From 1c6980e8b444d4078ee53562e2867ca500111a04 Mon Sep 17 00:00:00 2001 From: joseph-sentry Date: Thu, 23 May 2024 14:46:31 -0400 Subject: [PATCH] testing something --- .github/workflows/codeql-analysis.yml | 69 ---------- .../workflows/enforce-license-compliance.yml | 14 -- .github/workflows/main.yml | 127 +----------------- .github/workflows/scorecards-analysis.yml | 61 --------- 4 files changed, 6 insertions(+), 265 deletions(-) delete mode 100644 .github/workflows/codeql-analysis.yml delete mode 100644 .github/workflows/enforce-license-compliance.yml delete mode 100644 .github/workflows/scorecards-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index 5d13a53..0000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,69 +0,0 @@ - -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -# -# ******** NOTE ******** -# We have attempted to detect the languages in your repository. Please check -# the `language` matrix defined below to confirm you have the correct set of -# supported CodeQL languages. -# -name: "CodeQL" - -on: - push: - branches: [ main ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ main ] - schedule: - - cron: '24 6 * * 5' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'javascript' ] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] - # Learn more about CodeQL language support at https://git.io/codeql-language-support - - steps: - - name: Checkout repository - uses: actions/checkout@v4.1.6 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v3.25.5 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # queries: ./path/to/local/query, your-org/your-repo/queries@main - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v3.25.5 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - - # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - #- run: | - # make bootstrap - # make release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3.25.5 diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml deleted file mode 100644 index 80c04ac..0000000 --- a/.github/workflows/enforce-license-compliance.yml +++ /dev/null @@ -1,14 +0,0 @@ -name: Enforce License Compliance - -on: - pull_request: - branches: [main] - -jobs: - enforce-license-compliance: - runs-on: ubuntu-latest - steps: - - name: 'Enforce License Compliance' - uses: getsentry/action-enforce-license-compliance@57ba820387a1a9315a46115ee276b2968da51f3d # main - with: - fossa_api_key: ${{ secrets.FOSSA_API_KEY }} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 54b38f6..38d5bf3 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -5,126 +5,11 @@ jobs: runs-on: ${{ matrix.os }} strategy: matrix: - os: [macos-latest, windows-latest, ubuntu-latest] + os: [ubuntu-latest] steps: - name: Checkout - uses: actions/checkout@v4.1.6 - - name: Install dependencies - run: npm install - - name: Lint - run: npm run lint - - name: Run tests and collect coverage - run: npm run test - - name: Upload coverage to Codecov (script) - uses: ./ - with: - fail_ci_if_error: true - files: ./coverage/script/coverage-final.json - flags: script,${{ matrix.os }} - name: codecov-script - verbose: true - token: ${{ secrets.CODECOV_TOKEN }} - - name: Upload coverage to Codecov (demo) - uses: ./ - with: - fail_ci_if_error: true - files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json - file: ./coverage/coverage-final.json - flags: demo,${{ matrix.os }} - name: codecov-demo - verbose: true - token: ${{ secrets.CODECOV_TOKEN }} - - name: Upload coverage to Codecov (version) - uses: ./ - with: - fail_ci_if_error: true - files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json - file: ./coverage/coverage-final.json - flags: version,${{ matrix.os }} - name: codecov-version - version: v0.6.0 - verbose: true - token: ${{ secrets.CODECOV_TOKEN }} - - run-macos-latest-xlarge: - if: github.head.repo.full_name == 'codecov/codecov-action' - runs-on: macos-latest-xlarge - steps: - - name: Checkout - uses: actions/checkout@v4.1.6 - - name: Install dependencies - run: npm install - - name: Lint - run: npm run lint - - name: Run tests and collect coverage - run: npm run test - - name: Upload coverage to Codecov (script) - uses: ./ - with: - fail_ci_if_error: true - files: ./coverage/script/coverage-final.json - flags: script,macos-latest-xlarge - name: codecov-script - verbose: true - token: ${{ secrets.CODECOV_TOKEN }} - - name: Upload coverage to Codecov (demo) - uses: ./ - with: - fail_ci_if_error: true - files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json - file: ./coverage/coverage-final.json - flags: demo,macos-latest-xlarge - name: codecov-demo - verbose: true - token: ${{ secrets.CODECOV_TOKEN }} - - name: Upload coverage to Codecov (version) - uses: ./ - with: - fail_ci_if_error: true - files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json - file: ./coverage/coverage-final.json - flags: version,maxos-latest-xlarge - name: codecov-version - version: v0.6.0 - verbose: true - token: ${{ secrets.CODECOV_TOKEN }} - - run-container: - runs-on: ubuntu-latest - container: node:18 - steps: - - name: Checkout - uses: actions/checkout@v4.1.6 - - name: Install dependencies - run: npm install - - name: Lint - run: npm run lint - - name: Run tests and collect coverage - run: npm run test - - name: Upload coverage to Codecov (script) - uses: ./ - with: - files: ./coverage/script/coverage-final.json - flags: script,${{ matrix.os }} - name: codecov-script - verbose: true - token: ${{ secrets.CODECOV_TOKEN }} - - name: Upload coverage to Codecov (demo) - uses: ./ - with: - files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json - file: ./coverage/coverage-final.json - flags: demo,${{ matrix.os }} - name: codecov-demo - verbose: true - token: ${{ secrets.CODECOV_TOKEN }} - - name: Upload coverage to Codecov (version) - uses: ./ - with: - files: ./coverage/calculator/coverage-final.json,./coverage/coverage-test/coverage-final.json - file: ./coverage/coverage-final.json - flags: version,${{ matrix.os }} - name: codecov-version - version: v0.6.0 - verbose: true - token: ${{ secrets.CODECOV_TOKEN }} + uses: actions/checkout@v4.1.4 + - name: install my version of the cli + run: | + echo $GITHUB_HEAD_REF + echo $GITHUB_REF diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml deleted file mode 100644 index ce303b8..0000000 --- a/.github/workflows/scorecards-analysis.yml +++ /dev/null @@ -1,61 +0,0 @@ -name: Scorecards supply-chain security -on: - # Only the default branch is supported. - branch_protection_rule: - schedule: - - cron: '43 20 * * 1' - push: - branches: [ main ] - -# Declare default permissions as read only. -permissions: read-all - -jobs: - analysis: - name: Scorecards analysis - runs-on: ubuntu-latest - permissions: - # Needed to upload the results to code-scanning dashboard. - security-events: write - # Used to receive a badge. (Upcoming feature) - id-token: write - actions: read - contents: read - - steps: - - name: "Checkout code" - uses: actions/checkout@v4.1.6 # v3.0.0 - with: - persist-credentials: false - - - name: "Run analysis" - uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 - with: - results_file: results.sarif - results_format: sarif - # (Optional) Read-only PAT token. Uncomment the `repo_token` line below if: - # - you want to enable the Branch-Protection check on a *public* repository, or - # - you are installing Scorecards on a *private* repository - # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. - # repo_token: ${{ secrets.SCORECARD_READ_TOKEN }} - - # Publish the results for public repositories to enable scorecard badges. For more details, see - # https://github.com/ossf/scorecard-action#publishing-results. - # For private repositories, `publish_results` will automatically be set to `false`, regardless - # of the value entered here. - publish_results: true - - # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF - # format to the repository Actions tab. - - name: "Upload artifact" - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 - with: - name: SARIF file - path: results.sarif - retention-days: 5 - - # Upload the results to GitHub's code scanning dashboard. - - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v3.25.5 # v1.0.26 - with: - sarif_file: results.sarif