CDCgov
Importing JosiahSiegel GHA: [email protected]
./workflows/scan_action_logs.yml: uses: josiahsiegel/runleaks@4dd30d107c03b6ade87978e10c94a77015e488f9 ./workflows/alert_terraform_changes.yml: uses: josiahsiegel/terraform-stats@68b8cbe42c494333fbf6f8d90ac86da1fb69dcc2 ./workflows/deploy_terraform.yml: uses: josiahsiegel/terraform-stats@68b8cbe42c494333fbf6f8d90ac86da1fb69dcc2 ./actions/vpn-azure/action.yml: - uses: josiahsiegel/action-connect-ovpn@794339aff94452216c97f609476c367a43a31295
runleaks (v1.3) -> 4dd30d107c03b6ade87978e10c94a77015e488f9
Initially, @devopsmatt created this story to kick the process for importing these three GitHub Actions. I have now created a single Epic so that we can track these three GHA independently in the event of having to span it across multiple sprints.
Note: This specific Story is focused only in the importing JosiahSiegel GHA "runleaks".
devops: prime-reportstream (importing-gha %) $ git add .github/actions/runleaks ; devops: prime-reportstream (importing-gha +%) $ git commit -m "Importing JosiahSiegel's runleaks GitHub Action" ; [importing-gha 2e5d21958] Importing JosiahSiegel's runleaks GitHub Action 11 files changed, 567 insertions(+) create mode 100644 .github/actions/runleaks/.github/dependabot.yml create mode 100644 .github/actions/runleaks/.github/runleaks/exclusions.txt create mode 100644 .github/actions/runleaks/.github/runleaks/patterns.txt create mode 100644 .github/actions/runleaks/.github/runleaks/patterns_force_failure.txt create mode 100644 .github/actions/runleaks/.github/workflows/main.yml create mode 100644 .github/actions/runleaks/.github/workflows/scan_public.yml create mode 100644 .github/actions/runleaks/Dockerfile create mode 100644 .github/actions/runleaks/LICENSE create mode 100644 .github/actions/runleaks/README.md create mode 100644 .github/actions/runleaks/action.yml create mode 100644 .github/actions/runleaks/lib/scan.sh
This external repo is now inserted in the file structure at: .github/actions/runleaks in the importing-gha branch.
$GITHUB_ENV
env.REPOS
fromJson(needs.pre_job.outputs.repos)
github.event.inputs.repos
github.repository
inputs.exclusions-path
inputs.fail-on-leak
inputs.github-token
inputs.max-days-old
inputs.min-days-old
inputs.patterns-path
inputs.repo
inputs.run-limit
matrix.repo
secrets.GITHUB_TOKEN
secrets.MY_TOKEN
steps.random.outputs.repo
steps.scan.outputs.count
steps.scan.outputs.exceptions
This GitHub Action (targeted to be imported as a remote/external) is no longer in consideration until we can further evaluate if they are worth the effort to be imported at a later stage.
Warning: I have placed it into the "IceBox" stage as it is out of scope for now.
devops: prime-reportstream (devsecops/emvaldes/runleaks) $ import-project.shell ;
Project Configuration (file): josiahsiegel/runleaks
/Users/emvaldes/.local/.github/configs/josiahsiegel/runleaks.json
Vendor Name: JosiahSiegel
Vendor Repository: runleaks
Vendor Version: v1
Vendor Commit: 4dd30d107c03b6ade87978e10c94a77015e488f9
Project Owner: CDCgov
Project Repo: prime-reportstream
GitHub Action: runleaks
Project Author: emvaldes
Content Changes: [
{
"search": "JosiahSiegel/runleaks/actions/",
"replace": "CDCgov/prime-reportstream/.github/actions/runleaks/"
},
{
"search": "JosiahSiegel/runleaks",
"replace": "CDCgov/prime-reportstream/.github/actions/runleaks"
},
{
"search": "v1",
"replace": "4dd30d107c03b6ade87978e10c94a77015e488f9"
},
{
"search": "actions/runleaks/workflows/",
"replace": "workflows/runleaks--"
}
]
total 0
drwxr-xr-x 2 emvaldes staff 64 Jan 8 15:18 .
drwxr-xr-x 31 emvaldes staff 992 Jan 8 15:18 ..
Target branch: devsecops/emvaldes/runleaks
On branch devsecops/emvaldes/runleaks
nothing to commit, working tree clean
Cloning Repository: https://github.com/JosiahSiegel/runleaks.git
Cloning into '.'...
remote: Enumerating objects: 197, done.
remote: Counting objects: 100% (35/35), done.
remote: Compressing objects: 100% (21/21), done.
remote: Total 197 (delta 22), reused 15 (delta 14), pack-reused 162 (from 1)
Receiving objects: 100% (197/197), 49.60 KiB | 597.00 KiB/s, done.
Resolving deltas: 100% (68/68), done.
Warning: Performing GitHub hard-reset.
HEAD is now at 4dd30d1 Merge pull request #11 from JosiahSiegel/update-image
Warning: Listing Git-log summary: ...
* 4dd30d1 (HEAD -> main, tag: v1.3, origin/main, origin/HEAD) Merge pull request #11 from JosiahSiegel/update-image
|\
| * a876678 change docker image
|/
* 50bf152 Merge pull request #10 from JosiahSiegel/dependabot/github_actions/actions/checkout-4
|\
| * c71e35d Bump actions/checkout from 3 to 4
|/
* c47b8e2 (tag: v1.2) Merge pull request #9 from JosiahSiegel/update_details
|\
| * f364265 change leak details
|/
* 743cc26 (tag: v1.1) Merge pull request #8 from JosiahSiegel/JosiahSiegel-patch-1
|\
| * 3966640 Create LICENSE
|/
* 8417e8c Merge pull request #7 from JosiahSiegel/update_workflow
|\
| * 6032f7d update randomrepo version
|/
* 514b0bb Merge pull request #6 from JosiahSiegel/JosiahSiegel-patch-1
|\
| * 7bd9245 Create dependabot.yml
|/
* 567a854 Merge pull request #5 from JosiahSiegel/replace_set_output
|\
| * 36c67c7 update test workflow version
| * f2e3d27 update public repo scan schedule
|/
* cc2b305 (tag: v1.0.1) Merge pull request #4 from JosiahSiegel/local_action_version
|\
| * 8b5894d Merge branch 'main' into local_action_version
| |\
| |/
|/|
* | ca8ed71 Merge pull request #3 from JosiahSiegel/snesm/main
|\ \
| * | a6645be confirm no exceptions for local test
| * | ebfe4cd change apt to apt-get
| * | 81828d5 Merge branch 'main' into main
| |\ \
| |/ /
|/| |
| * | cf0205a add upgrade
| | * 4c916dd update version in local testing
| |/
|/|
* | 3c8f930 Merge pull request #2 from JosiahSiegel/fix_setoutput
|\ \
| |/
|/|
| * bf01172 updated deprecated set-output
|/
* 1ff445e ignore common temp storage credential
* 66c8a49 remove remote branch reference
* 9749624 increase public scan interval
* c67eb4d exclude 88 length string
* 2a2ba19 debug schedule trigger
* 8330526 fix randomrepo action name
* 5c18324 public scan on a schedule
* b81437c (tag: v1) add public scan workflow
* 886a5d4 update example patterns
* 73417d3 checkout external repo
* e61f8e1 update pattern file paths
* 12f752f attach error details
* 8aa7c2a set external configs
* 6b343dc set default repo
* ee50433 scan repo logs action
* 815ad30 Initial commit
On branch devsecops/emvaldes/runleaks
Untracked files:
(use "git add <file>..." to include in what will be committed)
./
nothing added to commit but untracked files present (use "git add" to track)
On branch devsecops/emvaldes/runleaks
Changes to be committed:
(use "git restore --staged <file>..." to unstage)
new file: .gitignore
new file: Dockerfile
new file: LICENSE
new file: README.md
new file: action.yml
new file: lib/scan.sh
Warning: Importing default repository configuration
[devsecops/emvaldes/runleaks 2f9a4498f] Importing JosiahSiegel/runleaks default state.
6 files changed, 378 insertions(+)
create mode 100644 .github/actions/runleaks/.gitignore
create mode 100644 .github/actions/runleaks/Dockerfile
create mode 100644 .github/actions/runleaks/LICENSE
create mode 100644 .github/actions/runleaks/README.md
create mode 100644 .github/actions/runleaks/action.yml
create mode 100644 .github/actions/runleaks/lib/scan.sh
On branch devsecops/emvaldes/runleaks
nothing to commit, working tree clean
total 48
drwxr-xr-x 10 emvaldes staff 320 Jan 8 15:18 .
drwxr-xr-x 31 emvaldes staff 992 Jan 8 15:18 ..
-rw-r--r-- 1 emvaldes staff 26 Jan 8 15:18 .gitignore
-rw-r--r-- 1 emvaldes staff 224 Jan 8 15:18 Dockerfile
-rw-r--r-- 1 emvaldes staff 1070 Jan 8 15:18 LICENSE
-rw-r--r-- 1 emvaldes staff 4572 Jan 8 15:18 README.md
drwxr-xr-x 13 emvaldes staff 416 Jan 8 15:18 _git
drwxr-xr-x 5 emvaldes staff 160 Jan 8 15:18 _github
-rw-r--r-- 1 emvaldes staff 1440 Jan 8 15:18 action.yml
drwxr-xr-x 3 emvaldes staff 96 Jan 8 15:18 lib
Warning: Processing Target-Files ...
Warning: File: ./Dockerfile
Warning: File: ./README.md
On branch devsecops/emvaldes/runleaks
Changes not staged for commit:
(use "git add <file>..." to update what will be committed)
(use "git restore <file>..." to discard changes in working directory)
modified: README.md
no changes added to commit (use "git add" and/or "git commit -a")
[devsecops/emvaldes/runleaks ab1b78b41] Appending default configuration changes.
1 file changed, 5 insertions(+), 5 deletions(-)
On branch devsecops/emvaldes/runleaks
nothing to commit, working tree clean
devops: prime-reportstream (devsecops/emvaldes/runleaks) $ git push --set-upstream origin devsecops/emvaldes/runleaks ;
Enumerating objects: 21, done.
Counting objects: 100% (21/21), done.
Delta compression using up to 16 threads
Compressing objects: 100% (16/16), done.
Writing objects: 100% (18/18), 5.26 KiB | 5.26 MiB/s, done.
Total 18 (delta 8), reused 1 (delta 0), pack-reused 0 (from 0)
remote: Resolving deltas: 100% (8/8), completed with 3 local objects.
remote:
remote: Create a pull request for 'devsecops/emvaldes/runleaks' on GitHub by visiting:
remote: https://github.com/CDCgov/prime-reportstream/pull/new/devsecops/emvaldes/runleaks
remote:
To https://github.com/CDCgov/prime-reportstream.git
* [new branch] devsecops/emvaldes/runleaks -> devsecops/emvaldes/runleaks
branch 'devsecops/emvaldes/runleaks' set up to track 'origin/devsecops/emvaldes/runleaks'.
GitHub Pull Request: https://github.com/CDCgov/prime-reportstream/pull/17023