Merge branch 'main' into arjundashrath-patch-1
This commit is contained in:
@@ -1,38 +0,0 @@
|
||||
# This workflow will trigger Datadog Synthetic tests within your Datadog organisation
|
||||
# For more information on running Synthetic tests within your GitHub workflows see: https://docs.datadoghq.com/synthetics/cicd_integrations/github_actions/
|
||||
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# To get started:
|
||||
|
||||
# 1. Add your Datadog API (DD_API_KEY) and Application Key (DD_APP_KEY) as secrets to your GitHub repository. For more information, see: https://docs.datadoghq.com/account_management/api-app-keys/.
|
||||
# 2. Start using the action within your workflow
|
||||
|
||||
name: Run Datadog Synthetic tests
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
# Run Synthetic tests within your GitHub workflow.
|
||||
# For additional configuration options visit the action within the marketplace: https://github.com/marketplace/actions/datadog-synthetics-ci
|
||||
- name: Run Datadog Synthetic tests
|
||||
uses: DataDog/synthetics-ci-github-action@2b56dc0cca9daa14ab69c0d1d6844296de8f941e
|
||||
with:
|
||||
api_key: ${{secrets.DD_API_KEY}}
|
||||
app_key: ${{secrets.DD_APP_KEY}}
|
||||
test_search_query: 'tag:e2e-tests' #Modify this tag to suit your tagging strategy
|
||||
|
||||
|
||||
@@ -30,14 +30,14 @@ jobs:
|
||||
settings-path: ${{ github.workspace }} # location for the settings.xml file
|
||||
|
||||
- name: Build with Gradle
|
||||
uses: gradle/gradle-build-action@bc3340afc5e3cc44f2321809ac090d731c13c514
|
||||
uses: gradle/gradle-build-action@937999e9cc2425eddc7fd62d1053baf041147db7
|
||||
with:
|
||||
arguments: build
|
||||
|
||||
# The USERNAME and TOKEN need to correspond to the credentials environment variables used in
|
||||
# the publishing section of your build.gradle
|
||||
- name: Publish to GitHub Packages
|
||||
uses: gradle/gradle-build-action@bc3340afc5e3cc44f2321809ac090d731c13c514
|
||||
uses: gradle/gradle-build-action@937999e9cc2425eddc7fd62d1053baf041147db7
|
||||
with:
|
||||
arguments: publish
|
||||
env:
|
||||
|
||||
+1
-1
@@ -26,6 +26,6 @@ jobs:
|
||||
java-version: '11'
|
||||
distribution: 'temurin'
|
||||
- name: Build with Gradle
|
||||
uses: gradle/gradle-build-action@bc3340afc5e3cc44f2321809ac090d731c13c514
|
||||
uses: gradle/gradle-build-action@937999e9cc2425eddc7fd62d1053baf041147db7
|
||||
with:
|
||||
arguments: build
|
||||
|
||||
+5
-1
@@ -1,6 +1,10 @@
|
||||
name: MSBuild
|
||||
|
||||
on: [push]
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
|
||||
env:
|
||||
# Path to the solution file relative to the root of the project.
|
||||
|
||||
@@ -1,6 +0,0 @@
|
||||
{
|
||||
"name": "Datadog Synthetics",
|
||||
"description": "Run Datadog Synthetic tests within your GitHub Actions workflow",
|
||||
"iconName": "datadog",
|
||||
"categories": ["Continuous integration", "JavaScript", "TypeScript", "Testing"]
|
||||
}
|
||||
@@ -20,8 +20,14 @@ on:
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
Anchore-Build-Scan:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout the code
|
||||
@@ -36,4 +42,4 @@ jobs:
|
||||
- name: Upload Anchore Scan Report
|
||||
uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
sarif_file: results.sarif
|
||||
|
||||
@@ -42,8 +42,13 @@ on:
|
||||
workflow_dispatch:
|
||||
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
Trigger APIsec scan:
|
||||
permissions:
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
@@ -61,4 +66,4 @@ jobs:
|
||||
- name: Import results
|
||||
uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
sarif_file: ./apisec-results.sarif
|
||||
sarif_file: ./apisec-results.sarif
|
||||
|
||||
@@ -17,10 +17,18 @@ on:
|
||||
- cron: $cron-weekly
|
||||
|
||||
# A workflow run is made up of one or more jobs that can run sequentially or in parallel - this job is specifically configured to use the Checkmarx CxFlow Action
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
# This workflow contains a single job called "build"
|
||||
build:
|
||||
# The type of runner that the job will run on - Ubuntu is required as Docker is leveraged for the action
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
issues: write # for checkmarx-ts/checkmarx-cxflow-github-action to write feedback to github issues
|
||||
pull-requests: write # for checkmarx-ts/checkmarx-cxflow-github-action to write feedback to PR
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
# Steps require - checkout code, run CxFlow Action, Upload SARIF report (optional)
|
||||
|
||||
@@ -33,8 +33,14 @@ on:
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
rest-api-static-security-testing:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for 42Crunch/api-security-audit-action to upload results to Github Code Scanning
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
@@ -13,8 +13,14 @@ on:
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
mobile-security:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
@@ -33,4 +39,4 @@ jobs:
|
||||
- name: Upload mobsfscan report
|
||||
uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
sarif_file: results.sarif
|
||||
|
||||
@@ -17,8 +17,14 @@ on:
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
njsscan:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
runs-on: ubuntu-latest
|
||||
name: njsscan code scanning
|
||||
steps:
|
||||
|
||||
@@ -9,7 +9,7 @@ on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
@@ -23,13 +23,13 @@ jobs:
|
||||
with:
|
||||
java-version: '11'
|
||||
distribution: 'temurin'
|
||||
cache: maven
|
||||
- name: Run PMD
|
||||
id: pmd
|
||||
uses: pmd/pmd-github-action@6d98898be0d59f46ec37dafcea33d8f8f55acfd1
|
||||
uses: pmd/pmd-github-action@967a81f8b657c87f7c3e96b62301cb1a48efef29
|
||||
with:
|
||||
rulesets: 'rulesets/java/quickstart.xml'
|
||||
sourcePath: 'src/main/java'
|
||||
analyzeModifiedFilesOnly: false
|
||||
- name: Upload SARIF file
|
||||
uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
|
||||
@@ -21,8 +21,14 @@ on:
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
prisma_cloud_iac_scan:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
runs-on: ubuntu-latest
|
||||
name: Run Prisma Cloud IaC Scan to check
|
||||
steps:
|
||||
|
||||
@@ -3,7 +3,6 @@
|
||||
"creator": "Detekt",
|
||||
"description": "Static code analysis for Kotlin",
|
||||
"iconName": "detekt",
|
||||
"categories": ["Code Scanning", "Kotlin"]
|
||||
"categories": ["Code Scanning", "Kotlin"],
|
||||
"enterprise": false
|
||||
}
|
||||
|
||||
|
||||
@@ -27,7 +27,7 @@ jobs:
|
||||
persist-credentials: false
|
||||
|
||||
- name: "Run analysis"
|
||||
uses: ossf/scorecard-action@c8416b0b2bf627c349ca92fc8e3de51a64b005cf # v1.0.2
|
||||
uses: ossf/scorecard-action@c1aec4ac820532bab364f02a81873c555a0ba3a1 # v1.0.4
|
||||
with:
|
||||
results_file: results.sarif
|
||||
results_format: sarif
|
||||
|
||||
@@ -19,8 +19,14 @@ on:
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
semgrep:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
name: Scan
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
|
||||
@@ -37,8 +37,14 @@ on:
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
stackhawk:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for stackhawk/hawkscan-action to upload code scanning alert info
|
||||
name: StackHawk
|
||||
runs-on: ubuntu-20.04
|
||||
steps:
|
||||
|
||||
@@ -13,10 +13,17 @@ on:
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
|
||||
build:
|
||||
|
||||
permissions:
|
||||
checks: write # for sysdiglabs/scan-action to publish the checks
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
@@ -51,4 +58,4 @@ jobs:
|
||||
#Upload SARIF file
|
||||
if: always()
|
||||
with:
|
||||
sarif_file: ${{ steps.scan.outputs.sarifReport }}
|
||||
sarif_file: ${{ steps.scan.outputs.sarifReport }}
|
||||
|
||||
@@ -17,10 +17,16 @@ on:
|
||||
- cron: $cron-weekly
|
||||
|
||||
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
# This workflow contains a job to build and submit pipeline scan, you will need to customize the build process accordingly and make sure the artifact you build is used as the file input to the pipeline scan file parameter
|
||||
build-and-pipeline-scan:
|
||||
# The type of runner that the job will run on
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" width="128" height="128">
|
||||
<path d="M118.64,63.09l5.15,50.2-63.08,7.59-1.37-9.78-3.81.55c.33,5.45-.94,10.63-3.35,13.11-2.82,2.89-6.92,3.64-11.24,3-2.9-.39-5.06-2.49-6.66-5.06,6,4.22,13.39,2.27,15.92-1.26a12.65,12.65,0,0,0,2.38-9.42l-35.42,5.14L4.21,12.18,109.27,0l6.16,63.7Z" fill="#632ca6"/>
|
||||
<path d="M63.55,74.32a55.2,55.2,0,0,1-10-8.32c-.31-.23-.26-1.25-.26-1.25A55.81,55.81,0,0,0,68.94,73.1a12.74,12.74,0,0,0,9.81-.83,25,25,0,0,0,7.53-6.64l.34.59a14.93,14.93,0,0,1-1.29,3.06,8,8,0,0,0,2.24.81l6-.93a18.12,18.12,0,0,0,2-14.31c-.93-3-5.79-9.1-6.14-9.43-1.22-1.17.21-5.7-2.21-10.65C84.65,29.54,78,24.09,75.09,21.72c.85.62,6.1,2.74,8.55,5.69.23-.3.32-1.89.53-2.29-2.1-2.76-2.26-7.66-2.26-9A14.87,14.87,0,0,0,80.69,11a8.16,8.16,0,0,1,2.65,4.53,18.51,18.51,0,0,0,3.82,8.34c3.43,4.26,6.52,6.45,8.08,4.88,1.88-1.9-1.89-10.37-6.71-15.1-5.62-5.52-7.09-4.81-10.39-3.63-2.63.94-4,8.4-10.91,8.26-1.16-.14-4.15-.21-5.64-.2C62.36,17,63,16.21,63,16.21a35.61,35.61,0,0,0-4.25,2.09l-.15-.22A12,12,0,0,1,60,15.8a40.56,40.56,0,0,0-3.51,2.43,5.25,5.25,0,0,1,1.45-2.71s-2.32.41-5.28,3.67A36,36,0,0,0,45.8,21.9c-4.35-.95-6.41-2.49-8.37-5.31-1.49-2.15-4.15-2.48-6.85-1.37-4,1.64-9,3.87-9,3.87s1.63-.06,3.33,0a44.68,44.68,0,0,0-4.56,2.09s1.09,0,2.44,0A22.93,22.93,0,0,1,20.5,22.9a33,33,0,0,0-3.85,3.33,22.56,22.56,0,0,1,2.74-1c-.9,2.07-2.7,3.6-2.37,6.14.32,2.33,3.17,7.11,6.85,10,.32.26,5.34,4.91,9.13,3s5.29-3.6,5.91-6.21c.73-3,.32-5.26-1.25-11.75-.52-2.14-1.86-6.56-2.51-8.67l.15-.11A106.06,106.06,0,0,1,41,31.8C43,39,42.36,42.68,41.44,44c-2.75,4-9.8,4.58-13,2.34-.49,7.78,1.24,11.2,1.83,12.92-.29,2,1,5.67,1,5.67A7,7,0,0,1,32,62.4a16.53,16.53,0,0,0,1.14,4.31A8.19,8.19,0,0,1,33.52,64a19.56,19.56,0,0,0,1.71,2.14A11.6,11.6,0,0,0,37,69.8,9.87,9.87,0,0,1,37,67.5c2.94,2.82,3.45,7,3.74,10.12C41.52,86.33,27,93.25,24.13,98.71c-2.14,3.23-3.42,8.33.2,11.35,8.76,7.27,5.4,9.27,9.78,12.47,6,4.38,13.54,2.42,16.1-1.15,3.56-5,2.65-9.65,1.32-14-1-3.43-3.84-9.12-7.32-11.33a15.26,15.26,0,0,0-10-2.37l.27-.31c4.22-.84,8.62-.38,11.81,1.68,3.62,2.32,6.93,6.31,8.66,12.43,2-.28,2.24-.41,4-.66l-4-31.5ZM83.85,35c3.73,1.73,3.24,5,3.34,7a5.25,5.25,0,0,1,0,1.19,5,5,0,0,0-2.62-.43,9.49,9.49,0,0,0-1.1.12,7.78,7.78,0,0,1-3-3.71l-.17-.39-.07-.17,0-.08c-.42-1.31-.14-1.57,0-2s.85-.76-.15-1.1a1.8,1.8,0,0,0-.31-.07C80.47,34.54,82.44,34.34,83.85,35Zm-4.6,21.63c.72-.57,4-1.62,7.09-2,1.6-.19,3.88-.29,4.37,0,1,.53,1,2.18.31,3.72-1,2.22-2.33,4.67-3.88,4.87-2.52.34-4.91-1-7.63-3.06A2.23,2.23,0,0,1,79.25,56.62ZM55.34,39.75c4-2.73,9.16-1.65,8.3-.83-1.65,1.56.54,1.1.78,4a5,5,0,0,1-1.12,4A25.49,25.49,0,0,0,58.7,48a26,26,0,0,0-2.85,1.13,7.32,7.32,0,0,1-.73-.55A5.53,5.53,0,0,1,55.34,39.75Zm60.11,27.82-32.51,5.9a16,16,0,0,1-3.75,3.33,11.75,11.75,0,0,1-9.29.85,20,20,0,0,1-3.71-1.19l-7.95,1.1,4.83,40.2,55.7-10ZM65.88,113.92l-.46-4.37,9.09-13.88,10.33,3,8.88-14.84,10.65,7,8.1-17,2.87,30.91Z" fill="#fff"/>
|
||||
</svg>
|
||||
|
Before Width: | Height: | Size: 2.8 KiB |
@@ -21,6 +21,8 @@ interface WorkflowProperties {
|
||||
categories: string[] | null;
|
||||
|
||||
creator?: string;
|
||||
|
||||
enterprise?: boolean;
|
||||
}
|
||||
|
||||
interface WorkflowsCheckResult {
|
||||
@@ -59,6 +61,7 @@ async function checkWorkflows(
|
||||
|
||||
const enabled =
|
||||
!isPartnerWorkflow &&
|
||||
workflowProperties.enterprise !== false &&
|
||||
(await checkWorkflow(workflowFilePath, enabledActions));
|
||||
|
||||
const workflowDesc: WorkflowDesc = {
|
||||
|
||||
Reference in New Issue
Block a user