@greenarmor/ges-cicd-generator 0.3.0 → 0.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +59 -0
- package/package.json +2 -2
package/README.md
ADDED
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
# @greenarmor/ges-cicd-generator
|
|
2
|
+
|
|
3
|
+
GitHub Actions workflow generation for the [Green Engineering Standard Framework (GESF)](https://github.com/greenarmor/gesf).
|
|
4
|
+
|
|
5
|
+
Generates ready-to-use CI/CD workflow files for compliance checking, security scanning, dependency auditing, and secret detection — configured to run on pull requests and pushes.
|
|
6
|
+
|
|
7
|
+
## Install
|
|
8
|
+
|
|
9
|
+
```bash
|
|
10
|
+
npm install @greenarmor/ges-cicd-generator
|
|
11
|
+
```
|
|
12
|
+
|
|
13
|
+
## Exports
|
|
14
|
+
|
|
15
|
+
| Export | Description |
|
|
16
|
+
|--------|-------------|
|
|
17
|
+
| `WorkflowFile` | Interface for generated output (filePath + content) |
|
|
18
|
+
| `generateComplianceWorkflow(config)` | Generate `.github/workflows/compliance.yml` |
|
|
19
|
+
| `generateSecurityWorkflow(config)` | Generate `.github/workflows/security.yml` |
|
|
20
|
+
| `generateDependencyScanWorkflow(config)` | Generate `.github/workflows/dependency-scan.yml` |
|
|
21
|
+
| `generateSecretScanWorkflow(config)` | Generate `.github/workflows/secret-scan.yml` |
|
|
22
|
+
| `generateAllWorkflows(config)` | Generate all four workflow files |
|
|
23
|
+
|
|
24
|
+
## Usage
|
|
25
|
+
|
|
26
|
+
```typescript
|
|
27
|
+
import { generateAllWorkflows } from '@greenarmor/ges-cicd-generator';
|
|
28
|
+
import type { ProjectConfig } from '@greenarmor/ges-core';
|
|
29
|
+
|
|
30
|
+
const config: ProjectConfig = {
|
|
31
|
+
projectName: 'MyApp',
|
|
32
|
+
projectType: 'saas',
|
|
33
|
+
frameworks: ['GDPR', 'OWASP'],
|
|
34
|
+
requirements: { encryption: { required: true }, mfa: { required: true } },
|
|
35
|
+
};
|
|
36
|
+
|
|
37
|
+
const workflows = generateAllWorkflows(config);
|
|
38
|
+
workflows.forEach(w => {
|
|
39
|
+
fs.writeFileSync(w.filePath, w.content);
|
|
40
|
+
});
|
|
41
|
+
```
|
|
42
|
+
|
|
43
|
+
## Generated Workflows
|
|
44
|
+
|
|
45
|
+
| Workflow | Triggers | Scans |
|
|
46
|
+
|----------|----------|-------|
|
|
47
|
+
| `compliance.yml` | push, PR | GESF compliance audit and scoring |
|
|
48
|
+
| `security.yml` | push, PR | Semgrep static analysis |
|
|
49
|
+
| `dependency-scan.yml` | push, PR (weekly) | npm/pnpm audit, Trivy |
|
|
50
|
+
| `secret-scan.yml` | push, PR | Gitleaks secret detection |
|
|
51
|
+
|
|
52
|
+
## Related Packages
|
|
53
|
+
|
|
54
|
+
- [`@greenarmor/ges-core`](https://www.npmjs.com/package/@greenarmor/ges-core) — Types and constants
|
|
55
|
+
- [`@greenarmor/ges-scanner-integration`](https://www.npmjs.com/package/@greenarmor/ges-scanner-integration) — Scanner execution
|
|
56
|
+
|
|
57
|
+
## License
|
|
58
|
+
|
|
59
|
+
MIT
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@greenarmor/ges-cicd-generator",
|
|
3
|
-
"version": "0.3.
|
|
3
|
+
"version": "0.3.2",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "GESF CI/CD Generator - GitHub Actions workflow generation",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -12,7 +12,7 @@
|
|
|
12
12
|
}
|
|
13
13
|
},
|
|
14
14
|
"dependencies": {
|
|
15
|
-
"@greenarmor/ges-core": "0.3.
|
|
15
|
+
"@greenarmor/ges-core": "0.3.2"
|
|
16
16
|
},
|
|
17
17
|
"devDependencies": {
|
|
18
18
|
"typescript": "^6.0.0",
|