Merge branch 'main' into bump-actions
This commit is contained in:
@@ -33,6 +33,9 @@ jobs:
|
||||
# required for all workflows
|
||||
security-events: write
|
||||
|
||||
# required to fetch internal or private CodeQL packs
|
||||
packages: read
|
||||
|
||||
# only required for workflows in private repositories
|
||||
actions: read
|
||||
contents: read
|
||||
|
||||
@@ -0,0 +1,48 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# A sample workflow which sets up periodic OSV-Scanner scanning for vulnerabilities,
|
||||
# in addition to a PR check which fails if new vulnerabilities are introduced.
|
||||
#
|
||||
# For more examples and options, including how to ignore specific vulnerabilities,
|
||||
# see https://google.github.io/osv-scanner/github-action/
|
||||
|
||||
name: OSV-Scanner
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
merge_group:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
|
||||
permissions:
|
||||
# Require writing security events to upload SARIF file to security tab
|
||||
security-events: write
|
||||
# Read commit contents
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
scan-scheduled:
|
||||
if: ${{ github.event_name == 'push' || github.event_name == 'schedule' }}
|
||||
uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@1f1242919d8a60496dd1874b24b62b2370ed4c78" # v1.7.1
|
||||
with:
|
||||
# Example of specifying custom arguments
|
||||
scan-args: |-
|
||||
-r
|
||||
--skip-git
|
||||
./
|
||||
scan-pr:
|
||||
if: ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }}
|
||||
uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@1f1242919d8a60496dd1874b24b62b2370ed4c78" # v1.7.1
|
||||
with:
|
||||
# Example of specifying custom arguments
|
||||
scan-args: |-
|
||||
-r
|
||||
--skip-git
|
||||
./
|
||||
@@ -0,0 +1,84 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# This workflow will validate the IAM policies in the CloudFormation (CFN) templates with using the standard and custom checks in AWS IAM Access Analyzer
|
||||
# To use this workflow, you will need to complete the following set up steps before start using it:
|
||||
# 1. Configure an AWS IAM role to use the Access Analyzer's ValidatePolicy, CheckNoNewAccess and CheckAccessNotGranted. This IAM role must be configured to call from the GitHub Actions, use the following [doc](https://aws.amazon.com/blogs/security/use-iam-roles-to-connect-github-actions-to-actions-in-aws/) for steps. In the below workflow, ARN of such role is stored in the GitHub secrets with name `POLICY_VALIDATOR_ROLE`
|
||||
# 2. If you're using CHECK_NO_NEW_ACCESS policy-check-type, you need to create a reference policy. Use the guide [here](https://github.com/aws-samples/iam-access-analyzer-custom-policy-check-samples?tab=readme-ov-file#how-do-i-write-my-own-reference-policies) and store it your GitHub repo.
|
||||
# 3. If you're using the CHECK_ACCESS_NOT_GRANTED policy-check-type, identify the list of critical actions that shouldn't be granted access by the policies in the given CFN templates.
|
||||
# 4. Start using the GitHub actions by generating the GitHub events matching the defined criteria in your workflow.
|
||||
name: Validate AWS IAM policies in CloudFormation templates using Policy Validator
|
||||
on:
|
||||
push:
|
||||
branches: [$default-branch, $protected-branches]
|
||||
pull_request:
|
||||
# The branches below must be a subset of the branches above
|
||||
branches: [$default-branch]
|
||||
env:
|
||||
AWS_ROLE: MY_ROLE # set this with the role ARN which has permissions to invoke access-analyzer:ValidatePolicy,access-analyzer:CheckNoNewAccess, access-analyzer:CheckAccessNotGranted and can be used in GitHub actions
|
||||
REGION: MY_AWS_REGION # set this to your preferred AWS region where you plan to deploy your policies, e.g. us-west-1
|
||||
TEMPLATE_PATH: FILE_PATH_TO_CFN_TEMPLATE # set to the file path to the CloudFormation template.
|
||||
ACTIONS: MY_LIST_OF_ACTIONS # set to pass list of actions in the format action1, action2,.. This is required if you are using `CHECK_ACCESS_NOT_GRANTED` policy-check-type.
|
||||
REFERENCE_POLICY: REFERENCE_POLICY # set to pass a JSON formatted file that specifies the path to the reference policy that is used for a permissions comparison. For example, if you stored such path in a GitHub secret with name REFERENCE_IDENTITY_POLICY , you can pass ${{ secrets.REFERENCE_IDENTITY_POLICY }}. If not you have the reference policy in the repository, you can directly pass it's file path. This is required if you are using `CHECK_NO_NEW_ACCESS_CHECK` policy-check-type.
|
||||
REFERENCE_POLICY_TYPE: TYPE_OF_REFERENCE_POLICY # set to pass the policy type associated with the IAM policy under analysis and the reference policy. This is required if you are using `CHECK_NO_NEW_ACCESS_CHECK` policy-check-type.
|
||||
jobs:
|
||||
policy-validator:
|
||||
runs-on: ubuntu-latest # Virtual machine to run the workflow (configurable)
|
||||
# https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services#updating-your-github-actions-workflow
|
||||
# https://aws.amazon.com/blogs/security/use-iam-roles-to-connect-github-actions-to-actions-in-aws/
|
||||
permissions:
|
||||
id-token: write # This is required for requesting the JWT
|
||||
contents: read # This is required for actions/checkout
|
||||
name: Policy Validator checks for AWS IAM policies
|
||||
steps:
|
||||
# checkout the repo for workflow to access the contents
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
|
||||
# Configure AWS Credentials. More configuration details here - https://github.com/aws-actions/configure-aws-credentials
|
||||
- name: Configure AWS Credentials
|
||||
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502
|
||||
with:
|
||||
role-to-assume: ${{ env.AWS_ROLE }}
|
||||
aws-region: ${{ env.REGION }}
|
||||
# Run the VALIDATE_POLICY check. More configuration details here - https://github.com/aws-actions/cloudformation-aws-iam-policy-validator
|
||||
- name: Run AWS AccessAnalyzer ValidatePolicy check
|
||||
id: run-aws-validate-policy
|
||||
uses: aws-actions/cloudformation-aws-iam-policy-validator@10479bdc0c8322ffb6f5eaa75d096195f97b798a #v1.0.0
|
||||
with:
|
||||
policy-check-type: "VALIDATE_POLICY"
|
||||
template-path: ${{ env.TEMPLATE_PATH}}
|
||||
region: ${{ env.REGION }}
|
||||
# Print result from VALIDATE_POLICY check
|
||||
- name: Print the result for ValidatePolicy check
|
||||
if: success() || failure()
|
||||
run: echo "${{ steps.run-aws-validate-policy.outputs.result }}"
|
||||
# Run the CHECK_ACCESS_NOT_GRANTED check. More configuration details here - https://github.com/aws-actions/cloudformation-aws-iam-policy-validator
|
||||
- name: Run AWS AccessAnalyzer CheckAccessNotGranted check
|
||||
id: run-aws-check-access-not-granted
|
||||
uses: aws-actions/cloudformation-aws-iam-policy-validator@10479bdc0c8322ffb6f5eaa75d096195f97b798a #v1.0.0
|
||||
with:
|
||||
policy-check-type: "CHECK_ACCESS_NOT_GRANTED"
|
||||
template-path: ${{ env.TEMPLATE_PATH}}
|
||||
actions: ${{ env.ACTIONS }}
|
||||
region: ${{ env.REGION }}
|
||||
# Print result from CHECK_ACCESS_NOT_GRANTED check
|
||||
- name: Print the result for CheckAccessNotGranted check
|
||||
if: success() || failure()
|
||||
run: echo "${{ steps.run-aws-check-access-not-granted.outputs.result }}"
|
||||
# Run the CHECK_NO_NEW_ACCESS check. More configuration details here - https://github.com/aws-actions/cloudformation-aws-iam-policy-validator
|
||||
# reference-policy is stored in GitHub secrets
|
||||
- name: Run AWS AccessAnalyzer CheckNoNewAccess check
|
||||
id: run-aws-check-no-new-access
|
||||
uses: aws-actions/cloudformation-aws-iam-policy-validator@10479bdc0c8322ffb6f5eaa75d096195f97b798a #v1.0.0
|
||||
with:
|
||||
policy-check-type: "CHECK_NO_NEW_ACCESS"
|
||||
template-path: ${{ env.TEMPLATE_PATH}}
|
||||
reference-policy: ${{ env.REFERENCE }}
|
||||
reference-policy-type: ${{ env.REFERENCE_POLICY_TYPE }}
|
||||
region: ${{env.REGION }}
|
||||
# Print result from CHECK_NO_NEW_ACCESS check
|
||||
- name: Print the result for CheckNoNewAccess check
|
||||
if: success() || failure()
|
||||
run: echo "${{ steps.run-aws-check-no-new-access.outputs.result }}"
|
||||
@@ -0,0 +1,87 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# This workflow will validate the IAM policies in the terraform (TF) templates with using the standard and custom checks in AWS IAM Access Analyzer
|
||||
# To use this workflow, you will need to complete the following set up steps before start using it:
|
||||
# 1. Configure an AWS IAM role to use the Access Analyzer's ValidatePolicy, CheckNoNewAccess and CheckAccessNotGranted. This IAM role must be configured to call from the GitHub Actions, use the following [doc](https://aws.amazon.com/blogs/security/use-iam-roles-to-connect-github-actions-to-actions-in-aws/) for steps.
|
||||
# 2. If you're using CHECK_NO_NEW_ACCESS policy-check-type, you need to create a reference policy. Use the guide [here](https://github.com/aws-samples/iam-access-analyzer-custom-policy-check-samples?tab=readme-ov-file#how-do-i-write-my-own-reference-policies) and store it your GitHub repo.
|
||||
# 3. If you're using the CHECK_ACCESS_NOT_GRANTED policy-check-type, identify the list of critical actions that shouldn't be granted access by the policies in the TF templates.
|
||||
# 4. Start using the GitHub actions by generating the GitHub events matching the defined criteria in your workflow.
|
||||
|
||||
name: Validate AWS IAM policies in Terraform templates using Policy Validator
|
||||
on:
|
||||
push:
|
||||
branches: [$default-branch, $protected-branches]
|
||||
pull_request:
|
||||
# The branches below must be a subset of the branches above
|
||||
branches: [$default-branch]
|
||||
env:
|
||||
AWS_ROLE: MY_ROLE # set this with the role ARN which has permissions to invoke access-analyzer:ValidatePolicy,access-analyzer:CheckNoNewAccess, access-analyzer:CheckAccessNotGranted and can be used in GitHub actions
|
||||
REGION: MY_AWS_REGION # set this to your preferred AWS region where you plan to deploy your policies, e.g. us-west-1
|
||||
TEMPLATE_PATH: FILE_PATH_TO_THE_TF_PLAN # set this to the file path to the terraform plan in JSON
|
||||
ACTIONS: MY_LIST_OF_ACTIONS # set to pass list of actions in the format action1, action2,.. This is required if you are using `CHECK_ACCESS_NOT_GRANTED` policy-check-type.
|
||||
REFERENCE_POLICY: REFERENCE_POLICY # set to pass a JSON formatted file that specifies the path to the reference policy that is used for a permissions comparison. For example, if you stored such path in a GitHub secret with name REFERENCE_IDENTITY_POLICY , you can pass ${{ secrets.REFERENCE_IDENTITY_POLICY }}. If not you have the reference policy in the repository, you can directly pass it's path. This is required if you are using `CHECK_NO_NEW_ACCESS_CHECK` policy-check-type.
|
||||
REFERENCE_POLICY_TYPE: TYPE_OF_REFERENCE_POLICY # set to pass the policy type associated with the IAM policy under analysis and the reference policy. This is required if you are using `CHECK_NO_NEW_ACCESS_CHECK` policy-check-type.
|
||||
|
||||
jobs:
|
||||
policy-validator:
|
||||
runs-on: ubuntu-latest # Virtual machine to run the workflow (configurable)
|
||||
#https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services#updating-your-github-actions-workflow
|
||||
#https://aws.amazon.com/blogs/security/use-iam-roles-to-connect-github-actions-to-actions-in-aws/
|
||||
permissions:
|
||||
id-token: write # This is required for requesting the JWT
|
||||
contents: read # This is required for actions/checkout
|
||||
# https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners
|
||||
name: Policy Validator checks for AWS IAM policies
|
||||
steps:
|
||||
# checkout the repo for workflow to access the contents
|
||||
- name: Checkout
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
|
||||
# Configure AWS Credentials. More configuration details here- https://github.com/aws-actions/configure-aws-credentials
|
||||
- name: Configure AWS Credentials
|
||||
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502
|
||||
with:
|
||||
role-to-assume: ${{ env.AWS_ROLE }}
|
||||
aws-region: ${{ env.REGION }}
|
||||
# Run the VALIDATE_POLICY check. More configuration details here - https://github.com/aws-actions/terraform-aws-iam-policy-validator
|
||||
- name: Run AWS AccessAnalyzer ValidatePolicy check
|
||||
id: run-aws-validate-policy
|
||||
uses: aws-actions/terraform-aws-iam-policy-validator@3e527234ccf8ca494450942c4a91d54b291b013e #v1.0.0
|
||||
with:
|
||||
policy-check-type: "VALIDATE_POLICY"
|
||||
template-path: ${{ env.TEMPLATE_PATH }}
|
||||
region: ${{ env.REGION }}
|
||||
# Print result from VALIDATE_POLICY check
|
||||
- name: Print the result for ValidatePolicy check
|
||||
if: success() || failure()
|
||||
run: echo "${{ steps.run-aws-validate-policy.outputs.result }}"
|
||||
# Run the CHECK_ACCESS_NOT_GRANTED check. More configuration details here - https://github.com/aws-actions/terraform-aws-iam-policy-validator
|
||||
- name: Run AWS AccessAnalyzer CheckAccessNotGranted check
|
||||
id: run-aws-check-access-not-granted
|
||||
uses: aws-actions/terraform-aws-iam-policy-validator@3e527234ccf8ca494450942c4a91d54b291b013e #v1.0.0
|
||||
with:
|
||||
policy-check-type: "CHECK_ACCESS_NOT_GRANTED"
|
||||
template-path: ${{ env.TEMPLATE_PATH }}
|
||||
actions: ${{ env.ACTIONS }}
|
||||
region: ${{ env.REGION }}
|
||||
# Print result from CHECK_ACCESS_NOT_GRANTED check
|
||||
- name: Print the result for CheckAccessNotGranted check
|
||||
if: success() || failure()
|
||||
run: echo "${{ steps.run-aws-check-access-not-granted.outputs.result }}"
|
||||
# Run the CHECK_NO_NEW_ACCESS check. More configuration details here - https://github.com/aws-actions/terraform-aws-iam-policy-validator
|
||||
# reference-policy is stored in GitHub secrets
|
||||
- name: Run AWS AccessAnalyzer CheckNoNewAccess check
|
||||
id: run-aws-check-no-new-access
|
||||
uses: aws-actions/terraform-aws-iam-policy-validator@3e527234ccf8ca494450942c4a91d54b291b013e #v1.0.0
|
||||
with:
|
||||
policy-check-type: "CHECK_NO_NEW_ACCESS"
|
||||
template-path: ${{ env.TEMPLATE_PATH }}
|
||||
reference-policy: ${{ env.REFERENCE_POLICY }}
|
||||
reference-policy-type: ${{ env.REFERENCE_POLICY_TYPE }}
|
||||
region: ${{ env.REGION }}
|
||||
# Print result from CHECK_NO_NEW_ACCESS check
|
||||
- name: Print the result CheckNoNewAccess check
|
||||
if: success() || failure()
|
||||
run: echo "${{ steps.run-aws-check-no-new-access.outputs.result }}"
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "OSV Scanner",
|
||||
"creator": "Google",
|
||||
"description": "Vulnerability scanner for your dependencies using data provided by https://osv.dev",
|
||||
"iconName": "osv",
|
||||
"categories": ["Code Scanning", "JavaScript", "Python", "Java", "PHP", "C#", "R", "Ruby", "Rust", "Swift", "Go", "TypeScript"]
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Policy Validator for CloudFormation",
|
||||
"creator": "Amazon Web Services",
|
||||
"description": "Validate AWS IAM Policies in CloudFormation Templates powered IAM Access Analyzer",
|
||||
"iconName": "aws",
|
||||
"categories": ["Code Scanning", "AWS", "Python"]
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "Policy Validator for Terraform",
|
||||
"creator": "Amazon Web Services",
|
||||
"description": "Validate AWS IAM Policies in Terraform Templates powered IAM Access Analyzer",
|
||||
"iconName": "aws",
|
||||
"categories": ["Code Scanning", "AWS", "Python"]
|
||||
}
|
||||
@@ -0,0 +1,29 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<!-- Created with Inkscape (http://www.inkscape.org/) -->
|
||||
|
||||
<svg
|
||||
version="1.1"
|
||||
id="svg58"
|
||||
width="640"
|
||||
height="640"
|
||||
viewBox="0 0 640 640"
|
||||
xmlns="http://www.w3.org/2000/svg"
|
||||
xmlns:svg="http://www.w3.org/2000/svg">
|
||||
<defs
|
||||
id="defs62" />
|
||||
<g
|
||||
id="g64">
|
||||
<g
|
||||
id="g287"
|
||||
transform="translate(-5.0923359e-7,0.5000001)">
|
||||
<path
|
||||
style="fill:#e52028;stroke-width:0.32"
|
||||
d="M 313.12,401.39149 C 297.62072,399.57334 286.53076,395.72131 275.1055,388.18733 268.27614,383.68394 260.47246,376.49453 255.62471,370.24 244.37124,355.7208 238.4,338.30426 238.4,320 c 0,-18.33454 5.94129,-35.66116 17.22728,-50.24 2.89844,-3.74411 9.16676,-10.10888 13.01272,-13.21295 10.19834,-8.23107 22.00787,-13.84062 34.72,-16.49208 6.03993,-1.25979 8.65766,-1.49497 16.64,-1.49497 11.57219,0 19.5936,1.44452 29.70125,5.34868 9.95651,3.84579 19.13997,9.81125 27.21385,17.67778 11.09898,10.8139 18.34391,23.28766 22.12535,38.09354 2.05869,8.06074 2.39472,10.98688 2.37014,20.64 -0.0195,7.70205 -0.0986,8.90566 -0.8608,13.12 -2.54761,14.08522 -7.74435,25.90691 -16.17705,36.8 -2.89847,3.74413 -9.16679,10.10886 -13.01274,13.21296 -14.86269,11.99565 -32.82352,18.26662 -51.83804,18.0991 -2.99308,-0.0262 -5.87396,-0.0986 -6.40196,-0.16057 z m 16,-38.82029 c 8.07386,-2.15933 14.11382,-7.14243 16.17885,-13.34781 l 0.69833,-2.09849 2.26429,0.22313 c 3.96058,0.39027 5.52704,1.70995 6.27651,5.28781 0.46493,2.21965 1.03911,3.09555 2.19559,3.34957 2.26694,0.49792 3.832,-1.45072 3.43901,-4.28183 -0.304,-2.19024 -1.89338,-5.19846 -3.55652,-6.73148 -2.14822,-1.98016 -4.36147,-2.88269 -7.63571,-3.11376 L 346.24,341.66493 v -5.11872 -5.11875 l 2.12544,0.19846 c 3.80707,0.35552 5.46899,1.77594 6.15446,5.26013 0.44541,2.2639 0.84477,2.86643 2.14557,3.23715 2.52877,0.72067 4.06413,-1.50061 3.34736,-4.84285 -0.84016,-3.91741 -3.95731,-7.4327 -7.58425,-8.55296 -1.17799,-0.36384 -2.99223,-0.64739 -4.14228,-0.64739 H 346.24 v -3.47533 c 0,-1.91145 -0.0916,-4.14344 -0.20349,-4.96001 L 345.83302,316.16 h 2.13376 c 3.86909,0 5.53146,1.29816 6.55188,5.11648 0.69385,2.59638 1.45312,3.52352 2.8856,3.52352 4.62992,0 3.07612,-8.61475 -2.20743,-12.23862 -2.13107,-1.46165 -5.01504,-2.14786 -9.06041,-2.15582 l -2.82356,-0.006 -1.63235,-1.78605 c -3.82515,-4.18532 -10.34128,-7.16291 -17.44051,-7.96955 l -2,-0.22724 v 23.40597 23.40596 l -0.78544,0.78547 c -0.432,0.432 -1.08656,0.78544 -1.45456,0.78544 -0.368,0 -1.02254,-0.35344 -1.45454,-0.78544 L 317.76,347.22909 v -23.40595 -23.40598 l -2,0.22725 c -7.09922,0.80663 -13.61537,3.78422 -17.44052,7.96954 l -1.63234,1.78605 -2.82357,0.006 c -5.95011,0.0117 -9.59252,1.56325 -12.01418,5.11762 -1.56275,2.29371 -2.38116,5.38812 -1.87334,7.08309 0.41648,1.39008 1.38263,2.19373 2.63731,2.19373 1.41887,0 2.36621,-1.17699 2.951,-3.66633 0.8497,-3.61707 2.61413,-4.97368 6.46886,-4.97368 h 2.13377 l -0.2035,1.48466 c -0.11192,0.81657 -0.20349,3.04856 -0.20349,4.96001 v 3.4749 h -2.04629 c -1.15006,0 -2.96431,0.28355 -4.1423,0.64739 -3.62694,1.12026 -6.74409,4.63555 -7.58423,8.55296 -0.71677,3.34224 0.81858,5.56352 3.34735,4.84285 1.30081,-0.37072 1.70015,-0.97325 2.14555,-3.23715 0.68547,-3.48419 2.3474,-4.90461 6.15449,-5.26013 l 2.12543,-0.19846 v 5.11875 5.11872 l -2.78723,0.1967 c -4.74271,0.33469 -8.37683,2.73488 -10.17828,6.72234 -1.95828,4.33456 -0.7237,8.10333 2.42775,7.41113 1.20012,-0.26358 1.77053,-1.1191 2.23979,-3.35926 0.74946,-3.57786 2.31592,-4.89754 6.27651,-5.28781 l 2.26429,-0.22313 0.69833,2.09849 c 2.07201,6.22637 8.2988,11.34474 16.17884,13.29879 3.75328,0.93072 3.97538,0.94915 10.08,0.8368 4.47261,-0.0823 6.11536,-0.24093 8.16,-0.78778 z m -24.23201,-62.20621 c 4.80757,-2.40158 8.6863,-3.23082 15.11201,-3.23082 6.42854,0 10.29405,0.82566 15.16141,3.23846 1.21075,0.60019 2.23526,1.04988 2.2767,0.99931 0.0414,-0.0506 -0.11776,-1.01947 -0.35379,-2.15312 -0.81187,-3.89998 -2.88445,-7.066 -5.90826,-9.02534 -1.47814,-0.95781 -1.58432,-1.11112 -1.39552,-2.01508 0.33658,-1.61156 1.39885,-3.80104 2.30138,-4.7435 1.10669,-1.15566 2.91104,-1.62034 5.2415,-1.34986 1.77748,0.2063 1.90941,0.17135 2.83047,-0.74971 1.23638,-1.23637 1.27945,-2.53472 0.12246,-3.69169 -0.464,-0.464 -0.932,-0.84991 -1.04,-0.85758 -0.108,-0.008 -0.84131,-0.13835 -1.6296,-0.29042 -2.87897,-0.55539 -6.89238,0.66453 -9.38435,2.85249 -1.24298,1.09135 -2.78947,3.85946 -3.58221,6.41187 l -0.54662,1.76 H 320 315.90644 l -0.54663,-1.76 c -0.79274,-2.55241 -2.33924,-5.32052 -3.58221,-6.41187 -2.49196,-2.18796 -6.50536,-3.40788 -9.38436,-2.85249 -0.78828,0.15207 -1.5216,0.28276 -1.6296,0.29042 -0.108,0.008 -0.576,0.39358 -1.04,0.85758 -1.06392,1.06391 -1.08992,2.35438 -0.0713,3.53852 0.74001,0.86025 0.89311,0.89784 3.65646,0.89784 2.42508,0 3.02791,0.10654 3.78765,0.66942 1.28735,0.95378 2.28082,2.5363 2.87469,4.57915 0.48398,1.66482 0.48097,1.78825 -0.0512,2.1001 -2.80997,1.64661 -5.19673,4.38841 -6.26303,7.19468 -0.55832,1.46937 -1.28468,4.81665 -1.04522,4.81665 0.0684,0 1.09271,-0.48376 2.27632,-1.07501 z"
|
||||
id="path291" />
|
||||
<path
|
||||
style="fill:#1c1718;stroke-width:0.32"
|
||||
d="m 308,495.0017 c -23.4946,-1.6353 -47.41628,-8.27952 -68.04692,-18.89997 l -3.72692,-1.91856 -19.63308,0.66301 c -10.79819,0.36467 -20.85708,0.73993 -22.35308,0.83395 l -2.72,0.17094 31.01322,-31.01936 31.01322,-31.01939 2.26678,1.52416 c 15.39314,10.35011 32.73802,16.69053 51.86678,18.95987 4.64212,0.55072 19.99789,0.55072 24.64,0 22.3479,-2.65126 42.07514,-10.78163 59.26902,-24.4271 5.24586,-4.16323 14.117,-13.03437 18.28023,-18.28023 13.64547,-17.19388 21.77584,-36.92112 24.4271,-59.26902 0.248,-2.0905 0.4176,-7.09379 0.4176,-12.32 0,-11.33661 -0.75526,-17.89053 -3.1927,-27.70552 -4.3408,-17.47935 -12.89175,-33.94997 -24.66861,-47.51607 -3.5144,-4.04834 -10.73616,-11.04015 -14.63664,-14.17054 -16.9513,-13.60461 -35.93318,-21.65778 -58.296,-24.73241 -5.92845,-0.8151 -21.91155,-0.8151 -27.84,0 -13.65291,1.87712 -24.30427,5.02893 -35.98683,10.64877 -16.50302,7.93871 -31.0553,19.9276 -42.18383,34.75317 -10.67061,14.21549 -18.27117,31.91088 -21.16699,49.28031 -1.08125,6.48544 -1.33557,9.33741 -1.5197,17.04229 -0.56989,23.84653 6.12797,46.78726 19.44099,66.58694 l 1.52425,2.26695 -21.56639,21.56461 c -13.42472,13.42361 -21.67524,21.447 -21.85473,21.25305 -0.15859,-0.17136 -1.44752,-1.84771 -2.86428,-3.72525 -17.61873,-23.3486 -29.17085,-51.03913 -33.48603,-80.2663 -2.06594,-13.99277 -2.30805,-31.1865 -0.64212,-45.6 6.45298,-55.83069 39.54217,-105.34444 88.81159,-132.89521 19.9618,-11.16236 42.2012,-18.34961 65.01215,-21.0104 14.69605,-1.71422 32.2752,-1.41255 46.80192,0.80315 20.7032,3.15776 40.8784,10.06604 59.01408,20.20725 49.27539,27.55412 82.35782,77.05773 88.81158,132.89521 1.66592,14.4135 1.42381,31.60723 -0.64211,45.6 -7.25635,49.14797 -34.62672,92.6056 -75.73414,120.24778 -25.86682,17.39382 -55.10183,27.34979 -86.64941,29.50841 -5.39699,0.36928 -17.6609,0.35104 -23.2,-0.0345 z"
|
||||
id="path289" />
|
||||
</g>
|
||||
</g>
|
||||
</svg>
|
||||
|
After Width: | Height: | Size: 6.8 KiB |
Reference in New Issue
Block a user