diff --git a/ci/elixir.yml b/ci/elixir.yml
index 3f64657..afe01be 100644
--- a/ci/elixir.yml
+++ b/ci/elixir.yml
@@ -15,10 +15,10 @@ jobs:
steps:
- uses: actions/checkout@v2
- name: Set up Elixir
- uses: erlef/setup-elixir@885971a72ed1f9240973bd92ab57af8c1aa68f24
+ uses: erlef/setup-beam@988e02bfe678367a02564f65ca2e37726dc0268f
with:
- elixir-version: '1.10.3' # Define the elixir version [required]
- otp-version: '22.3' # Define the OTP version [required]
+ elixir-version: '1.12.3' # Define the elixir version [required]
+ otp-version: '24.1' # Define the OTP version [required]
- name: Restore dependencies cache
uses: actions/cache@v2
with:
diff --git a/ci/pylint.yml b/ci/pylint.yml
index 0805af7..10c49c6 100644
--- a/ci/pylint.yml
+++ b/ci/pylint.yml
@@ -4,15 +4,16 @@ on: [push]
jobs:
build:
-
runs-on: ubuntu-latest
-
+ strategy:
+ matrix:
+ python-version: ["3.8", "3.9", "3.10"]
steps:
- uses: actions/checkout@v2
- - name: Set up Python 3.9
+ - name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v2
with:
- python-version: 3.9
+ python-version: ${{ matrix.python-version }}
- name: Install dependencies
run: |
python -m pip install --upgrade pip
diff --git a/ci/python-app.yml b/ci/python-app.yml
index f6ad69a..2cfc2a3 100644
--- a/ci/python-app.yml
+++ b/ci/python-app.yml
@@ -16,10 +16,10 @@ jobs:
steps:
- uses: actions/checkout@v2
- - name: Set up Python 3.9
+ - name: Set up Python 3.10
uses: actions/setup-python@v2
with:
- python-version: 3.9
+ python-version: "3.10"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
diff --git a/ci/python-package-conda.yml b/ci/python-package-conda.yml
index 7bae7e2..9bd6d2b 100644
--- a/ci/python-package-conda.yml
+++ b/ci/python-package-conda.yml
@@ -10,10 +10,10 @@ jobs:
steps:
- uses: actions/checkout@v2
- - name: Set up Python 3.8
+ - name: Set up Python 3.10
uses: actions/setup-python@v2
with:
- python-version: 3.8
+ python-version: 3.10
- name: Add conda to system path
run: |
# $CONDA is an environment variable pointing to the root of the miniconda directory
diff --git a/ci/python-package.yml b/ci/python-package.yml
index b079b1c..b0a63cf 100644
--- a/ci/python-package.yml
+++ b/ci/python-package.yml
@@ -16,7 +16,7 @@ jobs:
strategy:
fail-fast: false
matrix:
- python-version: [3.7, 3.8, 3.9]
+ python-version: ["3.8", "3.9", "3.10"]
steps:
- uses: actions/checkout@v2
diff --git a/ci/r.yml b/ci/r.yml
index f257fbd..305c2cf 100644
--- a/ci/r.yml
+++ b/ci/r.yml
@@ -19,12 +19,12 @@ jobs:
runs-on: macos-latest
strategy:
matrix:
- r-version: [3.5, 3.6]
+ r-version: ['3.6.3', '4.1.1']
steps:
- uses: actions/checkout@v2
- name: Set up R ${{ matrix.r-version }}
- uses: r-lib/actions/setup-r@ffe45a39586f073cc2e9af79c4ba563b657dc6e3
+ uses: r-lib/actions/setup-r@f57f1301a053485946083d7a45022b278929a78a
with:
r-version: ${{ matrix.r-version }}
- name: Install dependencies
diff --git a/code-scanning/codeql.yml b/code-scanning/codeql.yml
index b32675e..57b4b69 100644
--- a/code-scanning/codeql.yml
+++ b/code-scanning/codeql.yml
@@ -34,8 +34,7 @@ jobs:
matrix:
language: [ $detected-codeql-languages ]
# CodeQL supports [ $supported-codeql-languages ]
- # Learn more:
- # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+ # Learn more about CodeQL language support at https://git.io/codeql-language-support
steps:
- name: Checkout repository
diff --git a/code-scanning/mobsf.yml b/code-scanning/mobsf.yml
new file mode 100644
index 0000000..689a1a0
--- /dev/null
+++ b/code-scanning/mobsf.yml
@@ -0,0 +1,36 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+name: MobSF
+
+on:
+ push:
+ branches: [ $default-branch, $protected-branches ]
+ pull_request:
+ branches: [ $default-branch ]
+ schedule:
+ - cron: $cron-weekly
+
+jobs:
+ mobile-security:
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v2
+
+ - name: Setup python
+ uses: actions/setup-python@v2
+ with:
+ python-version: 3.8
+
+ - name: Run mobsfscan
+ uses: MobSF/mobsfscan@a60d10a83af68e23e0b30611c6515da604f06f65
+ with:
+ args: . --sarif --output results.sarif || true
+
+ - name: Upload mobsfscan report
+ uses: github/codeql-action/upload-sarif@v1
+ with:
+ sarif_file: results.sarif
\ No newline at end of file
diff --git a/code-scanning/msvc.yml b/code-scanning/msvc.yml
index c6bb29f..f14ae3e 100644
--- a/code-scanning/msvc.yml
+++ b/code-scanning/msvc.yml
@@ -37,13 +37,13 @@ jobs:
# run: cmake --build ${{ env.build }}
- name: Initialize MSVC Code Analysis
- uses: microsoft/msvc-code-analysis-action@502db28262ba134c9a621d5a509b9f7e696c99b6
+ uses: microsoft/msvc-code-analysis-action@04825f6d9e00f87422d6bf04e1a38b1f3ed60d99
# Provide a unique ID to access the sarif output path
id: run-analysis
with:
cmakeBuildDirectory: ${{ env.build }}
# Ruleset file that will determine what checks will be run
- ruleset: NativeRecommendRules.ruleset
+ ruleset: NativeRecommendedRules.ruleset
# Upload SARIF file to GitHub Code Scanning Alerts
- name: Upload SARIF to GitHub
@@ -56,4 +56,4 @@ jobs:
# uses: actions/upload-artifact@v2
# with:
# name: sarif-file
- # path: ${{ steps.run-analysis.outputs.sarif }}
+ # path: ${{ steps.run-analysis.outputs.sarif }}
\ No newline at end of file
diff --git a/code-scanning/properties/codeql.properties.json b/code-scanning/properties/codeql.properties.json
index cb9305a..ddb4627 100644
--- a/code-scanning/properties/codeql.properties.json
+++ b/code-scanning/properties/codeql.properties.json
@@ -1,7 +1,7 @@
{
"name": "CodeQL Analysis",
"creator": "GitHub",
- "description": "Security analysis from GitHub for C, C++, C#, Java, JavaScript, TypeScript, Python, and Go developers.",
+ "description": "Security analysis from GitHub for C, C++, C#, Go, Java, JavaScript, TypeScript, Python, and Ruby developers.",
"iconName": "octicon mark-github",
- "categories": ["Code Scanning", "C", "C#", "C++", "Go", "Java", "JavaScript", "TypeScript", "Python"]
+ "categories": ["Code Scanning", "C", "C++", "C#", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby"]
}
diff --git a/code-scanning/properties/mobsf.properties.json b/code-scanning/properties/mobsf.properties.json
new file mode 100644
index 0000000..a6afbfa
--- /dev/null
+++ b/code-scanning/properties/mobsf.properties.json
@@ -0,0 +1,13 @@
+{
+ "name": "mobsf",
+ "creator": "mobsf",
+ "description": "Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.",
+ "iconName": "mobsf",
+ "categories": [
+ "Code Scanning",
+ "Java",
+ "Swift",
+ "Objective-C",
+ "Kotlin"
+ ]
+}
\ No newline at end of file
diff --git a/deployments/aks.yml b/deployments/aks.yml
new file mode 100644
index 0000000..08988ff
--- /dev/null
+++ b/deployments/aks.yml
@@ -0,0 +1,80 @@
+# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code
+#
+# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR)
+# For instructions see https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal
+# https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal
+# https://github.com/Azure/aks-create-action
+#
+# To configure this workflow:
+#
+# 1. Set the following secrets in your repository:
+# - AZURE_CREDENTIALS (instructions for getting this https://github.com/Azure/login#configure-a-service-principal-with-a-secret)
+#
+# 2. Set the following environment variables (or replace the values below):
+# - AZURE_CONTAINER_REGISTRY (name of your container registry)
+# - PROJECT_NAME
+# - RESOURCE_GROUP (where your cluster is deployed)
+# - CLUSTER_NAME (name of your AKS cluster)
+#
+# 3. Choose the approrpiate render engine for the bake step https://github.com/Azure/k8s-bake. The config below assumes helm, then set
+# any needed environment variables such as:
+# - CHART_PATH
+# - CHART_OVERRIDE_PATH
+#
+# For more information on GitHub Actions for Azure, refer to https://github.com/Azure/Actions
+# For more samples to get started with GitHub Action workflows to deploy to Azure, refer to https://github.com/Azure/actions-workflow-samples
+# For more options with the actions used below please see the folllowing
+# https://github.com/Azure/login
+# https://github.com/Azure/aks-set-context
+# https://github.com/marketplace/actions/azure-cli-action
+# https://github.com/Azure/k8s-bake
+# https://github.com/Azure/k8s-deploy
+
+on: [push]
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@master
+
+ - name: Azure Login
+ uses: azure/login@v1
+ with:
+ creds: ${{ secrets.AZURE_CREDENTIALS }}
+
+ - name: Build image on ACR
+ uses: azure/CLI@v1
+ with:
+ azcliversion: 2.29.1
+ inlineScript: |
+ az configure --defaults acr=${{ env.AZURE_CONTAINER_REGISTRY }}
+ az acr build -t -t ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.PROJECT_NAME }}:${{ github.sha }}
+
+ - name: Gets K8s context
+ uses: azure/aks-set-context@v1
+ with:
+ creds: ${{ secrets.AZURE_CREDENTIALS }}
+ resource-group: ${{ env.RESOURCE_GROUP }}
+ cluster-name: ${{ env.CLUSTER_NAME }}
+ id: login
+
+ - name: Configure deployment
+ uses: azure/k8s-bake@v1
+ with:
+ renderEngine: 'helm'
+ helmChart: ${{ env.CHART_PATH }}
+ overrideFiles: ${{ env.CHART_OVERRIDE_PATH }}
+ overrides: |
+ replicas:2
+ helm-version: 'latest'
+ id: bake
+
+ - name: Deploys application
+ - uses: Azure/k8s-deploy@v1
+ with:
+ manifests: ${{ steps.bake.outputs.manifestsBundle }}
+ images: |
+ ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.PROJECT_NAME }}:${{ github.sha }}
+ imagepullsecrets: |
+ ${{ env.PROJECT_NAME }}
diff --git a/deployments/azure-staticwebapp.yml b/deployments/azure-staticwebapp.yml
new file mode 100644
index 0000000..8e1faf7
--- /dev/null
+++ b/deployments/azure-staticwebapp.yml
@@ -0,0 +1,64 @@
+# This workflow will build and push a web application to an Azure Static Web App when you change your code.
+#
+# This workflow assumes you have already created the target Azure Static Web App.
+# For instructions see https://docs.microsoft.com/azure/static-web-apps/get-started-portal?tabs=vanilla-javascript
+#
+# To configure this workflow:
+#
+# 1. Set up a secret in your repository named AZURE_STATIC_WEB_APPS_API_TOKEN with the value of your Static Web Apps deployment token.
+# For instructions on obtaining the deployment token see: https://docs.microsoft.com/azure/static-web-apps/deployment-token-management
+#
+# 3. Change the values for the APP_LOCATION, API_LOCATION and APP_ARTIFACT_LOCATION, AZURE_STATIC_WEB_APPS_API_TOKEN environment variables (below).
+# For instructions on setting up the appropriate configuration values go to https://docs.microsoft.com/azure/static-web-apps/front-end-frameworks
+name: Deploy web app to Azure Static Web Apps
+
+on:
+ push:
+ branches:
+ - $default-branch
+ pull_request:
+ types: [opened, synchronize, reopened, closed]
+ branches:
+ - $default-branch
+
+# Environment variables available to all jobs and steps in this workflow
+env:
+ APP_LOCATION: "/" # location of your client code
+ API_LOCATION: "api" # location of your api source code - optional
+ APP_ARTIFACT_LOCATION: "build" # location of client code build output
+ AZURE_STATIC_WEB_APPS_API_TOKEN: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN }} # secret containing deployment token for your static web app
+
+jobs:
+ build_and_deploy_job:
+ if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed')
+ runs-on: ubuntu-latest
+ name: Build and Deploy Job
+ steps:
+ - uses: actions/checkout@v2
+ with:
+ submodules: true
+ - name: Build And Deploy
+ id: builddeploy
+ uses: Azure/static-web-apps-deploy@v1
+ with:
+ azure_static_web_apps_api_token: ${{ env.AZURE_STATIC_WEB_APPS_API_TOKEN }} # secret containing api token for app
+ repo_token: ${{ secrets.GITHUB_TOKEN }} # Used for Github integrations (i.e. PR comments)
+ action: "upload"
+ ###### Repository/Build Configurations - These values can be configured to match you app requirements. ######
+ # For more information regarding Static Web App workflow configurations, please visit: https://aka.ms/swaworkflowconfig
+ app_location: ${{ env.APP_LOCATION }}
+ api_location: ${{ env.API_LOCATION }}
+ app_artifact_location: ${{ env.APP_ARTIFACT_LOCATION }}
+ ###### End of Repository/Build Configurations ######
+
+ close_pull_request_job:
+ if: github.event_name == 'pull_request' && github.event.action == 'closed'
+ runs-on: ubuntu-latest
+ name: Close Pull Request Job
+ steps:
+ - name: Close Pull Request
+ id: closepullrequest
+ uses: Azure/static-web-apps-deploy@v1
+ with:
+ azure_static_web_apps_api_token: ${{ env.AZURE_STATIC_WEB_APPS_API_TOKEN }} # secret containing api token for app
+ action: "close"
diff --git a/deployments/azure-webapps-node.yml b/deployments/azure-webapps-node.yml
index 8c80255..a1330cc 100644
--- a/deployments/azure-webapps-node.yml
+++ b/deployments/azure-webapps-node.yml
@@ -29,41 +29,23 @@ env:
NODE_VERSION: '10.x' # set this to the node version to use
jobs:
- build:
+ build-and-deploy:
+ name: Build and Deploy
runs-on: ubuntu-latest
+ environment: production
steps:
- uses: actions/checkout@v2
-
- - name: Set up Node.js
+ - name: Use Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@v2
with:
node-version: ${{ env.NODE_VERSION }}
-
- name: npm install, build, and test
run: |
+ # Build and test the project, then
+ # deploy to Azure Web App.
npm install
npm run build --if-present
npm run test --if-present
-
- - name: Upload artifact for deployment job
- uses: actions/upload-artifact@v2
- with:
- name: node-app
- path: .
-
- deploy:
- runs-on: ubuntu-latest
- needs: build
- environment:
- name: 'Development'
- url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
-
- steps:
- - name: Download artifact from build job
- uses: actions/download-artifact@v2
- with:
- name: node-app
-
- name: 'Deploy to Azure WebApp'
id: deploy-to-webapp
uses: azure/webapps-deploy@v2
diff --git a/deployments/dummy-azure-webapps-container.yml b/deployments/dummy-azure-webapps-container.yml
deleted file mode 100644
index 66c49d8..0000000
--- a/deployments/dummy-azure-webapps-container.yml
+++ /dev/null
@@ -1,59 +0,0 @@
-# Docs for the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
-# More GitHub Actions for Azure: https://github.com/Azure/actions
-
-name: Build and deploy a container to an Azure Web App
-
-env:
- AZURE_WEBAPP_NAME: '' # set this to the name of your Azure Web App
-
-on:
- push:
- branches:
- - $default-branch
- workflow_dispatch:
-
-jobs:
- build:
- runs-on: ubuntu-latest
-
- steps:
- - uses: actions/checkout@v2
-
- - name: Set up Docker Buildx
- uses: docker/setup-buildx-action@v1
-
- - name: Log in to GitHub container registry
- uses: docker/login-action@v1
- with:
- registry: ghcr.io
- username: ${{ github.actor }}
- password: ${{ secrets.GITHUB_TOKEN }}
-
- - name: Lowercase the repo name
- run: echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV}
-
- - name: Build and push container image to registry
- uses: docker/build-push-action@v2
- with:
- push: true
- tags: ghcr.io/${{ env.REPO }}:${{ github.sha }}
- file: ./Dockerfile
-
- deploy:
- runs-on: ubuntu-latest
- needs: build
- environment:
- name: 'Development'
- url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
-
- steps:
- - name: Lowercase the repo name
- run: echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV}
-
- - name: Deploy to Azure Web App
- id: deploy-to-webapp
- uses: azure/webapps-deploy@v2
- with:
- app-name: ${{ env.AZURE_WEBAPP_NAME }}
- publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
- images: 'ghcr.io/${{ env.REPO }}:${{ github.sha }}'
diff --git a/deployments/dummy-azure-webapps-dotnet-core.yml b/deployments/dummy-azure-webapps-dotnet-core.yml
deleted file mode 100644
index 9948969..0000000
--- a/deployments/dummy-azure-webapps-dotnet-core.yml
+++ /dev/null
@@ -1,59 +0,0 @@
-# Docs for the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
-# More GitHub Actions for Azure: https://github.com/Azure/actions
-
-name: Build and deploy ASP.Net Core app to an Azure Web App
-
-env:
- AZURE_WEBAPP_NAME: your-app-name # set this to the name of your Azure Web App
- DOTNET_VERSION: '5' # set this to the .NET Core version to use
-
-on:
- push:
- branches:
- - $default-branch
- workflow_dispatch:
-
-jobs:
- build:
- runs-on: ubuntu-latest
-
- steps:
- - uses: actions/checkout@v2
-
- - name: Set up .NET Core
- uses: actions/setup-dotnet@v1
- with:
- dotnet-version: ${{ env.DOTNET_VERSION }}
-
- - name: Build with dotnet
- run: dotnet build --configuration Release
-
- - name: dotnet publish
- run: dotnet publish -c Release -o ${{env.DOTNET_ROOT}}/myapp
-
- - name: Upload artifact for deployment job
- uses: actions/upload-artifact@v2
- with:
- name: .net-app
- path: ${{env.DOTNET_ROOT}}/myapp
-
- deploy:
- runs-on: ubuntu-latest
- needs: build
- environment:
- name: 'Development'
- url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
-
- steps:
- - name: Download artifact from build job
- uses: actions/download-artifact@v2
- with:
- name: .net-app
-
- - name: Deploy to Azure Web App
- id: deploy-to-webapp
- uses: azure/webapps-deploy@v2
- with:
- app-name: ${{ env.AZURE_WEBAPP_NAME }}
- publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
- package: .
diff --git a/deployments/dummy-azure-webapps-java-jar.yml b/deployments/dummy-azure-webapps-java-jar.yml
deleted file mode 100644
index 45ec6f8..0000000
--- a/deployments/dummy-azure-webapps-java-jar.yml
+++ /dev/null
@@ -1,56 +0,0 @@
-# Docs for the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
-# More GitHub Actions for Azure: https://github.com/Azure/actions
-
-name: Build and deploy JAR app to Azure Web App
-
-env:
- AZURE_WEBAPP_NAME: your-app-name # set this to the name of your Azure Web App
- JAVA_VERSION: '11' # set this to the Java version to use
-
-on:
- push:
- branches:
- - $default-branch
- workflow_dispatch:
-
-jobs:
- build:
- runs-on: ubuntu-latest
-
- steps:
- - uses: actions/checkout@v2
-
- - name: Set up Java version
- uses: actions/setup-java@v2.3.1
- with:
- java-version: ${{ env.JAVA_VERSION }}
-
- - name: Build with Maven
- run: mvn clean install
-
- - name: Upload artifact for deployment job
- uses: actions/upload-artifact@v2
- with:
- name: java-app
- path: '${{ github.workspace }}/target/*.jar'
-
- deploy:
- runs-on: ubuntu-latest
- needs: build
- environment:
- name: 'Development'
- url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
-
- steps:
- - name: Download artifact from build job
- uses: actions/download-artifact@v2
- with:
- name: java-app
-
- - name: Deploy to Azure Web App
- id: deploy-to-webapp
- uses: azure/webapps-deploy@v2
- with:
- app-name: ${{ env.AZURE_WEBAPP_NAME }}
- publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
- package: '*.jar'
diff --git a/deployments/dummy-azure-webapps-php.yml b/deployments/dummy-azure-webapps-php.yml
deleted file mode 100644
index 5862766..0000000
--- a/deployments/dummy-azure-webapps-php.yml
+++ /dev/null
@@ -1,64 +0,0 @@
-# Docs for the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
-# More GitHub Actions for Azure: https://github.com/Azure/actions
-
-name: Build and deploy PHP app to Azure Web App
-
-on:
- push:
- branches:
- - $default-branch
- workflow_dispatch:
-
-env:
- AZURE_WEBAPP_NAME: your-app-name # set this to your application's name
- AZURE_WEBAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root
- PHP_VERSION: '10.x' # set this to the PHP version to use
-
-jobs:
- build:
- runs-on: ubuntu-latest
-
- steps:
- - uses: actions/checkout@v2
-
- - name: Setup PHP
- uses: shivammathur/setup-php@v2
- with:
- php-version: ${{ env.PHP_VERSION }}
-
- - name: Check if composer.json exists
- id: check_files
- uses: andstor/file-existence-action@v1
- with:
- files: 'composer.json'
-
- - name: Run composer install if composer.json exists
- if: steps.check_files.outputs.files_exists == 'true'
- run: composer validate --no-check-publish && composer install --prefer-dist --no-progress
-
- - name: Upload artifact for deployment job
- uses: actions/upload-artifact@v2
- with:
- name: php-app
- path: .
-
- deploy:
- runs-on: ubuntu-latest
- needs: build
- environment:
- name: 'Development'
- url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
-
- steps:
- - name: Download artifact from build job
- uses: actions/download-artifact@v2
- with:
- name: php-app
-
- - name: 'Deploy to Azure Web App'
- uses: azure/webapps-deploy@v2
- id: deploy-to-webapp
- with:
- app-name: ${{ env.AZURE_WEBAPP_NAME }}
- publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
- package: .
diff --git a/deployments/dummy-azure-webapps-python.yml b/deployments/dummy-azure-webapps-python.yml
deleted file mode 100644
index 7ad005e..0000000
--- a/deployments/dummy-azure-webapps-python.yml
+++ /dev/null
@@ -1,66 +0,0 @@
-# Docs for the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
-# More GitHub Actions for Azure: https://github.com/Azure/actions
-# More info on Python, GitHub Actions, and Azure App Service: https://aka.ms/python-webapps-actions
-
-name: Build and deploy Python app to Azure Web App
-
-env:
- AZURE_WEBAPP_NAME: your-app-name # set this to the name of your Azure Web App
- PYTHON_VERSION: '3.8' # set this to the Python version to use
-
-on:
- push:
- branches:
- - $default-branch
- workflow_dispatch:
-
-jobs:
- build:
- runs-on: ubuntu-latest
-
- steps:
- - uses: actions/checkout@v2
-
- - name: Set up Python version
- uses: actions/setup-python@v2.2.2
- with:
- python-version: ${{ env.PYTHON_VERSION }}
-
- - name: Create and start virtual environment
- run: |
- python -m venv venv
- source venv/bin/activate
-
- - name: Install dependencies
- run: pip install -r requirements.txt
-
- # Optional: Add step to run tests here (PyTest, Django test suites, etc.)
-
- - name: Upload artifact for deployment jobs
- uses: actions/upload-artifact@v2
- with:
- name: python-app
- path: |
- .
- !venv/
-
- deploy:
- runs-on: ubuntu-latest
- needs: build
- environment:
- name: 'Development'
- url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
-
- steps:
- - name: Download artifact from build job
- uses: actions/download-artifact@v2
- with:
- name: python-app
- path: .
-
- - name: 'Deploy to Azure Web App'
- uses: azure/webapps-deploy@v2
- id: deploy-to-webapp
- with:
- app-name: ${{ env.AZURE_WEBAPP_NAME }}
- publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
diff --git a/deployments/google.yml b/deployments/google.yml
index 267d3cb..bfb5de6 100644
--- a/deployments/google.yml
+++ b/deployments/google.yml
@@ -4,11 +4,11 @@
#
# 1. Ensure that your repository contains the necessary configuration for your Google Kubernetes Engine cluster, including deployment.yml, kustomization.yml, service.yml, etc.
#
-# 2. Set up secrets in your workspace: GKE_PROJECT with the name of the project and GKE_SA_KEY with the Base64 encoded JSON service account key (https://github.com/GoogleCloudPlatform/github-actions/tree/docs/service-account-key/setup-gcloud#inputs).
+# 2. Create and configure a Workload Identity Provider for GitHub (https://github.com/google-github-actions/auth#setting-up-workload-identity-federation)
#
-# 3. Change the values for the GKE_ZONE, GKE_CLUSTER, IMAGE, and DEPLOYMENT_NAME environment variables (below).
+# 3. Change the values for the GAR_LOCATION, GKE_ZONE, GKE_CLUSTER, IMAGE, REPOSITORY and DEPLOYMENT_NAME environment variables (below).
#
-# For more support on how to run the workflow, please visit https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke
+# For more support on how to run the workflow, please visit https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke-kustomize
name: Build and Deploy to GKE
@@ -19,11 +19,17 @@ on:
env:
PROJECT_ID: ${{ secrets.GKE_PROJECT }}
+ GAR_LOCATION: us-central1 # TODO: update region of the Artifact Registry
GKE_CLUSTER: cluster-1 # TODO: update to cluster name
GKE_ZONE: us-central1-c # TODO: update to cluster zone
DEPLOYMENT_NAME: gke-test # TODO: update to deployment name
+ REPOSITORY: samples # TODO: update to Artifact Registry docker repository
IMAGE: static-site
+permissions:
+ contents: 'read'
+ id-token: 'write'
+
jobs:
setup-build-publish-deploy:
name: Setup, Build, Publish, and Deploy
@@ -34,48 +40,47 @@ jobs:
- name: Checkout
uses: actions/checkout@v2
- # Setup gcloud CLI
- - uses: google-github-actions/setup-gcloud@v0.2.0
+ # Configure Workload Identity Federation and generate an access token.
+ - id: 'auth'
+ name: 'Authenticate to Google Cloud'
+ uses: 'google-github-actions/auth@v0.4.0'
with:
- service_account_key: ${{ secrets.GKE_SA_KEY }}
- project_id: ${{ secrets.GKE_PROJECT }}
-
- # Configure Docker to use the gcloud command-line tool as a credential
- # helper for authentication
- - run: |-
- gcloud --quiet auth configure-docker
+ token_format: 'access_token'
+ workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
+ service_account: 'my-service-account@my-project.iam.gserviceaccount.com'
+ - name: Docker configuration
+ run: |-
+ echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://$GAR_LOCATION-docker.pkg.dev
# Get the GKE credentials so we can deploy to the cluster
- - uses: google-github-actions/get-gke-credentials@v0.2.1
+ - name: Set up GKE credentials
+ uses: google-github-actions/get-gke-credentials@v0.4.0
with:
cluster_name: ${{ env.GKE_CLUSTER }}
location: ${{ env.GKE_ZONE }}
- credentials: ${{ secrets.GKE_SA_KEY }}
# Build the Docker image
- name: Build
run: |-
docker build \
- --tag "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA" \
+ --tag "$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA" \
--build-arg GITHUB_SHA="$GITHUB_SHA" \
--build-arg GITHUB_REF="$GITHUB_REF" \
.
-
- # Push the Docker image to Google Container Registry
+ # Push the Docker image to Google Artifact Registry
- name: Publish
run: |-
- docker push "gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA"
-
+ docker push "$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA"
# Set up kustomize
- name: Set up Kustomize
run: |-
curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/v3.1.0/kustomize_3.1.0_linux_amd64
chmod u+x ./kustomize
-
# Deploy the Docker image to the GKE cluster
- name: Deploy
run: |-
- ./kustomize edit set image gcr.io/PROJECT_ID/IMAGE:TAG=gcr.io/$PROJECT_ID/$IMAGE:$GITHUB_SHA
+ # replacing the image name in the k8s template
+ ./kustomize edit set image LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY/IMAGE:TAG=$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA
./kustomize build . | kubectl apply -f -
kubectl rollout status deployment/$DEPLOYMENT_NAME
kubectl get services -o wide
diff --git a/deployments/properties/aks.properties.json b/deployments/properties/aks.properties.json
new file mode 100644
index 0000000..28f3725
--- /dev/null
+++ b/deployments/properties/aks.properties.json
@@ -0,0 +1,7 @@
+{
+ "name": "Deploy to a AKS Cluster",
+ "description": "Deploy an application to a Azure Kubernetes Service Cluster using Azure Credentials",
+ "creator": "Microsoft Azure",
+ "iconName": "azure",
+ "categories": ["Deployment", "Kompose", "Helm", "Kustomize", "Kubernetes", "Dockerfile"]
+}
diff --git a/deployments/properties/azure-staticwebapp.properties.json b/deployments/properties/azure-staticwebapp.properties.json
new file mode 100644
index 0000000..a2552b0
--- /dev/null
+++ b/deployments/properties/azure-staticwebapp.properties.json
@@ -0,0 +1,7 @@
+{
+ "name": "Deploy web app to Azure Static Web Apps",
+ "description": "Build and deploy web application to an Azure Static Web App.",
+ "creator": "Microsoft Azure",
+ "iconName": "azure-staticwebapp",
+ "categories": ["Deployment", "React", "Angular", "Vue", "Svelte", "Gatsby", "Next", "Nuxt", "Jekyll", "Blazor"]
+}
diff --git a/deployments/properties/dummy-azure-webapps-container.properties.json b/deployments/properties/dummy-azure-webapps-container.properties.json
deleted file mode 100644
index fcd62b2..0000000
--- a/deployments/properties/dummy-azure-webapps-container.properties.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
- "name": "Deploy a container to an Azure Web App",
- "description": "Build a container and deploy it to an Azure Web App.",
- "creator": "Microsoft Azure",
- "iconName": "azure",
- "categories": ["Deployment", "Dockerfile"]
-}
diff --git a/deployments/properties/dummy-azure-webapps-dotnet-core.properties.json b/deployments/properties/dummy-azure-webapps-dotnet-core.properties.json
deleted file mode 100644
index 9074a2a..0000000
--- a/deployments/properties/dummy-azure-webapps-dotnet-core.properties.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
- "name": "Deploy a .NET Core app to an Azure Web App",
- "description": "Build a .NET Core project and deploy it to an Azure Web App.",
- "creator": "Microsoft Azure",
- "iconName": "azure",
- "categories": ["Deployment", "C#", "dotNetCore"]
-}
diff --git a/deployments/properties/dummy-azure-webapps-java-jar.properties.json b/deployments/properties/dummy-azure-webapps-java-jar.properties.json
deleted file mode 100644
index 6654463..0000000
--- a/deployments/properties/dummy-azure-webapps-java-jar.properties.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
- "name": "Deploy a Java .jar app to an Azure Web App",
- "description": "Build a Java project and deploy it to an Azure Web App.",
- "creator": "Microsoft Azure",
- "iconName": "azure",
- "categories": ["Deployment", "Java"]
-}
diff --git a/deployments/properties/dummy-azure-webapps-php.properties.json b/deployments/properties/dummy-azure-webapps-php.properties.json
deleted file mode 100644
index 48554de..0000000
--- a/deployments/properties/dummy-azure-webapps-php.properties.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
- "name": "Deploy a PHP app to an Azure Web App",
- "description": "Build a PHP app and deploy it to an Azure Web App.",
- "creator": "Microsoft Azure",
- "iconName": "azure",
- "categories": ["Deployment", "PHP"]
-}
diff --git a/deployments/properties/dummy-azure-webapps-python.properties.json b/deployments/properties/dummy-azure-webapps-python.properties.json
deleted file mode 100644
index 73f0cf5..0000000
--- a/deployments/properties/dummy-azure-webapps-python.properties.json
+++ /dev/null
@@ -1,7 +0,0 @@
-{
- "name": "Deploy a Python app to an Azure Web App",
- "description": "Build a Python app and deploy it to an Azure Web App.",
- "creator": "Microsoft Azure",
- "iconName": "azure",
- "categories": ["Deployment", "Python"]
-}
diff --git a/deployments/properties/google.properties.json b/deployments/properties/google.properties.json
index 6318106..f1bd883 100644
--- a/deployments/properties/google.properties.json
+++ b/deployments/properties/google.properties.json
@@ -3,5 +3,5 @@
"description": "Build a docker container, publish it to Google Container Registry, and deploy to GKE.",
"creator": "Google Cloud",
"iconName": "googlegke",
- "categories": ["Deployment", "Dockerfile"]
+ "categories": ["Deployment", "Dockerfile", "Kubernetes", "Kustomize"]
}
\ No newline at end of file
diff --git a/icons/azure-staticwebapp.svg b/icons/azure-staticwebapp.svg
new file mode 100644
index 0000000..327517d
--- /dev/null
+++ b/icons/azure-staticwebapp.svg
@@ -0,0 +1,17 @@
+
\ No newline at end of file
diff --git a/icons/mobsf.svg b/icons/mobsf.svg
new file mode 100644
index 0000000..46dd154
--- /dev/null
+++ b/icons/mobsf.svg
@@ -0,0 +1,114 @@
+
+
+