Merge branch 'main' into psalm-starter-workflow
This commit is contained in:
@@ -13,7 +13,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/stale@v7
|
||||
- uses: actions/stale@v8
|
||||
with:
|
||||
stale-issue-message: 'This issue has become stale and will be closed automatically within a period of time. Sorry about that.'
|
||||
stale-pr-message: 'This pull request has become stale and will be closed automatically within a period of time. Sorry about that.'
|
||||
|
||||
+3
-3
@@ -1,4 +1,4 @@
|
||||
* @actions/starter-workflows
|
||||
* @actions/actions-workflow-development-reviewers
|
||||
|
||||
/code-scanning/ @actions/advanced-security-code-scanning @actions/starter-workflows
|
||||
/pages/ @actions/pages @actions/starter-workflows
|
||||
/code-scanning/ @actions/advanced-security-code-scanning @actions/actions-workflow-development-reviewers
|
||||
/pages/ @actions/pages @actions/actions-workflow-development-reviewers
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
# https://github.com/actions/labeler
|
||||
|
||||
name: Labeler
|
||||
on: [pull_request]
|
||||
on: [pull_request_target]
|
||||
|
||||
jobs:
|
||||
label:
|
||||
|
||||
@@ -15,6 +15,8 @@ on:
|
||||
default: 'World'
|
||||
# Input has to be provided for the workflow to run
|
||||
required: true
|
||||
# The data type of the input
|
||||
type: string
|
||||
|
||||
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
|
||||
jobs:
|
||||
@@ -27,4 +29,4 @@ jobs:
|
||||
steps:
|
||||
# Runs a single command using the runners shell
|
||||
- name: Send greeting
|
||||
run: echo "Hello ${{ github.event.inputs.name }}"
|
||||
run: echo "Hello ${{ inputs.name }}"
|
||||
|
||||
@@ -43,7 +43,7 @@ jobs:
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0
|
||||
with:
|
||||
cosign-release: 'v1.11.0'
|
||||
cosign-release: 'v1.13.1'
|
||||
|
||||
|
||||
# Workaround: https://github.com/docker/build-push-action/issues/461
|
||||
|
||||
@@ -1,3 +1,8 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
name: Elixir CI
|
||||
|
||||
on:
|
||||
|
||||
@@ -1,3 +1,8 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
name: MSBuild
|
||||
|
||||
on:
|
||||
|
||||
+1
-1
@@ -30,7 +30,7 @@ jobs:
|
||||
# To automatically get bug fixes and new Ruby versions for ruby/setup-ruby,
|
||||
# change this to (see https://github.com/ruby/setup-ruby#versioning):
|
||||
# uses: ruby/setup-ruby@v1
|
||||
uses: ruby/setup-ruby@ee2113536afb7f793eed4ce60e8d3b26db912da4 # v1.127.0
|
||||
uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0
|
||||
with:
|
||||
ruby-version: ${{ matrix.ruby-version }}
|
||||
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
||||
|
||||
+2
-2
@@ -30,7 +30,7 @@ jobs:
|
||||
uses: actions/checkout@v3
|
||||
# Add or replace dependency steps here
|
||||
- name: Install Ruby and gems
|
||||
uses: ruby/setup-ruby@ee2113536afb7f793eed4ce60e8d3b26db912da4 # v1.127.0
|
||||
uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0
|
||||
with:
|
||||
bundler-cache: true
|
||||
# Add or replace database setup steps here
|
||||
@@ -46,7 +46,7 @@ jobs:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v3
|
||||
- name: Install Ruby and gems
|
||||
uses: ruby/setup-ruby@ee2113536afb7f793eed4ce60e8d3b26db912da4 # v1.127.0
|
||||
uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0
|
||||
with:
|
||||
bundler-cache: true
|
||||
# Add or replace any other lints here
|
||||
|
||||
@@ -1,3 +1,8 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
name: Symfony
|
||||
|
||||
on:
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
# How to Get Started with APIsec.ai
|
||||
# 1. Schedule a demo at https://www.apisec.ai/request-a-demo .
|
||||
#
|
||||
# 2. Register your account at https://cloud.fxlabs.io/#/signup .
|
||||
# 2. Register your account at https://cloud.apisec.ai/#/signup .
|
||||
#
|
||||
# 3. Register your API . See the video (https://www.youtube.com/watch?v=MK3Xo9Dbvac) to get up and running with APIsec quickly.
|
||||
#
|
||||
@@ -55,7 +55,7 @@ jobs:
|
||||
|
||||
steps:
|
||||
- name: APIsec scan
|
||||
uses: apisec-inc/apisec-run-scan@f748a240d69ca6cd7e9532fd0a47bec4ccd6a73c
|
||||
uses: apisec-inc/apisec-run-scan@025432089674a28ba8fb55f8ab06c10215e772ea
|
||||
with:
|
||||
# The APIsec username with which the scans will be executed
|
||||
apisec-username: ${{ secrets.apisec_username }}
|
||||
|
||||
@@ -35,7 +35,7 @@ jobs:
|
||||
|
||||
# Customize the ruby version depending on your needs
|
||||
- name: Setup Ruby
|
||||
uses: ruby/setup-ruby@ee2113536afb7f793eed4ce60e8d3b26db912da4 # v1.127.0
|
||||
uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0
|
||||
with:
|
||||
ruby-version: '2.7'
|
||||
|
||||
|
||||
@@ -23,7 +23,8 @@ on:
|
||||
jobs:
|
||||
analyze:
|
||||
name: Analyze
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
|
||||
timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
|
||||
permissions:
|
||||
actions: read
|
||||
contents: read
|
||||
@@ -51,11 +52,11 @@ jobs:
|
||||
# By default, queries listed here will override any specified in a config file.
|
||||
# Prefix the list here with "+" to use these queries and those in the config file.
|
||||
|
||||
# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
|
||||
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
|
||||
# queries: security-extended,security-and-quality
|
||||
|
||||
|
||||
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
|
||||
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
|
||||
# If this step fails, then you should remove it and run the build manually (see below)
|
||||
- name: Autobuild
|
||||
uses: github/codeql-action/autobuild@v2
|
||||
|
||||
@@ -0,0 +1,61 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
|
||||
# Credo is a static code analysis tool for the Elixir language with a focus on teaching and code consistency.
|
||||
# https://github.com/rrrene/credo
|
||||
#
|
||||
# To use this workflow, you must have GitHub Advanced Security (GHAS) enabled for your repository.
|
||||
#
|
||||
# Instructions:
|
||||
# 1. Add :credo as a dependency to your project's mix.exs with version ~> 1.7.0-rc.1 - https://github.com/rrrene/credo#installation-and-usage
|
||||
# 2. Follow the annotated workflow below and make any necessary modifications then save the workflow to your repository
|
||||
# and review the "Security" tab once the action has run.
|
||||
|
||||
name: Credo
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
# The branches below must be a subset of the branches above
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
security-scan:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
|
||||
runs-on: ubuntu-latest
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
otp: [version]
|
||||
elixir: [version]
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: erlef/setup-beam@988e02bfe678367a02564f65ca2e37726dc0268f
|
||||
with:
|
||||
otp-version: ${{matrix.otp}}
|
||||
elixir-version: ${{matrix.elixir}}
|
||||
- name: get dependencies
|
||||
run: mix deps.get
|
||||
- name: compile dependencies
|
||||
run: mix deps.compile
|
||||
- name: compile
|
||||
run: mix compile
|
||||
- name: credo-scan
|
||||
run: mix credo --format=sarif > credo_output.sarif
|
||||
- name: upload sarif
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
# Path to SARIF file relative to the root of the repository
|
||||
sarif_file: credo_output.sarif
|
||||
@@ -0,0 +1,47 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
#
|
||||
# Microsoft Security DevOps (MSDO) is a command line application which integrates static analysis tools into the development cycle.
|
||||
# MSDO installs, configures and runs the latest versions of static analysis tools
|
||||
# (including, but not limited to, SDL/security and compliance tools).
|
||||
#
|
||||
# The Microsoft Security DevOps action is currently in beta and runs on the windows-latest queue,
|
||||
# as well as Windows self hosted agents. ubuntu-latest support coming soon.
|
||||
#
|
||||
# For more information about the action , check out https://github.com/microsoft/security-devops-action
|
||||
#
|
||||
# Please note this workflow do not integrate your GitHub Org with Microsoft Defender For DevOps. You have to create an integration
|
||||
# and provide permission before this can report data back to azure.
|
||||
# Read the official documentation here : https://learn.microsoft.com/en-us/azure/defender-for-cloud/quickstart-onboard-github
|
||||
|
||||
name: "Microsoft Defender For Devops"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
jobs:
|
||||
MSDO:
|
||||
# currently only windows latest is supported
|
||||
runs-on: windows-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-dotnet@v3
|
||||
with:
|
||||
dotnet-version: |
|
||||
5.0.x
|
||||
6.0.x
|
||||
- name: Run Microsoft Security DevOps
|
||||
uses: microsoft/security-devops-action@v1.6.0
|
||||
id: msdo
|
||||
- name: Upload results to Security tab
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
sarif_file: ${{ steps.msdo.outputs.sarifFile }}
|
||||
@@ -77,7 +77,7 @@ jobs:
|
||||
fi
|
||||
|
||||
DETEKT_DOWNLOAD_URL=$(jq --raw-output '.data.repository.release.releaseAssets.nodes[0].downloadUrl' gh_response.json)
|
||||
echo "::set-output name=download_url::$DETEKT_DOWNLOAD_URL"
|
||||
echo "download_url=$DETEKT_DOWNLOAD_URL" >> $GITHUB_OUTPUT
|
||||
|
||||
# Sets up the detekt cli
|
||||
- name: Setup Detekt
|
||||
|
||||
@@ -7,6 +7,8 @@
|
||||
# Uses JFrog Xray to scan the project.
|
||||
# Read more about Frogbot here - https://github.com/jfrog/frogbot#frogbot
|
||||
|
||||
# Some projects require creating a frogbot-config.yml file. Read more about it here - https://github.com/jfrog/frogbot/blob/master/docs/frogbot-config.md
|
||||
|
||||
name: "Frogbot Scan and Fix"
|
||||
on:
|
||||
push:
|
||||
@@ -21,36 +23,47 @@ jobs:
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
# Install prerequisites - uncomment the relevant one
|
||||
# IMPORTANT:
|
||||
# 1. See the following link for information about the tools that need to be installed for Frogbot to work - https://github.com/jfrog/frogbot/tree/master/docs/templates/github-actions/scan-and-fix
|
||||
# 2. Some projects require creating a frogbot-config.yml file. Read more about it here - https://github.com/jfrog/frogbot/blob/master/docs/frogbot-config.md
|
||||
|
||||
# - uses: actions/setup-go@v3
|
||||
# with:
|
||||
# go-version: 1.17.x
|
||||
|
||||
# - uses: actions/setup-java@v3
|
||||
# with:
|
||||
# java-version: "11"
|
||||
# distribution: "temurin"
|
||||
|
||||
# - uses: actions/setup-node@v3
|
||||
# with:
|
||||
# node-version: "16.x"
|
||||
|
||||
|
||||
- uses: jfrog/frogbot@b92e53d9631139a697cb71d9e70229a70ca56694
|
||||
- uses: jfrog/frogbot@3395426f351556d4568e30a6dfd2909dbedae99e
|
||||
env:
|
||||
# [Mandatory if the two conditions below are met]
|
||||
# 1. The project uses npm, yarn 2, NuGet or .NET to download its dependencies
|
||||
# 2. The `installCommand` variable isn't set in your frogbot-config.yml file.
|
||||
#
|
||||
# The command that installs the project dependencies (e.g "npm i", "nuget restore" or "dotnet restore")
|
||||
# JF_INSTALL_DEPS_CMD: ""
|
||||
|
||||
# [Mandatory]
|
||||
# JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
|
||||
JF_URL: ${{ secrets.FROGBOT_URL }}
|
||||
# JFrog platform URL
|
||||
JF_URL: ${{ secrets.JF_URL }}
|
||||
|
||||
# [Mandatory if JF_USER and JF_PASSWORD are not provided]
|
||||
# JFrog access token with 'read' permissions on Xray service
|
||||
JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }}
|
||||
JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
|
||||
|
||||
# [Mandatory if JF_ACCESS_TOKEN is not provided]
|
||||
# JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD
|
||||
# JF_USER: ${{ secrets.JF_USER }}
|
||||
|
||||
# [Mandatory if JF_ACCESS_TOKEN is not provided]
|
||||
# JFrog password. Must be provided with JF_USER
|
||||
# JF_PASSWORD: ${{ secrets.JF_PASSWORD }}
|
||||
|
||||
# [Mandatory]
|
||||
# The GitHub token automatically generated for the job
|
||||
JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
# [Mandatory if using npm]
|
||||
# The command that installs the dependencies
|
||||
# JF_INSTALL_DEPS_CMD: "npm i"
|
||||
# [Optional]
|
||||
# If the machine that runs Frogbot has no access to the internat, set the name of a remote repository
|
||||
# in Artifactory, which proxies https://releases.jfrog.io/artifactory
|
||||
# The 'frogbot' executable and other tools it needs will be downloaded through this repository.
|
||||
# JF_RELEASES_REPO: ""
|
||||
|
||||
# [Optional]
|
||||
# Frogbot will download the project dependencies, if they're not cached locally. To download the
|
||||
# dependencies from a virtual repository in Artifactory, set the name of of the repository. There's no
|
||||
# need to set this value, if it is set in the frogbot-config.yml file.
|
||||
# JF_DEPS_REPO: ""
|
||||
@@ -7,6 +7,8 @@
|
||||
# Uses JFrog Xray to scan the project.
|
||||
# Read more about Frogbot here - https://github.com/jfrog/frogbot#frogbot
|
||||
|
||||
# Some projects require creating a frogbot-config.yml file. Read more about it here - https://github.com/jfrog/frogbot/blob/master/docs/frogbot-config.md
|
||||
|
||||
name: "Frogbot Scan Pull Request"
|
||||
on:
|
||||
pull_request_target:
|
||||
@@ -19,57 +21,54 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
# A pull request needs to be approved, before Frogbot scans it. Any GitHub user who is associated with the
|
||||
# "frogbot" GitHub environment can approve the pull request to be scanned.
|
||||
# Read more here (Install Frogbot Using GitHub Actions): https://github.com/jfrog/frogbot/blob/master/docs/install-github.md
|
||||
environment: frogbot
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
with:
|
||||
ref: ${{ github.event.pull_request.head.sha }}
|
||||
|
||||
# Install prerequisites - uncomment the relevant ones
|
||||
# IMPORTANT:
|
||||
# 1. See the following link for information about the tools that need to be installed for Frogbot to work - https://github.com/jfrog/frogbot/tree/master/docs/templates/github-actions/scan-and-fix
|
||||
# 2. Some projects require creating a frogbot-config.yml file. Read more about it here - https://github.com/jfrog/frogbot/blob/master/docs/frogbot-config.md
|
||||
|
||||
# - uses: actions/setup-go@v3
|
||||
# with:
|
||||
# go-version: 1.17.x
|
||||
|
||||
# - uses: actions/setup-java@v3
|
||||
# with:
|
||||
# java-version: "11"
|
||||
# distribution: "temurin"
|
||||
|
||||
# - uses: actions/setup-node@v3
|
||||
# with:
|
||||
# node-version: "16.x"
|
||||
|
||||
# The full template list with the required GitHub Actions can be found at https://github.com/jfrog/frogbot/tree/master/templates/github-actions/scan-pull-request
|
||||
|
||||
- uses: jfrog/frogbot@b92e53d9631139a697cb71d9e70229a70ca56694
|
||||
- uses: jfrog/frogbot@3395426f351556d4568e30a6dfd2909dbedae99e
|
||||
env:
|
||||
# [Mandatory if the two conditions below are met]
|
||||
# 1. The project uses npm, yarn 2, NuGet or .NET to download its dependencies
|
||||
# 2. The `installCommand` variable isn't set in your frogbot-config.yml file.
|
||||
#
|
||||
# The command that installs the project dependencies (e.g "npm i", "nuget restore" or "dotnet restore")
|
||||
# JF_INSTALL_DEPS_CMD: ""
|
||||
|
||||
# [Mandatory]
|
||||
# JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
|
||||
# JFrog platform URL
|
||||
JF_URL: ${{ secrets.JF_URL }}
|
||||
|
||||
# [Mandatory if JF_USER and JF_PASSWORD are not provided]
|
||||
# JFrog access token with 'read' permissions on Xray service
|
||||
JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
|
||||
|
||||
# [Mandatory if JF_ACCESS_TOKEN is not provided]
|
||||
# JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD
|
||||
JF_USER: ${{ secrets.JF_USER }}
|
||||
# JF_USER: ${{ secrets.JF_USER }}
|
||||
|
||||
# [Mandatory if JF_ACCESS_TOKEN is not provided]
|
||||
# JFrog password. Must be provided with JF_USER
|
||||
JF_PASSWORD: ${{ secrets.JF_PASSWORD }}
|
||||
# JF_PASSWORD: ${{ secrets.JF_PASSWORD }}
|
||||
|
||||
# [Mandatory]
|
||||
# The GitHub token automatically generated for the job
|
||||
JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
# [Mandatory if JF_USER and JF_PASSWORD are not provided]
|
||||
# JFrog access token with 'read' permissions on Xray service
|
||||
# JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
|
||||
# [Optional]
|
||||
# If the machine that runs Frogbot has no access to the internat, set the name of a remote repository
|
||||
# in Artifactory, which proxies https://releases.jfrog.io/artifactory
|
||||
# The 'frogbot' executable and other tools it needs will be downloaded through this repository.
|
||||
# JF_RELEASES_REPO: ""
|
||||
|
||||
# [Mandatory when using npm]
|
||||
# The command that installs the dependencies
|
||||
# JF_INSTALL_DEPS_CMD: "npm i"
|
||||
|
||||
# [Mandatory when using .NET]
|
||||
# The command that installs the dependencies
|
||||
# JF_INSTALL_DEPS_CMD: "dotnet restore"
|
||||
|
||||
# The full template list with full optional environment variables can be found at https://github.com/jfrog/frogbot/tree/master/templates/github-actions/scan-pull-request
|
||||
# [Optional]
|
||||
# Frogbot will download the project dependencies, if they're not cached locally. To download the
|
||||
# dependencies from a virtual repository in Artifactory, set the name of of the repository. There's no
|
||||
# need to set this value, if it is set in the frogbot-config.yml file.
|
||||
# JF_DEPS_REPO: ""
|
||||
@@ -0,0 +1,47 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# This is a basic workflow to help you get started with Using Jscrambler Code Integrity Action.
|
||||
# It automates the protection of your JavaScript Applications, so you can run it whenever a new version of your application is built.
|
||||
# A Jscrambler account is required to use this Workflow.
|
||||
#
|
||||
# More info can be found here : https://docs.jscrambler.com/latest/code-integrity/documentation/github-ci-integration
|
||||
|
||||
name: Jscrambler Code Integrity
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
# The branches below must be a subset of the branches above
|
||||
branches: [ $default-branch ]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/setup-node@v3
|
||||
with:
|
||||
node-version: 18
|
||||
- run: npm ci
|
||||
- run: npm run build
|
||||
- name: Jscrambler Code Integrity
|
||||
id: jscrambler
|
||||
# the complete list of inputs can be found here: https://github.com/marketplace/actions/jscrambler#inputs
|
||||
uses: jscrambler/code-integrity-actions/protect@ab65962a2ecffcc362b75a997e24a181d0bde5fb
|
||||
with:
|
||||
application-id: ${{ secrets.JSCRAMBLER_APPLICATION_ID }} # This value should be created within your Jscrambler account
|
||||
secret-key: ${{ secrets.JSCRAMBLER_SECRET_KEY }} # This value can be found in your Jscrambler account
|
||||
access-key: ${{ secrets.JSCRAMBLER_ACCESS_KEY }} # This value can be found in your Jscrambler account
|
||||
jscrambler-config-path: jscrambler.json # Download from your Jscrambler account
|
||||
files-src: | # List of Files to be protected
|
||||
dist/**/*
|
||||
files-dest: .
|
||||
@@ -2,7 +2,7 @@
|
||||
"name": "CodeQL Analysis",
|
||||
"creator": "GitHub",
|
||||
"enterprise": true,
|
||||
"description": "Security analysis from GitHub for C, C++, C#, Go, Java, JavaScript, TypeScript, Python, Ruby and Kotlin developers.",
|
||||
"description": "Security analysis from GitHub for C, C++, C#, Go, Java, JavaScript, TypeScript, Python, Ruby, Kotlin and Swift developers.",
|
||||
"iconName": "octicon mark-github",
|
||||
"categories": ["Code Scanning", "C", "C++", "C#", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby", "Kotlin"]
|
||||
"categories": ["Code Scanning", "C", "C++", "C#", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby", "Kotlin", "Swift"]
|
||||
}
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Credo Scan",
|
||||
"creator": "Credo",
|
||||
"description": "Credo is a static code analysis tool for the Elixir language with a focus on teaching and code consistency.",
|
||||
"iconName": "code",
|
||||
"categories": ["Code Scanning", "Elixir"]
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Microsoft Defender For DevOps Scan",
|
||||
"creator": "Microsoft",
|
||||
"description": "Defender for DevOps helps integrate multiple tools with GitHub Advanced Security and sends the results to Defender for Cloud dashboard.",
|
||||
"iconName": "microsoft",
|
||||
"categories": ["Code Scanning", "HCL","Dockerfile", "Python", "JavaScript", "EcmaScript", "TypeScript"]
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Jscrambler Code Integrity",
|
||||
"description": "Protect your JavaScript Application with polymorphic obfuscation, code locks, and self-defensive techniques",
|
||||
"creator": "Jscrambler",
|
||||
"iconName": "jscrambler",
|
||||
"categories": ["Code Scanning", "JavaScript", "HTML"]
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Snyk Security",
|
||||
"creator": "Snyk",
|
||||
"description": "Detect vulnerabilities across your applications and infrastructure with the Snyk platform.",
|
||||
"iconName": "snyk",
|
||||
"categories": ["Code Scanning","JavaScript", "Python", "Java", "PHP", "C#", "C", "C++", "Ruby", "Swift", "Go", "TypeScript", "Kotlin", "Apex", "Scala", "Terraform", "Dockerfile"]
|
||||
}
|
||||
@@ -36,7 +36,7 @@ jobs:
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Setup Ruby
|
||||
uses: ruby/setup-ruby@ee2113536afb7f793eed4ce60e8d3b26db912da4 # v1.127.0
|
||||
uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0
|
||||
with:
|
||||
ruby-version: 2.7
|
||||
bundler-cache: true
|
||||
|
||||
@@ -28,7 +28,7 @@ jobs:
|
||||
# If running on a self-hosted runner, check it meets the requirements
|
||||
# listed at https://github.com/ruby/setup-ruby#using-self-hosted-runners
|
||||
- name: Set up Ruby
|
||||
uses: ruby/setup-ruby@ee2113536afb7f793eed4ce60e8d3b26db912da4 # v1.127.0
|
||||
uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0
|
||||
with:
|
||||
ruby-version: 2.6
|
||||
|
||||
|
||||
@@ -37,7 +37,7 @@ jobs:
|
||||
persist-credentials: false
|
||||
|
||||
- name: "Run analysis"
|
||||
uses: ossf/scorecard-action@99c53751e09b9529366343771cc321ec74e9bd3d # v2.0.6
|
||||
uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
|
||||
with:
|
||||
results_file: results.sarif
|
||||
results_format: sarif
|
||||
@@ -67,6 +67,6 @@ jobs:
|
||||
|
||||
# Upload the results to GitHub's code scanning dashboard.
|
||||
- name: "Upload to code-scanning"
|
||||
uses: github/codeql-action/upload-sarif@807578363a7869ca324a79039e6db9c843e0e100 # v2.1.27
|
||||
uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
|
||||
@@ -0,0 +1,79 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# A sample workflow which sets up Snyk to analyze the full Snyk platform (Snyk Open Source, Snyk Code,
|
||||
# Snyk Container and Snyk Infrastructure as Code)
|
||||
# The setup installs the Snyk CLI - for more details on the possible commands
|
||||
# check https://docs.snyk.io/snyk-cli/cli-reference
|
||||
# The results of Snyk Code are then uploaded to GitHub Security Code Scanning
|
||||
#
|
||||
# In order to use the Snyk Action you will need to have a Snyk API token.
|
||||
# More details in https://github.com/snyk/actions#getting-your-snyk-token
|
||||
# or you can signup for free at https://snyk.io/login
|
||||
#
|
||||
# For more examples, including how to limit scans to only high-severity issues
|
||||
# and fail PR checks, see https://github.com/snyk/actions/
|
||||
|
||||
name: Snyk Security
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [$default-branch, $protected-branches]
|
||||
pull_request:
|
||||
branches: [$default-branch]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
snyk:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Set up Snyk CLI to check for security issues
|
||||
# Snyk can be used to break the build when it detects security issues.
|
||||
# In this case we want to upload the SAST issues to GitHub Code Scanning
|
||||
uses: snyk/actions/setup@806182742461562b67788a64410098c9d9b96adb
|
||||
|
||||
# For Snyk Open Source you must first set up the development environment for your application's dependencies
|
||||
# For example for Node
|
||||
#- uses: actions/setup-node@v3
|
||||
# with:
|
||||
# node-version: 16
|
||||
|
||||
env:
|
||||
# This is where you will need to introduce the Snyk API token created with your Snyk account
|
||||
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
|
||||
|
||||
# Runs Snyk Code (SAST) analysis and uploads result into GitHub.
|
||||
# Use || true to not fail the pipeline
|
||||
- name: Snyk Code test
|
||||
run: snyk code test --sarif > snyk-code.sarif # || true
|
||||
|
||||
# Runs Snyk Open Source (SCA) analysis and uploads result to Snyk.
|
||||
- name: Snyk Open Source monitor
|
||||
run: snyk monitor --all-projects
|
||||
|
||||
# Runs Snyk Infrastructure as Code (IaC) analysis and uploads result to Snyk.
|
||||
# Use || true to not fail the pipeline.
|
||||
- name: Snyk IaC test and report
|
||||
run: snyk iac test --report # || true
|
||||
|
||||
# Build the docker image for testing
|
||||
- name: Build a Docker image
|
||||
run: docker build -t your/image-to-test .
|
||||
# Runs Snyk Container (Container and SCA) analysis and uploads result to Snyk.
|
||||
- name: Snyk Container monitor
|
||||
run: snyk container monitor your/image-to-test --file=Dockerfile
|
||||
|
||||
# Push the Snyk Code results into GitHub Code Scanning tab
|
||||
- name: Upload result to GitHub Code Scanning
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
sarif_file: snyk-code.sarif
|
||||
@@ -21,8 +21,7 @@ name: Deploy container to Azure Functions App
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- [$default-branch]
|
||||
branches: [$default-branch]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
@@ -20,8 +20,7 @@ name: Deploy DotNet project to Azure Function App
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- [$default-branch]
|
||||
branches: [$default-branch]
|
||||
|
||||
env:
|
||||
AZURE_FUNCTIONAPP_NAME: 'your-app-name' # set this to your function app name on Azure
|
||||
|
||||
@@ -0,0 +1,69 @@
|
||||
# This workflow will build a Java project and deploy it to an Azure Functions App on Windows or Linux when a commit is pushed to your default branch.
|
||||
#
|
||||
# This workflow assumes you have already created the target Azure Functions app and applied azure functions plugin for gradle.
|
||||
# For instructions see https://learn.microsoft.com/en-us/azure/azure-functions/functions-create-first-java-gradle
|
||||
#
|
||||
# To configure this workflow:
|
||||
# 1. Set up the following secrets in your repository:
|
||||
# - AZURE_FUNCTIONAPP_PUBLISH_PROFILE
|
||||
# 2. Change env variables for your configuration.
|
||||
#
|
||||
# For more information on:
|
||||
# - GitHub Actions for Azure: https://github.com/Azure/Actions
|
||||
# - Azure Functions Action: https://github.com/Azure/functions-action
|
||||
# - Publish Profile: https://github.com/Azure/functions-action#using-publish-profile-as-deployment-credential-recommended
|
||||
# - Azure Service Principal for RBAC: https://github.com/Azure/functions-action#using-azure-service-principal-for-rbac-as-deployment-credential
|
||||
#
|
||||
# For more samples to get started with GitHub Action workflows to deploy to Azure: https://github.com/Azure/actions-workflow-samples/tree/master/FunctionApp
|
||||
|
||||
name: Deploy Gradle Java project to Azure Function App
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [$default-branch]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
env:
|
||||
AZURE_FUNCTIONAPP_NAME: 'your-app-name' # set this to your function app name on Azure
|
||||
BUILD_GRADLE_DIRECTORY: '.' # set this to the directory which contains build.gradle file
|
||||
JAVA_VERSION: '8' # set this to the java version to use (e.g. '8', '11', '17')
|
||||
|
||||
jobs:
|
||||
build-and-deploy:
|
||||
permissions:
|
||||
contents: none
|
||||
runs-on: windows-latest # For Linux, use ubuntu-latest
|
||||
environment: dev
|
||||
steps:
|
||||
- name: 'Checkout GitHub Action'
|
||||
uses: actions/checkout@v3
|
||||
|
||||
# If you want to use Azure RBAC instead of Publish Profile, then uncomment the task below
|
||||
# - name: 'Login via Azure CLI'
|
||||
# uses: azure/login@v1
|
||||
# with:
|
||||
# creds: ${{ secrets.AZURE_RBAC_CREDENTIALS }} # set up AZURE_RBAC_CREDENTIALS secrets in your repository
|
||||
|
||||
- name: Setup Java Sdk ${{ env.JAVA_VERSION }}
|
||||
uses: actions/setup-java@v1
|
||||
with:
|
||||
java-version: ${{ env.JAVA_VERSION }}
|
||||
|
||||
# Build function project with functions gradle plugin
|
||||
# For project with function plugin lower than 1.12.1, please make sure you have set same app name in gradle configuration
|
||||
- name: 'Restore Project Dependencies Using Gradle Plugin for Azure Functions'
|
||||
shell: pwsh # For Linux, use bash
|
||||
run: |
|
||||
pushd './${{ env.BUILD_GRADLE_DIRECTORY }}'
|
||||
gradle azureFunctionsPackage -DappName=${{ env.AZURE_FUNCTIONAPP_NAME }}
|
||||
popd
|
||||
|
||||
- name: 'Run Azure Functions Action'
|
||||
uses: Azure/functions-action@v1
|
||||
id: fa
|
||||
with:
|
||||
app-name: ${{ env.AZURE_FUNCTIONAPP_NAME }}
|
||||
package: '${{ env.BUILD_GRADLE_DIRECTORY }}/build/azure-functions/${{ env.AZURE_FUNCTIONAPP_NAME }}'
|
||||
publish-profile: ${{ secrets.AZURE_FUNCTIONAPP_PUBLISH_PROFILE }} # Remove publish-profile to use Azure RBAC
|
||||
@@ -20,8 +20,7 @@ name: Deploy Java project to Azure Function App
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- [$default-branch]
|
||||
branches: [$default-branch]
|
||||
|
||||
env:
|
||||
AZURE_FUNCTIONAPP_NAME: 'your-app-name' # set this to your function app name on Azure
|
||||
|
||||
@@ -22,8 +22,7 @@ name: Deploy Node.js project to Azure Function App
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- [$default-branch]
|
||||
branches: [$default-branch]
|
||||
|
||||
env:
|
||||
AZURE_FUNCTIONAPP_NAME: 'your-app-name' # set this to your function app name on Azure
|
||||
|
||||
@@ -20,8 +20,7 @@ name: Deploy PowerShell project to Azure Function App
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- [$default-branch]
|
||||
branches: [$default-branch]
|
||||
|
||||
env:
|
||||
AZURE_FUNCTIONAPP_NAME: 'your-app-name' # set this to your function app name on Azure
|
||||
|
||||
@@ -20,8 +20,7 @@ name: Deploy Python project to Azure Function App
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- [$default-branch]
|
||||
branches: [$default-branch]
|
||||
|
||||
env:
|
||||
AZURE_FUNCTIONAPP_NAME: 'your-app-name' # set this to your function app name on Azure
|
||||
|
||||
@@ -0,0 +1,79 @@
|
||||
# This workflow will build and push a Java application to an Azure Web App when a commit is pushed to your default branch.
|
||||
#
|
||||
# This workflow assumes you have already created the target Azure App Service web app.
|
||||
# For instructions see https://docs.microsoft.com/en-us/azure/app-service/quickstart-java?tabs=javase&pivots=platform-linux
|
||||
#
|
||||
# To configure this workflow:
|
||||
#
|
||||
# 1. Download the Publish Profile for your Azure Web App. You can download this file from the Overview page of your Web App in the Azure Portal.
|
||||
# For more information: https://docs.microsoft.com/en-us/azure/app-service/deploy-github-actions?tabs=applevel#generate-deployment-credentials
|
||||
#
|
||||
# 2. Create a secret in your repository named AZURE_WEBAPP_PUBLISH_PROFILE, paste the publish profile contents as the value of the secret.
|
||||
# For instructions on obtaining the publish profile see: https://docs.microsoft.com/azure/app-service/deploy-github-actions#configure-the-github-secret
|
||||
#
|
||||
# 3. Change the value for the AZURE_WEBAPP_NAME. Optionally, change the JAVA_VERSION environment variable below.
|
||||
#
|
||||
# For more information on GitHub Actions for Azure: https://github.com/Azure/Actions
|
||||
# For more information on the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
|
||||
# For more samples to get started with GitHub Action workflows to deploy to Azure: https://github.com/Azure/actions-workflow-samples
|
||||
|
||||
name: Build and deploy Gradle app to Azure Web App
|
||||
|
||||
env:
|
||||
AZURE_WEBAPP_NAME: your-app-name # set this to the name of your Azure Web App
|
||||
JAVA_VERSION: '11' # set this to the Java version to use
|
||||
DISTRIBUTION: zulu # set this to the Java distribution
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
workflow_dispatch:
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Set up Java version
|
||||
uses: actions/setup-java@v3.0.0
|
||||
with:
|
||||
java-version: ${{ env.JAVA_VERSION }}
|
||||
distribution: ${{ env.DISTRIBUTION }}
|
||||
cache: 'gradle'
|
||||
|
||||
- name: Build with Gradle
|
||||
run: gradle build
|
||||
|
||||
- name: Upload artifact for deployment job
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: java-app
|
||||
path: '${{ github.workspace }}/build/libs/*.jar'
|
||||
|
||||
deploy:
|
||||
permissions:
|
||||
contents: none
|
||||
runs-on: ubuntu-latest
|
||||
needs: build
|
||||
environment:
|
||||
name: 'Development'
|
||||
url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
|
||||
|
||||
steps:
|
||||
- name: Download artifact from build job
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
name: java-app
|
||||
|
||||
- name: Deploy to Azure Web App
|
||||
id: deploy-to-webapp
|
||||
uses: azure/webapps-deploy@v2
|
||||
with:
|
||||
app-name: ${{ env.AZURE_WEBAPP_NAME }}
|
||||
publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
|
||||
package: '*.jar'
|
||||
@@ -54,7 +54,7 @@ jobs:
|
||||
id: composer-cache
|
||||
if: steps.check_files.outputs.files_exists == 'true'
|
||||
run: |
|
||||
echo "::set-output name=dir::$(composer config cache-files-dir)"
|
||||
echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Set up dependency caching for faster installs
|
||||
uses: actions/cache@v3
|
||||
|
||||
@@ -0,0 +1,8 @@
|
||||
{
|
||||
"name": "Deploy Gradle app to Azure Functions App",
|
||||
"description": "Build a Java project and deploy it to an Azure Functions App on Windows or Linux.",
|
||||
"creator": "Microsoft Azure",
|
||||
"iconName": "azure",
|
||||
"categories": ["Deployment", "Java", "Gradle", "Azure Functions"],
|
||||
"labels": ["preview"]
|
||||
}
|
||||
@@ -0,0 +1,8 @@
|
||||
{
|
||||
"name": "Deploy a Gradle .jar app to an Azure Web App",
|
||||
"description": "Build a Gradle project and deploy it to an Azure Web App.",
|
||||
"creator": "Microsoft Azure",
|
||||
"iconName": "azure",
|
||||
"categories": ["Deployment", "Java", "Gradle"],
|
||||
"labels": ["preview"]
|
||||
}
|
||||
+1
-1
@@ -1 +1 @@
|
||||
<svg height="1995" viewBox="0 0 161.67 129" width="2500" xmlns="http://www.w3.org/2000/svg"><path d="m88.33 0-47.66 41.33-40.67 73h36.67zm6.34 9.67-20.34 57.33 39 49-75.66 13h124z" fill="#0072c6"/></svg>
|
||||
<svg xmlns="http://www.w3.org/2000/svg" width="2000" height="2000" fill="none"><path fill="url(#a)" d="M694.542 136.333H1237L673.875 1804.81a86.467 86.467 0 0 1-31.505 42.6 86.575 86.575 0 0 1-50.432 16.24H169.771a86.472 86.472 0 0 1-39.423-9.52 86.35 86.35 0 0 1-30.73-26.47 86.393 86.393 0 0 1-15.258-37.57 86.362 86.362 0 0 1 3.578-40.4L612.583 195.167a86.51 86.51 0 0 1 31.509-42.616 86.481 86.481 0 0 1 50.45-16.218Z"/><path fill="#0078D4" d="M1482.81 1255.44H622.604a39.844 39.844 0 0 0-22.426 6.88 39.831 39.831 0 0 0-14.654 18.32 39.807 39.807 0 0 0 9.893 43.73l552.753 515.92a86.92 86.92 0 0 0 59.29 23.36h487.08l-211.73-608.21Z"/><path fill="url(#b)" d="M694.542 136.333a85.793 85.793 0 0 0-82.146 59.98L88.583 1748.27a86.262 86.262 0 0 0 10.714 78.86 86.346 86.346 0 0 0 30.888 26.9 86.43 86.43 0 0 0 39.815 9.62h433.063a92.684 92.684 0 0 0 43.685-20.61 92.567 92.567 0 0 0 27.356-39.81l104.459-307.85 373.127 348.02a88.302 88.302 0 0 0 55.54 20.25h485.27l-212.83-608.21-620.441.14L1238.96 136.333H694.542Z"/><path fill="url(#c)" d="M1387.4 195.083a86.393 86.393 0 0 0-31.47-42.544 86.33 86.33 0 0 0-50.37-16.206H701a86.375 86.375 0 0 1 81.833 58.75L1307.5 1749.67a86.286 86.286 0 0 1 3.59 40.4 86.325 86.325 0 0 1-15.26 37.59 86.399 86.399 0 0 1-30.73 26.48 86.387 86.387 0 0 1-39.43 9.53h604.58a86.452 86.452 0 0 0 39.42-9.54 86.399 86.399 0 0 0 30.73-26.48 86.44 86.44 0 0 0 15.25-37.58c2.03-13.56.8-27.41-3.59-40.4L1387.4 195.083Z"/><defs><linearGradient id="a" x1="892.25" x2="328.896" y1="264.333" y2="1928.63" gradientUnits="userSpaceOnUse"><stop stop-color="#114A8B"/><stop offset="1" stop-color="#0669BC"/></linearGradient><linearGradient id="b" x1="1068.23" x2="937.917" y1="1039.94" y2="1084" gradientUnits="userSpaceOnUse"><stop stop-opacity=".3"/><stop offset=".071" stop-opacity=".2"/><stop offset=".321" stop-opacity=".1"/><stop offset=".623" stop-opacity=".05"/><stop offset="1" stop-opacity="0"/></linearGradient><linearGradient id="c" x1="996.562" x2="1614.96" y1="215.792" y2="1863.31" gradientUnits="userSpaceOnUse"><stop stop-color="#3CCBF4"/><stop offset="1" stop-color="#2892DF"/></linearGradient></defs></svg>
|
||||
|
||||
|
Before Width: | Height: | Size: 203 B After Width: | Height: | Size: 2.1 KiB |
@@ -0,0 +1 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="16" height="16"><path d="m11.28 3.22 4.25 4.25a.75.75 0 0 1 0 1.06l-4.25 4.25a.749.749 0 0 1-1.275-.326.749.749 0 0 1 .215-.734L13.94 8l-3.72-3.72a.749.749 0 0 1 .326-1.275.749.749 0 0 1 .734.215Zm-6.56 0a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042L2.06 8l3.72 3.72a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215L.47 8.53a.75.75 0 0 1 0-1.06Z"></path></svg>
|
||||
|
After Width: | Height: | Size: 433 B |
@@ -0,0 +1 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?><svg id="Layer_2" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 90.86 113.56"><defs><style>.cls-1{fill:#0002d1;}.cls-2{fill:#fff;}</style></defs><g id="Layer_1-2"><g><path class="cls-1" d="m90.86,6.49C90.86,2.91,87.95,0,84.37,0h0s-77.88,0-77.88,0h0s0,0,0,0C2.91,0,0,2.91,0,6.49c0,0,0,0,0,0h0v61.66h0c0,25.04,20.38,45.42,45.43,45.42s45.43-20.37,45.43-45.42h0V6.49h0s0,0,0,0Z"/><path class="cls-2" d="m61.64,25.81c.6,1.1,1.51,2.01,2.61,2.61.92.5,1.97.78,3.09.78,3.58,0,6.49-2.91,6.49-6.49s-2.91-6.49-6.49-6.49c-1.12,0-2.17.28-3.09.78-1.1.6-2.01,1.51-2.61,2.61-.1.18-.19.37-.27.57-.33.78-.51,1.63-.51,2.52s.18,1.75.51,2.52c.08.19.17.38.27.57Z"/><path class="cls-2" d="m56.07,22.71c0-3.58-2.91-6.49-6.49-6.49s-6.49,2.91-6.49,6.49,2.91,6.49,6.49,6.49,6.49-2.91,6.49-6.49Z"/><path class="cls-2" d="m67.35,34.08c-1.12,0-2.17.28-3.09.78-1.1.6-2.01,1.51-2.61,2.61-.1.18-.19.37-.27.57-.33.78-.51,1.63-.51,2.52s.18,1.75.51,2.52c.08.19.17.38.27.57.6,1.1,1.51,2.01,2.61,2.61.92.5,1.97.78,3.09.78,3.58,0,6.49-2.91,6.49-6.49s-2.91-6.49-6.49-6.49Z"/><path class="cls-2" d="m67.35,51.92c-1.12,0-2.17.28-3.09.78-1.1.6-2.01,1.51-2.61,2.61-.1.18-.19.37-.27.57-.33.78-.51,1.63-.51,2.52s.18,1.75.51,2.52c.08.19.17.38.27.57.6,1.1,1.51,2.01,2.61,2.61.92.5,1.97.78,3.09.78,3.58,0,6.49-2.91,6.49-6.49s-2.91-6.49-6.49-6.49Z"/><path class="cls-2" d="m71.45,71.22c-1.36-1.11-3.06-1.58-4.72-1.42-.02,0-.05,0-.07.01-.29.03-.58.09-.87.16-.48.12-.96.29-1.41.52-.01,0-.03.01-.05.02-.57.3-1.1.68-1.57,1.16-1.11,1.11-1.73,2.52-1.87,3.97-.04.41-.04.83,0,1.24s.12.82.24,1.23c.3,1,.84,1.95,1.63,2.74s1.74,1.33,2.74,1.63c.01,0,.02,0,.03,0,.19.06.38.1.58.14.02,0,.03,0,.05,0,.19.03.38.06.57.08.09,0,.17,0,.26.01.12,0,.24.02.36.02,0,0,0,0,0,0,.12,0,.24-.01.37-.02.08,0,.17,0,.25-.01.19-.02.38-.05.57-.08.02,0,.03,0,.05,0,.19-.04.39-.09.58-.14.01,0,.02,0,.03,0,1-.3,1.95-.84,2.74-1.63,2.53-2.53,2.53-6.65,0-9.18-.16-.16-.32-.31-.49-.44Z"/><path class="cls-2" d="m57.46,83.54c-.37-.2-.76-.37-1.16-.49-.2-.06-.41-.12-.62-.16-.42-.09-.86-.13-1.31-.13-3.58,0-6.49,2.91-6.49,6.49s2.91,6.49,6.49,6.49c.45,0,.88-.05,1.31-.13.21-.04.42-.1.62-.16.41-.13.8-.29,1.16-.49,2.02-1.1,3.4-3.25,3.4-5.71s-1.38-4.61-3.4-5.71Z"/><path class="cls-2" d="m24.16,69.8c-1.66-.16-3.36.32-4.72,1.42-.17.14-.33.29-.49.44-2.53,2.53-2.53,6.65,0,9.18.79.79,1.74,1.33,2.74,1.63.01,0,.02,0,.03,0,.19.06.38.1.58.14.02,0,.03,0,.05,0,.19.03.38.06.57.08.09,0,.18,0,.27.01.12,0,.24.02.35.02,0,0,0,0,0,0,.12,0,.24-.01.35-.02.09,0,.18,0,.27-.01.19-.02.38-.05.57-.08.02,0,.03,0,.05,0,.19-.04.39-.09.58-.14.01,0,.02,0,.03,0,.6-.18,1.17-.44,1.71-.79,0,0,.01,0,.02,0,.1-.07.2-.14.29-.22.25-.19.5-.39.72-.61,2.53-2.53,2.53-6.65,0-9.18-1.11-1.11-2.52-1.73-3.97-1.87Z"/><path class="cls-2" d="m36.52,82.75c-3.58,0-6.49,2.91-6.49,6.49s2.91,6.49,6.49,6.49,6.49-2.91,6.49-6.49-2.91-6.49-6.49-6.49Z"/></g></g></svg>
|
||||
|
After Width: | Height: | Size: 2.8 KiB |
@@ -0,0 +1,17 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 199.7 184.2">
|
||||
<path d="M189.5,36.8c0.2,2.8,0,5.1-0.6,6.8L153,162c-0.6,2.1-2,3.7-4.2,5c-2.2,1.2-4.4,1.9-6.7,1.9H31.4c-9.6,0-15.3-2.8-17.3-8.4
|
||||
c-0.8-2.2-0.8-3.9,0.1-5.2c0.9-1.2,2.4-1.8,4.6-1.8H123c7.4,0,12.6-1.4,15.4-4.1s5.7-8.9,8.6-18.4l32.9-108.6
|
||||
c1.8-5.9,1-11.1-2.2-15.6S169.9,0,164,0H72.7c-1,0-3.1,0.4-6.1,1.1l0.1-0.4C64.5,0.2,62.6,0,61,0.1s-3,0.5-4.3,1.4
|
||||
c-1.3,0.9-2.4,1.8-3.2,2.8S52,6.5,51.2,8.1c-0.8,1.6-1.4,3-1.9,4.3s-1.1,2.7-1.8,4.2c-0.7,1.5-1.3,2.7-2,3.7c-0.5,0.6-1.2,1.5-2,2.5
|
||||
s-1.6,2-2.2,2.8s-0.9,1.5-1.1,2.2c-0.2,0.7-0.1,1.8,0.2,3.2c0.3,1.4,0.4,2.4,0.4,3.1c-0.3,3-1.4,6.9-3.3,11.6
|
||||
c-1.9,4.7-3.6,8.1-5.1,10.1c-0.3,0.4-1.2,1.3-2.6,2.7c-1.4,1.4-2.3,2.6-2.6,3.7c-0.3,0.4-0.3,1.5-0.1,3.4c0.3,1.8,0.4,3.1,0.3,3.8
|
||||
c-0.3,2.7-1.3,6.3-3,10.8c-1.7,4.5-3.4,8.2-5,11c-0.2,0.5-0.9,1.4-2,2.8c-1.1,1.4-1.8,2.5-2,3.4c-0.2,0.6-0.1,1.8,0.1,3.4
|
||||
c0.2,1.6,0.2,2.8-0.1,3.6c-0.6,3-1.8,6.7-3.6,11c-1.8,4.3-3.6,7.9-5.4,11c-0.5,0.8-1.1,1.7-2,2.8c-0.8,1.1-1.5,2-2,2.8
|
||||
s-0.8,1.6-1,2.5c-0.1,0.5,0,1.3,0.4,2.3c0.3,1.1,0.4,1.9,0.4,2.6c-0.1,1.1-0.2,2.6-0.5,4.4c-0.2,1.8-0.4,2.9-0.4,3.2
|
||||
c-1.8,4.8-1.7,9.9,0.2,15.2c2.2,6.2,6.2,11.5,11.9,15.8c5.7,4.3,11.7,6.4,17.8,6.4h110.7c5.2,0,10.1-1.7,14.7-5.2s7.7-7.8,9.2-12.9
|
||||
l33-108.6c1.8-5.8,1-10.9-2.2-15.5C194.9,39.7,192.6,38,189.5,36.8z M59.6,122.8L73.8,80c0,0,7,0,10.8,0s28.8-1.7,25.4,17.5
|
||||
c-3.4,19.2-18.8,25.2-36.8,25.4S59.6,122.8,59.6,122.8z M78.6,116.8c4.7-0.1,18.9-2.9,22.1-17.1S89.2,86.3,89.2,86.3l-8.9,0
|
||||
l-10.2,30.5C70.2,116.9,74,116.9,78.6,116.8z M75.3,68.7L89,26.2h9.8l0.8,34l23.6-34h9.9l-13.6,42.5h-7.1l12.5-35.4l-24.5,35.4h-6.8
|
||||
l-0.8-35L82,68.7H75.3z"/>
|
||||
</svg>
|
||||
<!-- Original image Copyright Dave Gandy — CC BY 4.0 License -->
|
||||
|
After Width: | Height: | Size: 1.7 KiB |
+5
-4
@@ -18,10 +18,11 @@ permissions:
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
# Allow one concurrent deployment
|
||||
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
|
||||
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
|
||||
concurrency:
|
||||
group: "pages"
|
||||
cancel-in-progress: true
|
||||
cancel-in-progress: false
|
||||
|
||||
env:
|
||||
BUILD_PATH: "." # default value when not using subfolders
|
||||
@@ -48,7 +49,7 @@ jobs:
|
||||
echo "runner=npx --no-install" >> $GITHUB_OUTPUT
|
||||
exit 0
|
||||
else
|
||||
echo "Unable to determine packager manager"
|
||||
echo "Unable to determine package manager"
|
||||
exit 1
|
||||
fi
|
||||
- name: Setup Node
|
||||
@@ -84,4 +85,4 @@ jobs:
|
||||
steps:
|
||||
- name: Deploy to GitHub Pages
|
||||
id: deployment
|
||||
uses: actions/deploy-pages@v1
|
||||
uses: actions/deploy-pages@v2
|
||||
|
||||
+5
-4
@@ -18,10 +18,11 @@ permissions:
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
# Allow one concurrent deployment
|
||||
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
|
||||
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
|
||||
concurrency:
|
||||
group: "pages"
|
||||
cancel-in-progress: true
|
||||
cancel-in-progress: false
|
||||
|
||||
# Default to bash
|
||||
defaults:
|
||||
@@ -47,7 +48,7 @@ jobs:
|
||||
echo "command=ci" >> $GITHUB_OUTPUT
|
||||
exit 0
|
||||
else
|
||||
echo "Unable to determine packager manager"
|
||||
echo "Unable to determine package manager"
|
||||
exit 1
|
||||
fi
|
||||
- name: Setup Node
|
||||
@@ -93,4 +94,4 @@ jobs:
|
||||
steps:
|
||||
- name: Deploy to GitHub Pages
|
||||
id: deployment
|
||||
uses: actions/deploy-pages@v1
|
||||
uses: actions/deploy-pages@v2
|
||||
|
||||
+4
-3
@@ -15,10 +15,11 @@ permissions:
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
# Allow one concurrent deployment
|
||||
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
|
||||
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
|
||||
concurrency:
|
||||
group: "pages"
|
||||
cancel-in-progress: true
|
||||
cancel-in-progress: false
|
||||
|
||||
# Default to bash
|
||||
defaults:
|
||||
@@ -71,4 +72,4 @@ jobs:
|
||||
steps:
|
||||
- name: Deploy to GitHub Pages
|
||||
id: deployment
|
||||
uses: actions/deploy-pages@v1
|
||||
uses: actions/deploy-pages@v2
|
||||
|
||||
@@ -15,10 +15,11 @@ permissions:
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
# Allow one concurrent deployment
|
||||
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
|
||||
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
|
||||
concurrency:
|
||||
group: "pages"
|
||||
cancel-in-progress: true
|
||||
cancel-in-progress: false
|
||||
|
||||
jobs:
|
||||
# Build job
|
||||
@@ -47,4 +48,4 @@ jobs:
|
||||
steps:
|
||||
- name: Deploy to GitHub Pages
|
||||
id: deployment
|
||||
uses: actions/deploy-pages@v1
|
||||
uses: actions/deploy-pages@v2
|
||||
|
||||
+6
-5
@@ -20,10 +20,11 @@ permissions:
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
# Allow one concurrent deployment
|
||||
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
|
||||
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
|
||||
concurrency:
|
||||
group: "pages"
|
||||
cancel-in-progress: true
|
||||
cancel-in-progress: false
|
||||
|
||||
jobs:
|
||||
# Build job
|
||||
@@ -33,9 +34,9 @@ jobs:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
- name: Setup Ruby
|
||||
uses: ruby/setup-ruby@ee2113536afb7f793eed4ce60e8d3b26db912da4 # v1.127.0
|
||||
uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0
|
||||
with:
|
||||
ruby-version: '3.0' # Not needed with a .ruby-version file
|
||||
ruby-version: '3.1' # Not needed with a .ruby-version file
|
||||
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
||||
cache-version: 0 # Increment this number if you need to re-download cached gems
|
||||
- name: Setup Pages
|
||||
@@ -60,4 +61,4 @@ jobs:
|
||||
steps:
|
||||
- name: Deploy to GitHub Pages
|
||||
id: deployment
|
||||
uses: actions/deploy-pages@v1
|
||||
uses: actions/deploy-pages@v2
|
||||
|
||||
@@ -0,0 +1,60 @@
|
||||
# Sample workflow for building and deploying a mdBook site to GitHub Pages
|
||||
#
|
||||
# To get started with mdBook see: https://rust-lang.github.io/mdBook/index.html
|
||||
#
|
||||
name: Deploy mdBook site to Pages
|
||||
|
||||
on:
|
||||
# Runs on pushes targeting the default branch
|
||||
push:
|
||||
branches: [$default-branch]
|
||||
|
||||
# Allows you to run this workflow manually from the Actions tab
|
||||
workflow_dispatch:
|
||||
|
||||
# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
|
||||
permissions:
|
||||
contents: read
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
|
||||
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
|
||||
concurrency:
|
||||
group: "pages"
|
||||
cancel-in-progress: false
|
||||
|
||||
jobs:
|
||||
# Build job
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
MDBOOK_VERSION: 0.4.21
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- name: Install mdBook
|
||||
run: |
|
||||
curl --proto '=https' --tlsv1.2 https://sh.rustup.rs -sSf -y | sh
|
||||
rustup update
|
||||
cargo install --version ${MDBOOK_VERSION} mdbook
|
||||
- name: Setup Pages
|
||||
id: pages
|
||||
uses: actions/configure-pages@v3
|
||||
- name: Build with mdBook
|
||||
run: mdbook build
|
||||
- name: Upload artifact
|
||||
uses: actions/upload-pages-artifact@v1
|
||||
with:
|
||||
path: ./book
|
||||
|
||||
# Deployment job
|
||||
deploy:
|
||||
environment:
|
||||
name: github-pages
|
||||
url: ${{ steps.deployment.outputs.page_url }}
|
||||
runs-on: ubuntu-latest
|
||||
needs: build
|
||||
steps:
|
||||
- name: Deploy to GitHub Pages
|
||||
id: deployment
|
||||
uses: actions/deploy-pages@v2
|
||||
+5
-4
@@ -18,10 +18,11 @@ permissions:
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
# Allow one concurrent deployment
|
||||
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
|
||||
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
|
||||
concurrency:
|
||||
group: "pages"
|
||||
cancel-in-progress: true
|
||||
cancel-in-progress: false
|
||||
|
||||
jobs:
|
||||
# Build job
|
||||
@@ -44,7 +45,7 @@ jobs:
|
||||
echo "runner=npx --no-install" >> $GITHUB_OUTPUT
|
||||
exit 0
|
||||
else
|
||||
echo "Unable to determine packager manager"
|
||||
echo "Unable to determine package manager"
|
||||
exit 1
|
||||
fi
|
||||
- name: Setup Node
|
||||
@@ -91,4 +92,4 @@ jobs:
|
||||
steps:
|
||||
- name: Deploy to GitHub Pages
|
||||
id: deployment
|
||||
uses: actions/deploy-pages@v1
|
||||
uses: actions/deploy-pages@v2
|
||||
|
||||
+5
-4
@@ -18,10 +18,11 @@ permissions:
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
# Allow one concurrent deployment
|
||||
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
|
||||
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
|
||||
concurrency:
|
||||
group: "pages"
|
||||
cancel-in-progress: true
|
||||
cancel-in-progress: false
|
||||
|
||||
jobs:
|
||||
# Build job
|
||||
@@ -42,7 +43,7 @@ jobs:
|
||||
echo "command=ci" >> $GITHUB_OUTPUT
|
||||
exit 0
|
||||
else
|
||||
echo "Unable to determine packager manager"
|
||||
echo "Unable to determine package manager"
|
||||
exit 1
|
||||
fi
|
||||
- name: Setup Node
|
||||
@@ -86,4 +87,4 @@ jobs:
|
||||
steps:
|
||||
- name: Deploy to GitHub Pages
|
||||
id: deployment
|
||||
uses: actions/deploy-pages@v1
|
||||
uses: actions/deploy-pages@v2
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
"name": "mdBook",
|
||||
"description": "Package a site using mdBook.",
|
||||
"iconName": "mdbook",
|
||||
"categories": ["Pages", "mdBook"]
|
||||
}
|
||||
+4
-3
@@ -15,10 +15,11 @@ permissions:
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
# Allow one concurrent deployment
|
||||
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
|
||||
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
|
||||
concurrency:
|
||||
group: "pages"
|
||||
cancel-in-progress: true
|
||||
cancel-in-progress: false
|
||||
|
||||
jobs:
|
||||
# Single deploy job since we're just deploying
|
||||
@@ -39,4 +40,4 @@ jobs:
|
||||
path: '.'
|
||||
- name: Deploy to GitHub Pages
|
||||
id: deployment
|
||||
uses: actions/deploy-pages@v1
|
||||
uses: actions/deploy-pages@v2
|
||||
|
||||
Reference in New Issue
Block a user