From a248253343fd89ef758e1f6044b935515e932f71 Mon Sep 17 00:00:00 2001 From: vitorveiga Date: Tue, 31 Jan 2023 10:55:13 +0000 Subject: [PATCH] Add Jscrambler Code Integrity starter workflow (#1893) * Add Jscrambler Code Integrity starter workflow * Use hash commit * fix: missing permissions and improve description * chore: move to code scanning category * chore: workflow checks review --- code-scanning/jscrambler-code-integrity.yml | 47 +++++++++++++++++++ .../jscrambler-code-integrity.properties.json | 7 +++ icons/jscrambler.svg | 1 + 3 files changed, 55 insertions(+) create mode 100644 code-scanning/jscrambler-code-integrity.yml create mode 100644 code-scanning/properties/jscrambler-code-integrity.properties.json create mode 100644 icons/jscrambler.svg diff --git a/code-scanning/jscrambler-code-integrity.yml b/code-scanning/jscrambler-code-integrity.yml new file mode 100644 index 0000000..cbc9345 --- /dev/null +++ b/code-scanning/jscrambler-code-integrity.yml @@ -0,0 +1,47 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +# This is a basic workflow to help you get started with Using Jscrambler Code Integrity Action. +# It automates the protection of your JavaScript Applications, so you can run it whenever a new version of your application is built. +# A Jscrambler account is required to use this Workflow. +# +# More info can be found here : https://docs.jscrambler.com/latest/code-integrity/documentation/github-ci-integration + +name: Jscrambler Code Integrity + +on: + push: + branches: [ $default-branch, $protected-branches ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ $default-branch ] + +permissions: + contents: read + +jobs: + build: + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-node@v3 + with: + node-version: 18 + - run: npm ci + - run: npm run build + - name: Jscrambler Code Integrity + id: jscrambler + # the complete list of inputs can be found here: https://github.com/marketplace/actions/jscrambler#inputs + uses: jscrambler/code-integrity-actions/protect@ab65962a2ecffcc362b75a997e24a181d0bde5fb + with: + application-id: ${{ secrets.JSCRAMBLER_APPLICATION_ID }} # This value should be created within your Jscrambler account + secret-key: ${{ secrets.JSCRAMBLER_SECRET_KEY }} # This value can be found in your Jscrambler account + access-key: ${{ secrets.JSCRAMBLER_ACCESS_KEY }} # This value can be found in your Jscrambler account + jscrambler-config-path: jscrambler.json # Download from your Jscrambler account + files-src: | # List of Files to be protected + dist/**/* + files-dest: . diff --git a/code-scanning/properties/jscrambler-code-integrity.properties.json b/code-scanning/properties/jscrambler-code-integrity.properties.json new file mode 100644 index 0000000..f231d5c --- /dev/null +++ b/code-scanning/properties/jscrambler-code-integrity.properties.json @@ -0,0 +1,7 @@ +{ + "name": "Jscrambler Code Integrity", + "description": "Protect your JavaScript Application with polymorphic obfuscation, code locks, and self-defensive techniques", + "creator": "Jscrambler", + "iconName": "jscrambler", + "categories": ["Code Scanning", "JavaScript", "HTML"] +} diff --git a/icons/jscrambler.svg b/icons/jscrambler.svg new file mode 100644 index 0000000..17f79b7 --- /dev/null +++ b/icons/jscrambler.svg @@ -0,0 +1 @@ + \ No newline at end of file