Dylan 6702f0d2e3 Fortify Starter Workflow to use new Fortify AST Action (#2245)
* Update Fortify logo

* Update fortify workflow

Update positioning, Github action versions, Java version and add in Debricked packaging support

* Update fortify.properties.json

Update languages and creator

* Update fortify.yml

Update triggers based on latest starter workflow guidelines

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/properties/fortify.properties.json

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update fortify.yml

* Update fortify.properties.json

* Update fortify.yml

Update starter workflow to use new unified Fortify AST Action

* Update fortify.yml

* Update fortify.yml

* Update fortify.yml

Refine workflow comments

* Update fortify.yml

Bump checkout action version

* Update fortify.yml

* Update fortify.yml

* Update fortify.yml

One final clean up

* Update fortify.properties.json

* Update fortify.yml

* Update fortify.yml

* Update fortify.properties.json

Update with support for Bicep and Solidity

* Update fortify.properties.json

Uppercase "Solidity" for consistency

* Change v1 to commit hash

---------

Co-authored-by: James M. Greene <JamesMGreene@github.com>
Co-authored-by: Ruud Senden <8635138+rsenden@users.noreply.github.com>
2024-05-06 13:57:14 +00:00
2024-03-29 20:19:38 -05:00
2024-04-29 13:46:23 -07:00
2020-03-21 14:53:31 +00:00
2020-05-20 10:00:39 -07:00
2024-03-29 15:20:42 -07:00
2020-11-24 13:39:40 -08:00

Starter Workflows

These are the workflow files for helping people get started with GitHub Actions. They're presented whenever you start to create a new GitHub Actions workflow.

If you want to get started with GitHub Actions, you can use these starter workflows by clicking the "Actions" tab in the repository where you want to create a workflow.

Directory structure

Each workflow must be written in YAML and have a .yml extension. They also need a corresponding .properties.json file that contains extra metadata about the workflow (this is displayed in the GitHub.com UI).

For example: ci/django.yml and ci/properties/django.properties.json.

Valid properties

  • name: the name shown in onboarding. This property is unique within the repository.
  • description: the description shown in onboarding
  • iconName: the icon name in the relevant folder, for example, django should have an icon icons/django.svg. Only SVG is supported at this time. Another option is to use octicon. The format to use an octicon is octicon <<icon name>>. Example: octicon person
  • creator: creator of the template shown in onboarding. All the workflow templates from an author will have the same creator field.
  • categories: the categories that it will be shown under. Choose at least one category from the list here. Further, choose the categories from the list of languages available here and the list of tech stacks available here. When a user views the available templates, those templates that match the language and tech stacks will feature more prominently.

Categories

  • continuous-integration
  • deployment
  • testing
  • code-quality
  • code-review
  • dependency-management
  • monitoring
  • Automation
  • utilities
  • Pages
  • Hugo

Variables

These variables can be placed in the starter workflow and will be substituted as detailed below:

  • $default-branch: will substitute the branch from the repository, for example main and master
  • $protected-branches: will substitute any protected branches from the repository
  • $cron-daily: will substitute a valid but random time within the day

How to test templates before publishing

Disable template for public

The template author adds a labels array in the template's properties.json file with a label preview. This will hide the template from users, unless user uses query parameter preview=true in the URL. Example properties.json file:

{
    "name": "Node.js",
    "description": "Build and test a Node.js project with npm.",
    "iconName": "nodejs",
    "categories": ["Continuous integration", "JavaScript", "npm", "React", "Angular", "Vue"],
    "labels": ["preview"]
}

For viewing the templates with preview label, provide query parameter preview=true to the new workflow page URL. Eg. https://github.com/<owner>/<repo_name>/actions/new?preview=true.

Enable template for public

Remove the labels array from properties.json file to publish the template to public

Languages
TypeScript 100%