-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Ilona Shishov <[email protected]>
- Loading branch information
1 parent
953f311
commit 4c6ebb7
Showing
48 changed files
with
5,763 additions
and
1,346 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
name: CI Checks | ||
on: | ||
push: | ||
pull_request: | ||
|
||
jobs: | ||
lint: | ||
name: Run ESLint | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
|
||
- name: Setup Node.js | ||
uses: actions/setup-node@v4 | ||
with: | ||
node-version: 20 | ||
registry-url: 'https://npm.pkg.github.com' | ||
env: | ||
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Install dependencies | ||
run: npm ci | ||
|
||
- name: Run lint | ||
run: npm run lint | ||
|
||
check-dist: | ||
name: Check Distribution | ||
runs-on: ubuntu-latest | ||
|
||
env: | ||
BUNDLE_FILE: "dist/index.js" | ||
BUNDLE_COMMAND: "npm run bundle" | ||
|
||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
|
||
- name: Setup Node.js | ||
uses: actions/setup-node@v4 | ||
with: | ||
node-version: 20 | ||
registry-url: 'https://npm.pkg.github.com' | ||
env: | ||
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Install dependencies | ||
run: npm ci | ||
|
||
- name: Verify Latest Bundle | ||
uses: redhat-actions/common/bundle-verifier@v1 | ||
with: | ||
bundle_file: ${{ env.BUNDLE_FILE }} | ||
bundle_command: ${{ env.BUNDLE_COMMAND }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
name: Scan Docker project | ||
on: | ||
push: | ||
workflow_dispatch: | ||
|
||
jobs: | ||
test: | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
os: [ "ubuntu-latest" ] | ||
# Test once with explicit manifest_file, and once without | ||
include: | ||
- index: 1 | ||
manifest_file: "Dockerfile" | ||
- index: 2 | ||
manifest_file: "" | ||
runs-on: ${{ matrix.os }} | ||
defaults: | ||
run: | ||
shell: bash | ||
name: Analyse Docker project | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
|
||
- name: Set up JDK 20 | ||
uses: actions/setup-java@v4 | ||
with: | ||
distribution: 'temurin' | ||
java-version: '20' | ||
|
||
- name: Install syft | ||
run: | | ||
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin | ||
- name: Install skopeo | ||
run: | | ||
sudo apt-get update | ||
sudo apt-get install -y skopeo | ||
- name: RHDA Scan | ||
id: rhda_scan | ||
uses: RHEcosystemAppEng/rhda-github-action@main | ||
with: | ||
manifest_directory: manifests/docker | ||
manifest_file: ${{ matrix.manifest_file }} | ||
artifact_filename: ${{ matrix.os }}${{ matrix.index }}-rhda-report | ||
fail_on: never | ||
|
||
- name: Print JSON analysis report | ||
if: ${{ always() && steps.rhda_scan.outputs.crda_report_json }} | ||
run: cat ${{ steps.rhda_scan.outputs.crda_report_json }} | ||
|
||
- name: Print SARIF analysis report | ||
if: ${{ always() && steps.rhda_scan.outputs.crda_report_sarif }} | ||
run: cat ${{ steps.rhda_scan.outputs.crda_report_sarif }} | ||
|
||
- name: Print Artifact ID | ||
run: echo ${{ steps.rhda_scan.outputs.artifact_id }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
name: Scan Golang project | ||
on: | ||
push: | ||
workflow_dispatch: | ||
|
||
jobs: | ||
test: | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
os: [ "ubuntu-latest", "macos-latest", "windows-latest" ] | ||
# Test once with explicit manifest_file, and once without | ||
include: | ||
- index: 1 | ||
manifest_file: "go.mod" | ||
- index: 2 | ||
manifest_file: "" | ||
runs-on: ${{ matrix.os }} | ||
defaults: | ||
run: | ||
shell: bash | ||
name: Analyse Golang project | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
|
||
- name: Setup Go | ||
uses: actions/setup-go@v4 | ||
with: | ||
go-version: '1.22' | ||
|
||
- name: RHDA Scan | ||
id: rhda_scan | ||
uses: RHEcosystemAppEng/rhda-github-action@main | ||
with: | ||
manifest_directory: manifests/golang | ||
manifest_file: ${{ matrix.manifest_file }} | ||
artifact_filename: ${{ matrix.os }}${{ matrix.index }}-rhda-report | ||
fail_on: never | ||
|
||
- name: Print JSON analysis report | ||
if: ${{ always() && steps.rhda_scan.outputs.crda_report_json }} | ||
run: cat ${{ steps.rhda_scan.outputs.crda_report_json }} | ||
|
||
- name: Print SARIF analysis report | ||
if: ${{ always() && steps.rhda_scan.outputs.crda_report_sarif }} | ||
run: cat ${{ steps.rhda_scan.outputs.crda_report_sarif }} | ||
|
||
- name: Print Artifact ID | ||
run: echo ${{ steps.rhda_scan.outputs.artifact_id }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
name: Scan Gradle project | ||
on: | ||
push: | ||
workflow_dispatch: | ||
|
||
jobs: | ||
test: | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
os: [ "ubuntu-latest", "macos-latest", "windows-latest" ] | ||
# Test once with explicit manifest_file, and once without | ||
include: | ||
- index: 1 | ||
manifest_file: "build.gradle" | ||
- index: 2 | ||
manifest_file: "" | ||
runs-on: ${{ matrix.os }} | ||
defaults: | ||
run: | ||
shell: bash | ||
name: Analyse Gradle project | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
|
||
- name: Setup Java | ||
uses: actions/setup-java@v4 | ||
with: | ||
distribution: temurin | ||
java-version: '20' | ||
|
||
- name: RHDA Scan | ||
id: rhda_scan | ||
uses: RHEcosystemAppEng/rhda-github-action@main | ||
with: | ||
manifest_directory: manifests/gradle | ||
manifest_file: ${{ matrix.manifest_file }} | ||
artifact_filename: ${{ matrix.os }}${{ matrix.index }}-rhda-report | ||
fail_on: never | ||
|
||
- name: Print JSON analysis report | ||
if: ${{ always() && steps.rhda_scan.outputs.crda_report_json }} | ||
run: cat ${{ steps.rhda_scan.outputs.crda_report_json }} | ||
|
||
- name: Print SARIF analysis report | ||
if: ${{ always() && steps.rhda_scan.outputs.crda_report_sarif }} | ||
run: cat ${{ steps.rhda_scan.outputs.crda_report_sarif }} | ||
|
||
- name: Print Artifact ID | ||
run: echo ${{ steps.rhda_scan.outputs.artifact_id }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
name: Scan Maven project | ||
on: | ||
push: | ||
workflow_dispatch: | ||
|
||
jobs: | ||
test: | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
os: [ "ubuntu-latest", "macos-latest", "windows-latest" ] | ||
# Test once with explicit manifest_file, and once without | ||
include: | ||
- index: 1 | ||
manifest_file: "pom.xml" | ||
- index: 2 | ||
manifest_file: "" | ||
runs-on: ${{ matrix.os }} | ||
defaults: | ||
run: | ||
shell: bash | ||
name: Analyse Maven project | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
|
||
- name: Setup Java | ||
uses: actions/setup-java@v4 | ||
with: | ||
distribution: temurin | ||
java-version: '20' | ||
|
||
- name: RHDA Scan | ||
id: rhda_scan | ||
uses: RHEcosystemAppEng/rhda-github-action@main | ||
with: | ||
manifest_directory: manifests/maven | ||
manifest_file: ${{ matrix.manifest_file }} | ||
artifact_filename: ${{ matrix.os }}${{ matrix.index }}-rhda-report | ||
fail_on: never | ||
|
||
- name: Print JSON analysis report | ||
if: ${{ always() && steps.rhda_scan.outputs.crda_report_json }} | ||
run: cat ${{ steps.rhda_scan.outputs.crda_report_json }} | ||
|
||
- name: Print SARIF analysis report | ||
if: ${{ always() && steps.rhda_scan.outputs.crda_report_sarif }} | ||
run: cat ${{ steps.rhda_scan.outputs.crda_report_sarif }} | ||
|
||
- name: Print Artifact ID | ||
run: echo ${{ steps.rhda_scan.outputs.artifact_id }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
name: Scan Npm project | ||
on: | ||
push: | ||
workflow_dispatch: | ||
|
||
jobs: | ||
test: | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
os: [ "ubuntu-latest", "macos-latest", "windows-latest" ] | ||
# Test once with explicit manifest_file, and once without | ||
manifest_file: ["package.json", ""] | ||
include: | ||
- index: 1 | ||
manifest_file: "package.json" | ||
- index: 2 | ||
manifest_file: "" | ||
runs-on: ${{ matrix.os }} | ||
defaults: | ||
run: | ||
shell: bash | ||
name: Analyse Npm project | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
|
||
- name: Setup Node.js | ||
uses: actions/setup-node@v4 | ||
with: | ||
node-version: '20' | ||
|
||
- name: RHDA Scan | ||
id: rhda_scan | ||
uses: RHEcosystemAppEng/rhda-github-action@main | ||
with: | ||
manifest_directory: manifests/npm | ||
manifest_file: ${{ matrix.manifest_file }} | ||
artifact_filename: ${{ matrix.os }}${{ matrix.index }}-rhda-report | ||
fail_on: never | ||
|
||
- name: Print JSON analysis report | ||
if: ${{ always() && steps.rhda_scan.outputs.crda_report_json }} | ||
run: cat ${{ steps.rhda_scan.outputs.crda_report_json }} | ||
|
||
- name: Print SARIF analysis report | ||
if: ${{ always() && steps.rhda_scan.outputs.crda_report_sarif }} | ||
run: cat ${{ steps.rhda_scan.outputs.crda_report_sarif }} | ||
|
||
- name: Print Artifact ID | ||
run: echo ${{ steps.rhda_scan.outputs.artifact_id }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
name: Scan Podman project | ||
on: | ||
push: | ||
workflow_dispatch: | ||
|
||
jobs: | ||
test: | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
os: [ "ubuntu-latest" ] | ||
# Test once with explicit manifest_file, and once without | ||
include: | ||
- index: 1 | ||
manifest_file: "Containerfile" | ||
- index: 2 | ||
manifest_file: "" | ||
runs-on: ${{ matrix.os }} | ||
defaults: | ||
run: | ||
shell: bash | ||
name: Analyse Podman project | ||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
|
||
- name: Set up JDK 20 | ||
uses: actions/setup-java@v4 | ||
with: | ||
distribution: 'temurin' | ||
java-version: '20' | ||
|
||
- name: Install syft | ||
run: | | ||
curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin | ||
- name: Install skopeo | ||
run: | | ||
sudo apt-get update | ||
sudo apt-get install -y skopeo | ||
- name: RHDA Scan | ||
id: rhda_scan | ||
uses: RHEcosystemAppEng/rhda-github-action@main | ||
with: | ||
manifest_directory: manifests/podman | ||
manifest_file: ${{ matrix.manifest_file }} | ||
artifact_filename: ${{ matrix.os }}${{ matrix.index }}-rhda-report | ||
fail_on: never | ||
|
||
- name: Print JSON analysis report | ||
if: ${{ always() && steps.rhda_scan.outputs.crda_report_json }} | ||
run: cat ${{ steps.rhda_scan.outputs.crda_report_json }} | ||
|
||
- name: Print SARIF analysis report | ||
if: ${{ always() && steps.rhda_scan.outputs.crda_report_sarif }} | ||
run: cat ${{ steps.rhda_scan.outputs.crda_report_sarif }} | ||
|
||
- name: Print Artifact ID | ||
run: echo ${{ steps.rhda_scan.outputs.artifact_id }} |
Oops, something went wrong.