Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updated scripts #119

Merged
merged 6 commits into from
Jan 29, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/actions/sarif/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ runs:
- if: inputs.REPO_VISIBILITY == 'public' && env.SARIF_HASH != ''
name: "Upload SARIF file for diagnostics"
id: sarif
uses: github/codeql-action/upload-sarif@v2
uses: github/codeql-action/upload-sarif@v3
continue-on-error: true
with:
sarif_file: ${{github.workspace}}/results
Expand Down
20 changes: 12 additions & 8 deletions .github/actions/sbom/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,12 @@ runs:
format: spdx-json
output-file: "${{ github.event.repository.name }}-sbom.spdx.json"

- name: "Create SBOM"
shell: bash
run: |
echo "Output ${{ github.event.repository.name }}-sbom.spdx.json"
ls "${{ github.event.repository.name }}-sbom.spdx.json"

- name: "Scan SBOM (public Repo)"
if: inputs.REPO_VISIBILITY == 'public'
uses: anchore/scan-action@v3
Expand All @@ -28,29 +34,27 @@ runs:
sbom: "${{ github.event.repository.name }}-sbom.spdx.json"
fail-build: false
output-format: sarif
severity-cutoff: medium
only-fixed: true
add-cpes-if-none: false
by-cve: false

- name: "Copy SBOM to sarif (public Repo)"
if: |-
inputs.REPO_VISIBILITY == 'public' &&
steps.sbom.outputs.sarif != ''
inputs.REPO_VISIBILITY == 'public' &&
steps.sbom.outputs.sarif != ''
shell: bash
run: |
echo "SBOM: ${{ steps.scan.outputs.sarif }}"
cp "${{ steps.scan.outputs.sarif }}" "${{ github.workspace }}/results/${{ github.event.repository.name }}-sbom.sarif"
cat "${{ steps.scan.outputs.sarif }}"
echo "SBOM: ${{ steps.sbom.outputs.sarif }}"
cp "${{ steps.sbom.outputs.sarif }}" "${{ github.workspace }}/results/${{ github.event.repository.name }}-sbom.sarif"
cat "${{ steps.sbom.outputs.sarif }}"

- name: "Scan SBOM (private repo)"
if: inputs.REPO_VISIBILITY == 'private'
uses: anchore/scan-action@v3
if: always()
with:
sbom: "${{ github.event.repository.name }}-sbom.spdx.json"
fail-build: false
output-format: table
severity-cutoff: medium
only-fixed: true
add-cpes-if-none: false
by-cve: false
72 changes: 2 additions & 70 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
version: 2
updates:


- package-ecosystem: nuget
- package-ecosystem: github-actions
directory: "/"
schedule:
interval: daily
Expand All @@ -15,76 +13,10 @@ updates:
- credfeto
allow:
- dependency-type: all
ignore:
- dependency-name: "AWSSDK.*"
- dependency-name: "codecracker.CSharp"
- dependency-name: "Coverlet.*"
- dependency-name: "Credfeto.*"
- dependency-name: "FunFair.*"
- dependency-name: "Mediator.*"
- dependency-name: "Microsoft.AspNetCore.*"
- dependency-name: "Microsoft.CodeAnalysis.*"
- dependency-name: "Microsoft.Extensions.*"
- dependency-name: "NuGet.*"
- dependency-name: "Serilog.*"
- dependency-name: "Swashbuckle.*"
- dependency-name: "AsyncFixer"
- dependency-name: "BenchmarkDotNet"
- dependency-name: "BenchmarkDotNet.Diagnostics.dotTrace"
- dependency-name: "Castle.Core"
- dependency-name: "Cryptography.ECDSA.Secp256K1"
- dependency-name: "Dapper"
- dependency-name: "DisableDateTimeNow"
- dependency-name: "Discord.Net"
- dependency-name: "dotnetstandard-bip39"
- dependency-name: "FluentValidation"
- dependency-name: "FluentValidation.AspNetCore"
- dependency-name: "HexMate"
- dependency-name: "HtmlAgilityPack"
- dependency-name: "IPAddressRange"
- dependency-name: "Jetbrains.Annotations"
- dependency-name: "LibGit2Sharp"
- dependency-name: "Meziantou.Analyzer"
- dependency-name: "Meziantou.Framework.InlineSnapshotTesting"
- dependency-name: "MaxMind.GeoIP2"
- dependency-name: "MaxMind.MinFraud"
- dependency-name: "Microsoft.ApplicationInsights.AspNetCore"
- dependency-name: "Microsoft.NET.Test.Sdk"
- dependency-name: "Microsoft.VisualStudio.Threading.Analyzers"
- dependency-name: "MSBuild.Sdk.SqlProj"
- dependency-name: "NBitcoin"
- dependency-name: "Newtonsoft.Json"
- dependency-name: "NonBlocking"
- dependency-name: "Npgsql"
- dependency-name: "NSubstitute"
- dependency-name: "NSubstitute.Analyzers.CSharp"
- dependency-name: "Nullable.Extended.Analyzer"
- dependency-name: "Octopus.Client"
- dependency-name: "Philips.CodeAnalysis.DuplicateCodeAnalyzer"
- dependency-name: "Philips.CodeAnalysis.MaintainabilityAnalyzers"
- dependency-name: "Polly"
- dependency-name: "Portable.BouncyCastle"
- dependency-name: "Profanity.Detector"
- dependency-name: "Roslynator.Analyzers"
- dependency-name: "ScottPlot"
- dependency-name: "SecurityCodeScan.*"
- dependency-name: "SmartAnalyzers.CSharpExtensions.Annotations"
- dependency-name: "SonarAnalyzer.CSharp"
- dependency-name: "SourceLink.Create.CommandLine"
- dependency-name: "System.Data.SqlClient"
- dependency-name: "TeamCity.VSTest.TestAdapter"
- dependency-name: "ToStringWithoutOverrideAnalyzer"
- dependency-name: "TwitchLib.Api"
- dependency-name: "UAParser"
- dependency-name: "xunit"
- dependency-name: "xunit.analyzers"
- dependency-name: "xunit.runner.visualstudio"
- dependency-name: "Yoti"
commit-message:
prefix: "[Dependencies]"
rebase-strategy: "auto"
labels:
- "dotnet"
- "github-actions"
- "dependencies"
- "Changelog Not Required"

65 changes: 30 additions & 35 deletions .github/labeler.yml
Original file line number Diff line number Diff line change
@@ -1,48 +1,43 @@
"C#":
- any: [ './**/*.cs', './**/*.csproj' ]
"C# Project":
- any: [ './**/*.csproj' ]
"C# Solution":
- any: [ './**/*.sln' ]
"Powershell":
- any: [ './**/*.ps1', './**/*.psm1' ]
- src/**/*.cs
- src/**/*.csproj

"SQL":
- any: [ 'db/**/*', './**/*.sql' ]
- db/**/*
- tools/**/*.sql

"Solidity":
- any: [ './**/*.sol' ]
- src/**/*.sol

"unit-tests":
- any: [ 'src/*.Tests.*/**/*', 'src/*.Tests/**/*', 'src/*.Tests.Integration.*/**/*', 'src/*.Tests.Integration/**/*' ]
- src/*.Tests.*/**/*
- src/*.Tests.Integration.*/**/*
- src/*.Tests/**/*
- src/*.Tests.Integration/**/*

".NET update":
- any: [ 'src/global.json' ]
- src/global.json

"Config Change":
- any: [ 'src/**/*.json', '!src/global.json' ]
- src/**/*.json

"Static Code Analysis Rules":
- any: [ 'src/CodeAnalysis.ruleset' ]
- src/CodeAnalysis.ruleset

"Migration Script":
- any: [ 'tools/MigrationScripts/**/*' ]
- tools/MigrationScripts/**/*

"Legal Text":
- any: [ 'tools/LegalText/**/*' ]
- tools/LegalText/**/*

"Change Log":
- any: [ 'CHANGELOG.md' ]
- CHANGELOG.md

"Read Me":
- any: [ 'README.md' ]
- README.md

"Setup":
- any: [ 'SETUP.md' ]
"Markdown":
- any: [ './**/*.md' ]
- SETUP.md

"github-actions":
- any: [ '.github/workflows/*.yml' ]
"FunFair.BuildVersion":
- any: [ 'src/FunFair.BuildVersion/**/*' ]
"Detection":
- any: [ 'src/FunFair.BuildVersion.Detection/**/*' ]
"Detection.Tests":
- any: [ 'src/FunFair.BuildVersion.Detection.Tests/**/*' ]
"Interfaces":
- any: [ 'src/FunFair.BuildVersion.Interfaces/**/*' ]
"Publishers":
- any: [ 'src/FunFair.BuildVersion.Publishers/**/*' ]
"Publishers.Tests":
- any: [ 'src/FunFair.BuildVersion.Publishers.Tests/**/*' ]
"prepublish":
- any: [ 'src/prepublish/**/*' ]
- ".github/workflows/*.yml"
147 changes: 4 additions & 143 deletions .github/labels.yml
Original file line number Diff line number Diff line change
@@ -1,144 +1,5 @@
- name: "C#"
color: "db6baa"
description: "C# Source Files"

- name: "C# Project"
color: "db6baa"
description: "C# Project Files"

- name: "C# Solution"
color: "db6baa"
description: "C# Solutions"

- name: "Powershell"
color: "23bc12"
description: "Powershell Source Files"

- name: "SQL"
color: "413cd1"
description: "SQL Source Files"

- name: "Solidity"
color: "413cd1"
description: "Solidity Source Files"

- name: "unit-tests"
color: "0e8a16"
description: "Unit test and integration test projects"

- name: ".NET update"
color: "a870c9"
description: "Update to .net global.json"

- name: "Config Change"
color: "d8bb50"
description: "Configuration files changes"

- name: "Static Code Analysis Rules"
color: "00dead"
description: "Ruleset for static code analysis files"

- name: "Migration Script"
color: "b680e5"
description: "SQL Migration scripts"

- name: "Legal Text"
color: "facef0"
description: "Legal text files"

- name: "Change Log"
color: "53fcd4"
description: "Changelog tracking file"

- name: "Read Me"
color: "5319e7"
description: "Repository readme file"

- name: "Setup"
color: "5319e7"
description: "Setup instructions"

- name: "Markdown"
color: "5319e7"
description: "Markdown files"

- name: "github-actions"
color: "e09cf4"
description: "Github actions workflow files"

- name: "Tech Debt"
color: "30027a"
description: "Technical debt"

- name: "auto-pr"
color: "0000aa"
description: "Pull request created automatically"

- name: "no-pr-activity"
color: "ffff00"
description: "Pull Request has had no activity for a long time"

- name: "!!! WAITING FOR CLIENT PR"
color: "ffff00"
description: "Pull request needs a client pull request to be merged at the same time"

- name: "!!! WAITING FOR WALLET PR"
color: "ffff00"
description: "Pull request needs a wallet pull request to be merged at the same time"

- name: "!!! WAITING FOR SERVER PR"
color: "ffff00"
description: "Pull request needs a server pull request to be merged at the same time"

- name: "!!! WAITING FOR QA SIGNOFF"
color: "ffff00"
description: "Pull request needs a QA Signoff before it can be merged"

- name: "!!! WAITING FOR ETHEREUM PR"
color: "ffff00"
description: "Pull request needs a server ethereum pull request to be merged at the same time"

- name: "dependencies"
color: "0366d6"
description: "Updates to dependencies"

- name: "dotnet"
color: "db6baa"
description: "Dotnet package updates"

- name: "npm"
color: "e99695"
description: "npm package upate"

- name: "DO NOT MERGE"
color: "ff0000"
description: "This pull request should not be merged yey"

- name: "FunFair.BuildVersion"
color: "96f7d2"
description: "Changes in FunFair.BuildVersion project"

- name: "Detection"
color: "96f7d2"
description: "Changes in FunFair.BuildVersion.Detection project"

- name: "Detection.Tests"
color: "0e8a16"
description: "Changes in FunFair.BuildVersion.Detection.Tests project"

- name: "Interfaces"
color: "96f7d2"
description: "Changes in FunFair.BuildVersion.Interfaces project"

- name: "Publishers"
color: "96f7d2"
description: "Changes in FunFair.BuildVersion.Publishers project"

- name: "Publishers.Tests"
color: "0e8a16"
description: "Changes in FunFair.BuildVersion.Publishers.Tests project"

- name: "prepublish"
color: "96f7d2"
description: "Changes in prepublish project"
"Config Change":
- any: [ 'src/**/*.json', '!src/global.json' ]

"Github Actions":
- any: [ '.github/workflows/*.yml' ]
1 change: 1 addition & 0 deletions .github/workflows/build-and-publish-pre-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ on:
- '.github/actions/dotnet-publish/action.yml'
- '.github/actions/npm/action.yml'
- '.github/actions/nuget/action.yml'
- '.github/actions/sbom/action.yml'
- '.github/actions/sql/action.yml'
- '.github/actions/sarif/action.yml'
- '.github/workflows/build-and-publish-pre-release.yml'
Expand Down
Loading