From 4f7220e34f1e50a078391afe375d1c6af911a234 Mon Sep 17 00:00:00 2001 From: Nadeem <110535104+nadeem-cs@users.noreply.github.com> Date: Tue, 19 Mar 2024 17:11:29 +0530 Subject: [PATCH 01/15] Update nuget-publish.yml --- .github/workflows/nuget-publish.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml index 458476e..f32c3dc 100644 --- a/.github/workflows/nuget-publish.yml +++ b/.github/workflows/nuget-publish.yml @@ -18,7 +18,6 @@ jobs: NUGET_AUTH_TOKEN: ${{ secrets.NUGET_AUTH_TOKEN }} - name: Build solution and generate NuGet package run: | - cd contentstack-utils-dotnet dotnet pack -c Release -o out - name: Push generated package to GitHub registry @@ -38,7 +37,6 @@ jobs: NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Build solution and generate NuGet package run: | - cd contentstack-utils-dotnet dotnet pack -c Release -o out - name: Push generated package to GitHub registry From 924bf48ba8ba3d7e0fc16eaaace3f9db6386e6b0 Mon Sep 17 00:00:00 2001 From: Nadeem <110535104+nadeem-cs@users.noreply.github.com> Date: Tue, 19 Mar 2024 17:17:57 +0530 Subject: [PATCH 02/15] Update nuget-publish.yml --- .github/workflows/nuget-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml index f32c3dc..d320062 100644 --- a/.github/workflows/nuget-publish.yml +++ b/.github/workflows/nuget-publish.yml @@ -21,7 +21,7 @@ jobs: dotnet pack -c Release -o out - name: Push generated package to GitHub registry - run: dotnet nuget push ./contentstack-utils-dotnet/out/*.nupkg --api-key $NUGET_AUTH_TOKEN --skip-duplicate --no-symbols true + run: dotnet nuget push ./out/*.nupkg --api-key $NUGET_AUTH_TOKEN --source https://www.nuget.org/ --skip-duplicate --no-symbols true publish-git: runs-on: windows-latest @@ -40,4 +40,4 @@ jobs: dotnet pack -c Release -o out - name: Push generated package to GitHub registry - run: dotnet nuget push ./contentstack-utils-dotnet/out/*.nupkg --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate --no-symbols true + run: dotnet nuget push ./out/*.nupkg --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate --no-symbols true From 0b029fb04db65905dc9f78dff4357f659bf5d3cf Mon Sep 17 00:00:00 2001 From: Nadeem <110535104+nadeem-cs@users.noreply.github.com> Date: Tue, 19 Mar 2024 17:44:58 +0530 Subject: [PATCH 03/15] Update nuget-publish.yml --- .github/workflows/nuget-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml index d320062..881e849 100644 --- a/.github/workflows/nuget-publish.yml +++ b/.github/workflows/nuget-publish.yml @@ -21,7 +21,7 @@ jobs: dotnet pack -c Release -o out - name: Push generated package to GitHub registry - run: dotnet nuget push ./out/*.nupkg --api-key $NUGET_AUTH_TOKEN --source https://www.nuget.org/ --skip-duplicate --no-symbols true + run: dotnet nuget push ./contentstack-utils-dotnet/out/*.nupkg --api-key $NUGET_AUTH_TOKEN --source https://www.nuget.org/ --skip-duplicate --no-symbols true publish-git: runs-on: windows-latest @@ -40,4 +40,4 @@ jobs: dotnet pack -c Release -o out - name: Push generated package to GitHub registry - run: dotnet nuget push ./out/*.nupkg --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate --no-symbols true + run: dotnet nuget push ./contentstack-utils-dotnet/out/*.nupkg --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate --no-symbols true From bf846b35940e9b1fbc08642016d577cb07674c4d Mon Sep 17 00:00:00 2001 From: Nadeem <110535104+nadeem-cs@users.noreply.github.com> Date: Tue, 19 Mar 2024 17:49:03 +0530 Subject: [PATCH 04/15] Update nuget-publish.yml --- .github/workflows/nuget-publish.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml index 881e849..459bd71 100644 --- a/.github/workflows/nuget-publish.yml +++ b/.github/workflows/nuget-publish.yml @@ -19,6 +19,7 @@ jobs: - name: Build solution and generate NuGet package run: | dotnet pack -c Release -o out + echo ls - name: Push generated package to GitHub registry run: dotnet nuget push ./contentstack-utils-dotnet/out/*.nupkg --api-key $NUGET_AUTH_TOKEN --source https://www.nuget.org/ --skip-duplicate --no-symbols true From 41150b72189b4ac67b12d430d8f08b7428acc541 Mon Sep 17 00:00:00 2001 From: Nadeem <110535104+nadeem-cs@users.noreply.github.com> Date: Tue, 19 Mar 2024 17:58:33 +0530 Subject: [PATCH 05/15] Update nuget-publish.yml --- .github/workflows/nuget-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml index 459bd71..431b124 100644 --- a/.github/workflows/nuget-publish.yml +++ b/.github/workflows/nuget-publish.yml @@ -19,10 +19,10 @@ jobs: - name: Build solution and generate NuGet package run: | dotnet pack -c Release -o out - echo ls + ls - name: Push generated package to GitHub registry - run: dotnet nuget push ./contentstack-utils-dotnet/out/*.nupkg --api-key $NUGET_AUTH_TOKEN --source https://www.nuget.org/ --skip-duplicate --no-symbols true + run: dotnet nuget push ./contentstack-utils-dotnet/out/*.nupkg --api-key $NUGET_AUTH_TOKEN --source "https://www.nuget.org/" --skip-duplicate --no-symbols true publish-git: runs-on: windows-latest From 8bd6541f2c9d6358aa0c786872bf17f7926e4899 Mon Sep 17 00:00:00 2001 From: Nadeem <110535104+nadeem-cs@users.noreply.github.com> Date: Tue, 19 Mar 2024 18:08:53 +0530 Subject: [PATCH 06/15] Update nuget-publish.yml --- .github/workflows/nuget-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml index 431b124..4c13291 100644 --- a/.github/workflows/nuget-publish.yml +++ b/.github/workflows/nuget-publish.yml @@ -22,7 +22,7 @@ jobs: ls - name: Push generated package to GitHub registry - run: dotnet nuget push ./contentstack-utils-dotnet/out/*.nupkg --api-key $NUGET_AUTH_TOKEN --source "https://www.nuget.org/" --skip-duplicate --no-symbols true + run: dotnet nuget push ./out/*.nupkg --api-key $NUGET_AUTH_TOKEN --skip-duplicate --no-symbols true --source https://api.nuget.org/v3/index.json publish-git: runs-on: windows-latest @@ -41,4 +41,4 @@ jobs: dotnet pack -c Release -o out - name: Push generated package to GitHub registry - run: dotnet nuget push ./contentstack-utils-dotnet/out/*.nupkg --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate --no-symbols true + run: dotnet nuget push ./out/*.nupkg --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate --no-symbols true From d7b5fa92b3cd9047632253126372dcfbdeafffed Mon Sep 17 00:00:00 2001 From: Nadeem <110535104+nadeem-cs@users.noreply.github.com> Date: Tue, 19 Mar 2024 18:13:18 +0530 Subject: [PATCH 07/15] Update nuget-publish.yml --- .github/workflows/nuget-publish.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml index 4c13291..0edd644 100644 --- a/.github/workflows/nuget-publish.yml +++ b/.github/workflows/nuget-publish.yml @@ -19,10 +19,11 @@ jobs: - name: Build solution and generate NuGet package run: | dotnet pack -c Release -o out - ls - name: Push generated package to GitHub registry - run: dotnet nuget push ./out/*.nupkg --api-key $NUGET_AUTH_TOKEN --skip-duplicate --no-symbols true --source https://api.nuget.org/v3/index.json + run: | + cd out + dotnet nuget push "contentstack.utils.*.nupkg" --api-key $NUGET_AUTH_TOKEN --skip-duplicate --no-symbols true --source https://api.nuget.org/v3/index.json publish-git: runs-on: windows-latest @@ -41,4 +42,6 @@ jobs: dotnet pack -c Release -o out - name: Push generated package to GitHub registry - run: dotnet nuget push ./out/*.nupkg --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate --no-symbols true + run: | + cd out + dotnet nuget push "contentstack.utils.*.nupkg" --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate --no-symbols true From 079508ccc2d02d2944568e575ca04fc38d08f729 Mon Sep 17 00:00:00 2001 From: Nadeem <110535104+nadeem-cs@users.noreply.github.com> Date: Tue, 19 Mar 2024 18:19:24 +0530 Subject: [PATCH 08/15] Update nuget-publish.yml --- .github/workflows/nuget-publish.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml index 0edd644..7d3fa85 100644 --- a/.github/workflows/nuget-publish.yml +++ b/.github/workflows/nuget-publish.yml @@ -15,7 +15,7 @@ jobs: with: dotnet-version: '3.1.x' env: - NUGET_AUTH_TOKEN: ${{ secrets.NUGET_AUTH_TOKEN }} + NUGET_AUTH_TOKEN: ${{ secrets.NUGET_API_KEY }} - name: Build solution and generate NuGet package run: | dotnet pack -c Release -o out @@ -23,7 +23,7 @@ jobs: - name: Push generated package to GitHub registry run: | cd out - dotnet nuget push "contentstack.utils.*.nupkg" --api-key $NUGET_AUTH_TOKEN --skip-duplicate --no-symbols true --source https://api.nuget.org/v3/index.json + dotnet nuget push "contentstack.utils.*.nupkg" --api-key ${{ secrets.NUGET_API_KEY }} --skip-duplicate --no-symbols true --source https://api.nuget.org/v3/index.json publish-git: runs-on: windows-latest @@ -44,4 +44,4 @@ jobs: - name: Push generated package to GitHub registry run: | cd out - dotnet nuget push "contentstack.utils.*.nupkg" --api-key ${{ secrets.GITHUB_TOKEN }} --skip-duplicate --no-symbols true + dotnet nuget push "contentstack.utils.*.nupkg" --api-key ${{ secrets.NUGET_API_KEY }} --skip-duplicate --no-symbols true From 530811fa3ea6c5a09430da59573fc811dbe589b7 Mon Sep 17 00:00:00 2001 From: Nadeem <110535104+nadeem-cs@users.noreply.github.com> Date: Tue, 19 Mar 2024 18:22:44 +0530 Subject: [PATCH 09/15] Update nuget-publish.yml --- .github/workflows/nuget-publish.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml index 7d3fa85..3538715 100644 --- a/.github/workflows/nuget-publish.yml +++ b/.github/workflows/nuget-publish.yml @@ -11,9 +11,7 @@ jobs: - name: Checkout repository uses: actions/checkout@v1 - name: Setup .NET Core @ Latest - uses: actions/setup-dotnet@v1 - with: - dotnet-version: '3.1.x' + uses: actions/setup-dotnet@v3 env: NUGET_AUTH_TOKEN: ${{ secrets.NUGET_API_KEY }} - name: Build solution and generate NuGet package From 81cd0744f2f120b7d884da72c16ce3d59a531b1b Mon Sep 17 00:00:00 2001 From: Nadeem <110535104+nadeem-cs@users.noreply.github.com> Date: Tue, 19 Mar 2024 18:23:25 +0530 Subject: [PATCH 10/15] Update nuget-publish.yml --- .github/workflows/nuget-publish.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml index 3538715..82348b5 100644 --- a/.github/workflows/nuget-publish.yml +++ b/.github/workflows/nuget-publish.yml @@ -29,9 +29,8 @@ jobs: - name: Checkout repository uses: actions/checkout@v1 - name: Setup .NET Core @ Latest - uses: actions/setup-dotnet@v1 + uses: actions/setup-dotnet@v3 with: - dotnet-version: '3.1.x' source-url: https://nuget.pkg.github.com/Contentstack/index.json env: NUGET_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} From b1a34fc4583fb1f9d4739c5259beb53b4ddf841c Mon Sep 17 00:00:00 2001 From: Nadeem <110535104+nadeem-cs@users.noreply.github.com> Date: Wed, 20 Mar 2024 13:09:52 +0530 Subject: [PATCH 11/15] Update nuget-publish.yml --- .github/workflows/nuget-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nuget-publish.yml b/.github/workflows/nuget-publish.yml index 82348b5..37ef592 100644 --- a/.github/workflows/nuget-publish.yml +++ b/.github/workflows/nuget-publish.yml @@ -41,4 +41,4 @@ jobs: - name: Push generated package to GitHub registry run: | cd out - dotnet nuget push "contentstack.utils.*.nupkg" --api-key ${{ secrets.NUGET_API_KEY }} --skip-duplicate --no-symbols true + dotnet nuget push "contentstack.utils.*.nupkg" --api-key ${{ secrets.NUGET_API_KEY }} --skip-duplicate --no-symbols true --source https://api.nuget.org/v3/index.json From 275fe9d22399e1d8ff8a821f10d77130e0cccd5b Mon Sep 17 00:00:00 2001 From: Aravind Kumar Date: Fri, 17 May 2024 21:12:09 +0530 Subject: [PATCH 12/15] sca-scan.yml --- .github/workflows/sca-scan.yml | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/.github/workflows/sca-scan.yml b/.github/workflows/sca-scan.yml index be402b2..4fa4560 100644 --- a/.github/workflows/sca-scan.yml +++ b/.github/workflows/sca-scan.yml @@ -3,17 +3,13 @@ on: pull_request: types: [opened, synchronize, reopened] jobs: - security: + security-sca: runs-on: ubuntu-latest steps: - - name: Checkout repository - uses: actions/checkout@master - - uses: snyk/actions/setup@master - - name: Setup .NET - uses: actions/setup-dotnet@v3.0.3 - - name: Restore dependencies - run: dotnet restore ./Contentstack.Utils.sln + - uses: actions/checkout@master - name: Run Snyk to check for vulnerabilities - run: cd Contentstack.Utils && snyk test --fail-on=all + uses: snyk/actions/dotnet@master env: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + with: + args: --fail-on=all From 97002337e1ef88675cf6a5eefb92c237880df3f6 Mon Sep 17 00:00:00 2001 From: Aravind Kumar Date: Fri, 17 May 2024 21:12:24 +0530 Subject: [PATCH 13/15] jira.yml --- .github/workflows/jira.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/jira.yml b/.github/workflows/jira.yml index 5ddf87a..caa4bbd 100644 --- a/.github/workflows/jira.yml +++ b/.github/workflows/jira.yml @@ -3,7 +3,7 @@ on: pull_request: types: [opened] jobs: - security: + security-jira: if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-') || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}} runs-on: ubuntu-latest steps: @@ -26,3 +26,8 @@ jobs: PR: ${{ github.event.pull_request.html_url }} fields: "${{ secrets.JIRA_FIELDS }}" + - name: Transition issue + uses: atlassian/gajira-transition@v3 + with: + issue: ${{ steps.create.outputs.issue }} + transition: ${{ secrets.JIRA_TRANSITION }} From 73a4e01ffecdf913cdfd2dc91b267453cbf170b3 Mon Sep 17 00:00:00 2001 From: Aravind Kumar Date: Fri, 17 May 2024 21:12:25 +0530 Subject: [PATCH 14/15] sast-scan.yml --- .github/workflows/sast-scan.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 .github/workflows/sast-scan.yml diff --git a/.github/workflows/sast-scan.yml b/.github/workflows/sast-scan.yml new file mode 100644 index 0000000..3b9521a --- /dev/null +++ b/.github/workflows/sast-scan.yml @@ -0,0 +1,11 @@ +name: SAST Scan +on: + pull_request: + types: [opened, synchronize, reopened] +jobs: + security-sast: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Semgrep Scan + run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v "${PWD}:/src" returntocorp/semgrep semgrep scan --config auto \ No newline at end of file From 8ffbfecd49e3d5b0d9fff44fb73891b8c58080a3 Mon Sep 17 00:00:00 2001 From: Aravind Kumar Date: Fri, 17 May 2024 21:12:26 +0530 Subject: [PATCH 15/15] codeql-analysis.yml