Initial commit

Dockerfile

@@ -0,0 +1,8 @@
+# FROM strongdm/comply:latest
+FROM golang:latest
+
+RUN go get github.com/strongdm/comply
+
+COPY entrypoint.sh /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]

LICENSE.md

@@ -0,0 +1,25 @@
+The MIT License (MIT)
+=====================
+
+Copyright © `2019` `Hecate Software Pty Ltd`
+
+Permission is hereby granted, free of charge, to any person
+obtaining a copy of this software and associated documentation
+files (the “Software”), to deal in the Software without
+restriction, including without limitation the rights to use,
+copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the
+Software is furnished to do so, subject to the following
+conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.

README.md

@@ -0,0 +1,80 @@
+# Comply Actions
+
+Run [strongdm/comply](https://github.com/strongdm/comply) within GitHub Actions directly on your compliance repository.
+
+Saves you from setting up a server to run `scheduler` via cron and the like.
+
+## Setup
+
+### GitHub Issues
+
+The easier integration to setup. Commit your `comply.yml` to the repo, but omit the `token` field in the github ticket settings and it will be read from ENV directly by the action.
+
+Here's an example workflow config file that you should put somewhere like `.github/workflows/scheduler.yml`
+
+```yaml
+name: Compliance Scheduler
+
+on:
+  schedule:
+    - cron: "* 0 * * *"
+
+jobs:
+  scheduler:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - uses: hecateapp/comply-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          args: scheduler
+```
+
+### JIRA Tickets
+
+JIRA is slightly trickier to setup as comply does not yet read JIRA authentication settings from ENV and we must inject them into config directly. On your repository settings page you must add two secrets: `JIRA_USERNAME` and `JIRA_PASSWORD` (see comply docs for what are appropriate values for that).
+
+You then need to set up your `comply.yml` like this and commit it to allow the settings to be injected.
+
+```yaml
+name: "Acme"
+filePrefix: "Acme"
+
+tickets:
+  jira:
+    username: <JIRA_USERNAME>
+    password: <JIRA_PASSWORD>
+    project: comply
+    url: https://yourjira
+    taskType: Task
+```
+
+Here's an example workflow config file that you should put somewhere like `.github/workflows/scheduler.yml`
+
+```yaml
+name: Compliance Scheduler
+
+on:
+  schedule:
+    - cron: "* 0 * * *"
+
+jobs:
+  scheduler:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - uses: hecateapp/comply-action@master
+        with:
+          args: scheduler
+          jira_username: ${{ secrets.JIRA_USERNAME }}
+          jira_password: ${{ secrets.JIRA_PASSWORD }}
+```
+
+### Gitlab Issues
+
+Not yet supported.
+
+---
+
+Brought to you by [Hecate](https://hecate.co) - GitHub apps to help manage teams better

action.yml

@@ -0,0 +1,12 @@
+name: Comply Action
+description: Run strongdm/comply tasks such as scheduler
+runs:
+  using: "docker"
+  image: "Dockerfile"
+inputs:
+  jira_username:
+    required: false
+    description: Username for JIRA account
+  jira_password:
+    required: false
+    description: Password (or API token) for JIRA account

entrypoint.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+cd $GITHUB_WORKSPACE
+
+if [ -n "$INPUT_JIRA_USERNAME" ]; then
+    echo "Setting JIRA username"
+    sed -i "s/<JIRA_USERNAME>/$INPUT_JIRA_USERNAME/g" comply.yml
+fi
+
+if [ -n "$INPUT_JIRA_PASSWORD" ]; then
+    echo "Setting JIRA password"
+    sed -i "s/<JIRA_PASSWORD>/$INPUT_JIRA_PASSWORD/g" comply.yml
+fi
+
+comply $@