From 05d29231c83a0e6f02ad89da0e20bf3663015729 Mon Sep 17 00:00:00 2001 From: JCGuerrero Date: Sat, 23 Aug 2025 10:25:21 -0500 Subject: [PATCH 1/5] f --- .github/workflows/always.yml | 6 +++++- .github/workflows/test_actions__scan-image.yml | 5 +++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/.github/workflows/always.yml b/.github/workflows/always.yml index ee15bdf..0192f9b 100644 --- a/.github/workflows/always.yml +++ b/.github/workflows/always.yml @@ -1,10 +1,14 @@ name: "[C]ontinuous [I]ntegration" + on: push: workflow_dispatch: # Allows you to run this workflow manually from the Actions tab +permissions: + contents: read + jobs: lint: - uses: percebus/github-actions-npm/.github/workflows/npm_run_script.yml@main + uses: percebus/github-actions-npm/.github/workflows/run_script.yml@main with: script: lint diff --git a/.github/workflows/test_actions__scan-image.yml b/.github/workflows/test_actions__scan-image.yml index 9cc9764..82ed58c 100644 --- a/.github/workflows/test_actions__scan-image.yml +++ b/.github/workflows/test_actions__scan-image.yml @@ -1,8 +1,13 @@ name: Test actions/scan-image + on: push: workflow_dispatch: # Allows you to run this workflow manually from the Actions tab +concurrency: + group: ${{ github.ref }}-${{ github.workflow }} + cancel-in-progress: true + # NOTE: Fixes "Error: Resource not accessible by integration" permissions: contents: read From 61072fafa7356e82aba0546a704b5eba2b96e42f Mon Sep 17 00:00:00 2001 From: JCGuerrero Date: Sat, 23 Aug 2025 10:26:40 -0500 Subject: [PATCH 2/5] PR --- .github/workflows/pull_request.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 .github/workflows/pull_request.yml diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml new file mode 100644 index 0000000..b6e2b8e --- /dev/null +++ b/.github/workflows/pull_request.yml @@ -0,0 +1,17 @@ +name: Pull Request + +# "This run was triggered by the "push" event, which is unsupported. +# Please ensure you are using the "pull_request" event for this workflow." +on: + pull_request: + +concurrency: + group: ${{ github.ref }}-${{ github.workflow }} + cancel-in-progress: true + +jobs: + audit: + uses: percebus/github-actions-npm/.github/workflows/dependency-review.yml@main + permissions: + contents: read + pull-requests: read From 4c414803a5edbb2ea7982be73b202be84a9630c2 Mon Sep 17 00:00:00 2001 From: JCGuerrero Date: Sat, 23 Aug 2025 10:28:47 -0500 Subject: [PATCH 3/5] f --- .../actions/scan-image/LICENSE | 2 +- .github/workflows/LICENSE | 26 +++++++++++++++++++ LICENSE | 26 +++++++++++++++++++ README.md | 5 ++-- package.json | 8 +++--- 5 files changed, 60 insertions(+), 7 deletions(-) rename LICENSE.md => .github/actions/scan-image/LICENSE (98%) create mode 100644 .github/workflows/LICENSE create mode 100644 LICENSE diff --git a/LICENSE.md b/.github/actions/scan-image/LICENSE similarity index 98% rename from LICENSE.md rename to .github/actions/scan-image/LICENSE index f5f68e3..e885c59 100644 --- a/LICENSE.md +++ b/.github/actions/scan-image/LICENSE @@ -1,4 +1,4 @@ -# The UnLicense +The UnLicense This is free and unencumbered software released into the public domain. diff --git a/.github/workflows/LICENSE b/.github/workflows/LICENSE new file mode 100644 index 0000000..e885c59 --- /dev/null +++ b/.github/workflows/LICENSE @@ -0,0 +1,26 @@ +The UnLicense + +This is free and unencumbered software released into the public domain. + +Anyone is free to copy, modify, publish, use, compile, sell, or +distribute this software, either in source code form or as a compiled +binary, for any purpose, commercial or non-commercial, and by any +means. + +In jurisdictions that recognize copyright laws, the author or authors +of this software dedicate any and all copyright interest in the +software to the public domain. We make this dedication for the benefit +of the public at large and to the detriment of our heirs and +successors. We intend this dedication to be an overt act of +relinquishment in perpetuity of all present and future rights to this +software under copyright law. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. + +For more information, please refer to diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..e885c59 --- /dev/null +++ b/LICENSE @@ -0,0 +1,26 @@ +The UnLicense + +This is free and unencumbered software released into the public domain. + +Anyone is free to copy, modify, publish, use, compile, sell, or +distribute this software, either in source code form or as a compiled +binary, for any purpose, commercial or non-commercial, and by any +means. + +In jurisdictions that recognize copyright laws, the author or authors +of this software dedicate any and all copyright interest in the +software to the public domain. We make this dedication for the benefit +of the public at large and to the detriment of our heirs and +successors. We intend this dedication to be an overt act of +relinquishment in perpetuity of all present and future rights to this +software under copyright law. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR +OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. + +For more information, please refer to diff --git a/README.md b/README.md index 098633e..135c34f 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,9 @@ # github-actions-containerization -[LICENSE](./LICENSE.md) +[![[C]ontinuous [I]ntegration](https://github.com/percebus/github-actions-containerization/actions/workflows/always.yml/badge.svg)](https://github.com/percebus/github-actions-containerization/actions/workflows/always.yml) [![Pull Request](https://github.com/percebus/github-actions-containerization/actions/workflows/pull_request.yml/badge.svg?event=pull_request)](https://github.com/percebus/github-actions-containerization/actions/workflows/pull_request.yml) + +[`LICENSE`](./LICENSE) -[![[C]ontinuous [I]ntegration](https://github.com/percebus/github-actions-containerization/actions/workflows/always.yml/badge.svg)](https://github.com/percebus/github-actions-containerization/actions/workflows/always.yml) github reusable actions & workflows for containerization diff --git a/package.json b/package.json index cf23b5c..0f095b8 100644 --- a/package.json +++ b/package.json @@ -4,9 +4,9 @@ "description": "github reusable actions and workflows for container images", "main": "index.js", "scripts": { - "prettier": "prettier .", - "prettier:write": "npm run prettier -- --write", - "prettier:check": "npm run prettier -- --check", + "_prettier": "prettier .", + "prettier:write": "npm run _prettier -- --write", + "prettier:check": "npm run _prettier -- --check", "lint": "npm run prettier:check", "style": "npm run prettier:write", "poststyle": "npm run lint", @@ -27,7 +27,7 @@ "image" ], "author": "JCystems", - "license": "SEE LICENSE IN LICENSE.md", + "license": "SEE LICENSE IN LICENSE", "bugs": { "url": "https://github.com/percebus/github-actions-containerization/issues" }, From 58450efb677e89ca30c8bcddf24b619f53d83ef2 Mon Sep 17 00:00:00 2001 From: JCGuerrero Date: Sat, 23 Aug 2025 10:29:14 -0500 Subject: [PATCH 4/5] d --- .github/PULL_REQUEST_TEMPLATE.md | 10 ++++++---- README.md | 1 - 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 8b4cf8b..73d8feb 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,11 +1,13 @@ -# Summary +# Changes -{FIXME} +## Issues + +- #{FIXME} -# Details +## Summary {FIXME} -# Changes in action +## Changes in action {FIXME} diff --git a/README.md b/README.md index 135c34f..a99320c 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,6 @@ [`LICENSE`](./LICENSE) - github reusable actions & workflows for containerization ## GitHub From 10d164bf3043f6e5343624d2ce46fb6ab1f1d982 Mon Sep 17 00:00:00 2001 From: JCGuerrero Date: Sat, 23 Aug 2025 10:33:26 -0500 Subject: [PATCH 5/5] codeQL --- .github/workflows/always.yml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/.github/workflows/always.yml b/.github/workflows/always.yml index 0192f9b..64669d5 100644 --- a/.github/workflows/always.yml +++ b/.github/workflows/always.yml @@ -12,3 +12,29 @@ jobs: uses: percebus/github-actions-npm/.github/workflows/run_script.yml@main with: script: lint + + codeQL: + needs: lint + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: + - actions + + name: "CodeQL: ${{ matrix.language }}" + steps: + - uses: percebus/github-actions-common/.github/actions/checkout@main + + - name: setup CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + + - name: CodeQL + uses: github/codeql-action/analyze@v3