Merge branch 'starter_workflow_new_exp' into starter_workflow_new_exp
This commit is contained in:
@@ -0,0 +1,3 @@
|
||||
# Add 'code-scanning' label to any changes within 'code-scanning' folder or any subfolders
|
||||
code-scanning:
|
||||
- code-scanning/**/*
|
||||
@@ -0,0 +1,16 @@
|
||||
name: "Pull Request Labeler"
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: write
|
||||
|
||||
on:
|
||||
- pull_request_target
|
||||
|
||||
jobs:
|
||||
triage:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/labeler@v3
|
||||
with:
|
||||
repo-token: "${{ secrets.GITHUB_TOKEN }}"
|
||||
+1
-1
@@ -1,3 +1,3 @@
|
||||
* @actions/actions-experience
|
||||
* @actions/starter-workflows
|
||||
|
||||
/code-scanning/ @actions/advanced-security-code-scanning
|
||||
|
||||
@@ -10,8 +10,9 @@ These are the workflow files for helping people get started with GitHub Actions.
|
||||
|
||||
<img src="https://d3vv6lp55qjaqc.cloudfront.net/items/353A3p3Y2x3c2t2N0c01/Image%202019-08-27%20at%203.25.07%20PM.png" max-width="75%"/>
|
||||
|
||||
**Directory structure:**
|
||||
* [ci](ci): solutions for Continuous Integration
|
||||
### Directory structure
|
||||
|
||||
* [ci](ci): solutions for Continuous Integration and Deployments
|
||||
* [automation](automation): solutions for automating workflows.
|
||||
* [code-scanning](code-scanning): starter workflows for [Code Scanning](https://github.com/features/security)
|
||||
* [icons](icons): svg icons for the relevant template
|
||||
@@ -20,8 +21,28 @@ Each workflow must be written in YAML and have a `.yml` extension. They also nee
|
||||
|
||||
For example: `ci/django.yml` and `ci/properties/django.properties.json`.
|
||||
|
||||
**Valid properties:**
|
||||
* `name`: the name shown in onboarding
|
||||
### Valid properties
|
||||
|
||||
* `name`: the name shown in onboarding. This property is unique within the repository.
|
||||
* `description`: the description shown in onboarding
|
||||
* `iconName`: the icon name in the relevant folder, for example `django` should have an icon `icons/django.svg`. Only SVG is supported at this time
|
||||
* `categories`: the categories that it will be shown under
|
||||
* `iconName`: the icon name in the relevant folder, for example, `django` should have an icon `icons/django.svg`. Only SVG is supported at this time. Another option is to use [octicon](https://primer.style/octicons/). The format to use an octicon is `octicon <<icon name>>`. Example: `octicon person`
|
||||
* `creator`: creator of the template shown in onboarding. All the workflow templates from an author will have the same `creator` field.
|
||||
* `categories`: the categories that it will be shown under. Choose at least one category from the list [here](#categories). Further, choose the categories from the list of languages available [here](https://github.com/github/linguist/blob/master/lib/linguist/languages.yml). When a user views the available templates, those templates that match the same language will feature more prominently.
|
||||
|
||||
### Categories
|
||||
* continuous-integration
|
||||
* deployment
|
||||
* testing
|
||||
* code-quality
|
||||
* code-review
|
||||
* dependency-management
|
||||
* monitoring
|
||||
* Automation
|
||||
* utilities
|
||||
|
||||
### Variables
|
||||
These variables can be placed in the starter workflow and will be substituted as detailed below:
|
||||
|
||||
* `$default-branch`: will substitute the branch from the repository, for example `main` and `master`
|
||||
* `$protected-branches`: will substitue any protected branches from the repository.
|
||||
* `$cron-daily`: will substitute a valid but random time within the day
|
||||
|
||||
@@ -18,6 +18,7 @@ jobs:
|
||||
with:
|
||||
java-version: '11'
|
||||
distribution: 'adopt'
|
||||
cache: gradle
|
||||
|
||||
- name: Grant execute permission for gradlew
|
||||
run: chmod +x gradlew
|
||||
|
||||
+4
-12
@@ -3,7 +3,7 @@
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# This workflow will install Deno and run tests across stable and canary builds on Windows, Ubuntu and macOS.
|
||||
# This workflow will install Deno then run Deno lint and test.
|
||||
# For more information see: https://github.com/denoland/setup-deno
|
||||
|
||||
name: Deno
|
||||
@@ -16,12 +16,7 @@ on:
|
||||
|
||||
jobs:
|
||||
test:
|
||||
runs-on: ${{ matrix.os }} # runs a test on Ubuntu, Windows and macOS
|
||||
|
||||
strategy:
|
||||
matrix:
|
||||
deno: ["v1.x", "canary"]
|
||||
os: [macOS-latest, windows-latest, ubuntu-latest]
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Setup repo
|
||||
@@ -29,9 +24,9 @@ jobs:
|
||||
|
||||
- name: Setup Deno
|
||||
# uses: denoland/setup-deno@v1
|
||||
uses: denoland/setup-deno@4a4e59637fa62bd6c086a216c7e4c5b457ea9e79
|
||||
uses: denoland/setup-deno@004814556e37c54a2f6e31384c9e18e9833173669
|
||||
with:
|
||||
deno-version: ${{ matrix.deno }} # tests across multiple Deno versions
|
||||
deno-version: v1.x
|
||||
|
||||
# Uncomment this step to verify the use of 'deno fmt' on each commit.
|
||||
# - name: Verify formatting
|
||||
@@ -40,8 +35,5 @@ jobs:
|
||||
- name: Run linter
|
||||
run: deno lint
|
||||
|
||||
- name: Cache dependencies
|
||||
run: deno cache deps.ts
|
||||
|
||||
- name: Run tests
|
||||
run: deno test -A --unstable
|
||||
|
||||
@@ -16,7 +16,7 @@ jobs:
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v2
|
||||
with:
|
||||
go-version: 1.16
|
||||
go-version: 1.17
|
||||
|
||||
- name: Build
|
||||
run: go build -v ./...
|
||||
|
||||
+2
-1
@@ -1,4 +1,4 @@
|
||||
# This workflow will build a Java project with Gradle
|
||||
# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-gradle
|
||||
|
||||
name: Java CI with Gradle
|
||||
@@ -21,6 +21,7 @@ jobs:
|
||||
with:
|
||||
java-version: '11'
|
||||
distribution: 'adopt'
|
||||
cache: gradle
|
||||
- name: Grant execute permission for gradlew
|
||||
run: chmod +x gradlew
|
||||
- name: Build with Gradle
|
||||
|
||||
@@ -0,0 +1,28 @@
|
||||
name: NodeJS with Grunt
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
strategy:
|
||||
matrix:
|
||||
node-version: [12.x, 14.x, 16.x]
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
- name: Use Node.js ${{ matrix.node-version }}
|
||||
uses: actions/setup-node@v1
|
||||
with:
|
||||
node-version: ${{ matrix.node-version }}
|
||||
|
||||
- name: Build
|
||||
run: |
|
||||
npm install
|
||||
grunt
|
||||
+28
@@ -0,0 +1,28 @@
|
||||
name: NodeJS with Gulp
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
strategy:
|
||||
matrix:
|
||||
node-version: [12.x, 14.x, 16.x]
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
- name: Use Node.js ${{ matrix.node-version }}
|
||||
uses: actions/setup-node@v1
|
||||
with:
|
||||
node-version: ${{ matrix.node-version }}
|
||||
|
||||
- name: Build
|
||||
run: |
|
||||
npm install
|
||||
gulp
|
||||
+1
-1
@@ -26,7 +26,7 @@ jobs:
|
||||
platform: ${{ 'iOS Simulator' }}
|
||||
run: |
|
||||
# xcrun xctrace returns via stderr, not the expected stdout (see https://developer.apple.com/forums/thread/663959)
|
||||
device=`xcrun xctrace list devices 2>&1 | grep -oE 'iPhone.*?[^\(]+' | head -1 | awk '{$1=$1;print}'``
|
||||
device=`xcrun xctrace list devices 2>&1 | grep -oE 'iPhone.*?[^\(]+' | head -1 | awk '{$1=$1;print}'`
|
||||
if [ $scheme = default ]; then scheme=$(cat default); fi
|
||||
if [ "`ls -A | grep -i \\.xcworkspace\$`" ]; then filetype_parameter="workspace" && file_to_build="`ls -A | grep -i \\.xcworkspace\$`"; else filetype_parameter="project" && file_to_build="`ls -A | grep -i \\.xcodeproj\$`"; fi
|
||||
file_to_build=`echo $file_to_build | awk '{$1=$1;print}'`
|
||||
|
||||
+2
-1
@@ -1,4 +1,4 @@
|
||||
# This workflow will build a Java project with Maven
|
||||
# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
|
||||
|
||||
name: Java CI with Maven
|
||||
@@ -21,5 +21,6 @@ jobs:
|
||||
with:
|
||||
java-version: '11'
|
||||
distribution: 'adopt'
|
||||
cache: maven
|
||||
- name: Build with Maven
|
||||
run: mvn -B package --file pom.xml
|
||||
|
||||
+2
-1
@@ -1,4 +1,4 @@
|
||||
# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node
|
||||
# This workflow will do a clean install of node dependencies, cache/restore them, build the source code and run tests across different versions of node
|
||||
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
|
||||
|
||||
name: Node.js CI
|
||||
@@ -25,6 +25,7 @@ jobs:
|
||||
uses: actions/setup-node@v2
|
||||
with:
|
||||
node-version: ${{ matrix.node-version }}
|
||||
cache: 'npm'
|
||||
- run: npm ci
|
||||
- run: npm run build --if-present
|
||||
- run: npm test
|
||||
|
||||
+3
-3
@@ -14,7 +14,7 @@ jobs:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/setup-node@v2
|
||||
with:
|
||||
node-version: 12
|
||||
node-version: 14
|
||||
- run: npm ci
|
||||
- run: npm test
|
||||
|
||||
@@ -25,7 +25,7 @@ jobs:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/setup-node@v2
|
||||
with:
|
||||
node-version: 12
|
||||
node-version: 14
|
||||
registry-url: https://registry.npmjs.org/
|
||||
- run: npm ci
|
||||
- run: npm publish
|
||||
@@ -42,7 +42,7 @@ jobs:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/setup-node@v2
|
||||
with:
|
||||
node-version: 12
|
||||
node-version: 14
|
||||
registry-url: $registry-url(npm)
|
||||
- run: npm ci
|
||||
- run: npm publish
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
{
|
||||
"name": "Simple workflow",
|
||||
"description": "Start with a file with the minimum necessary structure.",
|
||||
"creator": "GitHub",
|
||||
"iconName": "blank",
|
||||
"categories": null
|
||||
}
|
||||
|
||||
@@ -2,5 +2,5 @@
|
||||
"name": "Ruby Gem",
|
||||
"description": "Pushes a Ruby Gem to RubyGems and GitHub Package Registry.",
|
||||
"iconName": "ruby-gems",
|
||||
"categories": ["Continuous integration", "Ruby", "SDLC"]
|
||||
"categories": ["Continuous integration", "Ruby"]
|
||||
}
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
"name": "Grunt",
|
||||
"description": "Build a NodeJS project with npm and grunt.",
|
||||
"iconName": "grunt",
|
||||
"categories": ["JavaScript", "TypeScript", "npm", "Grunt"]
|
||||
}
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
"name": "Gulp",
|
||||
"description": "Build a NodeJS project with npm and gulp.",
|
||||
"iconName": "gulp",
|
||||
"categories": ["JavaScript", "TypeScript", "npm", "Gulp"]
|
||||
}
|
||||
@@ -2,5 +2,5 @@
|
||||
"name": "Node.js",
|
||||
"description": "Build and test a Node.js project with npm.",
|
||||
"iconName": "nodejs",
|
||||
"categories": ["Continuous integration", "JavaScript", "Node", "Npm"]
|
||||
"categories": ["Continuous integration", "JavaScript", "npm"]
|
||||
}
|
||||
|
||||
@@ -2,5 +2,5 @@
|
||||
"name": "Publish Node.js Package",
|
||||
"description": "Publishes a Node.js package to npm and GitHub Packages.",
|
||||
"iconName": "node-package-transparent",
|
||||
"categories": ["Continuous integration", "JavaScript", "SDLC"]
|
||||
"categories": ["Continuous integration", "JavaScript", "npm"]
|
||||
}
|
||||
|
||||
@@ -3,5 +3,5 @@
|
||||
"description": "Set up Terraform CLI in your GitHub Actions workflow.",
|
||||
"creator": "HashiCorp",
|
||||
"iconName": "terraform",
|
||||
"categories": null
|
||||
"categories": ["Deployment"]
|
||||
}
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
"name": "Webpack",
|
||||
"description": "Build a NodeJS project with npm and webpack.",
|
||||
"iconName": "webpack",
|
||||
"categories": ["JavaScript", "TypeScript", "npm", "Webpack"]
|
||||
}
|
||||
+3
-3
@@ -9,10 +9,10 @@ jobs:
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: Set up Python 3.8
|
||||
uses: actions/setup-python@v1
|
||||
- name: Set up Python 3.9
|
||||
uses: actions/setup-python@v2
|
||||
with:
|
||||
python-version: 3.8
|
||||
python-version: 3.9
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
python -m pip install --upgrade pip
|
||||
|
||||
@@ -16,7 +16,7 @@ on:
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: macOS-latest
|
||||
runs-on: macos-latest
|
||||
strategy:
|
||||
matrix:
|
||||
r-version: [3.5, 3.6]
|
||||
|
||||
+2
-2
@@ -43,7 +43,7 @@ jobs:
|
||||
|
||||
- name: Login TKE Registry
|
||||
run: |
|
||||
docker login -u ${{ secrets.TENCENT_CLOUD_ACCOUNT_ID }} -p ${{ secrets.TKE_REGISTRY_PASSWORD }} ${TKE_IMAGE_URL}
|
||||
docker login -u ${{ secrets.TENCENT_CLOUD_ACCOUNT_ID }} -p '${{ secrets.TKE_REGISTRY_PASSWORD }}' ${TKE_IMAGE_URL}
|
||||
|
||||
# Push the Docker image to TKE Registry
|
||||
- name: Publish
|
||||
@@ -73,4 +73,4 @@ jobs:
|
||||
./kustomize edit set image ${TKE_IMAGE_URL}:${GITHUB_SHA}
|
||||
./kustomize build . | kubectl apply -f -
|
||||
kubectl rollout status deployment/${DEPLOYMENT_NAME}
|
||||
kubectl get services -o wide
|
||||
kubectl get services -o wide
|
||||
|
||||
@@ -0,0 +1,28 @@
|
||||
name: NodeJS with Webpack
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
strategy:
|
||||
matrix:
|
||||
node-version: [12.x, 14.x, 16.x]
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
- name: Use Node.js ${{ matrix.node-version }}
|
||||
uses: actions/setup-node@v1
|
||||
with:
|
||||
node-version: ${{ matrix.node-version }}
|
||||
|
||||
- name: Build
|
||||
run: |
|
||||
npm install
|
||||
npx webpack
|
||||
@@ -0,0 +1,38 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
name: flawfinder
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
# The branches below must be a subset of the branches above
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
jobs:
|
||||
flawfinder:
|
||||
name: Flawfinder
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
actions: read
|
||||
contents: read
|
||||
security-events: write
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
|
||||
- name: flawfinder_scan
|
||||
uses: david-a-wheeler/flawfinder@8e4a779ad59dbfaee5da586aa9210853b701959c
|
||||
with:
|
||||
arguments: '--sarif ./'
|
||||
output: 'flawfinder_results.sarif'
|
||||
|
||||
- name: Upload analysis results to GitHub Security tab
|
||||
uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
sarif_file: ${{github.workspace}}/flawfinder_results.sarif
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"name": "DevSkim",
|
||||
"creator": "Microsoft CST-E",
|
||||
"description": "DevSkim is security linter that highlights common security issues in source code.",
|
||||
"description": "DevSkim is a security linter that highlights common security issues in source code.",
|
||||
"iconName": "cst-logo",
|
||||
"categories": ["Code Scanning", "C", "C#", "C++", "Go", "Java", "JavaScript", "TypeScript", "Python", "Powershell", "Cobol", "Objective C", "PHP", "Ruby", "Rust", "SQL", "Swift", "Visual Basic"]
|
||||
}
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Flawfinder",
|
||||
"creator": "David A. Wheeler",
|
||||
"description": "Flawfinder is a simple program that scans C/C++ source code and reports potential security flaws.",
|
||||
"iconName": "flawfinder",
|
||||
"categories": [ "Code Scanning", "C", "C++" ]
|
||||
}
|
||||
@@ -0,0 +1,24 @@
|
||||
{
|
||||
"name": "StackHawk",
|
||||
"creator": "StackHawk",
|
||||
"description": "Integrate dynamic application security testing (DAST) and API security testing into your CI pipeline with StackHawk",
|
||||
"iconName": "stackhawk",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"C",
|
||||
"C#",
|
||||
"C++",
|
||||
"Go",
|
||||
"Java",
|
||||
"JavaScript",
|
||||
"Kotlin",
|
||||
"Objective C",
|
||||
"PHP",
|
||||
"Python",
|
||||
"Ruby",
|
||||
"Rust",
|
||||
"Scala",
|
||||
"Swift",
|
||||
"TypeScript"
|
||||
]
|
||||
}
|
||||
@@ -0,0 +1,57 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# 🦅 STACKHAWK https://stackhawk.com
|
||||
|
||||
# The StackHawk HawkScan action makes it easy to integrate dynamic application security testing (DAST) into your
|
||||
# CI pipeline. See the Getting Started guide (https://docs.stackhawk.com/hawkscan/) to get up and running with
|
||||
# StackHawk quickly.
|
||||
|
||||
# To use this workflow, you must:
|
||||
#
|
||||
# 1. Create an API Key and Application: Sign up for a free StackHawk account to obtain an API Key and
|
||||
# create your first app and configuration file at https://app.stackhawk.com.
|
||||
#
|
||||
# 2. Save your API Key as a Secret: Save your API key as a GitHub Secret named HAWK_API_KEY.
|
||||
#
|
||||
# 3. Add your Config File: Add your stackhawk.yml configuration file to the base of your repository directory.
|
||||
#
|
||||
# 4. Set the Scan Failure Threshold: Add the hawk.failureThreshold configuration option
|
||||
# (https://docs.stackhawk.com/hawkscan/configuration/#hawk) to your stackhawk.yml configuration file. If your scan
|
||||
# produces alerts that meet or exceed the hawk.failureThreshold alert level, the scan will return exit code 42
|
||||
# and trigger a Code Scanning alert with a link to your scan results.
|
||||
#
|
||||
# 5. Update the "Start your service" Step: Update the "Start your service" step in the StackHawk workflow below to
|
||||
# start your service so that it can be scanned with the "Run HawkScan" step.
|
||||
|
||||
|
||||
name: "StackHawk"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
jobs:
|
||||
stackhawk:
|
||||
name: StackHawk
|
||||
runs-on: ubuntu-20.04
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
|
||||
- name: Start your service
|
||||
run: ./your-service.sh & # ✏️ Update this to run your own service to be scanned
|
||||
|
||||
- name: Run HawkScan
|
||||
uses: stackhawk/hawkscan-action@4c3258cd62248dac6d9fe91dd8d45928c697dee0
|
||||
continue-on-error: true # ✏️ Set to false to break your build on scan errors
|
||||
with:
|
||||
apiKey: ${{ secrets.HAWK_API_KEY }}
|
||||
codeScanningAlerts: true
|
||||
githubToken: ${{ github.token }}
|
||||
@@ -0,0 +1,16 @@
|
||||
<svg width="28" height="28" viewBox="0 0 28 28" fill="none" xmlns="http://www.w3.org/2000/svg">
|
||||
<circle cx="14" cy="14" r="14" fill="#C4C4C4"/>
|
||||
<mask id="mask0" mask-type="alpha" maskUnits="userSpaceOnUse" x="0" y="0" width="28" height="28">
|
||||
<circle cx="14" cy="14" r="14" fill="#CCCCCC"/>
|
||||
</mask>
|
||||
<g mask="url(#mask0)">
|
||||
<path d="M16 17V11M22 6H16V11M16 11H20" stroke="black" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
|
||||
<path d="M12 17V11M6 6H12V11M12 11H8" stroke="black" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
|
||||
<circle cx="14" cy="30" r="14" fill="#333333"/>
|
||||
<circle cx="17" cy="21" r="2" fill="white"/>
|
||||
<circle cx="17" cy="21" r="1" fill="black"/>
|
||||
<circle cx="11" cy="21" r="2" fill="white"/>
|
||||
<circle cx="11" cy="21" r="1" fill="black"/>
|
||||
<path d="M11.5 25C11.5 25 12.5 25.5 14 25.5C15.5 25.5 16.5 25 16.5 25" stroke="white" stroke-linecap="round"/>
|
||||
</g>
|
||||
</svg>
|
||||
|
After Width: | Height: | Size: 912 B |
@@ -0,0 +1,17 @@
|
||||
<svg width="512" height="512" viewBox="0 0 512 512" fill="none" xmlns="http://www.w3.org/2000/svg">
|
||||
<path d="M142.382 149.093C144.738 151.049 146.789 152.888 148.745 154.537L256 92.576L362.053 153.736L368.393 148.292L256 83.4551L142.382 149.093Z" fill="#576573"/>
|
||||
<path d="M405.441 278.437C402.863 279.72 400.22 280.869 397.522 281.878V337.617L326.82 378.39C328.871 378.932 330.237 379.168 330.237 379.168C327.881 382.326 322.036 384.683 317.275 386.238L321.989 390.433L405.394 342.283L405.441 278.437Z" fill="#576573"/>
|
||||
<path d="M273.888 502.643L299.106 488.078L284.564 478.25L280.747 480.442C278.906 487.973 276.615 495.386 273.888 502.643Z" fill="#576573"/>
|
||||
<path d="M181.74 379.168C181.74 379.168 183.13 378.909 185.18 378.39L114.596 337.617V282.75C111.956 281.83 109.293 280.77 106.701 279.568V342.189L191.991 391.423L197.058 386.71C192.156 385.484 184.426 382.868 181.74 379.168Z" fill="#576573"/>
|
||||
<path d="M114.36 123.476C117.377 126.398 120.394 129.226 123.34 131.984L256 55.3396L387.294 131.159C390.248 128.409 393.233 125.566 396.25 122.627L256 41.6699L114.36 123.476Z" fill="#576573"/>
|
||||
<path d="M441.618 245.913C437.96 250.748 434.026 255.368 429.834 259.748V356.237L340.278 407.922C343.13 410.845 345.934 413.838 348.55 416.831L441.618 363.072V245.913Z" fill="#576573"/>
|
||||
<path d="M100.031 109.145L257.673 18.2419L411.733 107.189C415.504 103.206 419.133 99.1993 422.574 95.1927L257.602 0L89.001 97.3374C92.5832 101.203 96.2598 105.186 100.031 109.145Z" fill="#576573"/>
|
||||
<path d="M200.876 460.974L51.7174 374.855V175.042C46.3912 169.291 41.0178 162.692 35.9272 156.022V383.976L200.145 478.791C200.051 473.229 200.357 467.078 200.876 460.974Z" fill="#576573"/>
|
||||
<path d="M463.628 168.797V374.855L314.352 461.045C314.871 467.172 315.154 473.324 315.059 478.886L479.442 383.976V148.575C474.493 155.363 469.096 162.386 463.628 168.797Z" fill="#576573"/>
|
||||
<path d="M205.33 427.247L200.333 424.372L183.412 428.331L203.326 439.832C204.151 434.6 204.811 430.24 205.33 427.247Z" fill="#576573"/>
|
||||
<path d="M173.845 409.053L82.356 356.236V262.08C78.1683 257.92 74.2334 253.513 70.5723 248.882V363.071L165.69 418.009C168.212 415.039 170.993 412.022 173.845 409.053Z" fill="#576573"/>
|
||||
<path d="M241.27 502.549C238.561 495.291 236.286 487.877 234.459 480.348L230.712 478.203L216.171 488.055L241.27 502.549Z" fill="#576573"/>
|
||||
<path d="M312.561 423.854L309.498 425.622C309.969 428.238 310.723 432.692 311.548 438.136L329.506 427.766L312.561 423.854Z" fill="#576573"/>
|
||||
<path d="M250.486 259.629C252.843 264.72 255.459 269.952 257.91 275.279C260.267 269.952 262.883 264.72 265.357 259.629C282.397 224.277 290.999 203.772 269.081 192.436L268.115 191.705C264.556 188.17 261.044 186.379 257.91 186.379C253.947 186.744 250.289 188.658 247.729 191.705L246.739 192.436C224.845 203.772 233.423 224.3 250.486 259.629Z" fill="#00CBC6"/>
|
||||
<path d="M488.139 105.445C437.492 188.312 330.237 227.506 330.237 227.506C519.059 115.697 511.965 3.27625 511.965 3.27625C444.28 130.64 330.661 199.507 288.994 221.52C286.449 234.176 279.567 248.435 272.497 263.071C268.844 270.636 265.073 278.484 261.585 286.639L257.956 295.076L254.327 286.639C250.862 278.579 247.068 270.754 243.415 263.071C236.769 249.283 230.264 235.826 227.413 223.759C189.705 204.456 70.2416 135.283 0.0343264 3.25269C0.0343264 3.25269 -7.0359 115.674 181.763 227.482C181.763 227.482 74.5545 188.288 23.861 105.422C23.861 105.422 59.9898 214.732 168.895 239.479C168.895 239.479 100.172 238.583 61.121 198.116C61.121 198.116 58.8821 246.785 163.686 254.115C163.686 254.115 112.168 266.606 86.9509 243.697C86.9509 243.697 88.2 268.397 165.289 270.754C165.289 270.754 199.273 268.397 220.884 283.481C220.201 311.15 226.658 339.833 233.139 361.256C232.008 362.034 231.678 367.502 193.334 379.616C193.334 380.205 217.915 386.192 229.864 374.903C232.432 377.613 202.031 385.909 173.514 421.592C173.844 420.177 210.821 408.11 236.887 396.491C237.17 396.326 217.632 415.747 213.673 473.631C214.333 473.442 225.739 454.776 243.651 434.036C242.396 460.732 247.131 487.371 257.508 512V421.851V512C267.476 488.447 272.235 463.017 271.46 437.453C287.698 456.803 297.903 473.442 298.539 473.631C294.58 415.747 274.972 396.326 275.325 396.491C301.249 408.11 338.368 420.06 338.698 421.592C310.205 385.909 279.567 377.613 282.301 374.926C294.25 386.145 318.948 380.158 318.854 379.64C280.062 367.384 280.18 361.94 279.002 361.256C285.506 339.88 292.011 311.197 291.398 283.481C313.033 268.444 346.781 270.895 346.781 270.895C423.87 268.538 425.12 243.839 425.12 243.839C399.902 266.747 348.384 254.256 348.384 254.256C453.188 246.926 450.949 198.258 450.949 198.258C411.828 238.583 343.199 239.479 343.199 239.479C452.01 214.732 488.139 105.445 488.139 105.445Z" fill="#00CBC6"/>
|
||||
</svg>
|
||||
|
After Width: | Height: | Size: 4.6 KiB |
@@ -19,6 +19,8 @@ interface WorkflowProperties {
|
||||
iconName?: string;
|
||||
|
||||
categories: string[] | null;
|
||||
|
||||
creator?: string;
|
||||
}
|
||||
|
||||
interface WorkflowsCheckResult {
|
||||
@@ -28,12 +30,14 @@ interface WorkflowsCheckResult {
|
||||
|
||||
async function checkWorkflows(
|
||||
folders: string[],
|
||||
enabledActions: string[]
|
||||
enabledActions: string[],
|
||||
partners: string[]
|
||||
): Promise<WorkflowsCheckResult> {
|
||||
const result: WorkflowsCheckResult = {
|
||||
compatibleWorkflows: [],
|
||||
incompatibleWorkflows: [],
|
||||
};
|
||||
const partnersSet = new Set(partners.map((x) => x.toLowerCase()));
|
||||
|
||||
for (const folder of folders) {
|
||||
const dir = await fs.readdir(folder, {
|
||||
@@ -51,11 +55,10 @@ async function checkWorkflows(
|
||||
));
|
||||
const iconName: string | undefined = workflowProperties["iconName"];
|
||||
|
||||
const isBlankTemplate = workflowId === "blank";
|
||||
const partnerWorkflow = workflowProperties.categories === null;
|
||||
const isPartnerWorkflow = workflowProperties.creator ? partnersSet.has(workflowProperties.creator.toLowerCase()) : false;
|
||||
|
||||
const enabled =
|
||||
(isBlankTemplate || !partnerWorkflow) &&
|
||||
!isPartnerWorkflow &&
|
||||
(await checkWorkflow(workflowFilePath, enabledActions));
|
||||
|
||||
const workflowDesc: WorkflowDesc = {
|
||||
@@ -90,7 +93,6 @@ async function checkWorkflow(
|
||||
): Promise<boolean> {
|
||||
// Create set with lowercase action names for easier, case-insensitive lookup
|
||||
const enabledActionsSet = new Set(enabledActions.map((x) => x.toLowerCase()));
|
||||
|
||||
try {
|
||||
const workflowFileContent = await fs.readFile(workflowPath, "utf8");
|
||||
const workflow = safeLoad(workflowFileContent);
|
||||
@@ -126,7 +128,8 @@ async function checkWorkflow(
|
||||
|
||||
const result = await checkWorkflows(
|
||||
settings.folders,
|
||||
settings.enabledActions
|
||||
settings.enabledActions,
|
||||
settings.partners
|
||||
);
|
||||
|
||||
console.group(
|
||||
|
||||
@@ -16,5 +16,15 @@
|
||||
"actions/starter-workflows",
|
||||
"actions/upload-artifact",
|
||||
"actions/upload-release-asset"
|
||||
],
|
||||
"partners": [
|
||||
"Alibaba Cloud",
|
||||
"Amazon Web Services",
|
||||
"Microsoft Azure",
|
||||
"Google Cloud",
|
||||
"IBM",
|
||||
"Red Hat",
|
||||
"Tencent Cloud",
|
||||
"HashiCorp"
|
||||
]
|
||||
}
|
||||
|
||||
@@ -7,6 +7,7 @@ import { endGroup, error, info, setFailed, startGroup } from '@actions/core';
|
||||
|
||||
interface WorkflowWithErrors {
|
||||
id: string;
|
||||
name: string;
|
||||
errors: string[];
|
||||
}
|
||||
|
||||
@@ -20,7 +21,7 @@ interface WorkflowProperties {
|
||||
const propertiesSchema = {
|
||||
type: "object",
|
||||
properties: {
|
||||
name: { type: "string", required: true },
|
||||
name: { type: "string", required: true , "minLength": 1},
|
||||
description: { type: "string", required: true },
|
||||
creator: { type: "string", required: false },
|
||||
iconName: { type: "string", required: true },
|
||||
@@ -41,7 +42,7 @@ const propertiesSchema = {
|
||||
|
||||
async function checkWorkflows(folders: string[]): Promise<WorkflowWithErrors[]> {
|
||||
const result: WorkflowWithErrors[] = []
|
||||
|
||||
const workflow_template_names = new Set()
|
||||
for (const folder of folders) {
|
||||
const dir = await fs.readdir(folder, {
|
||||
withFileTypes: true,
|
||||
@@ -54,9 +55,12 @@ async function checkWorkflows(folders: string[]): Promise<WorkflowWithErrors[]>
|
||||
const workflowFilePath = join(folder, e.name);
|
||||
const propertiesFilePath = join(folder, "properties", `${fileType}.properties.json`)
|
||||
|
||||
const errors = await checkWorkflow(workflowFilePath, propertiesFilePath);
|
||||
if (errors.errors.length > 0) {
|
||||
result.push(errors)
|
||||
const workflowWithErrors = await checkWorkflow(workflowFilePath, propertiesFilePath);
|
||||
if(workflowWithErrors.name && workflow_template_names.size == workflow_template_names.add(workflowWithErrors.name).size) {
|
||||
workflowWithErrors.errors.push(`Workflow template name "${workflowWithErrors.name}" already exists`)
|
||||
}
|
||||
if (workflowWithErrors.errors.length > 0) {
|
||||
result.push(workflowWithErrors)
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -68,6 +72,7 @@ async function checkWorkflows(folders: string[]): Promise<WorkflowWithErrors[]>
|
||||
async function checkWorkflow(workflowPath: string, propertiesPath: string): Promise<WorkflowWithErrors> {
|
||||
let workflowErrors: WorkflowWithErrors = {
|
||||
id: workflowPath,
|
||||
name: null,
|
||||
errors: []
|
||||
}
|
||||
|
||||
@@ -77,17 +82,28 @@ async function checkWorkflow(workflowPath: string, propertiesPath: string): Prom
|
||||
|
||||
const propertiesFileContent = await fs.readFile(propertiesPath, "utf8")
|
||||
const properties: WorkflowProperties = JSON.parse(propertiesFileContent)
|
||||
|
||||
if(properties.name && properties.name.trim().length > 0) {
|
||||
workflowErrors.name = properties.name
|
||||
}
|
||||
let v = new validator();
|
||||
const res = v.validate(properties, propertiesSchema)
|
||||
workflowErrors.errors = res.errors.map(e => e.toString())
|
||||
|
||||
if (properties.iconName && !properties.iconName.startsWith("octicon")) {
|
||||
try {
|
||||
await fs.access(`../../icons/${properties.iconName}.svg`)
|
||||
} catch (e) {
|
||||
workflowErrors.errors.push(`No icon named ${properties.iconName} found`)
|
||||
|
||||
if (properties.iconName) {
|
||||
if(! /^octicon\s+/.test(properties.iconName)) {
|
||||
try {
|
||||
await fs.access(`../../icons/${properties.iconName}.svg`)
|
||||
} catch (e) {
|
||||
workflowErrors.errors.push(`No icon named ${properties.iconName} found`)
|
||||
}
|
||||
}
|
||||
else {
|
||||
let iconName = properties.iconName.match(/^octicon\s+(.*)/)
|
||||
if(!iconName || iconName[1].split(".")[0].length <= 0) {
|
||||
workflowErrors.errors.push(`No icon named ${properties.iconName} found`)
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
} catch (e) {
|
||||
workflowErrors.errors.push(e.toString())
|
||||
|
||||
Reference in New Issue
Block a user