
uses: aliyun/acr-scan@v1
with:
@@ -102,7 +102,7 @@ jobs:
repository: "${{ env.ACR_EE_NAMESPACE}}/${{ env.ACR_EE_IMAGE }}"
tag: "${{ env.ACR_EE_TAG }}"
# 3.1 Set ACK context
# 3.1 Set ACK context
- name: Set K8s context
uses: aliyun/ack-set-context@v1
with:
+1 -1
View File
@@ -75,7 +75,7 @@ jobs:
# be deployed to ECS.
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT
- name: Fill in the new image ID in the Amazon ECS task definition
id: task-def
+1 -1
View File
@@ -11,7 +11,7 @@
# 2. Create a secret in your repository named AZURE_WEBAPP_PUBLISH_PROFILE, paste the publish profile contents as the value of the secret.
# For instructions on obtaining the publish profile see: https://docs.microsoft.com/azure/app-service/deploy-github-actions#configure-the-github-secret
#
# 3. Create a GitHub Personal access token with "repo" and "read:packages" permissions.
# 3. Create a GitHub Personal access token with "repo" and "read:packages" permissions.
#
# 4. Create three app settings on your Azure Web app:
# DOCKER_REGISTRY_SERVER_URL: Set this to "https://ghcr.io"
+1 -1
View File
@@ -43,7 +43,7 @@ jobs:
uses: actions/setup-dotnet@v2
with:
dotnet-version: ${{ env.DOTNET_VERSION }}
- name: Set up dependency caching for faster builds
uses: actions/cache@v3
with:
+1 -1
View File
@@ -63,7 +63,7 @@ jobs:
environment:
name: 'Development'
url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
steps:
- name: Download artifact from build job
uses: actions/download-artifact@v3
+1 -1
View File
@@ -70,7 +70,7 @@ jobs:
name: node-app
- name: 'Deploy to Azure WebApp'
id: deploy-to-webapp
id: deploy-to-webapp
uses: azure/webapps-deploy@v2
with:
app-name: ${{ env.AZURE_WEBAPP_NAME }}
+4 -4
View File
@@ -51,15 +51,15 @@ jobs:
- name: Install dependencies
run: pip install -r requirements.txt
# Optional: Add step to run tests here (PyTest, Django test suites, etc.)
- name: Upload artifact for deployment jobs
uses: actions/upload-artifact@v3
with:
name: python-app
path: |
.
.
!venv/
deploy:
@@ -77,7 +77,7 @@ jobs:
with:
name: python-app
path: .
- name: 'Deploy to Azure Web App'
id: deploy-to-webapp
uses: azure/webapps-deploy@v2
+6 -6
View File
@@ -2,12 +2,12 @@
#
# To configure this workflow:
#
# 1. Ensure that your repository contains the necessary configuration for your Tencent Kubernetes Engine cluster,
# 1. Ensure that your repository contains the necessary configuration for your Tencent Kubernetes Engine cluster,
# including deployment.yml, kustomization.yml, service.yml, etc.
#
# 2. Set up secrets in your workspace:
# 2. Set up secrets in your workspace:
# - TENCENT_CLOUD_SECRET_ID with Tencent Cloud secret id
# - TENCENT_CLOUD_SECRET_KEY with Tencent Cloud secret key
# - TENCENT_CLOUD_SECRET_KEY with Tencent Cloud secret key
# - TENCENT_CLOUD_ACCOUNT_ID with Tencent Cloud account id
# - TKE_REGISTRY_PASSWORD with TKE registry password
#
@@ -38,10 +38,10 @@ jobs:
- name: Checkout
uses: actions/checkout@v3
# Build
- name: Build Docker image
run: |
run: |
docker build -t ${TKE_IMAGE_URL}:${GITHUB_SHA} .
- name: Login TKE Registry
@@ -65,7 +65,7 @@ jobs:
secret_key: ${{ secrets.TENCENT_CLOUD_SECRET_KEY }}
tke_region: ${{ env.TKE_REGION }}
cluster_id: ${{ env.TKE_CLUSTER_ID }}
- name: Switch to TKE context
run: |
kubectl config use-context ${TKE_CLUSTER_ID}-context-default
+72 -13
View File
@@ -1,14 +1,73 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Generator: Adobe Illustrator 24.2.3, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
viewBox="0 0 128 128" style="enable-background:new 0 0 128 128;" xml:space="preserve">
<style type="text/css">
.st0{fill:#54B848;}
</style>
<path class="st0" d="M98.3,72.1c-4.2,0-7.7,3.4-7.7,7.7v2.9c0,4.2-3.4,7.5-7.5,7.5H44.9c-4.2,0-7.5-3.4-7.5-7.5v-37
c0-4.2,3.4-7.5,7.5-7.5H83c1,0,1.8,0,2.5,0h0.1c1.9,0.5,3,1.6,3.6,3c0.7,1.6,1.2,3.9-1.4,6.1L65.9,63.2l-6.7-8.5
c-2.6-3.3-7.4-4-10.8-1.4c-3.3,2.6-4,7.4-1.4,10.8l11.2,14.5c2.5,3.3,7.2,4,10.6,1.5l25.4-18.6c0.3-0.2,3.6-2.8,3.9-3.1
c7.6-6.8,9.2-15.6,6.1-23.3c-3.2-7.8-11.4-12.7-21.3-12.7H44.9C32.3,22.4,22,32.7,22,45.3v37.3c0,12.6,10.3,22.9,22.9,22.9h38.2
c12.6,0,22.9-10.2,22.9-22.9v-2.9C106,75.5,102.6,72.1,98.3,72.1z M95.1,39c-0.2-0.1-0.3-0.1-0.5-0.2C94.8,38.9,94.9,38.9,95.1,39
L95.1,39z"/>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
version="1.1"
id="svg888"
width="326.66666"
height="332"
viewBox="0 0 326.66666 332"
sodipodi:docname="logo.svg"
inkscape:version="1.1.1 (3bf5ae0d25, 2021-09-20)"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg">
<defs
id="defs892" />
<sodipodi:namedview
id="namedview890"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageshadow="2"
inkscape:pageopacity="0.0"
inkscape:pagecheckerboard="0"
showgrid="false"
inkscape:zoom="0.62650602"
inkscape:cx="-14.365385"
inkscape:cy="108.53846"
inkscape:window-width="1278"
inkscape:window-height="1008"
inkscape:window-x="1913"
inkscape:window-y="0"
inkscape:window-maximized="0"
inkscape:current-layer="g894" />
<g
inkscape:groupmode="layer"
inkscape:label="Image"
id="g894">
<g
id="g1071"
transform="translate(3.1923058,7.9807692)">
<path
style="fill:#de97a7;stroke-width:0.666667"
d="M 21.174633,318.70543 C 7.5554998,314.35173 -0.16630266,302.27313 0.88225798,286.96369 1.307963,280.7482 3.0561977,275.79769 6.4656402,271.15309 7.8855765,269.21875 25.304936,253.83037 49.75681,232.90937 c 22.503362,-19.25386 41.213995,-35.56532 41.579195,-36.2477 1.023873,-1.91312 0.7818,-5.47089 -0.50618,-7.43939 C 90.190085,188.24453 71.516665,171.933 49.333332,152.97444 25.277137,132.41527 7.9562052,117.1246 6.4135672,115.08549 3.0206443,110.60062 1.6308778,107.25325 0.59008405,101.05915 -1.0532723,91.278987 1.8126922,82.110747 8.6597532,75.244227 19.411462,64.461955 35.987306,63.137219 47.999999,72.100167 c 2.380565,1.776193 15.943097,16.995253 38.666666,43.389423 19.249995,22.3595 35.591755,41.07141 36.315005,41.58202 1.99887,1.4112 5.85794,1.14306 8.22663,-0.57161 1.13967,-0.825 32.10508,-34.05 68.812,-73.833333 36.70693,-39.783334 67.99383,-73.4679857 69.52645,-74.854783 11.84466,-10.717692 31.20357,-10.0490691 42.44224,1.4658807 2.02272,2.0724483 4.57767,5.5577703 5.67767,7.7451613 1.88495,3.748295 1.99797,4.418095 1.96461,11.643741 -0.0422,9.148671 -1.32946,13.175748 -6.19769,19.389295 -1.70514,2.176345 -36.30127,34.553385 -76.88028,71.948968 -58.22422,53.65654 -73.87271,68.414 -74.21963,69.99353 -0.70455,3.20777 0.19453,5.59219 3.19499,8.47334 1.54257,1.48123 19.60467,17.00967 40.138,34.50765 20.53334,17.49797 38.4706,33.06086 39.86059,34.58419 1.39,1.52333 3.75595,5.22836 5.25767,8.23339 2.47221,4.94704 2.76155,6.05917 3.05977,11.76058 0.2704,5.16953 0.076,7.13098 -1.08574,10.95582 -1.57728,5.19284 -5.73539,11.38417 -9.64197,14.35668 -3.6752,2.79644 -10.24662,5.62336 -15.0386,6.46938 -7.49554,1.32332 -17.42847,-1.38625 -23.32448,-6.3626 -1.23535,-1.04266 -17.969,-20.12805 -37.18587,-42.41197 -19.21687,-22.28392 -35.59789,-40.97717 -36.40224,-41.54057 -1.66309,-1.16487 -5.31593,-1.3477 -7.16413,-0.35857 -0.68422,0.36618 -16.96452,18.89118 -36.178468,41.16667 -19.21394,22.27548 -36.170893,41.61289 -37.682111,42.97201 -7.271808,6.53993 -19.301542,8.99059 -28.966448,5.90097 z"
id="path1085" />
<path
style="fill:#96a8d6;stroke-width:0.666667"
d="M 21.174633,318.70543 C 7.5554998,314.35173 -0.16630266,302.27313 0.88225798,286.96369 1.307789,280.75074 3.0560946,275.79783 6.4608654,271.1596 7.8747092,269.23356 25.462395,253.69753 50.02247,232.67957 c 22.654722,-19.3874 41.356535,-35.7965 41.559575,-36.46469 0.203046,-0.66819 0.436806,-2.65141 0.51946,-4.40716 0.12378,-2.62909 -0.136547,-3.46623 -1.475607,-4.7451 C 89.731652,186.20857 71.143892,170.22526 49.319768,151.54415 27.495641,132.86303 8.6729178,116.35803 7.4914952,114.86636 5.139144,111.89628 2.0168196,105.64735 2.0065126,103.88889 2.0029306,103.27778 1.65,102.66111 1.2222222,102.51852 0.25813211,102.19715 0.13555608,90.093947 1.0897823,89.441347 1.4447182,89.198607 2.2569273,87.608 2.8946916,85.906667 5.4542554,79.078647 10.244351,73.831333 17.028378,70.423907 28.520751,64.651618 42.46551,67.094767 51.412048,76.448 c 1.693294,1.770267 17.255391,19.718667 34.582437,39.88533 17.327045,20.16667 32.726825,37.93937 34.221735,39.4949 3.06622,3.19053 5.81326,4.03881 9.32546,2.87968 1.80133,-0.59449 16.04925,-15.63636 66.20986,-69.89937 35.15304,-38.02803 66.57621,-71.909012 69.82927,-75.29107 6.20411,-6.4501147 10.30249,-9.4702242 14.75252,-10.8711716 1.46666,-0.4617331 2.86527,-1.146041 3.10801,-1.5206843 0.63636,-0.98214631 12.74741,-0.89267545 13.07717,0.096608 C 296.66111,1.65 297.30485,2 297.94907,2 c 2.2936,0 9.28512,4.0805734 12.62586,7.3690327 4.26608,4.1993223 6.413,7.8417103 7.78982,13.2160043 2.03732,7.95241 -0.79119,19.270905 -6.43318,25.742882 -1.2457,1.428954 -35.32346,33.128741 -75.72837,70.443971 -40.4049,37.31523 -73.75392,68.38861 -74.10893,69.05196 -0.76771,1.43447 0.15753,7.19293 1.40345,8.73483 0.45959,0.56875 18.53561,16.15471 40.16894,34.63545 21.63334,18.48073 40.4706,34.84736 41.86059,36.37027 1.39,1.52291 3.75595,5.2276 5.25767,8.23263 2.47221,4.94704 2.76155,6.05917 3.05977,11.76058 0.2704,5.16953 0.076,7.13098 -1.08574,10.95582 -1.57728,5.19284 -5.73539,11.38417 -9.64197,14.35668 -3.6752,2.79644 -10.24662,5.62336 -15.0386,6.46938 -7.49554,1.32332 -17.42847,-1.38625 -23.32448,-6.3626 -1.23535,-1.04266 -17.969,-20.12805 -37.18587,-42.41197 -19.21687,-22.28392 -35.59789,-40.97717 -36.40224,-41.54057 -1.66309,-1.16487 -5.31593,-1.3477 -7.16413,-0.35857 -0.68422,0.36618 -16.96452,18.89118 -36.178468,41.16667 -19.21394,22.27548 -36.170893,41.61289 -37.682111,42.97201 -7.271808,6.53993 -19.301542,8.99059 -28.966448,5.90097 z"
id="path1083" />
<path
style="fill:#cc7088;stroke-width:0.666667"
d="M 20.809439,317.44176 C 11.259316,314.04587 3.4968918,304.90991 2.214937,295.55703 c -0.2155774,-1.5728 -0.652129,-2.69885 -0.9701146,-2.50233 -0.31798569,0.19653 -0.57815575,-1.32809 -0.57815575,-3.38803 0,-2.32714 0.25243966,-3.58934 0.66666665,-3.33334 C 1.7071159,286.56435 2,286.04171 2,285.14371 c 0,-2.06438 2.1213054,-8.2234 3.7408445,-10.86122 2.56302,-4.1745 5.6149135,-6.92969 45.0253925,-40.64804 22.128568,-18.93251 40.758761,-35.3657 41.400428,-36.5182 1.352453,-2.42914 1.489633,-5.01134 0.393986,-7.41604 -0.42498,-0.93272 -19.165839,-17.46019 -41.64636,-36.72772 C 28.433771,133.70497 8.9967371,116.66671 7.7208845,115.1097 5.2569412,112.10279 2.0173715,105.74153 2.0065126,103.88889 2.0029306,103.27778 1.65,102.66111 1.2222222,102.51852 0.25813211,102.19715 0.13555608,90.093947 1.0897823,89.441347 1.4447182,89.198607 2.2569273,87.608 2.8946916,85.906667 5.4542554,79.078647 10.244351,73.831333 17.028378,70.423907 28.520751,64.651618 42.46551,67.094767 51.412048,76.448 c 1.693294,1.770267 17.255391,19.718667 34.582437,39.88533 17.327045,20.16667 32.726825,37.93937 34.221735,39.4949 3.06622,3.19053 5.81326,4.03881 9.32546,2.87968 1.80133,-0.59449 16.04925,-15.63636 66.20986,-69.89937 35.15304,-38.02803 66.57621,-71.909012 69.82927,-75.29107 6.20411,-6.4501147 10.30249,-9.4702242 14.75252,-10.8711716 1.46666,-0.4617331 2.86527,-1.146041 3.10801,-1.5206843 0.63636,-0.98214631 12.74741,-0.89267545 13.07717,0.096608 C 296.66111,1.65 297.30485,2 297.94907,2 c 2.2936,0 9.28512,4.0805734 12.62586,7.3690327 4.26608,4.1993223 6.413,7.8417103 7.78982,13.2160043 2.03732,7.95241 -0.79119,19.270905 -6.43318,25.742882 -1.2457,1.428954 -35.35214,33.155214 -75.79209,70.502811 -46.37375,42.82764 -73.91898,68.72632 -74.58811,70.12949 -1.37217,2.87747 -0.77742,6.12327 1.62002,8.84119 1.00573,1.14018 18.77861,16.54058 39.49527,34.22311 20.71667,17.68254 38.8282,33.23579 40.24784,34.56277 9.55343,8.92995 12.66505,23.73685 7.41119,35.26686 -4.63078,10.16261 -17.61471,17.632 -28.82909,16.58479 -4.47747,-0.41811 -10.7774,-2.67157 -14.55675,-5.2069 -1.28341,-0.86095 -18.54288,-20.35269 -38.35439,-43.31496 -19.8115,-22.96227 -36.76204,-42.08727 -37.66788,-42.5 -2.35752,-1.07415 -4.9528,-0.92761 -7.3716,0.41625 -1.15494,0.64167 -17.44674,19.01667 -36.204022,40.83334 -18.757279,21.81666 -35.507653,40.98882 -37.223052,42.60478 -1.715399,1.61597 -5.068907,3.85952 -7.45224,4.98567 -3.839228,1.81408 -5.131504,2.06979 -11.333333,2.24262 -5.523889,0.15393 -7.743094,-0.0692 -10.523894,-1.05798 z"
id="path1081" />
<path
style="fill:#6b85c7;stroke-width:0.666667"
d="M 20.809439,317.44176 C 11.259316,314.04587 3.4968918,304.90991 2.214937,295.55703 c -0.2155774,-1.5728 -0.652129,-2.69885 -0.9701146,-2.50233 -0.31798569,0.19653 -0.57815575,-1.32809 -0.57815575,-3.38803 0,-2.32714 0.25243966,-3.58934 0.66666665,-3.33334 C 1.7071159,286.56435 2,286.04171 2,285.14371 c 0,-2.06438 2.1213054,-8.2234 3.7408445,-10.86122 2.56302,-4.1745 5.6149135,-6.92969 45.0253925,-40.64804 22.128568,-18.93251 40.773521,-35.37038 41.433228,-36.5286 0.73724,-1.29434 1.115806,-3.06925 0.98238,-4.60585 l -0.21708,-2.5 h 33.763175 33.76316 l 0.36231,2.70121 c 0.19927,1.48566 1.06377,3.5698 1.92111,4.63144 0.85735,1.06163 18.65881,16.53482 39.55881,34.38488 20.9,17.85006 39.16153,33.54091 40.58117,34.86856 9.5544,8.93531 12.66504,23.73807 7.41119,35.26806 -4.63078,10.16261 -17.61471,17.632 -28.82909,16.58479 -4.47747,-0.41811 -10.7774,-2.67157 -14.55675,-5.2069 -1.28341,-0.86095 -18.54288,-20.35269 -38.35439,-43.31496 -19.8115,-22.96227 -36.76204,-42.08727 -37.66788,-42.5 -2.35752,-1.07415 -4.9528,-0.92761 -7.3716,0.41625 -1.15494,0.64167 -17.44674,19.01667 -36.204022,40.83334 -18.757279,21.81666 -35.507653,40.98882 -37.223052,42.60478 -1.715399,1.61597 -5.068907,3.85952 -7.45224,4.98567 -3.839228,1.81408 -5.131504,2.06979 -11.333333,2.24262 -5.523889,0.15393 -7.743094,-0.0692 -10.523894,-1.05798 z M 91.914958,187.54934 C 91.411731,186.93481 72.549999,170.61484 49.999999,151.28273 4.4924434,112.26912 4.4624331,112.23837 2.3331219,102.4444 1.668497,99.387393 1.4029056,98.846127 1.297258,100.33333 c -0.1065237,1.49954 -0.2525694,1.20761 -0.58364508,-1.166663 -0.2428634,-1.741667 -0.2428634,-4.591667 0,-6.333334 0.33997078,-2.43806 0.47887128,-2.706493 0.60368888,-1.166666 0.1402001,1.729593 0.2413319,1.594393 0.748,-1 1.6146118,-8.267607 8.1540402,-16.300867 16.4174792,-20.1678 8.508916,-3.981802 19.248794,-3.138034 27.506681,2.16104 2.454337,1.57494 12.783111,13.112806 39.435583,44.051923 38.443515,44.62656 37.779735,43.96094 42.884105,43.00336 1.22224,-0.2293 3.02712,-1.05001 4.01085,-1.82381 0.98373,-0.77381 32.81601,-34.95044 70.73839,-75.948087 68.35823,-73.9016437 68.99122,-74.5615863 73.77903,-76.9209589 2.65608,-1.3088843 6.17924,-2.6414925 7.82924,-2.9613515 2.59052,-0.5021827 2.72701,-0.6036898 1,-0.7436807 -1.56371,-0.1267536 -1.32211,-0.2570135 1.10752,-0.5971259 1.70914,-0.23925377 4.70914,-0.24140931 6.66667,-0.004793 2.32126,0.28058546 2.86354,0.482583 1.55914,0.5807789 -1.69925,0.1279216 -1.4946,0.2733463 1.36097,0.9670904 5.68837,1.3819575 9.78413,3.7825289 14.39236,8.4355247 6.48056,6.543511 8.55855,12.809868 7.26131,21.897017 -0.72441,5.074471 -2.31556,9.408242 -4.88063,13.293289 -0.80704,1.222334 -34.16734,32.39909 -74.134,69.281687 -39.96667,36.8826 -74.05966,68.5075 -75.7622,70.27758 l -3.09552,3.21832 H 126.4861 c -30.678909,0 -33.737115,-0.0988 -34.571142,-1.11733 z"
id="path1079" />
<path
style="fill:#cf687f;stroke-width:0.666667"
d="m 189.20446,243.5 c -0.93315,-1.24973 -5.46726,-1.50667 -9.70446,-0.54995 -1.44116,0.32541 -2.16667,0.2404 -2.16667,-0.25387 0,-0.54499 -0.36806,-0.54611 -1.38059,-0.004 -0.99364,0.53178 -1.95555,0.53843 -3.43202,0.0237 -1.29288,-0.4507 -2.33136,-0.48282 -2.80844,-0.0869 -0.467,0.38758 -1.13152,0.39139 -1.73464,0.01 -1.42481,-0.90114 -8.44282,-0.77588 -9.97015,0.17796 -1.09356,0.68294 -1.45496,0.61538 -2.20657,-0.4125 -0.77478,-1.05958 -1.09159,-1.10882 -2.29574,-0.35682 -1.09542,0.68411 -1.60619,0.69871 -2.36655,0.0677 -0.5333,-0.4426 -1.45833,-0.61719 -2.05563,-0.38799 -2.2422,0.86041 -4.25357,-0.51663 -10.02813,-6.86554 -3.26569,-3.5905 -6.564,-6.89256 -7.32958,-7.3379 -0.76558,-0.44534 -2.88714,-0.82034 -4.71459,-0.83333 l -3.32262,-0.0238 -7.18729,7.3836 c -6.86023,7.0476 -7.30144,7.37535 -9.69595,7.20246 -1.37977,-0.0996 -2.87128,0.043 -3.31446,0.31688 -0.4432,0.2739 -1.8228,0.2172 -3.0658,-0.126 -1.295109,-0.3576 -2.650909,-0.3764 -3.175622,-0.044 -1.531787,0.97027 -2.582293,0.67211 -2.582293,-0.73294 0,-1.53542 -1.01642,-1.78745 -1.554427,-0.38543 -0.254887,0.66422 -1.124187,0.86424 -2.90466,0.66835 -2.84084,-0.31256 -8.361293,-0.46185 -8.874246,-0.23999 -0.183334,0.0793 -2.058334,0.19797 -4.166667,0.26374 -3.30608,0.10313 -3.833333,-0.0473 -3.833333,-1.09355 0,-0.66722 -0.3,-1.21312 -0.666667,-1.21312 -0.366666,0 -0.666666,0.45 -0.666666,1 0,1.06718 -1.73852,1.40174 -2.111114,0.40626 -0.12464,-0.33301 -1.682266,-0.36887 -3.547164,-0.0817 -3.01838,0.46484 -12.728495,-0.66091 -14.351263,-1.66383 -0.311243,-0.19236 -1.04488,0.33027 -1.630305,1.16141 -0.798781,1.13404 -1.197798,1.29755 -1.598915,0.65524 -0.318442,-0.50993 -1.025583,-0.66747 -1.749356,-0.38974 -3.85705,1.4801 7.853612,-9.55504 33.654783,-31.71342 5.683333,-4.88092 10.873093,-9.81186 11.5328,-10.95766 0.7395,-1.2844 1.11622,-3.04195 0.98238,-4.58327 l -0.21708,-2.5 h 33.850945 33.85095 v 1.73258 c 0,3.64745 2.15908,6.12307 14.80348,16.97381 26.14078,22.43263 37.86319,33.14988 37.86319,34.61657 0,1.09056 -1.37671,1.47097 -2.36253,0.65281 -0.76318,-0.63339 -1.2001,-0.6154 -2.04294,0.0841 -0.9047,0.75083 -1.19739,0.71852 -1.87402,-0.20683 -0.54757,-0.74884 -1.42325,-0.99257 -2.76119,-0.76853 -3.73953,0.62619 -9.2985,0.7136 -10.38931,0.16336 -0.71624,-0.36129 -1.38053,-0.21115 -1.91497,0.4328 -1.06767,1.28648 -1.72002,1.24414 -2.78391,-0.18067 z M 91.914958,187.54934 C 91.411731,186.93481 72.549999,170.61484 49.999999,151.28273 4.4924434,112.26912 4.4624331,112.23837 2.3331219,102.4444 1.668497,99.387393 1.4029056,98.846127 1.297258,100.33333 c -0.1065237,1.49954 -0.2525694,1.20761 -0.58364508,-1.166663 -0.2428634,-1.741667 -0.2428634,-4.591667 0,-6.333334 0.33997078,-2.43806 0.47887128,-2.706493 0.60368888,-1.166666 0.1402001,1.729593 0.2413319,1.594393 0.748,-1 1.6146118,-8.267607 8.1540402,-16.300867 16.4174792,-20.1678 8.508916,-3.981802 19.248794,-3.138034 27.506681,2.16104 2.454337,1.57494 12.783111,13.112806 39.435583,44.051923 38.443515,44.62656 37.779735,43.96094 42.884105,43.00336 1.22224,-0.2293 3.02712,-1.05001 4.01085,-1.82381 0.98373,-0.77381 32.81601,-34.95044 70.73839,-75.948087 68.35823,-73.9016437 68.99122,-74.5615863 73.77903,-76.9209589 2.65608,-1.3088843 6.17924,-2.6414925 7.82924,-2.9613515 2.59052,-0.5021827 2.72701,-0.6036898 1,-0.7436807 -1.56371,-0.1267536 -1.32211,-0.2570135 1.10752,-0.5971259 1.70914,-0.23925377 4.70914,-0.24140931 6.66667,-0.004793 2.32126,0.28058546 2.86354,0.482583 1.55914,0.5807789 -1.69925,0.1279216 -1.4946,0.2733463 1.36097,0.9670904 5.68837,1.3819575 9.78413,3.7825289 14.39236,8.4355247 6.48056,6.543511 8.55855,12.809868 7.26131,21.897017 -0.72441,5.074471 -2.31556,9.408242 -4.88063,13.293289 -0.80704,1.222334 -34.16734,32.39909 -74.134,69.281687 -39.96667,36.8826 -74.05966,68.5075 -75.7622,70.27758 l -3.09552,3.21832 H 126.4861 c -30.678909,0 -33.737115,-0.0988 -34.571142,-1.11733 z"
id="path1077" />
<path
style="fill:#7080be;stroke-width:0.666667"
d="m 189.20446,243.5 c -0.93315,-1.24973 -5.46726,-1.50667 -9.70446,-0.54995 -1.44116,0.32541 -2.16667,0.2404 -2.16667,-0.25387 0,-0.54499 -0.36806,-0.54611 -1.38059,-0.004 -0.99364,0.53178 -1.95555,0.53843 -3.43202,0.0237 -1.29288,-0.4507 -2.33136,-0.48282 -2.80844,-0.0869 -0.467,0.38758 -1.13152,0.39139 -1.73464,0.01 -1.42481,-0.90114 -8.44282,-0.77588 -9.97015,0.17796 -1.09356,0.68294 -1.45496,0.61538 -2.20657,-0.4125 -0.77478,-1.05958 -1.09159,-1.10882 -2.29574,-0.35682 -1.09542,0.68411 -1.60619,0.69871 -2.36655,0.0677 -0.5333,-0.4426 -1.45833,-0.61719 -2.05563,-0.38799 -2.2422,0.86041 -4.25357,-0.51663 -10.02813,-6.86554 -3.26569,-3.5905 -6.564,-6.89256 -7.32958,-7.3379 -0.76558,-0.44534 -2.88714,-0.82034 -4.71459,-0.83333 l -3.32262,-0.0238 -7.18729,7.3836 c -6.86023,7.0476 -7.30144,7.37535 -9.69595,7.20246 -1.37977,-0.0996 -2.87128,0.043 -3.31446,0.31688 -0.4432,0.2739 -1.8228,0.2172 -3.0658,-0.126 -1.295109,-0.3576 -2.650909,-0.3764 -3.175622,-0.044 -1.531787,0.97027 -2.582293,0.67211 -2.582293,-0.73294 0,-1.53542 -1.01642,-1.78745 -1.554427,-0.38543 -0.254887,0.66422 -1.124187,0.86424 -2.90466,0.66835 -2.84084,-0.31256 -8.361293,-0.46185 -8.874246,-0.23999 -0.183334,0.0793 -2.058334,0.19797 -4.166667,0.26374 -3.30608,0.10313 -3.833333,-0.0473 -3.833333,-1.09355 0,-0.66722 -0.3,-1.21312 -0.666667,-1.21312 -0.366666,0 -0.666666,0.45 -0.666666,1 0,1.06718 -1.73852,1.40174 -2.111114,0.40626 -0.12464,-0.33301 -1.682266,-0.36887 -3.547164,-0.0817 -3.01838,0.46484 -12.728495,-0.66091 -14.351263,-1.66383 -0.311243,-0.19236 -1.04488,0.33027 -1.630305,1.16141 -0.798781,1.13404 -1.197798,1.29755 -1.598915,0.65524 -0.318442,-0.50993 -1.025583,-0.66747 -1.749356,-0.38974 -3.85705,1.4801 7.853612,-9.55504 33.654783,-31.71342 5.683333,-4.88092 10.873093,-9.81186 11.5328,-10.95766 0.7395,-1.2844 1.11622,-3.04195 0.98238,-4.58327 l -0.21708,-2.5 h 33.850945 33.85095 v 1.73258 c 0,3.64745 2.15908,6.12307 14.80348,16.97381 26.14078,22.43263 37.86319,33.14988 37.86319,34.61657 0,1.09056 -1.37671,1.47097 -2.36253,0.65281 -0.76318,-0.63339 -1.2001,-0.6154 -2.04294,0.0841 -0.9047,0.75083 -1.19739,0.71852 -1.87402,-0.20683 -0.54757,-0.74884 -1.42325,-0.99257 -2.76119,-0.76853 -3.73953,0.62619 -9.2985,0.7136 -10.38931,0.16336 -0.71624,-0.36129 -1.38053,-0.21115 -1.91497,0.4328 -1.06767,1.28648 -1.72002,1.24414 -2.78391,-0.18067 z"
id="path1075" />
<path
style="fill:#717ebb;stroke-width:0.666667"
d="m 164.36892,207.48061 c -0.19289,-0.19349 -13.03128,-0.9833 -15.36892,-0.94548 -0.73334,0.0119 -3.16638,0.19749 -5.40676,0.41251 -3.46643,0.33269 -4.33286,0.18687 -5.81447,-0.97857 -1.43635,-1.12982 -1.99223,-1.23508 -3.17624,-0.60141 -0.78935,0.42245 -5.0271,0.90487 -9.41721,1.07205 -7.04049,0.2681 -8.08238,0.16672 -8.83276,-0.85948 -0.76626,-1.04792 -1.21998,-1.08081 -4.56956,-0.33121 -2.70464,0.60527 -4.0856,0.63595 -5.06372,0.11247 -0.89404,-0.47847 -2.58798,-0.52482 -5.05308,-0.13826 -2.039509,0.31983 -3.826049,0.39081 -3.970089,0.15774 -0.144046,-0.23306 -2.0096,-0.4949 -4.145673,-0.58186 -6.571893,-0.26752 -6.723386,-0.45292 -3.332453,-4.0781 3.242433,-3.46642 4.644413,-7.8786 3.096213,-9.74407 C 92.603791,190.12096 96.732798,190 126.66279,190 c 33.96731,0 34.1574,0.008 33.80649,1.34947 -0.79348,3.03427 0.84139,5.82768 6.49574,11.09894 l 5.5975,5.21826 h -4.00406 c -2.20223,0 -4.08752,-0.0837 -4.18954,-0.18606 z"
id="path1073" />
</g>
</g>
</svg>

Before

Width:  |  Height:  |  Size: 1016 B

After

Width:  |  Height:  |  Size: 18 KiB

+19 -8
View File
@@ -38,14 +38,14 @@ jobs:
id: detect-package-manager
run: |
if [ -f "${{ github.workspace }}/yarn.lock" ]; then
echo "::set-output name=manager::yarn"
echo "::set-output name=command::install"
echo "::set-output name=runner::yarn"
echo "manager=yarn" >> $GITHUB_OUTPUT
echo "command=install" >> $GITHUB_OUTPUT
echo "runner=yarn" >> $GITHUB_OUTPUT
exit 0
elif [ -f "${{ github.workspace }}/package.json" ]; then
echo "::set-output name=manager::npm"
echo "::set-output name=command::ci"
echo "::set-output name=runner::npx --no-install"
echo "manager=npm" >> $GITHUB_OUTPUT
echo "command=ci" >> $GITHUB_OUTPUT
echo "runner=npx --no-install" >> $GITHUB_OUTPUT
exit 0
else
echo "Unable to determine packager manager"
@@ -57,9 +57,20 @@ jobs:
node-version: "16"
cache: ${{ steps.detect-package-manager.outputs.manager }}
cache-dependency-path: ${{ env.BUILD_PATH }}/package-lock.json
- run: npm install && npm run build
- name: Setup Pages
id: pages
uses: actions/configure-pages@v2
- name: Install dependencies
run: ${{ steps.detect-package-manager.outputs.manager }} ${{ steps.detect-package-manager.outputs.command }}
working-directory: ${{ env.BUILD_PATH }}
- uses: actions/upload-pages-artifact@v1
- name: Build with Astro
run: |
${{ steps.detect-package-manager.outputs.runner }} astro build \
--site "${{ steps.pages.outputs.origin }}" \
--base "${{ steps.pages.outputs.base_path }}"
working-directory: ${{ env.BUILD_PATH }}
- name: Upload artifact
uses: actions/upload-pages-artifact@v1
with:
path: ${{ env.BUILD_PATH }}/dist
+5 -5
View File
@@ -39,12 +39,12 @@ jobs:
id: detect-package-manager
run: |
if [ -f "${{ github.workspace }}/yarn.lock" ]; then
echo "::set-output name=manager::yarn"
echo "::set-output name=command::install"
echo "manager=yarn" >> $GITHUB_OUTPUT
echo "command=install" >> $GITHUB_OUTPUT
exit 0
elif [ -f "${{ github.workspace }}/package.json" ]; then
echo "::set-output name=manager::npm"
echo "::set-output name=command::ci"
echo "manager=npm" >> $GITHUB_OUTPUT
echo "command=ci" >> $GITHUB_OUTPUT
exit 0
else
echo "Unable to determine packager manager"
@@ -53,7 +53,7 @@ jobs:
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: "16"
node-version: "18"
cache: ${{ steps.detect-package-manager.outputs.manager }}
- name: Setup Pages
id: pages
+6 -6
View File
@@ -34,14 +34,14 @@ jobs:
id: detect-package-manager
run: |
if [ -f "${{ github.workspace }}/yarn.lock" ]; then
echo "::set-output name=manager::yarn"
echo "::set-output name=command::install"
echo "::set-output name=runner::yarn"
echo "manager=yarn" >> $GITHUB_OUTPUT
echo "command=install" >> $GITHUB_OUTPUT
echo "runner=yarn" >> $GITHUB_OUTPUT
exit 0
elif [ -f "${{ github.workspace }}/package.json" ]; then
echo "::set-output name=manager::npm"
echo "::set-output name=command::ci"
echo "::set-output name=runner::npx --no-install"
echo "manager=npm" >> $GITHUB_OUTPUT
echo "command=ci" >> $GITHUB_OUTPUT
echo "runner=npx --no-install" >> $GITHUB_OUTPUT
exit 0
else
echo "Unable to determine packager manager"
+4 -4
View File
@@ -34,12 +34,12 @@ jobs:
id: detect-package-manager
run: |
if [ -f "${{ github.workspace }}/yarn.lock" ]; then
echo "::set-output name=manager::yarn"
echo "::set-output name=command::install"
echo "manager=yarn" >> $GITHUB_OUTPUT
echo "command=install" >> $GITHUB_OUTPUT
exit 0
elif [ -f "${{ github.workspace }}/package.json" ]; then
echo "::set-output name=manager::npm"
echo "::set-output name=command::ci"
echo "manager=npm" >> $GITHUB_OUTPUT
echo "command=ci" >> $GITHUB_OUTPUT
exit 0
else
echo "Unable to determine packager manager"