diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 62283f9e3c..ee66df244f 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,12 +5,12 @@
version: 2
updates:
- - package-ecosystem: "npm"
+ - package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
-
- - package-ecosystem: "github-actions"
+
+ - package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
diff --git a/ci/ada.yml b/ci/ada.yml
index 7e94b3855e..417ed2e006 100644
--- a/ci/ada.yml
+++ b/ci/ada.yml
@@ -17,7 +17,7 @@ jobs:
- name: Set up GNAT toolchain
run: >
- sudo apt-get update &&
+ sudo apt-get update &&
sudo apt-get install gnat gprbuild
- name: Build
diff --git a/ci/cmake.yml b/ci/cmake.yml
index 6f06f756ca..95d7efd7cf 100644
--- a/ci/cmake.yml
+++ b/ci/cmake.yml
@@ -31,7 +31,7 @@ jobs:
- name: Test
working-directory: ${{github.workspace}}/build
- # Execute tests defined by the CMake configuration.
+ # Execute tests defined by the CMake configuration.
# See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail
run: ctest -C ${{env.BUILD_TYPE}}
-
+
diff --git a/ci/go-ossf-slsa3-publish.yml b/ci/go-ossf-slsa3-publish.yml
index a7388752f0..b357cc07d9 100644
--- a/ci/go-ossf-slsa3-publish.yml
+++ b/ci/go-ossf-slsa3-publish.yml
@@ -3,10 +3,10 @@
# separate terms of service, privacy policy, and support
# documentation.
-# This workflow lets you compile your Go project using a SLSA3 compliant builder.
-# This workflow will generate a so-called "provenance" file describing the steps
+# This workflow lets you compile your Go project using a SLSA3 compliant builder.
+# This workflow will generate a so-called "provenance" file describing the steps
# that were performed to generate the final binary.
-# The project is an initiative of the OpenSSF (openssf.org) and is developed at
+# The project is an initiative of the OpenSSF (openssf.org) and is developed at
# https://github.com/slsa-framework/slsa-github-generator.
# The provenance file can be verified using https://github.com/slsa-framework/slsa-verifier.
# For more information about SLSA and how it improves the supply-chain, visit slsa.dev.
@@ -21,7 +21,7 @@ permissions: read-all
jobs:
# ========================================================================================================================================
- # Prerequesite: Create a .slsa-goreleaser.yml in the root directory of your project.
+ # Prerequesite: Create a .slsa-goreleaser.yml in the root directory of your project.
# See format in https://github.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/go/README.md#configuration-file
#=========================================================================================================================================
build:
diff --git a/ci/makefile.yml b/ci/makefile.yml
index 0156944cdc..1b53855ad3 100644
--- a/ci/makefile.yml
+++ b/ci/makefile.yml
@@ -13,15 +13,15 @@ jobs:
steps:
- uses: actions/checkout@v3
-
+
- name: configure
run: ./configure
-
+
- name: Install dependencies
run: make
-
+
- name: Run check
run: make check
-
+
- name: Run distcheck
run: make distcheck
diff --git a/ci/npm-grunt.yml b/ci/npm-grunt.yml
index e39ddbfe7c..0bcbd1c9ff 100644
--- a/ci/npm-grunt.yml
+++ b/ci/npm-grunt.yml
@@ -13,7 +13,7 @@ jobs:
strategy:
matrix:
node-version: [14.x, 16.x, 18.x]
-
+
steps:
- uses: actions/checkout@v3
diff --git a/ci/npm-gulp.yml b/ci/npm-gulp.yml
index 7606deaf43..7d79002e88 100644
--- a/ci/npm-gulp.yml
+++ b/ci/npm-gulp.yml
@@ -13,7 +13,7 @@ jobs:
strategy:
matrix:
node-version: [14.x, 16.x, 18.x]
-
+
steps:
- uses: actions/checkout@v3
diff --git a/ci/webpack.yml b/ci/webpack.yml
index 0bc6406270..2b8b18a805 100644
--- a/ci/webpack.yml
+++ b/ci/webpack.yml
@@ -13,7 +13,7 @@ jobs:
strategy:
matrix:
node-version: [14.x, 16.x, 18.x]
-
+
steps:
- uses: actions/checkout@v3
diff --git a/code-scanning/apisec-scan.yml b/code-scanning/apisec-scan.yml
index 209e882d9b..09f50cd3b0 100644
--- a/code-scanning/apisec-scan.yml
+++ b/code-scanning/apisec-scan.yml
@@ -3,8 +3,8 @@
# separate terms of service, privacy policy, and support
# documentation.
-# APIsec addresses the critical need to secure APIs before they reach production.
-# APIsec provides the industry’s only automated and continuous API testing platform that uncovers security vulnerabilities and logic flaws in APIs.
+# APIsec addresses the critical need to secure APIs before they reach production.
+# APIsec provides the industry’s only automated and continuous API testing platform that uncovers security vulnerabilities and logic flaws in APIs.
# Clients rely on APIsec to evaluate every update and release, ensuring that no APIs go to production with vulnerabilities.
# How to Get Started with APIsec.ai
@@ -50,7 +50,7 @@ jobs:
Trigger_APIsec_scan:
permissions:
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
diff --git a/code-scanning/brakeman.yml b/code-scanning/brakeman.yml
index 957343c7fe..5547c592c9 100644
--- a/code-scanning/brakeman.yml
+++ b/code-scanning/brakeman.yml
@@ -25,7 +25,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Brakeman Scan
runs-on: ubuntu-latest
steps:
diff --git a/code-scanning/checkmarx.yml b/code-scanning/checkmarx.yml
index 9bdb136065..582488a128 100644
--- a/code-scanning/checkmarx.yml
+++ b/code-scanning/checkmarx.yml
@@ -29,7 +29,7 @@ jobs:
issues: write # for checkmarx-ts/checkmarx-cxflow-github-action to write feedback to github issues
pull-requests: write # for checkmarx-ts/checkmarx-cxflow-github-action to write feedback to PR
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
# Steps require - checkout code, run CxFlow Action, Upload SARIF report (optional)
diff --git a/code-scanning/clj-holmes.yml b/code-scanning/clj-holmes.yml
index 4487e237de..87f11cbceb 100644
--- a/code-scanning/clj-holmes.yml
+++ b/code-scanning/clj-holmes.yml
@@ -16,7 +16,7 @@ on:
permissions:
contents: read
-
+
jobs:
clj-holmes:
name: Run clj-holmes scanning
@@ -24,7 +24,7 @@ jobs:
permissions:
contents: read
security-events: write
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v2
diff --git a/code-scanning/clj-watson.yml b/code-scanning/clj-watson.yml
index 76903a9d04..59bfd41b8a 100644
--- a/code-scanning/clj-watson.yml
+++ b/code-scanning/clj-watson.yml
@@ -6,7 +6,7 @@
# seeking for vulnerable direct/transitive dependencies and
# build a report with all the information needed to help you
# understand how the vulnerability manifest in your software.
-# More details at https://github.com/clj-holmes/clj-watson
+# More details at https://github.com/clj-holmes/clj-watson
name: clj-watson
@@ -29,7 +29,7 @@ jobs:
permissions:
contents: read
security-events: write
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v2
@@ -40,7 +40,7 @@ jobs:
clj-watson-sha: "65d928c"
clj-watson-tag: "v4.0.1"
database-strategy: github-advisory
- aliases: clojure-lsp,test
+ aliases: clojure-lsp,test
deps-edn-path: deps.edn
suggest-fix: true
output-type: sarif
diff --git a/code-scanning/cloudrail.yml b/code-scanning/cloudrail.yml
index 4a0cd73c00..e5defa3c57 100644
--- a/code-scanning/cloudrail.yml
+++ b/code-scanning/cloudrail.yml
@@ -9,7 +9,7 @@ on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
- branches: [ $default-branch ]
+ branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
@@ -26,7 +26,7 @@ jobs:
- name: Clone repo
uses: actions/checkout@v3
- # For Terraform, Cloudrail requires the plan as input. So we generate it using
+ # For Terraform, Cloudrail requires the plan as input. So we generate it using
# the Terraform core binary.
- uses: hashicorp/setup-terraform@v1
with:
@@ -53,6 +53,6 @@ jobs:
uses: github/codeql-action/upload-sarif@v2
# Remember that if issues are found, Cloudrail return non-zero exit code, so the if: always()
# is needed to ensure the SARIF file is uploaded
- if: always()
+ if: always()
with:
sarif_file: cloudrail_results.sarif
diff --git a/code-scanning/codacy.yml b/code-scanning/codacy.yml
index 7b705bd10d..bbb211857c 100644
--- a/code-scanning/codacy.yml
+++ b/code-scanning/codacy.yml
@@ -30,7 +30,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Codacy Security Scan
runs-on: ubuntu-latest
steps:
diff --git a/code-scanning/codeql.yml b/code-scanning/codeql.yml
index 34c5de72a1..3f0ecfbd5c 100644
--- a/code-scanning/codeql.yml
+++ b/code-scanning/codeql.yml
@@ -48,11 +48,11 @@ jobs:
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
-
+
# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality
-
+
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
@@ -61,7 +61,7 @@ jobs:
# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
- # If the Autobuild fails above, remove it and uncomment the following three lines.
+ # If the Autobuild fails above, remove it and uncomment the following three lines.
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
# - run: |
diff --git a/code-scanning/codescan.yml b/code-scanning/codescan.yml
index a9f10535e3..0959d232d1 100644
--- a/code-scanning/codescan.yml
+++ b/code-scanning/codescan.yml
@@ -25,7 +25,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- name: Checkout repository
diff --git a/code-scanning/contrast-scan.yml b/code-scanning/contrast-scan.yml
index 4e4deb7c40..ff3d9d3a84 100644
--- a/code-scanning/contrast-scan.yml
+++ b/code-scanning/contrast-scan.yml
@@ -8,7 +8,7 @@
# Contrast Scan currently supports Java, JavaScript and .NET artifacts.
# For more information about the Contrast Scan GitHub Action see here: https://github.com/Contrast-Security-OSS/contrastscan-action
-# Pre-requisites:
+# Pre-requisites:
# All Contrast related account secrets should be configured as GitHub secrets to be passed as inputs to the Contrast Scan Action.
# The required secrets are CONTRAST_API_KEY, CONTRAST_ORGANIZATION_ID and CONTRAST_AUTH_HEADER.
@@ -30,7 +30,7 @@ jobs:
permissions:
contents: read # for actions/checkout
security-events: write # for github/codeql-action/upload-sarif
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
# check out project
steps:
@@ -38,7 +38,7 @@ jobs:
# Since Contrast Scan is designed to run against your deployable artifact, the steps to build your artifact should go here.
# -name: Build Project
# ...
- # Scan Artifact
+ # Scan Artifact
- name: Contrast Scan Action
uses: Contrast-Security-OSS/contrastscan-action@7352a45d9678ec8a434cf061b07ffb51c1e351a1
with:
@@ -46,7 +46,7 @@ jobs:
apiKey: ${{ secrets.CONTRAST_API_KEY }}
orgId: ${{ secrets.CONTRAST_ORGANIZATION_ID }}
authHeader: ${{ secrets.CONTRAST_AUTH_HEADER }}
- #Upload the results to GitHub
+ #Upload the results to GitHub
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
with:
diff --git a/code-scanning/detekt.yml b/code-scanning/detekt.yml
index 0c65813487..a13a5170a7 100644
--- a/code-scanning/detekt.yml
+++ b/code-scanning/detekt.yml
@@ -69,13 +69,13 @@ jobs:
}
}
' 1> gh_response.json
-
+
DETEKT_RELEASE_SHA=$(jq --raw-output '.data.repository.release.releaseAssets.tagCommit.oid' gh_response.json)
if [ $DETEKT_RELEASE_SHA != "37f0a1d006977512f1f216506cd695039607c3e5" ]; then
echo "Release tag doesn't match expected commit SHA"
exit 1
fi
-
+
DETEKT_DOWNLOAD_URL=$(jq --raw-output '.data.repository.release.releaseAssets.nodes[0].downloadUrl' gh_response.json)
echo "::set-output name=download_url::$DETEKT_DOWNLOAD_URL"
diff --git a/code-scanning/devskim.yml b/code-scanning/devskim.yml
index bf1126103b..4abd6ca0cf 100644
--- a/code-scanning/devskim.yml
+++ b/code-scanning/devskim.yml
@@ -27,7 +27,7 @@ jobs:
- name: Run DevSkim scanner
uses: microsoft/DevSkim-Action@v1
-
+
- name: Upload DevSkim scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
diff --git a/code-scanning/eslint.yml b/code-scanning/eslint.yml
index 54b01c839e..fcb4f217ac 100644
--- a/code-scanning/eslint.yml
+++ b/code-scanning/eslint.yml
@@ -25,7 +25,7 @@ jobs:
permissions:
contents: read
security-events: write
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v3
@@ -39,7 +39,7 @@ jobs:
run: npx eslint .
--config .eslintrc.js
--ext .js,.jsx,.ts,.tsx
- --format @microsoft/eslint-formatter-sarif
+ --format @microsoft/eslint-formatter-sarif
--output-file eslint-results.sarif
continue-on-error: true
diff --git a/code-scanning/ethicalcheck.yml b/code-scanning/ethicalcheck.yml
index 2818bc695d..a68d0a2c7c 100644
--- a/code-scanning/ethicalcheck.yml
+++ b/code-scanning/ethicalcheck.yml
@@ -44,12 +44,12 @@ on:
permissions:
contents: read
-
+
jobs:
Trigger_EthicalCheck:
permissions:
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
@@ -61,9 +61,9 @@ jobs:
# The email address to which the penetration test report will be sent.
email: "xxx@apisec.ai"
sarif-result-file: "ethicalcheck-results.sarif"
-
+
- name: Upload sarif file to repository
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ./ethicalcheck-results.sarif
-
+
diff --git a/code-scanning/hadolint.yml b/code-scanning/hadolint.yml
index 315365282e..68aebaadb6 100644
--- a/code-scanning/hadolint.yml
+++ b/code-scanning/hadolint.yml
@@ -27,7 +27,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v3
diff --git a/code-scanning/lintr.yml b/code-scanning/lintr.yml
index 350df19701..8a6de5796d 100644
--- a/code-scanning/lintr.yml
+++ b/code-scanning/lintr.yml
@@ -29,7 +29,7 @@ jobs:
permissions:
contents: read # for checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
diff --git a/code-scanning/mobsf.yml b/code-scanning/mobsf.yml
index 1013749c50..21462488cf 100644
--- a/code-scanning/mobsf.yml
+++ b/code-scanning/mobsf.yml
@@ -9,7 +9,7 @@ on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
- branches: [ $default-branch ]
+ branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
@@ -21,7 +21,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
diff --git a/code-scanning/msvc.yml b/code-scanning/msvc.yml
index e8dac8842d..172d855551 100644
--- a/code-scanning/msvc.yml
+++ b/code-scanning/msvc.yml
@@ -28,7 +28,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Analyze
runs-on: windows-latest
diff --git a/code-scanning/neuralegion.yml b/code-scanning/neuralegion.yml
index e24e14a753..e9189d5e53 100644
--- a/code-scanning/neuralegion.yml
+++ b/code-scanning/neuralegion.yml
@@ -50,7 +50,7 @@
#
# `restart_scan`
#
-# **Required** when restarting an existing scan by its ID. You can get the scan ID in the Scans section on [nexploit.app](https://nexploit.app/login).
Please make sure to only use the necessary parameters. Otherwise, you will get a response with the parameter usage requirements.
+# **Required** when restarting an existing scan by its ID. You can get the scan ID in the Scans section on [nexploit.app](https://nexploit.app/login).
Please make sure to only use the necessary parameters. Otherwise, you will get a response with the parameter usage requirements.
#
# _Example:_ `restart_scan: ai3LG8DmVn9Rn1YeqCNRGQ)`
#
@@ -95,7 +95,7 @@
#
# `hosts_filter`
#
-# **Required** when the the discovery type is set to `archive`. Allows selecting specific hosts for a scan.
+# **Required** when the the discovery type is set to `archive`. Allows selecting specific hosts for a scan.
#
# Outputs
#
diff --git a/code-scanning/njsscan.yml b/code-scanning/njsscan.yml
index d766a6fcb6..81e3650c6d 100644
--- a/code-scanning/njsscan.yml
+++ b/code-scanning/njsscan.yml
@@ -25,7 +25,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
name: njsscan code scanning
steps:
diff --git a/code-scanning/ossar.yml b/code-scanning/ossar.yml
index 2bd91dd92b..63a7515fbf 100644
--- a/code-scanning/ossar.yml
+++ b/code-scanning/ossar.yml
@@ -27,7 +27,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: windows-latest
steps:
diff --git a/code-scanning/phpmd.yml b/code-scanning/phpmd.yml
index d10ace1e09..686551ae8c 100644
--- a/code-scanning/phpmd.yml
+++ b/code-scanning/phpmd.yml
@@ -2,9 +2,9 @@
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
-# PHPMD is a spin-off project of PHP Depend and
+# PHPMD is a spin-off project of PHP Depend and
# aims to be a PHP equivalent of the well known Java tool PMD.
-# What PHPMD does is: It takes a given PHP source code base
+# What PHPMD does is: It takes a given PHP source code base
# and look for several potential problems within that source.
# These problems can be things like:
# Possible bugs
@@ -34,7 +34,7 @@ jobs:
permissions:
contents: read # for checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
diff --git a/code-scanning/pmd.yml b/code-scanning/pmd.yml
index 8115116ead..6b5b7ea299 100644
--- a/code-scanning/pmd.yml
+++ b/code-scanning/pmd.yml
@@ -21,7 +21,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
diff --git a/code-scanning/powershell.yml b/code-scanning/powershell.yml
index 02e5de77f1..1e8a4267de 100644
--- a/code-scanning/powershell.yml
+++ b/code-scanning/powershell.yml
@@ -16,7 +16,7 @@ on:
branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
-
+
permissions:
contents: read
@@ -25,7 +25,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: PSScriptAnalyzer
runs-on: ubuntu-latest
steps:
@@ -37,11 +37,11 @@ jobs:
# Check https://github.com/microsoft/action-psscriptanalyzer for more info about the options.
# The below set up runs PSScriptAnalyzer to your entire repository and runs some basic security rules.
path: .\
- recurse: true
- # Include your own basic security rules. Removing this option will run all the rules
+ recurse: true
+ # Include your own basic security rules. Removing this option will run all the rules
includeRule: '"PSAvoidGlobalAliases", "PSAvoidUsingConvertToSecureStringWithPlainText"'
output: results.sarif
-
+
# Upload the SARIF file generated in the previous step
- name: Upload SARIF results file
uses: github/codeql-action/upload-sarif@v2
diff --git a/code-scanning/prisma.yml b/code-scanning/prisma.yml
index 1a12b86d79..9b24386948 100644
--- a/code-scanning/prisma.yml
+++ b/code-scanning/prisma.yml
@@ -29,7 +29,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
name: Run Prisma Cloud IaC Scan to check
steps:
diff --git a/code-scanning/puppet-lint.yml b/code-scanning/puppet-lint.yml
index 50b86dbbbb..26b6cca0bc 100644
--- a/code-scanning/puppet-lint.yml
+++ b/code-scanning/puppet-lint.yml
@@ -29,7 +29,7 @@ jobs:
permissions:
contents: read # for checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
diff --git a/code-scanning/rust-clippy.yml b/code-scanning/rust-clippy.yml
index c5f10ee747..90583f342f 100644
--- a/code-scanning/rust-clippy.yml
+++ b/code-scanning/rust-clippy.yml
@@ -4,7 +4,7 @@
# documentation.
# rust-clippy is a tool that runs a bunch of lints to catch common
# mistakes in your Rust code and help improve your Rust code.
-# More details at https://github.com/rust-lang/rust-clippy
+# More details at https://github.com/rust-lang/rust-clippy
# and https://rust-lang.github.io/rust-clippy/
name: rust-clippy analyze
@@ -25,7 +25,7 @@ jobs:
permissions:
contents: read
security-events: write
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout code
uses: actions/checkout@v2
diff --git a/code-scanning/securitycodescan.yml b/code-scanning/securitycodescan.yml
index b6ee5ad7b8..7a93d8aa9d 100644
--- a/code-scanning/securitycodescan.yml
+++ b/code-scanning/securitycodescan.yml
@@ -24,11 +24,11 @@ jobs:
- uses: actions/checkout@v3
- uses: nuget/setup-nuget@04b0c2b8d1b97922f67eca497d7cf0bf17b8ffe1
- uses: microsoft/setup-msbuild@v1.0.2
-
+
- name: Set up projects for analysis
uses: security-code-scan/security-code-scan-add-action@f8ff4f2763ed6f229eded80b1f9af82ae7f32a0d
-
- - name: Restore dependencies
+
+ - name: Restore dependencies
run: dotnet restore
- name: Build
diff --git a/code-scanning/semgrep.yml b/code-scanning/semgrep.yml
index b10a9307f1..23486e4901 100644
--- a/code-scanning/semgrep.yml
+++ b/code-scanning/semgrep.yml
@@ -27,7 +27,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Scan
runs-on: ubuntu-latest
steps:
diff --git a/code-scanning/snyk-container.yml b/code-scanning/snyk-container.yml
index a232c539c7..c3756c8610 100644
--- a/code-scanning/snyk-container.yml
+++ b/code-scanning/snyk-container.yml
@@ -30,7 +30,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
diff --git a/code-scanning/snyk-infrastructure.yml b/code-scanning/snyk-infrastructure.yml
index 3ca10353ed..aedf2a3c2b 100644
--- a/code-scanning/snyk-infrastructure.yml
+++ b/code-scanning/snyk-infrastructure.yml
@@ -29,7 +29,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
diff --git a/code-scanning/sobelow.yml b/code-scanning/sobelow.yml
index 7d38c7740f..61d376f45e 100644
--- a/code-scanning/sobelow.yml
+++ b/code-scanning/sobelow.yml
@@ -16,7 +16,7 @@ on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
- branches: [ $default-branch ]
+ branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
@@ -28,11 +28,11 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v3
- id: run-action
uses: sobelow/action@1afd6d2cae70ae8bd900b58506f54487ed863912
- name: Upload report
diff --git a/code-scanning/sonarcloud.yml b/code-scanning/sonarcloud.yml
index ff388c8d77..41075e4efb 100644
--- a/code-scanning/sonarcloud.yml
+++ b/code-scanning/sonarcloud.yml
@@ -3,7 +3,7 @@
# separate terms of service, privacy policy, and support
# documentation.
-# This workflow helps you trigger a SonarCloud analysis of your code and populates
+# This workflow helps you trigger a SonarCloud analysis of your code and populates
# GitHub Code Scanning alerts with the vulnerabilities found.
# Free for open source project.
@@ -11,16 +11,16 @@
# 2. Import your project on SonarCloud
# * Add your GitHub organization first, then add your repository as a new project.
-# * Please note that many languages are eligible for automatic analysis,
+# * Please note that many languages are eligible for automatic analysis,
# which means that the analysis will start automatically without the need to set up GitHub Actions.
# * This behavior can be changed in Administration > Analysis Method.
-#
+#
# 3. Follow the SonarCloud in-product tutorial
# * a. Copy/paste the Project Key and the Organization Key into the args parameter below
# (You'll find this information in SonarCloud. Click on "Information" at the bottom left)
#
# * b. Generate a new token and add it to your Github repository's secrets using the name SONAR_TOKEN
-# (On SonarCloud, click on your avatar on top-right > My account > Security
+# (On SonarCloud, click on your avatar on top-right > My account > Security
# or go directly to https://sonarcloud.io/account/security/)
# Feel free to take a look at our documentation (https://docs.sonarcloud.io/getting-started/github/)
@@ -41,9 +41,9 @@ permissions:
jobs:
Analysis:
runs-on: ubuntu-latest
-
+
steps:
- - name: Analyze with SonarCloud
+ - name: Analyze with SonarCloud
# You can pin the exact commit or the version.
# uses: SonarSource/sonarcloud-github-action@de2e56b42aa84d0b1c5b622644ac17e505c9a049
@@ -53,7 +53,7 @@ jobs:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # Generate a token on Sonarcloud.io, add it to the secrets of this repo with the name SONAR_TOKEN (Settings > Secrets > Actions > add new repository secret)
with:
# Additional arguments for the sonarcloud scanner
- args:
+ args:
# Unique keys of your project and organization. You can find them in SonarCloud > Information (bottom-left menu)
# mandatory
-Dsonar.projectKey=
@@ -65,4 +65,4 @@ jobs:
# Comma-separated paths to directories containing test source files.
#-Dsonar.tests= # optional. For more info about Code Coverage, please refer to https://docs.sonarcloud.io/enriching/test-coverage/overview/
# Adds more detail to both client and server-side analysis logs, activating DEBUG mode for the scanner, and adding client-side environment variables and system properties to the server-side log of analysis report processing.
- #-Dsonar.verbose= # optional, default is false
+ #-Dsonar.verbose= # optional, default is false
diff --git a/code-scanning/soos-dast-scan.yml b/code-scanning/soos-dast-scan.yml
index 95dfd673cb..2ab3d4c9b1 100644
--- a/code-scanning/soos-dast-scan.yml
+++ b/code-scanning/soos-dast-scan.yml
@@ -12,7 +12,7 @@
#
# 2. Navigate to the "Integrate" page in the SOOS app (https://app.soos.io/integrate). Note the "API Credentials" section of this page; the keys you will need for the next step are here.
#
-# 3. Set up your SOOS API Key and SOOS Client Id as Github Secrets named SOOS_API_KEY and SOOS_CLIENT_ID.
+# 3. Set up your SOOS API Key and SOOS Client Id as Github Secrets named SOOS_API_KEY and SOOS_CLIENT_ID.
#
# 4. (Optional) If you'd like to upload SARIF results of DAST scans to GitHub, set SOOS_GITHUB_PAT with your Github Personal Access Token.
#
@@ -29,7 +29,7 @@ jobs:
soos:
permissions:
security-events: write # for uploading code scanning alert info
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: SOOS DAST Scan
runs-on: ubuntu-latest
steps:
diff --git a/code-scanning/synopsys-io.yml b/code-scanning/synopsys-io.yml
index c32334c643..61169e2c67 100644
--- a/code-scanning/synopsys-io.yml
+++ b/code-scanning/synopsys-io.yml
@@ -22,11 +22,11 @@ jobs:
actions: read
contents: read
security-events: write
-
+
steps:
- name: Checkout repository
uses: actions/checkout@v3
-
+
- name: Synopsys Intelligent Security Scan
id: prescription
uses: synopsys-sig/intelligent-security-scan@48eedfcd42bc342a294dc495ac452797b2d9ff08
@@ -36,7 +36,7 @@ jobs:
workflowServerUrl: ${{secrets.WORKFLOW_SERVER_URL}}
additionalWorkflowArgs: --polaris.url=${{secrets.POLARIS_SERVER_URL}} --polaris.token=${{secrets.POLARIS_ACCESS_TOKEN}}
stage: "IO"
-
+
# Please note that the ID in previous step was set to prescription
# in order for this logic to work also make sure that POLARIS_ACCESS_TOKEN
# is defined in settings
@@ -48,7 +48,7 @@ jobs:
wget -q ${{ secrets.POLARIS_SERVER_URL}}/api/tools/polaris_cli-linux64.zip
unzip -j polaris_cli-linux64.zip -d /tmp
/tmp/polaris analyze -w
-
+
# Please note that the ID in previous step was set to prescription
# in order for this logic to work
- name: Software Composition Analysis with Black Duck
@@ -56,7 +56,7 @@ jobs:
uses: blackducksoftware/github-action@9ea442b34409737f64743781e9adc71fd8e17d38
with:
args: '--blackduck.url="${{ secrets.BLACKDUCK_URL}}" --blackduck.api.token="${{ secrets.BLACKDUCK_TOKEN}}" --detect.tools="SIGNATURE_SCAN,DETECTOR"'
-
+
- name: Synopsys Intelligent Security Scan
if: ${{ steps.prescription.outputs.sastScan == 'true' || steps.prescription.outputs.scaScan == 'true' }}
uses: synopsys-sig/intelligent-security-scan@48eedfcd42bc342a294dc495ac452797b2d9ff08
@@ -64,11 +64,11 @@ jobs:
ioServerUrl: ${{secrets.IO_SERVER_URL}}
ioServerToken: ${{secrets.IO_SERVER_TOKEN}}
workflowServerUrl: ${{secrets.WORKFLOW_SERVER_URL}}
- additionalWorkflowArgs: --IS_SAST_ENABLED=${{steps.prescription.outputs.sastScan}} --IS_SCA_ENABLED=${{steps.prescription.outputs.scaScan}}
- --polaris.project.name={{PROJECT_NAME}} --polaris.url=${{secrets.POLARIS_SERVER_URL}} --polaris.token=${{secrets.POLARIS_ACCESS_TOKEN}}
+ additionalWorkflowArgs: --IS_SAST_ENABLED=${{steps.prescription.outputs.sastScan}} --IS_SCA_ENABLED=${{steps.prescription.outputs.scaScan}}
+ --polaris.project.name={{PROJECT_NAME}} --polaris.url=${{secrets.POLARIS_SERVER_URL}} --polaris.token=${{secrets.POLARIS_ACCESS_TOKEN}}
--blackduck.project.name={{PROJECT_NAME}}:{{PROJECT_VERSION}} --blackduck.url=${{secrets.BLACKDUCK_URL}} --blackduck.api.token=${{secrets.BLACKDUCK_TOKEN}}
stage: "WORKFLOW"
-
+
- name: Upload SARIF file
if: ${{steps.prescription.outputs.sastScan == 'true' }}
uses: github/codeql-action/upload-sarif@v2
diff --git a/code-scanning/sysdig-scan.yml b/code-scanning/sysdig-scan.yml
index f9b61b9c80..8c13a4bd1e 100644
--- a/code-scanning/sysdig-scan.yml
+++ b/code-scanning/sysdig-scan.yml
@@ -24,7 +24,7 @@ jobs:
checks: write # for sysdiglabs/scan-action to publish the checks
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
@@ -39,7 +39,7 @@ jobs:
id: scan
uses: sysdiglabs/scan-action@768d7626a14897e0948ea89c8437dd46a814b163
with:
- # Tag of the image to analyse.
+ # Tag of the image to analyse.
# Change ${{ github.repository }} variable by another image name if you want but don't forget changing also image-tag above
image-tag: ${{ github.repository }}:latest
# API token for Sysdig Scanning auth
@@ -47,7 +47,7 @@ jobs:
# Sysdig secure endpoint. Please read: https://docs.sysdig.com/en/docs/administration/saas-regions-and-ip-ranges/
# US-East https://secure.sysdig.com
# US-West https://us2.app.sysdig.com
- # EU https://eu1.app.sysdig.com
+ # EU https://eu1.app.sysdig.com
sysdig-secure-url: https://us2.app.sysdig.com
dockerfile-path: ./Dockerfile
input-type: docker-daemon
diff --git a/code-scanning/tfsec.yml b/code-scanning/tfsec.yml
index 77f81566ba..48ee4d2243 100644
--- a/code-scanning/tfsec.yml
+++ b/code-scanning/tfsec.yml
@@ -9,7 +9,7 @@ on:
push:
branches: [ $default-branch, $protected-branches ]
pull_request:
- branches: [ $default-branch ]
+ branches: [ $default-branch ]
schedule:
- cron: $cron-weekly
@@ -29,10 +29,10 @@ jobs:
- name: Run tfsec
uses: aquasecurity/tfsec-sarif-action@9a83b5c3524f825c020e356335855741fd02745f
with:
- sarif_file: tfsec.sarif
+ sarif_file: tfsec.sarif
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
with:
# Path to SARIF file relative to the root of the repository
- sarif_file: tfsec.sarif
+ sarif_file: tfsec.sarif
diff --git a/code-scanning/trivy.yml b/code-scanning/trivy.yml
index f56d9e5b98..4a8fe41ed7 100644
--- a/code-scanning/trivy.yml
+++ b/code-scanning/trivy.yml
@@ -22,7 +22,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
name: Build
runs-on: "ubuntu-18.04"
steps:
diff --git a/code-scanning/veracode.yml b/code-scanning/veracode.yml
index 89d35df251..04fc8146e6 100644
--- a/code-scanning/veracode.yml
+++ b/code-scanning/veracode.yml
@@ -27,7 +27,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
diff --git a/code-scanning/xanitizer.yml b/code-scanning/xanitizer.yml
index 5724a977d3..8fd5c7b497 100644
--- a/code-scanning/xanitizer.yml
+++ b/code-scanning/xanitizer.yml
@@ -51,7 +51,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
diff --git a/code-scanning/zscan.yml b/code-scanning/zscan.yml
index 1ac6bbdde3..7f035f53ec 100644
--- a/code-scanning/zscan.yml
+++ b/code-scanning/zscan.yml
@@ -3,16 +3,16 @@
# separate terms of service, privacy policy, and support
# documentation.
#
-# The zimperium-zscan GitHub action scans your mobile app binary (iOS or Android)
+# The zimperium-zscan GitHub action scans your mobile app binary (iOS or Android)
# and identifies security, privacy, and compliance-related vulnerabilities.
#
# Prerequisites:
# * An active Zimperium zScan account is required. If you are not an existing Zimperium
# zScan customer, please request a zSCAN demo by visiting https://www.zimperium.com/contact-us.
-# * Either GitHub Advanced Security (GHAS) or a public repository is required to display
+# * Either GitHub Advanced Security (GHAS) or a public repository is required to display
# issues and view the remediation information inside of GitHub code scanning alerts.
#
-# For additional information and setup instructions
+# For additional information and setup instructions
# please visit: https://github.com/Zimperium/zScanMarketplace#readme
name: "Zimperium zScan"
@@ -33,7 +33,7 @@ jobs:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
- actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+ actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
steps:
- name: Checkout repository
uses: actions/checkout@v3
@@ -58,4 +58,3 @@ jobs:
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: Zimperium.sarif
-
\ No newline at end of file
diff --git a/deployments/alibabacloud.yml b/deployments/alibabacloud.yml
index 9853b75bd0..96d5d3865d 100644
--- a/deployments/alibabacloud.yml
+++ b/deployments/alibabacloud.yml
@@ -3,7 +3,7 @@
#
# To use this workflow, you will need to complete the following set-up steps:
#
-# 1. Create an ACR repository to store your container images.
+# 1. Create an ACR repository to store your container images.
# You can use ACR EE instance for more security and better performance.
# For instructions see https://www.alibabacloud.com/help/doc-detail/142168.htm
#
@@ -14,7 +14,7 @@
# 3. Store your AccessKey pair in GitHub Actions secrets named `ACCESS_KEY_ID` and `ACCESS_KEY_SECRET`.
# For instructions on setting up secrets see: https://developer.github.com/actions/managing-workflows/storing-secrets/
#
-# 4. Change the values for the REGION_ID, REGISTRY, NAMESPACE, IMAGE, ACK_CLUSTER_ID, and ACK_DEPLOYMENT_NAME.
+# 4. Change the values for the REGION_ID, REGISTRY, NAMESPACE, IMAGE, ACK_CLUSTER_ID, and ACK_DEPLOYMENT_NAME.
#
name: Build and Deploy to ACK
@@ -46,12 +46,12 @@ jobs:
build:
runs-on: ubuntu-latest
environment: production
-
+
steps:
- name: Checkout
uses: actions/checkout@v3
-
- # 1.1 Login to ACR
+
+ # 1.1 Login to ACR
- name: Login to ACR with the AccessKey pair
uses: aliyun/acr-login@v1
with:
@@ -59,13 +59,13 @@ jobs:
access-key-id: "${{ secrets.ACCESS_KEY_ID }}"
access-key-secret: "${{ secrets.ACCESS_KEY_SECRET }}"
- # 1.2 Buid and push image to ACR
- - name: Build and push image to ACR
+ # 1.2 Buid and push image to ACR
+ - name: Build and push image to ACR
run: |
- docker build --tag "$REGISTRY/$NAMESPACE/$IMAGE:$TAG" .
- docker push "$REGISTRY/$NAMESPACE/$IMAGE:$TAG"
-
- # 1.3 Scan image in ACR
+ docker build --tag "$REGISTRY/$NAMESPACE/$IMAGE:$TAG" .
+ docker push "$REGISTRY/$NAMESPACE/$IMAGE:$TAG"
+
+ # 1.3 Scan image in ACR
- name: Scan image in ACR
uses: aliyun/acr-scan@v1
with:
@@ -75,7 +75,7 @@ jobs:
repository: "${{ env.NAMESPACE }}/${{ env.IMAGE }}"
tag: "${{ env.TAG }}"
- # 2.1 (Optional) Login to ACR EE
+ # 2.1 (Optional) Login to ACR EE
- uses: actions/checkout@v3
- name: Login to ACR EE with the AccessKey pair
uses: aliyun/acr-login@v1
@@ -86,12 +86,12 @@ jobs:
access-key-secret: "${{ secrets.ACCESS_KEY_SECRET }}"
instance-id: "${{ env.ACR_EE_INSTANCE_ID }}"
- # 2.2 (Optional) Build and push image ACR EE
- - name: Build and push image to ACR EE
+ # 2.2 (Optional) Build and push image ACR EE
+ - name: Build and push image to ACR EE
run: |
docker build -t "$ACR_EE_REGISTRY/$ACR_EE_NAMESPACE/$ACR_EE_IMAGE:$TAG" .
docker push "$ACR_EE_REGISTRY/$ACR_EE_NAMESPACE/$ACR_EE_IMAGE:$TAG"
- # 2.3 (Optional) Scan image in ACR EE
+ # 2.3 (Optional) Scan image in ACR EE
- name: Scan image in ACR EE
uses: aliyun/acr-scan@v1
with:
@@ -102,7 +102,7 @@ jobs:
repository: "${{ env.ACR_EE_NAMESPACE}}/${{ env.ACR_EE_IMAGE }}"
tag: "${{ env.ACR_EE_TAG }}"
- # 3.1 Set ACK context
+ # 3.1 Set ACK context
- name: Set K8s context
uses: aliyun/ack-set-context@v1
with:
diff --git a/deployments/azure-container-webapp.yml b/deployments/azure-container-webapp.yml
index cc2e1ddd56..4d98340739 100644
--- a/deployments/azure-container-webapp.yml
+++ b/deployments/azure-container-webapp.yml
@@ -11,7 +11,7 @@
# 2. Create a secret in your repository named AZURE_WEBAPP_PUBLISH_PROFILE, paste the publish profile contents as the value of the secret.
# For instructions on obtaining the publish profile see: https://docs.microsoft.com/azure/app-service/deploy-github-actions#configure-the-github-secret
#
-# 3. Create a GitHub Personal access token with "repo" and "read:packages" permissions.
+# 3. Create a GitHub Personal access token with "repo" and "read:packages" permissions.
#
# 4. Create three app settings on your Azure Web app:
# DOCKER_REGISTRY_SERVER_URL: Set this to "https://ghcr.io"
diff --git a/deployments/azure-webapps-dotnet-core.yml b/deployments/azure-webapps-dotnet-core.yml
index 9b2189554d..005aef2d7e 100644
--- a/deployments/azure-webapps-dotnet-core.yml
+++ b/deployments/azure-webapps-dotnet-core.yml
@@ -43,7 +43,7 @@ jobs:
uses: actions/setup-dotnet@v2
with:
dotnet-version: ${{ env.DOTNET_VERSION }}
-
+
- name: Set up dependency caching for faster builds
uses: actions/cache@v3
with:
diff --git a/deployments/azure-webapps-java-jar.yml b/deployments/azure-webapps-java-jar.yml
index 60fa68c188..c29d871aa4 100644
--- a/deployments/azure-webapps-java-jar.yml
+++ b/deployments/azure-webapps-java-jar.yml
@@ -63,7 +63,7 @@ jobs:
environment:
name: 'Development'
url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
-
+
steps:
- name: Download artifact from build job
uses: actions/download-artifact@v3
diff --git a/deployments/azure-webapps-node.yml b/deployments/azure-webapps-node.yml
index 98e72c2c02..c72b1beff0 100644
--- a/deployments/azure-webapps-node.yml
+++ b/deployments/azure-webapps-node.yml
@@ -70,7 +70,7 @@ jobs:
name: node-app
- name: 'Deploy to Azure WebApp'
- id: deploy-to-webapp
+ id: deploy-to-webapp
uses: azure/webapps-deploy@v2
with:
app-name: ${{ env.AZURE_WEBAPP_NAME }}
diff --git a/deployments/azure-webapps-python.yml b/deployments/azure-webapps-python.yml
index d7aa802532..0ce3ce9b8a 100644
--- a/deployments/azure-webapps-python.yml
+++ b/deployments/azure-webapps-python.yml
@@ -51,15 +51,15 @@ jobs:
- name: Install dependencies
run: pip install -r requirements.txt
-
+
# Optional: Add step to run tests here (PyTest, Django test suites, etc.)
-
+
- name: Upload artifact for deployment jobs
uses: actions/upload-artifact@v3
with:
name: python-app
path: |
- .
+ .
!venv/
deploy:
@@ -77,7 +77,7 @@ jobs:
with:
name: python-app
path: .
-
+
- name: 'Deploy to Azure Web App'
id: deploy-to-webapp
uses: azure/webapps-deploy@v2
diff --git a/deployments/tencent.yml b/deployments/tencent.yml
index ba65fe52af..3d228548a8 100644
--- a/deployments/tencent.yml
+++ b/deployments/tencent.yml
@@ -2,12 +2,12 @@
#
# To configure this workflow:
#
-# 1. Ensure that your repository contains the necessary configuration for your Tencent Kubernetes Engine cluster,
+# 1. Ensure that your repository contains the necessary configuration for your Tencent Kubernetes Engine cluster,
# including deployment.yml, kustomization.yml, service.yml, etc.
#
-# 2. Set up secrets in your workspace:
+# 2. Set up secrets in your workspace:
# - TENCENT_CLOUD_SECRET_ID with Tencent Cloud secret id
-# - TENCENT_CLOUD_SECRET_KEY with Tencent Cloud secret key
+# - TENCENT_CLOUD_SECRET_KEY with Tencent Cloud secret key
# - TENCENT_CLOUD_ACCOUNT_ID with Tencent Cloud account id
# - TKE_REGISTRY_PASSWORD with TKE registry password
#
@@ -38,10 +38,10 @@ jobs:
- name: Checkout
uses: actions/checkout@v3
-
+
# Build
- name: Build Docker image
- run: |
+ run: |
docker build -t ${TKE_IMAGE_URL}:${GITHUB_SHA} .
- name: Login TKE Registry
@@ -65,7 +65,7 @@ jobs:
secret_key: ${{ secrets.TENCENT_CLOUD_SECRET_KEY }}
tke_region: ${{ env.TKE_REGION }}
cluster_id: ${{ env.TKE_CLUSTER_ID }}
-
+
- name: Switch to TKE context
run: |
kubectl config use-context ${TKE_CLUSTER_ID}-context-default