Merge branch 'main' into main
This commit is contained in:
@@ -12,7 +12,8 @@ These are the workflow files for helping people get started with GitHub Actions.
|
||||
|
||||
### Directory structure
|
||||
|
||||
* [ci](ci): solutions for Continuous Integration and Deployments
|
||||
* [ci](ci): solutions for Continuous Integration workflows.
|
||||
* [deployments](deployments): solutions for Deployment workflows.
|
||||
* [automation](automation): solutions for automating workflows.
|
||||
* [code-scanning](code-scanning): starter workflows for [Code Scanning](https://github.com/features/security)
|
||||
* [icons](icons): svg icons for the relevant template
|
||||
@@ -44,5 +45,5 @@ For example: `ci/django.yml` and `ci/properties/django.properties.json`.
|
||||
These variables can be placed in the starter workflow and will be substituted as detailed below:
|
||||
|
||||
* `$default-branch`: will substitute the branch from the repository, for example `main` and `master`
|
||||
* `$protected-branches`: will substitue any protected branches from the repository.
|
||||
* `$protected-branches`: will substitute any protected branches from the repository
|
||||
* `$cron-daily`: will substitute a valid but random time within the day
|
||||
|
||||
@@ -0,0 +1,30 @@
|
||||
name: Xcode - Build and Analyze
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
|
||||
jobs:
|
||||
build:
|
||||
name: Build and analyse default scheme using xcodebuild command
|
||||
runs-on: macos-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
- name: Set Default Scheme
|
||||
run: |
|
||||
scheme_list=$(xcodebuild -list -json | tr -d "\n")
|
||||
default=$(echo $scheme_list | ruby -e "require 'json'; puts JSON.parse(STDIN.gets)['project']['targets'][0]")
|
||||
echo $default | cat >default
|
||||
echo Using default scheme: $default
|
||||
- name: Build
|
||||
env:
|
||||
scheme: ${{ 'default' }}
|
||||
run: |
|
||||
if [ $scheme = default ]; then scheme=$(cat default); fi
|
||||
if [ "`ls -A | grep -i \\.xcworkspace\$`" ]; then filetype_parameter="workspace" && file_to_build="`ls -A | grep -i \\.xcworkspace\$`"; else filetype_parameter="project" && file_to_build="`ls -A | grep -i \\.xcodeproj\$`"; fi
|
||||
file_to_build=`echo $file_to_build | awk '{$1=$1;print}'`
|
||||
xcodebuild clean build analyze -scheme "$scheme" -"$filetype_parameter" "$file_to_build" | xcpretty && exit ${PIPESTATUS[0]}
|
||||
@@ -2,5 +2,5 @@
|
||||
"name": "Node.js",
|
||||
"description": "Build and test a Node.js project with npm.",
|
||||
"iconName": "nodejs",
|
||||
"categories": ["Continuous integration", "JavaScript", "npm", "React", "Angular"]
|
||||
"categories": ["Continuous integration", "JavaScript", "npm", "React", "Angular", "Vue"]
|
||||
}
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
"name": "Xcode - Build and Analyze",
|
||||
"description": "Build Xcode project using xcodebuild",
|
||||
"iconName": "xcode",
|
||||
"categories": ["Continuous integration", "Xcode", "Objective-C"]
|
||||
}
|
||||
@@ -0,0 +1,6 @@
|
||||
{
|
||||
"name": "Super Linter - Run Linters for several languages",
|
||||
"description": "Run linters for several languages on your code base for changed files",
|
||||
"iconName": "octicon check-circle",
|
||||
"categories": ["Continuous integration", "code-quality", "code-review"]
|
||||
}
|
||||
@@ -0,0 +1,10 @@
|
||||
{
|
||||
"name": "Symfony",
|
||||
"description": "Test a Symfony project.",
|
||||
"iconName": "php",
|
||||
"categories": [
|
||||
"Continuous integration",
|
||||
"PHP",
|
||||
"Symfony"
|
||||
]
|
||||
}
|
||||
@@ -0,0 +1,29 @@
|
||||
# This workflow executes several linters on changed files based on languages used in your code base whenever
|
||||
# you push a code or open a pull request.
|
||||
#
|
||||
# You can adjust the behavior by modifying this file.
|
||||
# For more information, see:
|
||||
# https://github.com/github/super-linter
|
||||
name: Lint Code Base
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
jobs:
|
||||
run-lint:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
with:
|
||||
# Full git history is needed to get a proper list of changed files within `super-linter`
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Lint Code Base
|
||||
uses: github/super-linter@v4
|
||||
env:
|
||||
VALIDATE_ALL_CODEBASE: false
|
||||
DEFAULT_BRANCH: $default-branch
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
@@ -0,0 +1,39 @@
|
||||
name: Symfony
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
|
||||
jobs:
|
||||
symfony-tests:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
# To automatically get bug fixes and new Php versions for shivammathur/setup-php,
|
||||
# change this to (see https://github.com/shivammathur/setup-php#bookmark-versioning):
|
||||
# uses: shivammathur/setup-php@v2
|
||||
- uses: shivammathur/setup-php@2cb9b829437ee246e9b3cac53555a39208ca6d28
|
||||
with:
|
||||
php-version: '8.0'
|
||||
- uses: actions/checkout@v2
|
||||
- name: Copy .env.test.local
|
||||
run: php -r "file_exists('.env.test.local') || copy('.env.test', '.env.test.local');"
|
||||
- name: Cache Composer packages
|
||||
id: composer-cache
|
||||
uses: actions/cache@v2
|
||||
with:
|
||||
path: vendor
|
||||
key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-php-
|
||||
- name: Install Dependencies
|
||||
run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist
|
||||
- name: Create Database
|
||||
run: |
|
||||
mkdir -p data
|
||||
touch data/database.sqlite
|
||||
- name: Execute tests (Unit and Feature tests) via PHPUnit
|
||||
env:
|
||||
DATABASE_URL: sqlite:///%kernel.project_dir%/data/database.sqlite
|
||||
run: vendor/bin/phpunit
|
||||
@@ -0,0 +1,58 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
name: cloudrail
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
jobs:
|
||||
cloudrail:
|
||||
name: Run Indeni Cloudrail on Terraform code with SARIF output
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
actions: read
|
||||
contents: read
|
||||
security-events: write
|
||||
|
||||
steps:
|
||||
- name: Clone repo
|
||||
uses: actions/checkout@v2
|
||||
|
||||
# For Terraform, Cloudrail requires the plan as input. So we generate it using
|
||||
# the Terraform core binary.
|
||||
- uses: hashicorp/setup-terraform@v1
|
||||
with:
|
||||
terraform_version: v0.13.2
|
||||
|
||||
- run: terraform init
|
||||
|
||||
- run: terraform plan -out=plan.out
|
||||
env:
|
||||
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||
|
||||
# Confirm we have the plan file
|
||||
- run: stat plan.out
|
||||
|
||||
- name: Run Cloudrail
|
||||
uses: indeni/cloudrail-run-ga@b56ed2d30913c975b36df231adc2eabf05523622
|
||||
with:
|
||||
tf-plan-file: plan.out # This was created in a "terraform plan" step
|
||||
cloudrail-api-key: ${{ secrets.CLOUDRAIL_API_KEY }} # This requires registration to Indeni Cloudrail's SaaS at https://web.cloudrail.app
|
||||
cloud-account-id: # Leave this empty for Static Analaysis, or provide an account ID for Dynamic Analysis, see instructions in Cloudrail SaaS
|
||||
|
||||
- name: Upload SARIF file
|
||||
uses: github/codeql-action/upload-sarif@v1
|
||||
# Remember that if issues are found, Cloudrail return non-zero exit code, so the if: always()
|
||||
# is needed to ensure the SARIF file is uploaded
|
||||
if: always()
|
||||
with:
|
||||
sarif_file: cloudrail_results.sarif
|
||||
@@ -10,7 +10,7 @@
|
||||
# To use this workflow, you will need to:
|
||||
#
|
||||
# 1. Create a Mayhem for API account at
|
||||
# https://mayhem4api.forallsecure.com/signup (30-day free trial)
|
||||
# https://mayhem4api.forallsecure.com/signup
|
||||
#
|
||||
# 2. Create a service account token `mapi organization service-account create
|
||||
# <org-name> <service-account-name>`
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
{
|
||||
"name": "cloudrail",
|
||||
"creator": "Indeni Cloudrail",
|
||||
"description": "Cloudrail can be used to scan your infrastructure-as-code files for potential security and compliance issues. The Cloudrail action is often used as part of both CI workflows (on pull_request) and on CD workflows to identify potential issues.",
|
||||
"iconName": "cloudrail",
|
||||
"categories": ["Code Scanning", "HCL"]
|
||||
}
|
||||
+22
-12
@@ -5,29 +5,40 @@
|
||||
#
|
||||
# 1. Create an ECR repository to store your images.
|
||||
# For example: `aws ecr create-repository --repository-name my-ecr-repo --region us-east-2`.
|
||||
# Replace the value of `ECR_REPOSITORY` in the workflow below with your repository's name.
|
||||
# Replace the value of `aws-region` in the workflow below with your repository's region.
|
||||
# Replace the value of the `ECR_REPOSITORY` environment variable in the workflow below with your repository's name.
|
||||
# Replace the value of the `AWS_REGION` environment variable in the workflow below with your repository's region.
|
||||
#
|
||||
# 2. Create an ECS task definition, an ECS cluster, and an ECS service.
|
||||
# For example, follow the Getting Started guide on the ECS console:
|
||||
# https://us-east-2.console.aws.amazon.com/ecs/home?region=us-east-2#/firstRun
|
||||
# Replace the values for `service` and `cluster` in the workflow below with your service and cluster names.
|
||||
# Replace the value of the `ECS_SERVICE` environment variable in the workflow below with the name you set for the Amazon ECS service.
|
||||
# Replace the value of the `ECS_CLUSTER` environment variable in the workflow below with the name you set for the cluster.
|
||||
#
|
||||
# 3. Store your ECS task definition as a JSON file in your repository.
|
||||
# The format should follow the output of `aws ecs register-task-definition --generate-cli-skeleton`.
|
||||
# Replace the value of `task-definition` in the workflow below with your JSON file's name.
|
||||
# Replace the value of `container-name` in the workflow below with the name of the container
|
||||
# Replace the value of the `ECS_TASK_DEFINITION` environment variable in the workflow below with the path to the JSON file.
|
||||
# Replace the value of the `CONTAINER_NAME` environment variable in the workflow below with the name of the container
|
||||
# in the `containerDefinitions` section of the task definition.
|
||||
#
|
||||
# 4. Store an IAM user access key in GitHub Actions secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`.
|
||||
# See the documentation for each action used below for the recommended IAM policies for this IAM user,
|
||||
# and best practices on handling the access key credentials.
|
||||
|
||||
name: Deploy to Amazon ECS
|
||||
|
||||
on:
|
||||
release:
|
||||
types: [created]
|
||||
|
||||
name: Deploy to Amazon ECS
|
||||
env:
|
||||
AWS_REGION: MY_AWS_REGION # set this to your preferred AWS region, e.g. us-west-1
|
||||
ECR_REPOSITORY: MY_ECR_REPOSITORY # set this to your Amazon ECR repository name
|
||||
ECS_SERVICE: MY_ECS_SERVICE # set this to your Amazon ECS service name
|
||||
ECS_CLUSTER: MY_ECS_CLUSTER # set this to your Amazon ECS cluster name
|
||||
ECS_TASK_DEFINITION: MY_ECS_TASK_DEFINITION # set this to the path to your Amazon ECS task definition
|
||||
# file, e.g. .aws/task-definition.json
|
||||
CONTAINER_NAME: MY_CONTAINER_NAME # set this to the name of the container in the
|
||||
# containerDefinitions section of your task definition
|
||||
|
||||
jobs:
|
||||
deploy:
|
||||
@@ -44,7 +55,7 @@ jobs:
|
||||
with:
|
||||
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||
aws-region: us-east-2
|
||||
aws-region: ${{ env.AWS_REGION }}
|
||||
|
||||
- name: Login to Amazon ECR
|
||||
id: login-ecr
|
||||
@@ -54,7 +65,6 @@ jobs:
|
||||
id: build-image
|
||||
env:
|
||||
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
|
||||
ECR_REPOSITORY: my-ecr-repo
|
||||
IMAGE_TAG: ${{ github.sha }}
|
||||
run: |
|
||||
# Build a docker container and
|
||||
@@ -68,14 +78,14 @@ jobs:
|
||||
id: task-def
|
||||
uses: aws-actions/amazon-ecs-render-task-definition@v1
|
||||
with:
|
||||
task-definition: task-definition.json
|
||||
container-name: sample-app
|
||||
task-definition: ${{ env.ECS_TASK_DEFINITION }}
|
||||
container-name: ${{ env.CONTAINER_NAME }}
|
||||
image: ${{ steps.build-image.outputs.image }}
|
||||
|
||||
- name: Deploy Amazon ECS task definition
|
||||
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
|
||||
with:
|
||||
task-definition: ${{ steps.task-def.outputs.task-definition }}
|
||||
service: sample-app-service
|
||||
cluster: default
|
||||
service: ${{ env.ECS_SERVICE }}
|
||||
cluster: ${{ env.ECS_CLUSTER }}
|
||||
wait-for-service-stability: true
|
||||
|
||||
@@ -3,5 +3,5 @@
|
||||
"description": "Deploy a container to Alibaba Cloud Container Service for Kubernetes (ACK).",
|
||||
"creator": "Alibaba Cloud",
|
||||
"iconName": "alibabacloud",
|
||||
"categories": ["Deployment"]
|
||||
"categories": ["Deployment", "Dockerfile"]
|
||||
}
|
||||
|
||||
@@ -3,5 +3,5 @@
|
||||
"description": "Build a docker container, publish it to Google Container Registry, and deploy to GKE.",
|
||||
"creator": "Google Cloud",
|
||||
"iconName": "googlegke",
|
||||
"categories": ["Deployment"]
|
||||
"categories": ["Deployment", "Dockerfile"]
|
||||
}
|
||||
@@ -3,5 +3,5 @@
|
||||
"description": "Build a docker container, publish it to IBM Cloud Container Registry, and deploy to IBM Cloud Kubernetes Service.",
|
||||
"creator": "IBM",
|
||||
"iconName": "ibm",
|
||||
"categories": ["Deployment"]
|
||||
"categories": ["Deployment", "Dockerfile"]
|
||||
}
|
||||
@@ -3,5 +3,5 @@
|
||||
"description": "This workflow will build a docker container, publish and deploy it to Tencent Kubernetes Engine (TKE).",
|
||||
"creator": "Tencent Cloud",
|
||||
"iconName": "tencentcloud",
|
||||
"categories": ["Deployment"]
|
||||
"categories": ["Deployment", "Dockerfile"]
|
||||
}
|
||||
@@ -0,0 +1,53 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<!-- Generator: Adobe Illustrator 25.2.1, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
|
||||
<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
|
||||
viewBox="0 0 147.4 147.4" style="enable-background:new 0 0 147.4 147.4;" xml:space="preserve">
|
||||
<style type="text/css">
|
||||
.st0{fill:#32A4DD;}
|
||||
.st1{fill:#8EC043;}
|
||||
.st2{fill:#005794;}
|
||||
</style>
|
||||
<g>
|
||||
<g>
|
||||
<path class="st0" d="M117.91,44.88c2.57,5.98,4.01,12.56,4.01,19.48c0,27.24-22.08,49.32-49.32,49.32S23.28,91.6,23.28,64.36
|
||||
c0-10.83,3.5-20.84,9.42-28.97c-9.74,9.86-15.75,23.41-15.75,38.36c0,30.16,24.45,54.61,54.61,54.61s54.61-24.45,54.61-54.61
|
||||
C126.17,63.15,123.14,53.25,117.91,44.88z"/>
|
||||
</g>
|
||||
<path class="st1" d="M113.45,51.23c-2.6-8.18-7.56-15.32-14.09-20.59c3.71,3.71,6.69,8.16,8.71,13.1c0.95,1.74,1.77,3.55,2.47,5.43
|
||||
c-1.62-1-3.33-1.84-5.11-2.49c2.92,2.94,5.19,6.62,6.47,10.86c0.76,2.54,1.12,5.11,1.11,7.64h0c-0.26,5.67-1.68,11.03-4.02,15.86
|
||||
c-0.44-1.91-1.07-3.77-1.9-5.56c-0.01,4.15-1.01,8.35-3.11,12.25c-0.94,1.75-2.05,3.34-3.3,4.78c-4.27,4.15-9.44,7.37-15.2,9.34
|
||||
c1.1-1.73,2.02-3.57,2.73-5.5c-2.94,2.92-6.62,5.19-10.86,6.47c-2.54,0.76-5.11,1.12-7.64,1.11l0,0.05
|
||||
c-7.51-0.46-14.47-2.94-20.34-6.92c2.13-0.19,4.23-0.62,6.27-1.29c-4.11-0.5-8.17-1.99-11.8-4.54c-2.04-1.43-3.8-3.12-5.3-4.97
|
||||
c-2.31-3.37-4.12-7.1-5.33-11.1c0.64,0.17,1.31,0.28,2.01,0.31c0.84,0.03,1.66-0.07,2.44-0.27c-2.87-0.93-5.08-3.28-5.82-6.2
|
||||
c-0.11-0.79-0.2-1.58-0.27-2.38c0-0.02,0-0.04,0-0.06l0,0c-0.09-1.09-0.14-2.2-0.14-3.32c0-0.63,0.02-1.25,0.05-1.87
|
||||
c-0.05-0.86-0.09-1.72-0.09-2.58c0-5.73,1.22-11.17,3.4-16.09c-3.68,6.36-5.79,13.74-5.79,21.61c0,0.73,0.02,1.45,0.06,2.18
|
||||
c0.12,2.4,0.43,4.75,0.93,7.04c1.12,5.15,3.16,9.97,5.94,14.26c2.23,3.45,4.94,6.56,8.04,9.24c7,6.06,15.95,9.91,25.79,10.47
|
||||
c0.83,0.05,1.66,0.08,2.5,0.08c3.28,0,6.46-0.38,9.53-1.07c7.53-1.69,14.32-5.35,19.8-10.41c3.18-2.94,5.92-6.35,8.1-10.12
|
||||
c3.56-6.14,5.65-13.24,5.8-20.82c0.01-0.28,0.02-0.56,0.02-0.84C115.49,59.75,114.77,55.36,113.45,51.23z"/>
|
||||
<g>
|
||||
<path class="st2" d="M46.36,66.58c-0.7-0.39-1.44-0.72-2.19-1.02l-0.64-0.25c-1.03-0.41-2.09-0.73-3.16-0.99
|
||||
c2.42-1.14,5.13-1.78,7.98-1.78c3.22,0,6.26,0.82,8.91,2.25c1.5,3.77,2.96,7.51,8.19,8.75c1.04,0.25,2.23,0.39,3.6,0.41
|
||||
c-0.61,1.11-1.52,1.95-2.49,2.73c-1.68,1.35-3.65,2.39-5.85,3.01c-3.9,1.09-7.86,0.68-11.27-0.88c-1.19-0.55-1.38-2.08-0.54-2.94
|
||||
c0.49-0.5,0.98-1.01,1.29-1.65C51.59,71.29,50.13,68.68,46.36,66.58z M25.69,53.54c1.44,5.13,6.32,9.32,11.25,10.13
|
||||
c3.29-2.13,7.21-3.38,11.41-3.38c2.67,0,5.22,0.5,7.57,1.42c0-0.01-0.01-0.01-0.01-0.02c4.71,1.96,9.54,4.53,12.45,7.62
|
||||
c3.93,4.16,2.95,9.67,2.95,9.67c10.03-10.02,5.41-21.34,5.41-21.34c-15.29,0.65-17.51-12.89-17.51-12.89s-7.06-7.84-28.75-14.63
|
||||
C8.79,23.31,5.4,9.72,5.4,9.72C4.61,29.72,26.96,37.95,26.96,37.95C15.33,38.08,5.4,29.06,5.4,29.06
|
||||
c2.24,10.95,9.75,16.95,18.73,21.29c0.37,0.18,0.74,0.35,1.11,0.52C25.3,51.76,25.44,52.65,25.69,53.54z M18.23,102.31
|
||||
c-0.69-1.2-1.34-2.5-1.94-3.85l0,0c-1.65-3.57-2.95-7.32-3.86-11.14l-0.45,0.06c0.23,6.37,1.35,12.62,3.32,18.59l0.02,0.07
|
||||
l0.06,0.04c2.35,1.56,4.86,2.92,7.45,4.05l0.8,0.34l-0.53-0.69C21.32,107.45,19.68,104.93,18.23,102.31z M12.08,80.77
|
||||
c-0.28-2.39-0.42-4.73-0.42-6.97c0-7.59,1.42-15.03,4.23-22.09l-0.41-0.19c-3.94,7.04-6.68,14.59-8.13,22.42l-0.01,0.08l0.04,0.07
|
||||
c1.25,2.39,2.7,4.69,4.3,6.85l0.5,0.68L12.08,80.77z M26.74,115.5l-1.51-1.53l1.16,1.81c2.91,4.55,6.35,8.7,10.23,12.34l0.06,0.05
|
||||
l0.08,0.01c1.34,0.12,2.69,0.18,4.04,0.18c1.11,0,2.23-0.04,3.34-0.12l0.87-0.06l-0.79-0.37
|
||||
C37.68,124.76,31.81,120.62,26.74,115.5z M123.32,28.47c-9.07-9.07-20.38-15.08-32.69-17.51c-1.26-0.25-2.54-0.45-3.82-0.62
|
||||
c-2.87-0.39-5.78-0.6-8.73-0.6c-1.59,0-3.18,0.07-4.75,0.19c-0.3,0.02-0.6,0.03-0.89,0.06c-1.09,0.09-2.17,0.22-3.24,0.37
|
||||
c-7.45,1.03-14.59,3.35-21.16,6.85c-0.16,0.09-0.33,0.17-0.49,0.26c0.17-0.07,0.34-0.14,0.51-0.22
|
||||
c6.78-2.91,14.08-4.58,21.56-4.91c1.68-0.07,3.38,0.21,4.91,0.92c1.88,0.88,3.38,2.25,4.01,3.74c0.18-0.66,0.24-1.35,0.14-2.04
|
||||
c-0.13-0.91-0.51-1.74-1.07-2.46c2.85,0.24,5.66,0.68,8.41,1.3c3.76,0.85,6.99,3.42,8.45,6.99c0.36,0.89,0.61,1.8,0.72,2.7
|
||||
c0.39-0.93,0.65-1.93,0.73-2.99c0.11-1.3-0.05-2.55-0.42-3.72c3.21,1.31,6.31,2.89,9.26,4.74l0,0.01
|
||||
c0.02,0.01,0.04,0.02,0.05,0.03c0.11,0.07,0.22,0.14,0.33,0.21c3.81,2.42,6.42,6.44,6.85,10.94c0.13,1.32,0.07,2.63-0.18,3.85
|
||||
c0.81-0.93,1.5-2,2.01-3.19c0.57-1.32,0.86-2.69,0.94-4.05c0.34,0.32,0.69,0.64,1.02,0.97c11.55,11.55,17.94,26.88,18,43.21
|
||||
c0.06,15.81-6.02,31.16-16.92,42.61c-11.72,12.3-27.6,19.1-44.53,19.1c0,0,0,0-0.01,0c-8.61,0-17.04-1.8-24.77-5.2
|
||||
c9.26,5.04,19.69,7.72,30.53,7.72c17.09,0,33.15-6.65,45.24-18.74C148.26,94,148.26,53.41,123.32,28.47z"/>
|
||||
</g>
|
||||
</g>
|
||||
</svg>
|
||||
|
After Width: | Height: | Size: 4.7 KiB |
@@ -2,7 +2,6 @@
|
||||
"folders": [
|
||||
"../../ci",
|
||||
"../../automation",
|
||||
"../../deployments",
|
||||
"../../code-scanning"
|
||||
],
|
||||
"enabledActions": [
|
||||
|
||||
@@ -40,7 +40,7 @@ const propertiesSchema = {
|
||||
}
|
||||
}
|
||||
|
||||
async function checkWorkflows(folders: string[]): Promise<WorkflowWithErrors[]> {
|
||||
async function checkWorkflows(folders: string[], allowed_categories: string[]): Promise<WorkflowWithErrors[]> {
|
||||
const result: WorkflowWithErrors[] = []
|
||||
const workflow_template_names = new Set()
|
||||
for (const folder of folders) {
|
||||
@@ -49,13 +49,13 @@ async function checkWorkflows(folders: string[]): Promise<WorkflowWithErrors[]>
|
||||
});
|
||||
|
||||
for (const e of dir) {
|
||||
if (e.isFile()) {
|
||||
if (e.isFile() && [".yml", ".yaml"].includes(extname(e.name))) {
|
||||
const fileType = basename(e.name, extname(e.name))
|
||||
|
||||
const workflowFilePath = join(folder, e.name);
|
||||
const propertiesFilePath = join(folder, "properties", `${fileType}.properties.json`)
|
||||
|
||||
const workflowWithErrors = await checkWorkflow(workflowFilePath, propertiesFilePath);
|
||||
const workflowWithErrors = await checkWorkflow(workflowFilePath, propertiesFilePath, allowed_categories);
|
||||
if(workflowWithErrors.name && workflow_template_names.size == workflow_template_names.add(workflowWithErrors.name).size) {
|
||||
workflowWithErrors.errors.push(`Workflow template name "${workflowWithErrors.name}" already exists`)
|
||||
}
|
||||
@@ -69,13 +69,12 @@ async function checkWorkflows(folders: string[]): Promise<WorkflowWithErrors[]>
|
||||
return result;
|
||||
}
|
||||
|
||||
async function checkWorkflow(workflowPath: string, propertiesPath: string): Promise<WorkflowWithErrors> {
|
||||
async function checkWorkflow(workflowPath: string, propertiesPath: string, allowed_categories: string[]): Promise<WorkflowWithErrors> {
|
||||
let workflowErrors: WorkflowWithErrors = {
|
||||
id: workflowPath,
|
||||
name: null,
|
||||
errors: []
|
||||
}
|
||||
|
||||
try {
|
||||
const workflowFileContent = await fs.readFile(workflowPath, "utf8");
|
||||
safeLoad(workflowFileContent); // Validate yaml parses without error
|
||||
@@ -105,6 +104,10 @@ async function checkWorkflow(workflowPath: string, propertiesPath: string): Prom
|
||||
}
|
||||
|
||||
}
|
||||
if (!workflowPath.endsWith("blank.yml") && (!properties.categories ||
|
||||
!properties.categories.some(category => allowed_categories.some(ac => ac.toLowerCase() == category.toLowerCase())))) {
|
||||
workflowErrors.errors.push(`Workflow does not contain at least one allowed category - ${allowed_categories}`)
|
||||
}
|
||||
} catch (e) {
|
||||
workflowErrors.errors.push(e.toString())
|
||||
}
|
||||
@@ -115,7 +118,7 @@ async function checkWorkflow(workflowPath: string, propertiesPath: string): Prom
|
||||
try {
|
||||
const settings = require("./settings.json");
|
||||
const erroredWorkflows = await checkWorkflows(
|
||||
settings.folders
|
||||
settings.folders, settings.allowed_categories
|
||||
)
|
||||
|
||||
if (erroredWorkflows.length > 0) {
|
||||
|
||||
@@ -2,6 +2,13 @@
|
||||
"folders": [
|
||||
"../../ci",
|
||||
"../../automation",
|
||||
"../../deployments"
|
||||
"../../deployments",
|
||||
"../../code-scanning"
|
||||
],
|
||||
"allowed_categories" : [
|
||||
"Continuous integration",
|
||||
"Deployment",
|
||||
"Code Scanning",
|
||||
"Automation"
|
||||
]
|
||||
}
|
||||
Reference in New Issue
Block a user