Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: trufflehog workgflow added #352

Closed
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
52 commits
Select commit Hold shift + click to select a range
c173bd4
feat: intial revocation service added
nitin-vavdiya Jun 13, 2024
0421797
doc: API doc added for revocation
nitin-vavdiya Jun 13, 2024
190ed6d
doc: uml added to issue and verify revocable VC
nitin-vavdiya Jun 13, 2024
ce29cb8
fix: docker context path
nitin-vavdiya Jun 14, 2024
ec8bb00
feat: revoke API, revocation support in issue VC API, wallet-commons …
nitin-vavdiya Jun 14, 2024
b1c5417
fix: sonar issues
nitin-vavdiya Jun 14, 2024
02ccd31
fix: test cases due to revocation client
nitin-vavdiya Jun 14, 2024
e91b6a0
fix: failing test cases
nitin-vavdiya Jun 17, 2024
e739cdc
fix: more test added
nitin-vavdiya Jun 17, 2024
042292f
fix: dockerfile and dockerfile location
nitin-vavdiya Jun 17, 2024
6a7cff2
feat: test coverage verification added at root gradle level and javad…
nitin-vavdiya Jun 17, 2024
168493a
doc: env updated for MIW
nitin-vavdiya Jun 17, 2024
107538c
doc: docs added for revocation service
nitin-vavdiya Jun 17, 2024
272e22a
doc: API doc updated
nitin-vavdiya Jun 17, 2024
4465f24
commons dao version updated
nitin-vavdiya Jun 18, 2024
4ebed6f
test: check if VC is has credential status
nitin-vavdiya Jun 18, 2024
60e3a5c
fix: dependencies addded at individual project level
nitin-vavdiya Jun 18, 2024
7d76b00
fix: file copy path in Dockerfile
nitin-vavdiya Jun 18, 2024
ad65e01
fix: copy path in docker file
nitin-vavdiya Jun 18, 2024
28796db
fix: revocation service dockerfile
nitin-vavdiya Jun 18, 2024
44b46ff
fix: user added in dockerfile
nitin-vavdiya Jun 18, 2024
6b118b2
fix: random port added for management url
nitin-vavdiya Jun 18, 2024
90ef524
fix: compilation error
nitin-vavdiya Aug 8, 2024
a99ca32
fix: failing test
nitin-vavdiya Aug 8, 2024
f70b345
feat: release workflow added for revocation-service
nitin-vavdiya Aug 8, 2024
42ed843
docs: license header updated
nitin-vavdiya Aug 8, 2024
234a7a0
fix: dockerfile
nitin-vavdiya Aug 8, 2024
4429211
feat: status list VC type set to StatusList2021
nitin-vavdiya Aug 12, 2024
badb46d
feat: Helm charts for revocation service
rohit-smartsensesolutions Aug 22, 2024
82c399d
docs: code changes reverted
rohit-smartsensesolutions Aug 23, 2024
52281f2
docs: code changes
rohit-smartsensesolutions Aug 29, 2024
c0c202f
docs: copyright header and README file modification
rohit-smartsensesolutions Sep 5, 2024
643493d
fix: sonar issues
nitin-vavdiya Sep 5, 2024
65dd812
fix: status list VS as JSON-LD
nitin-vavdiya Sep 6, 2024
df62fcc
fix: tests
nitin-vavdiya Sep 6, 2024
546908b
fix: status list changed to 2021 from bitstring
nitin-vavdiya Sep 9, 2024
3d0fbf9
fix: chart workflows
rohit-smartsensesolutions Sep 11, 2024
a446811
Merge pull request #12 from rohit-smartsensesolutions/feat/fixing-git…
nitin-vavdiya Sep 13, 2024
c162cad
fix: zap scan errors
rohit-smartsensesolutions Sep 24, 2024
074ab2d
fix: zap scan errors
rohit-smartsensesolutions Sep 24, 2024
e1218df
docs: fixed readme file
rohit-smartsensesolutions Sep 24, 2024
14a67e1
fix: modefied the value for the replicas
rohit-smartsensesolutions Sep 24, 2024
571d994
fixed helm docs
rohit-smartsensesolutions Sep 24, 2024
8ca1b3f
Merge pull request #13 from rohit-smartsensesolutions/fix/helm-charts
nitin-vavdiya Sep 24, 2024
00a86d5
docs: README and sample in API doc are updated
nitin-vavdiya Sep 25, 2024
8db88f0
feat: trufflehog workgflow added
thackerronak Sep 26, 2024
4af4a71
refactor: removed verify workflow
thackerronak Sep 26, 2024
1ed0878
Merge pull request #317 from Cofinity-X/feat/revocation-service
nitin-vavdiya Oct 18, 2024
969d6a0
chore(release): 1.0.0-develop.5 [skip ci]
nitin-vavdiya Oct 18, 2024
37741d8
feat: trufflehog workgflow added
thackerronak Sep 26, 2024
bb92986
refactor: removed verify workflow
thackerronak Sep 26, 2024
4ff1822
Merge branch 'feat/trufflehog-workflow' of github.com:Cofinity-X/upst…
thackerronak Oct 18, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .github/workflows/chart-verification.yml
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,7 @@ jobs:
context: .
push: true
tags: kind-registry:5000/miw:testing
file: ./miw/Dockerfile

- uses: actions/setup-python@v4
with:
Expand Down Expand Up @@ -230,6 +231,7 @@ jobs:
charts/managed-identity-wallet \
-n apps \
--wait \
--timeout 10m \
--set image.tag=testing \
--set image.repository=kind-registry:5000/miw
# only run if this is not a PR -OR- if there are new versions available
Expand Down
1 change: 1 addition & 0 deletions .github/workflows/dast-scan.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,7 @@ jobs:
context: .
push: true
tags: kind-registry:5000/miw:testing
file: ./miw/Dockerfile

- name: Install the chart on KinD cluster
run: helm install -n apps --create-namespace --wait --set image.tag=testing --set=image.repository=kind-registry:5000/miw testing charts/managed-identity-wallet
Expand Down
266 changes: 266 additions & 0 deletions .github/workflows/release-miw.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,266 @@
# Copyright (c) 2021-2024 Contributors to the Eclipse Foundation

# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.

# This program and the accompanying materials are made available under the
# terms of the Apache License, Version 2.0 which is available at
# https://www.apache.org/licenses/LICENSE-2.0.

# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

# SPDX-License-Identifier: Apache-2.0
---

name: Semantic Release - MIW
on:
push:
paths:
- 'miw/src/**'
- 'miw/build.gradle/**'
- 'wallet-commons/src/**'
- 'build.gradle'
- 'gradle.properties'
- 'settings.gradle'
branches:
- main
- develop
pull_request:
paths:
- 'miw/src/**'
- 'miw/build.gradle/**'
- 'wallet-commons/src/**'
- 'build.gradle'
- 'gradle.properties'
- 'settings.gradle'
branches:
- main
- develop

env:
IMAGE_NAMESPACE: "tractusx"
IMAGE_NAME: "managed-identity-wallet"

jobs:

semantic_release:
name: Repository Release
runs-on: ubuntu-latest
permissions:
# see https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
contents: write
pull-requests: write
packages: write
outputs:
next_release: ${{ steps.semantic-release.outputs.next_release }}
will_create_new_release: ${{ steps.semantic-release.outputs.will_create_new_release }}
steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Validate Gradle wrapper
uses: gradle/wrapper-validation-action@v2

- name: Setup Helm
uses: azure/[email protected]

- name: Setup JDK 17
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'

- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 20

# setup helm-docs as it is needed during semantic-release
- uses: gabe565/setup-helm-docs-action@v1
name: Setup helm-docs
if: github.event_name != 'pull_request'
with:
version: v1.11.3

- name: Run semantic release
id: semantic-release
if: github.event_name != 'pull_request'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GIT_AUTHOR_EMAIL: ${{ github.actor }}@users.noreply.github.com
GIT_COMMITTER_EMAIL: ${{ github.actor }}@users.noreply.github.com
run: |
npx --yes -p @semantic-release/exec -p @semantic-release/changelog -p @semantic-release/git -p @semantic-release/commit-analyzer -p @semantic-release/release-notes-generator semantic-release

- name: Run semantic release (dry run)
if: github.event_name == 'pull_request'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GIT_AUTHOR_EMAIL: ${{ github.actor }}@users.noreply.github.com
GIT_COMMITTER_EMAIL: ${{ github.actor }}@users.noreply.github.com
run: |
npx --yes -p @semantic-release/exec -p @semantic-release/github -p @semantic-release/changelog -p @semantic-release/git -p @semantic-release/commit-analyzer -p @semantic-release/release-notes-generator semantic-release --dry-run

- name: Execute Gradle build
run: ./gradlew build

- name: Upload build artifact
uses: actions/upload-artifact@v4
with:
name: build
path: ./miw/build
if-no-files-found: error
retention-days: 1

- name: Upload Helm chart artifact
uses: actions/upload-artifact@v4
with:
name: charts
path: ./charts
if-no-files-found: error
retention-days: 1

- name: Report semantic-release outputs
run: |
echo "::notice::${{ env.next_release }}"
echo "::notice::${{ env.will_create_new_release }}"

- name: Upload jar to GitHub release
if: github.event_name != 'pull_request' && steps.semantic-release.outputs.will_create_new_release == 'true'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
RELEASE_VERSION: ${{ steps.semantic-release.outputs.next_release }}
run: |
echo "::notice::Uploading jar to GitHub release"
gh release upload "v$RELEASE_VERSION" ./miw/build/libs/miw-latest.jar

docker:
name: Docker Release
needs: semantic_release
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Download build artifact
uses: actions/download-artifact@v4
with:
name: build
path: ./miw/build

- name: Download Helm chart artifact
uses: actions/download-artifact@v4
with:
name: charts
path: ./charts

# Create SemVer or ref tags dependent of trigger event
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}
# Automatically prepare image tags; See action docs for more examples.
# semver patter will generate tags like these for example :1 :1.2 :1.2.3
tags: |
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}},value=${{ needs.semantic_release.outputs.next_release }}
type=semver,pattern={{major}},value=${{ needs.semantic_release.outputs.next_release }}
type=semver,pattern={{major}}.{{minor}},value=${{ needs.semantic_release.outputs.next_release }}
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}

- name: DockerHub login
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
# Use existing DockerHub credentials present as secrets
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}

- name: Push image
uses: docker/build-push-action@v5
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
file: ./miw/Dockerfile

# https://github.com/peter-evans/dockerhub-description
# Important step to push image description to DockerHub
- name: Update Docker Hub description
if: github.event_name != 'pull_request'
uses: peter-evans/dockerhub-description@v3
with:
# readme-filepath defaults to toplevel README.md, Only necessary if you have a dedicated file with your 'Notice for docker images'
readme-filepath: Docker-hub-notice.md
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
repository: ${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}

helm:
name: Helm Release
needs: semantic_release
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout repository
uses: actions/checkout@v4

- name: Download Helm chart artifact
uses: actions/download-artifact@v4
with:
name: charts
path: ./charts

- name: Install Helm
uses: azure/[email protected]

- name: Add Helm dependency repositories
run: |
helm repo add bitnami https://charts.bitnami.com/bitnami

- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"

- name: Release chart
if: github.event_name != 'pull_request' && needs.semantic_release.outputs.will_create_new_release == 'true'
run: |
# Package MIW chart
helm_package_path=$(helm package -u -d helm-charts ./charts/managed-identity-wallet | grep -o 'to: .*' | cut -d' ' -f2-)
echo "HELM_PACKAGE_PATH=$helm_package_path" >> $GITHUB_ENV

# Commit and push to gh-pages
git add helm-charts
git stash -- helm-charts
git reset --hard
git fetch origin
git checkout gh-pages
git stash pop

# Generate helm repo index.yaml
helm repo index . --merge index.yaml --url https://${GITHUB_REPOSITORY_OWNER}.github.io/${GITHUB_REPOSITORY#*/}/
git add index.yaml

git commit -s -m "Release ${{ needs.semantic_release.outputs.next_release }}"

git push origin gh-pages

- name: Upload chart to GitHub release
if: github.event_name != 'pull_request' && needs.semantic_release.outputs.will_create_new_release == 'true'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
RELEASE_VERSION: ${{ needs.semantic_release.outputs.next_release }}
HELM_PACKAGE_PATH: ${{ env.HELM_PACKAGE_PATH }}
run: |
echo "::notice::Uploading chart to GitHub release"
gh release upload "v$RELEASE_VERSION" "$HELM_PACKAGE_PATH"

Loading
Loading