testio-tailwind 3.20.1 → 3.20.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/workflows/scheduled.yaml +21 -0
- package/.github/workflows/workflow.yaml +52 -0
- package/package.json +1 -1
- package/src/assets/stylesheets/components/notifications.css +19 -6
- package/src/assets/stylesheets/components/splitview.css +12 -7
- package/src/pages/components/notifications.haml +35 -13
- package/src/pages/examples/splitview-testcases.haml +3 -3
- package/src/pages/examples/splitview.haml +0 -1
- package/.circleci/config.yml +0 -217
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
name: Scheduled tasks
|
|
2
|
+
run-name: scheduled-tasks-${{ github.ref_name }}-${{ github.run_number }}
|
|
3
|
+
on:
|
|
4
|
+
schedule:
|
|
5
|
+
# This workflow is triggered every sunday at 02:50 UTC
|
|
6
|
+
- cron: '50 2 * * 0'
|
|
7
|
+
workflow_dispatch:
|
|
8
|
+
inputs:
|
|
9
|
+
manual_debug:
|
|
10
|
+
description: 'Stuck the workflow for debugging'
|
|
11
|
+
required: false
|
|
12
|
+
default: false
|
|
13
|
+
type: boolean
|
|
14
|
+
jobs:
|
|
15
|
+
security-scan:
|
|
16
|
+
uses: test-IO/cicd/.github/workflows/security_scan.yaml@main
|
|
17
|
+
with:
|
|
18
|
+
defectdojo_product: 'Tailwind Designsystem'
|
|
19
|
+
image_name: 'eu.gcr.io/oi-tset/tw-designsystem'
|
|
20
|
+
image_tag: 'main'
|
|
21
|
+
scan_brakeman: false
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
name: Build, Test and Deploy
|
|
2
|
+
run-name: workflow-${{ github.ref_name }}-${{ github.run_number }}
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
workflow_dispatch:
|
|
6
|
+
inputs:
|
|
7
|
+
manual_debug:
|
|
8
|
+
description: 'Stuck the workflow for debugging'
|
|
9
|
+
required: false
|
|
10
|
+
default: false
|
|
11
|
+
type: boolean
|
|
12
|
+
|
|
13
|
+
# If you update the node version, set it in test and publish jobs!
|
|
14
|
+
jobs:
|
|
15
|
+
build:
|
|
16
|
+
uses: test-IO/cicd/.github/workflows/docker_build.yaml@main
|
|
17
|
+
concurrency:
|
|
18
|
+
group: ci-${{ github.ref }}-build-${{ github.workflow }}
|
|
19
|
+
cancel-in-progress: true
|
|
20
|
+
with:
|
|
21
|
+
image_name: eu.gcr.io/oi-tset/tw-designsystem
|
|
22
|
+
|
|
23
|
+
test:
|
|
24
|
+
uses: test-IO/cicd/.github/workflows/designsystem_test.yaml@main
|
|
25
|
+
concurrency:
|
|
26
|
+
group: ci-${{ github.ref }}-test-${{ github.workflow }}
|
|
27
|
+
cancel-in-progress: true
|
|
28
|
+
with:
|
|
29
|
+
node_version: 21.6.2
|
|
30
|
+
|
|
31
|
+
publish:
|
|
32
|
+
uses: test-IO/cicd/.github/workflows/designsystem_publish.yaml@main
|
|
33
|
+
concurrency:
|
|
34
|
+
group: ci-${{ github.ref }}-${{ github.workflow }}
|
|
35
|
+
cancel-in-progress: true
|
|
36
|
+
needs: [test, build]
|
|
37
|
+
if: |-
|
|
38
|
+
contains(fromJSON('["main", "master"]'), github.ref_name)
|
|
39
|
+
with:
|
|
40
|
+
node_version: 21.6.2
|
|
41
|
+
|
|
42
|
+
deploy:
|
|
43
|
+
uses: test-IO/cicd/.github/workflows/deploy_gcp.yaml@main
|
|
44
|
+
concurrency:
|
|
45
|
+
group: deploy-${{ github.ref }}-${{ github.workflow }}
|
|
46
|
+
cancel-in-progress: false # never cancel a running deploy; queue instead
|
|
47
|
+
needs: [publish]
|
|
48
|
+
if: |-
|
|
49
|
+
contains(fromJSON('["main", "master"]'), github.ref_name)
|
|
50
|
+
with:
|
|
51
|
+
helm_chart_name: tw-designsystem
|
|
52
|
+
namespace: designsystems
|
package/package.json
CHANGED
|
@@ -86,8 +86,7 @@
|
|
|
86
86
|
/* Notification message */
|
|
87
87
|
|
|
88
88
|
.notification-container {
|
|
89
|
-
@apply fixed top-header right-0 overflow-y-scroll max-h-screen pt-xs pb-xl z-10;
|
|
90
|
-
width: 280px;
|
|
89
|
+
@apply fixed w-spacing-5xl top-header right-0 overflow-y-scroll max-h-screen pt-xs pb-xl z-10;
|
|
91
90
|
scrollbar-width: none;
|
|
92
91
|
}
|
|
93
92
|
|
|
@@ -98,24 +97,34 @@
|
|
|
98
97
|
}
|
|
99
98
|
|
|
100
99
|
.notification-container .notification {
|
|
101
|
-
@apply relative grid
|
|
100
|
+
@apply relative grid mb-xxs py-sm pr-btn pl-sm bg-info rounded-l text-white;
|
|
102
101
|
grid-template-areas: "badge title"
|
|
103
|
-
"
|
|
102
|
+
"badge content";
|
|
104
103
|
grid-template-columns: auto 1fr;
|
|
104
|
+
grid-template-rows: auto 1fr;
|
|
105
105
|
line-height: 1.3;
|
|
106
106
|
box-shadow: -5px 5px 8px rgba(0,0,0,.1);
|
|
107
107
|
}
|
|
108
108
|
|
|
109
109
|
.notification-container a.notification {
|
|
110
|
-
@apply
|
|
110
|
+
@apply hover:bg-link-hover hover:text-white no-underline;
|
|
111
111
|
}
|
|
112
112
|
|
|
113
113
|
.notification-container .notification-badge {
|
|
114
|
+
@apply mr-xs mb-xs;
|
|
114
115
|
grid-area: badge;
|
|
115
116
|
}
|
|
116
117
|
|
|
117
118
|
.notification-container .notification-badge .icon {
|
|
118
|
-
@apply h-icon-lg text-icon-lg
|
|
119
|
+
@apply h-icon-lg text-icon-lg;
|
|
120
|
+
}
|
|
121
|
+
|
|
122
|
+
.notification-container .notification-badge img {
|
|
123
|
+
@apply h-btn w-btn;
|
|
124
|
+
}
|
|
125
|
+
|
|
126
|
+
.notification-container .notification.badges img {
|
|
127
|
+
@apply w-xl h-xl mb-0;
|
|
119
128
|
}
|
|
120
129
|
|
|
121
130
|
.notification-container .notification .btn {
|
|
@@ -153,4 +162,8 @@
|
|
|
153
162
|
|
|
154
163
|
.notification-container .notification.error {
|
|
155
164
|
@apply bg-danger;
|
|
165
|
+
}
|
|
166
|
+
|
|
167
|
+
.notification-container .notification.badges {
|
|
168
|
+
@apply bg-petrol-dark;
|
|
156
169
|
}
|
|
@@ -4,9 +4,17 @@
|
|
|
4
4
|
"splitview-list-header splitview-details"
|
|
5
5
|
"splitview-list splitview-details"
|
|
6
6
|
"splitview-list-actionbar splitview-details-actionbar";
|
|
7
|
-
grid-template-columns: auto
|
|
7
|
+
grid-template-columns: 1fr auto;
|
|
8
8
|
grid-template-rows: auto auto 1fr auto;
|
|
9
9
|
grid-area: main;
|
|
10
|
+
}
|
|
11
|
+
|
|
12
|
+
.splitview-layout.item-selected {
|
|
13
|
+
grid-template-columns: auto 1fr;
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
.splitview-layout,
|
|
17
|
+
.splitview-layout.item-selected {
|
|
10
18
|
@media (width >= theme(--breakpoint-lg)) {
|
|
11
19
|
grid-template-columns: 1fr 1fr;
|
|
12
20
|
}
|
|
@@ -39,7 +47,7 @@
|
|
|
39
47
|
}
|
|
40
48
|
|
|
41
49
|
.splitview-layout.item-selected .splitview-list {
|
|
42
|
-
@apply hidden lg:grid overflow-x-hidden;
|
|
50
|
+
@apply hidden lg:grid lg:content-start overflow-x-hidden;
|
|
43
51
|
}
|
|
44
52
|
|
|
45
53
|
.splitview-layout.item-selected {
|
|
@@ -65,9 +73,6 @@
|
|
|
65
73
|
.splitview-details-actionbar {
|
|
66
74
|
display: flex;
|
|
67
75
|
}
|
|
68
|
-
.splitview-list {
|
|
69
|
-
display: block;
|
|
70
|
-
}
|
|
71
76
|
}
|
|
72
77
|
|
|
73
78
|
.splitview-header {
|
|
@@ -133,11 +138,11 @@
|
|
|
133
138
|
}
|
|
134
139
|
|
|
135
140
|
.splitview-details-title {
|
|
136
|
-
@apply text-heading-3 dark:text-card-header;
|
|
141
|
+
@apply text-heading-3 leading-tight dark:text-card-header;
|
|
137
142
|
}
|
|
138
143
|
|
|
139
144
|
.splitview-details-header .btn-close-detailview {
|
|
140
|
-
@apply lg:hidden;
|
|
145
|
+
@apply ml-auto lg:hidden;
|
|
141
146
|
}
|
|
142
147
|
|
|
143
148
|
.list-splitview-meta {
|
|
@@ -6,37 +6,59 @@ title: Notifications
|
|
|
6
6
|
%p.mb-heading.prose remove the classes <code>relative z-0 top-0</code> in production
|
|
7
7
|
|
|
8
8
|
.notification-container.relative.top-0.z-0
|
|
9
|
-
.notification{href:""}
|
|
10
|
-
.notification-title Info
|
|
9
|
+
%a.notification{href:""}
|
|
10
|
+
.notification-title Linked Info Notification
|
|
11
11
|
.notification-content
|
|
12
12
|
.notification-message You have 60 min left to finish this task. Be sure to pick it up and finish it soon.
|
|
13
|
-
.btn.btn-sm.btn-inverted Go to page button
|
|
14
13
|
%button.btn.btn-close
|
|
15
14
|
%span.icon.icon-cross
|
|
16
|
-
.notification{href:""}
|
|
15
|
+
%a.notification{href:""}
|
|
17
16
|
.notification-badge
|
|
18
|
-
.icon.icon-
|
|
19
|
-
.notification-
|
|
17
|
+
.icon.icon-bug-fix-confirmation-lg
|
|
18
|
+
.notification-content
|
|
19
|
+
.notification-title Notification with icon
|
|
20
|
+
.notification-message You have 60 min left to finish this task. Be sure to pick it up and finish it soon.
|
|
21
|
+
%button.btn.btn-close
|
|
22
|
+
%span.icon.icon-cross
|
|
23
|
+
%a.notification.success{href:""}
|
|
24
|
+
.notification-title Linked Success Alert
|
|
20
25
|
.notification-content
|
|
21
26
|
.notification-message You have 60 min left to finish this task. Be sure to pick it up and finish it soon.
|
|
22
|
-
.btn.btn-sm.btn-inverted Update devices
|
|
23
27
|
%button.btn.btn-close
|
|
24
28
|
%span.icon.icon-cross
|
|
25
|
-
.notification.
|
|
26
|
-
.notification-title
|
|
29
|
+
%a.notification.warning{href:""}
|
|
30
|
+
.notification-title Linked Warning Notification
|
|
27
31
|
.notification-content
|
|
28
32
|
.notification-message You have 60 min left to finish this task. Be sure to pick it up and finish it soon.
|
|
29
33
|
%button.btn.btn-close
|
|
30
34
|
%span.icon.icon-cross
|
|
31
|
-
.notification.
|
|
32
|
-
.notification-title
|
|
35
|
+
%a.notification.error{href:""}
|
|
36
|
+
.notification-title Linked Error Notification
|
|
33
37
|
.notification-content
|
|
34
38
|
.notification-message You have 60 min left to finish this task. Be sure to pick it up and finish it soon.
|
|
35
39
|
%button.btn.btn-close
|
|
36
40
|
%span.icon.icon-cross
|
|
37
|
-
.notification.
|
|
38
|
-
.notification-
|
|
41
|
+
%a.notification.badges{href:""}
|
|
42
|
+
.notification-badge
|
|
43
|
+
%img{src:"/assets/images/tester-badges/testIO-testerbadge-cybersecurity.svg"}
|
|
44
|
+
.notification-title New badge received
|
|
45
|
+
.notification-content Cyber Security course passed!
|
|
46
|
+
%button.btn.btn-close
|
|
47
|
+
%span.icon.icon-cross
|
|
48
|
+
.notification
|
|
49
|
+
.notification-title Info Notification with dedidacted button
|
|
39
50
|
.notification-content
|
|
40
51
|
.notification-message You have 60 min left to finish this task. Be sure to pick it up and finish it soon.
|
|
52
|
+
%a.btn.btn-sm.btn-inverted{href:""} Go to page button
|
|
41
53
|
%button.btn.btn-close
|
|
42
54
|
%span.icon.icon-cross
|
|
55
|
+
.notification
|
|
56
|
+
.notification-badge
|
|
57
|
+
.icon.icon-devices-lg
|
|
58
|
+
.notification-title Info Notification with icon and button
|
|
59
|
+
.notification-content
|
|
60
|
+
.notification-message You have 60 min left to finish this task. Be sure to pick it up and finish it soon.
|
|
61
|
+
%a.btn.btn-sm.btn-inverted{href:""} Update devices
|
|
62
|
+
%button.btn.btn-close
|
|
63
|
+
%span.icon.icon-cross
|
|
64
|
+
|
|
@@ -68,7 +68,7 @@ tags: "examples"
|
|
|
68
68
|
.splitview-list
|
|
69
69
|
%details.splitview-group
|
|
70
70
|
%summary.splitview-item
|
|
71
|
-
.splitview-item-icon.icon.icon-circle.danger
|
|
71
|
+
.splitview-item-icon.icon.icon-circle-empty.danger
|
|
72
72
|
.splitview-item-text
|
|
73
73
|
.splitview-item-title Splitview group title / Test Case title
|
|
74
74
|
.splitview-item-metainfo
|
|
@@ -95,7 +95,7 @@ tags: "examples"
|
|
|
95
95
|
Windows 10 | Chrome
|
|
96
96
|
%details.splitview-group
|
|
97
97
|
%summary.splitview-item
|
|
98
|
-
.splitview-item-icon.icon.icon-circle.success
|
|
98
|
+
.splitview-item-icon.icon.icon-circle-empty.success
|
|
99
99
|
.splitview-item-text
|
|
100
100
|
.splitview-item-title Splitview group title / Test Case title
|
|
101
101
|
.splitview-item-metainfo
|
|
@@ -107,7 +107,7 @@ tags: "examples"
|
|
|
107
107
|
%span.icon.icon-safari.mr-icon-spacing
|
|
108
108
|
iOS 18 | Safari
|
|
109
109
|
.splitview-item
|
|
110
|
-
.splitview-item-icon.icon.icon-circle.success
|
|
110
|
+
.splitview-item-icon.icon.icon-check-circle-filled.success
|
|
111
111
|
.splitview-item-text
|
|
112
112
|
%span.icon.icon-tablet-android.mr-icon-spacing
|
|
113
113
|
%span.icon.icon-chrome.mr-icon-spacing
|
|
@@ -30,7 +30,6 @@ tags: "examples"
|
|
|
30
30
|
%a.navlink{href:'#'}
|
|
31
31
|
%span.navlink-badge.icon.icon-bug-reproduction
|
|
32
32
|
Navlink with a long title to see how things are breaking into several lines and don't cause a broken layout
|
|
33
|
-
|
|
34
33
|
%main.splitview-layout#ds-splitview-demo
|
|
35
34
|
.splitview-header
|
|
36
35
|
%h1 Splitview layout
|
package/.circleci/config.yml
DELETED
|
@@ -1,217 +0,0 @@
|
|
|
1
|
-
version: 2.1
|
|
2
|
-
|
|
3
|
-
orbs:
|
|
4
|
-
gcp-cli: circleci/gcp-cli@3.3.0
|
|
5
|
-
|
|
6
|
-
executors:
|
|
7
|
-
cci-base:
|
|
8
|
-
docker:
|
|
9
|
-
- image: cimg/base:stable
|
|
10
|
-
cci-node:
|
|
11
|
-
docker:
|
|
12
|
-
- image: cimg/node:21.6.2
|
|
13
|
-
cci-deploy:
|
|
14
|
-
docker:
|
|
15
|
-
- image: cimg/deploy:2025.01
|
|
16
|
-
|
|
17
|
-
commands:
|
|
18
|
-
gcp-oidc-authenticate:
|
|
19
|
-
description: "Create GCP credentials file from CircleCI OIDC token and use it to authenticate to our GCP project"
|
|
20
|
-
steps:
|
|
21
|
-
- run:
|
|
22
|
-
name: Create GCP credentials file from OIDC token and use it for authentication
|
|
23
|
-
command: |
|
|
24
|
-
echo $CIRCLE_OIDC_TOKEN > ${HOME}/oidc_token.json # store OIDC token in a file
|
|
25
|
-
gcloud iam workload-identity-pools create-cred-config \
|
|
26
|
-
"projects/${GCP_PROJECT_ID}/locations/global/workloadIdentityPools/${GCP_WIP_ID}/providers/${GCP_WIP_PROVIDER_ID}" \
|
|
27
|
-
--credential-source-file=${HOME}/oidc_token.json \
|
|
28
|
-
--service-account="${GCP_SERVICE_ACCOUNT_EMAIL}" \
|
|
29
|
-
--output-file=${HOME}/gcp_cred_config.json
|
|
30
|
-
gcloud auth login --brief --cred-file ${HOME}/gcp_cred_config.json
|
|
31
|
-
echo "export GOOGLE_APPLICATION_CREDENTIALS=${HOME}/gcp_cred_config.json" >> $BASH_ENV # configure ADC
|
|
32
|
-
|
|
33
|
-
jobs:
|
|
34
|
-
build:
|
|
35
|
-
executor: cci-base
|
|
36
|
-
environment:
|
|
37
|
-
IMAGE: eu.gcr.io/oi-tset/tw-designsystem
|
|
38
|
-
steps:
|
|
39
|
-
- checkout
|
|
40
|
-
- gcp-cli/install
|
|
41
|
-
- gcp-oidc-authenticate
|
|
42
|
-
- setup_remote_docker:
|
|
43
|
-
docker_layer_caching: true
|
|
44
|
-
- run:
|
|
45
|
-
name: Setup access to the registry
|
|
46
|
-
command: gcloud auth configure-docker eu.gcr.io,europe-west3-docker.pkg.dev --quiet
|
|
47
|
-
- run:
|
|
48
|
-
name: Build application image
|
|
49
|
-
command: docker build -t $IMAGE:$CIRCLE_SHA1 .
|
|
50
|
-
- run:
|
|
51
|
-
name: Push image to the registry
|
|
52
|
-
command: docker push $IMAGE:$CIRCLE_SHA1
|
|
53
|
-
|
|
54
|
-
test:
|
|
55
|
-
executor: cci-node
|
|
56
|
-
steps:
|
|
57
|
-
- checkout
|
|
58
|
-
- restore_cache:
|
|
59
|
-
keys:
|
|
60
|
-
- v1-dependencies-{{ checksum "package.json" }}
|
|
61
|
-
- v1-dependencies-
|
|
62
|
-
- run: npm install
|
|
63
|
-
- save_cache:
|
|
64
|
-
key: v1-dependencies-{{ checksum "package.json" }}
|
|
65
|
-
paths:
|
|
66
|
-
- node_modules
|
|
67
|
-
|
|
68
|
-
publish:
|
|
69
|
-
executor: cci-node
|
|
70
|
-
working_directory: ~/repo
|
|
71
|
-
steps:
|
|
72
|
-
- checkout
|
|
73
|
-
- gcp-cli/install
|
|
74
|
-
- gcp-oidc-authenticate
|
|
75
|
-
- run:
|
|
76
|
-
name: Fetch npmjs publishing token and auth with the registry
|
|
77
|
-
command: |
|
|
78
|
-
export npm_TOKEN=$(gcloud secrets versions access latest --secret="npmjs-publish-token" --project=oi-tset --quiet) && \
|
|
79
|
-
echo "//registry.npmjs.org/:_authToken=$npm_TOKEN" > ~/repo/.npmrc
|
|
80
|
-
- run:
|
|
81
|
-
name: Publish NPM package
|
|
82
|
-
command: |
|
|
83
|
-
PACKAGE_VERSION=$(node -p -e "require('./package.json').version")
|
|
84
|
-
PACKAGE_NAME=$(node -p -e "require('./package.json').name")
|
|
85
|
-
FOUND_VERSION=$(npm view "$PACKAGE_NAME" version)
|
|
86
|
-
if [ "$PACKAGE_VERSION" == "$FOUND_VERSION" ]; then
|
|
87
|
-
echo "Cannot publish over the previously published version: $FOUND_VERSION."
|
|
88
|
-
exit 0
|
|
89
|
-
fi
|
|
90
|
-
npm publish
|
|
91
|
-
|
|
92
|
-
deploy:
|
|
93
|
-
executor: cci-deploy
|
|
94
|
-
environment:
|
|
95
|
-
HELM_CHART: tw-designsystem
|
|
96
|
-
GKE_CLUSTER: private-cluster
|
|
97
|
-
IMAGE: eu.gcr.io/oi-tset/tw-designsystem
|
|
98
|
-
steps:
|
|
99
|
-
- checkout
|
|
100
|
-
- gcp-cli/install
|
|
101
|
-
- gcp-oidc-authenticate
|
|
102
|
-
- run:
|
|
103
|
-
name: Copy deploy script
|
|
104
|
-
command: gsutil cp gs://helm_repo/scripts/deploy_from_helm_repo.sh .
|
|
105
|
-
- run:
|
|
106
|
-
name: Install required plugin
|
|
107
|
-
command: gcloud components install gke-gcloud-auth-plugin --quiet
|
|
108
|
-
- run:
|
|
109
|
-
name: Helm upgrade
|
|
110
|
-
command: bash ./deploy_from_helm_repo.sh
|
|
111
|
-
no_output_timeout: 25m
|
|
112
|
-
- run:
|
|
113
|
-
name: Add tag to the image in registry
|
|
114
|
-
command: gcloud container images add-tag $IMAGE:$CIRCLE_SHA1 $IMAGE:$CIRCLE_BRANCH --quiet
|
|
115
|
-
|
|
116
|
-
defectdojo:
|
|
117
|
-
executor: cci-base
|
|
118
|
-
environment:
|
|
119
|
-
IMAGE: eu.gcr.io/oi-tset/tw-designsystem
|
|
120
|
-
DEFECTDOJO_URL: defectdojo.testcloud.io
|
|
121
|
-
DEFECTDOJO_PRODUCT: Tailwind Designsystem
|
|
122
|
-
DEFECTDOJO_ENG_NAME: CircleCI Scan
|
|
123
|
-
circleci_ip_ranges: true
|
|
124
|
-
steps:
|
|
125
|
-
- checkout
|
|
126
|
-
- gcp-cli/install
|
|
127
|
-
- gcp-oidc-authenticate
|
|
128
|
-
- run:
|
|
129
|
-
name: Install Trivy and Gitleaks
|
|
130
|
-
command: |
|
|
131
|
-
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b $HOME/bin
|
|
132
|
-
curl -L https://github.com/gitleaks/gitleaks/releases/download/v8.18.2/gitleaks_8.18.2_linux_x64.tar.gz -o $HOME/gitleaks.tar.gz
|
|
133
|
-
tar -xzf $HOME/gitleaks.tar.gz
|
|
134
|
-
- run:
|
|
135
|
-
name: Scans
|
|
136
|
-
command: |
|
|
137
|
-
trivy fs --exit-code 0 --no-progress --format json --output filesystem-scan.json .
|
|
138
|
-
trivy i --exit-code 0 --no-progress --format json --output image-scan.json $IMAGE:main
|
|
139
|
-
./gitleaks detect --no-git --exit-code 0 --report-format json --report-path gitleaks.json
|
|
140
|
-
- run:
|
|
141
|
-
name: Send data to DefectDojo - Trivy filesystem scan
|
|
142
|
-
command: |
|
|
143
|
-
gcloud secrets versions access latest --secret="defectdojo_token" --project=oi-tset --quiet > DEFECTDOJO_TOKEN
|
|
144
|
-
|
|
145
|
-
curl --fail --request POST https://$DEFECTDOJO_URL/api/v2/reimport-scan/ \
|
|
146
|
-
--header "Authorization: Token $(< DEFECTDOJO_TOKEN)" \
|
|
147
|
-
--form "active=true" \
|
|
148
|
-
--form "auto_create_context=true" \
|
|
149
|
-
--form "branch_tag=${CIRCLE_BRANCH}" \
|
|
150
|
-
--form "commit_hash=${CIRCLE_SHA1}" \
|
|
151
|
-
--form "close_old_findings=true" \
|
|
152
|
-
--form "scan_type=Trivy Scan" \
|
|
153
|
-
--form "test_title=Trivy application scan" \
|
|
154
|
-
--form "engagement_name=${DEFECTDOJO_ENG_NAME}" \
|
|
155
|
-
--form "product_name=${DEFECTDOJO_PRODUCT}" \
|
|
156
|
-
--form "file=@filesystem-scan.json"
|
|
157
|
-
- run:
|
|
158
|
-
name: Send data to DefectDojo - Trivy image scan
|
|
159
|
-
command: |
|
|
160
|
-
curl --fail --request POST https://$DEFECTDOJO_URL/api/v2/reimport-scan/ \
|
|
161
|
-
--header "Authorization: Token $(< DEFECTDOJO_TOKEN)" \
|
|
162
|
-
--form "active=true" \
|
|
163
|
-
--form "auto_create_context=true" \
|
|
164
|
-
--form "branch_tag=${CIRCLE_BRANCH}" \
|
|
165
|
-
--form "commit_hash=${CIRCLE_SHA1}" \
|
|
166
|
-
--form "close_old_findings=true" \
|
|
167
|
-
--form "scan_type=Trivy Scan" \
|
|
168
|
-
--form "test_title=Trivy container image scan" \
|
|
169
|
-
--form "engagement_name=${DEFECTDOJO_ENG_NAME}" \
|
|
170
|
-
--form "product_name=${DEFECTDOJO_PRODUCT}" \
|
|
171
|
-
--form "file=@image-scan.json"
|
|
172
|
-
- run:
|
|
173
|
-
name: Send data to DefectDojo - Gitleaks scan
|
|
174
|
-
command: |
|
|
175
|
-
curl --fail --request POST https://$DEFECTDOJO_URL/api/v2/reimport-scan/ \
|
|
176
|
-
--header "Authorization: Token $(< DEFECTDOJO_TOKEN)" \
|
|
177
|
-
--form "active=true" \
|
|
178
|
-
--form "auto_create_context=true" \
|
|
179
|
-
--form "branch_tag=${CIRCLE_BRANCH}" \
|
|
180
|
-
--form "commit_hash=${CIRCLE_SHA1}" \
|
|
181
|
-
--form "close_old_findings=true" \
|
|
182
|
-
--form "scan_type=Gitleaks Scan" \
|
|
183
|
-
--form "test_title=Gitleaks Scan" \
|
|
184
|
-
--form "engagement_name=${DEFECTDOJO_ENG_NAME}" \
|
|
185
|
-
--form "product_name=${DEFECTDOJO_PRODUCT}" \
|
|
186
|
-
--form "file=@gitleaks.json"
|
|
187
|
-
|
|
188
|
-
workflows:
|
|
189
|
-
workflow:
|
|
190
|
-
jobs:
|
|
191
|
-
- build:
|
|
192
|
-
context: gcp-production
|
|
193
|
-
- test
|
|
194
|
-
- publish:
|
|
195
|
-
requires:
|
|
196
|
-
- test
|
|
197
|
-
filters:
|
|
198
|
-
branches:
|
|
199
|
-
only: main
|
|
200
|
-
context: gcp-production
|
|
201
|
-
- deploy:
|
|
202
|
-
requires:
|
|
203
|
-
- build
|
|
204
|
-
filters:
|
|
205
|
-
branches:
|
|
206
|
-
only: main
|
|
207
|
-
context: gcp-production
|
|
208
|
-
security_scan:
|
|
209
|
-
jobs:
|
|
210
|
-
- defectdojo:
|
|
211
|
-
context: gcp-production
|
|
212
|
-
triggers:
|
|
213
|
-
- schedule:
|
|
214
|
-
cron: "20 4 * * 0"
|
|
215
|
-
filters:
|
|
216
|
-
branches:
|
|
217
|
-
only: main
|