f459d8595c1f0fb2c9821e7feb6947cc764439a0
* Secure workflows (#1) (#1072) * Restrict permissions for the GITHUB_TOKEN in .github/workflows/label-feature.yml * Restrict permissions for the GITHUB_TOKEN in .github/workflows/label-support.yml * Restrict permissions for the GITHUB_TOKEN in .github/workflows/stale.yml * Restrict permissions for the GITHUB_TOKEN in .github/workflows/sync_ghes.yaml * Restrict permissions for the GITHUB_TOKEN in .github/workflows/validate-data.yaml Co-authored-by: Step Security <bot@stepsecurity.io> Co-authored-by: step-security[bot] <89328102+step-security[bot]@users.noreply.github.com> Co-authored-by: Step Security <bot@stepsecurity.io> * Directory for deployments (#1071) * moving deployment templates * including deployment directory in scripts * validate categories script init * introducing scout * introducing workflow * Update validate-categories.yaml * Update validate-categories.yaml * Update validate-categories.yaml * Update validate.rb * Update validate.rb * Update validate.rb * Update validate.rb * Update validate-categories.yaml * Update validate-categories.yaml * Update validate-categories.yaml * Update validate.rb * Update validate-categories.yaml * Update validate-categories.yaml * Create test_comment.yaml * rename * using [enter] * testing newline * test * setting up variable * using echo -e * using join * testing space space new line * setting multi line in echo * removing checkout * setting rows-generator * fixing error * using join * commit * Update test_comment.yaml * escaping pipe * printing debug line * using %0A * Update validate-categories.yaml * Update validate.rb * Update validate.rb * removing debug * removing variable * Update validate.rb * Update validate-categories.yaml * Validate categories comment on pr (#32) * reverting deployment directory * checking for output * Categories validation two workflows (#34) comment on pr in a separate workflow * Categories validation two workflows (#35) using right dir name * Categories validation two workflows (#36) . * Categories validation two workflows (#37) fixing typo * adding if conditions * adding try catch * using console instead of echo * equating to upstream * moving deployment templates * add codeql workflow to ghes * restoring from main (#1078) * Revert "add codeql workflow to ghes branch" * add codeql workflow to ghes * only run ghes sync checks on YML files * only check nwo of supported actions * added `React` and `Angular` as categories to node (#1084) * Fixed a broken link to actions/upload-a-build-artifact in dotnet-desktop.yml. (#1074) Co-authored-by: Josh Gross <joshmgross@github.com> * Added support for Java Frameworks, Spring and JSF to CI Templates. (#1087) * Update OpenShift workflow to use GHCR by default (#6) - Simplifies required configuration since a registry account is now optional - Update a variety of comments - Use tools-installer to install oc - Other small changes towards a better UX Signed-off-by: Tim Etchells <tetchel@gmail.com> * Update github-script major version Co-authored-by: John Bohannon <imjohnbo@github.com> * Addressing review comments - Renaming template and updating setup-ruby action version (#1086) * renaming template and updating setup-ruby action version * renaming rubyrails files * renaming rails files * Addition to categories to python templates (#1088) * addition to categories for python-app template * adding categories to pylint template * adding categories to python-package template Co-authored-by: Ashwin Sangem <ashwinsangem@github.com> * Adding category in the template property file (#1092) * adding category in the template property file * added category on ruby template * add `makefile` template (#1093) Co-authored-by: Ashwin Sangem <ashwinsangem@github.com> * added prefix `npm-` (#1097) * support `AspNetCore` and `DotNetConsole` (#1096) Co-authored-by: Ashwin Sangem <ashwinsangem@github.com> * add `Continuous integration` to makefile props (#1100) Co-authored-by: Varun Sharma <varunsh@stepsecurity.io> Co-authored-by: step-security[bot] <89328102+step-security[bot]@users.noreply.github.com> Co-authored-by: Step Security <bot@stepsecurity.io> Co-authored-by: Aparna Ravindra <82894348+aparna-ravindra@users.noreply.github.com> Co-authored-by: Nick Fyson <nickfyson@github.com> Co-authored-by: Ninad Kavimandan <ninadkavimandan@github.com> Co-authored-by: tmash06 <tmash06@gmail.com> Co-authored-by: Josh Gross <joshmgross@github.com> Co-authored-by: Tim Etchells <tetchel@gmail.com> Co-authored-by: Tim Etchells <tetchell@redhat.com> Co-authored-by: John Bohannon <imjohnbo@github.com> Co-authored-by: Shubham Tiwari <64764738+tiwarishub@users.noreply.github.com>
Starter Workflows
These are the workflow files for helping people get started with GitHub Actions. They're presented whenever you start to create a new GitHub Actions workflow.
If you want to get started with GitHub Actions, you can use these starter workflows by clicking the "Actions" tab in the repository where you want to create a workflow.
Directory structure
- ci: solutions for Continuous Integration and Deployments
- automation: solutions for automating workflows.
- code-scanning: starter workflows for Code Scanning
- icons: svg icons for the relevant template
Each workflow must be written in YAML and have a .yml extension. They also need a corresponding .properties.json file that contains extra metadata about the workflow (this is displayed in the GitHub.com UI).
For example: ci/django.yml and ci/properties/django.properties.json.
Valid properties
name: the name shown in onboarding. This property is unique within the repository.description: the description shown in onboardingiconName: the icon name in the relevant folder, for example,djangoshould have an iconicons/django.svg. Only SVG is supported at this time. Another option is to use octicon. The format to use an octicon isocticon <<icon name>>. Example:octicon personcreator: creator of the template shown in onboarding. All the workflow templates from an author will have the samecreatorfield.categories: the categories that it will be shown under. Choose at least one category from the list here. Further, choose the categories from the list of languages available here. When a user views the available templates, those templates that match the same language will feature more prominently.
Categories
- continuous-integration
- deployment
- testing
- code-quality
- code-review
- dependency-management
- monitoring
- Automation
- utilities
Variables
These variables can be placed in the starter workflow and will be substituted as detailed below:
$default-branch: will substitute the branch from the repository, for examplemainandmaster$protected-branches: will substitue any protected branches from the repository.$cron-daily: will substitute a valid but random time within the day
Description
Languages
TypeScript
100%