From 6280bdc4c1c274dff8fd14fec574ee6bcb533306 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Jan 2022 21:07:20 +0000 Subject: [PATCH 01/24] Bump glob-parent from 5.1.1 to 5.1.2 Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2) --- updated-dependencies: - dependency-name: glob-parent dependency-type: indirect ... Signed-off-by: dependabot[bot] --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1c8a1cc..604ba0d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -2848,9 +2848,9 @@ } }, "glob-parent": { - "version": "5.1.1", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.1.tgz", - "integrity": "sha512-FnI+VGOpnlGHWZxthPGR+QhR78fuiK0sNLkHQv+bL9fQi57lNNdquIbna/WrfROrolq8GK5Ek6BiMwqL/voRYQ==", + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz", + "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==", "dev": true, "requires": { "is-glob": "^4.0.1" From 26ee262bc6857bcd3680c11cede775725956cda7 Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Tue, 18 Mar 2025 12:45:34 -0400 Subject: [PATCH 02/24] Update action.yml --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 7af7458..b1c0175 100644 --- a/action.yml +++ b/action.yml @@ -1,4 +1,4 @@ -name: 'Cache' +name: 'Life' description: 'Cache artifacts like dependencies and build outputs to improve workflow execution time' author: 'GitHub' inputs: From d49b50bc4da6d06db3d1b9c806d968e5f24a3a64 Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Tue, 18 Mar 2025 12:46:24 -0400 Subject: [PATCH 03/24] Update action.yml --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index b1c0175..7af7458 100644 --- a/action.yml +++ b/action.yml @@ -1,4 +1,4 @@ -name: 'Life' +name: 'Cache' description: 'Cache artifacts like dependencies and build outputs to improve workflow execution time' author: 'GitHub' inputs: From 5684aa6e25ff352526d0f3ba46b85d4e89853cfc Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Tue, 18 Mar 2025 12:55:16 -0400 Subject: [PATCH 04/24] Create Windy --- Windy | 1 + 1 file changed, 1 insertion(+) create mode 100644 Windy diff --git a/Windy b/Windy new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/Windy @@ -0,0 +1 @@ + From c46e0545ed8745c8ae6da6537508f5950871cd4d Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Fri, 21 Mar 2025 22:19:25 -0400 Subject: [PATCH 05/24] Create webpack.yml --- .github/workflows/webpack.yml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 .github/workflows/webpack.yml diff --git a/.github/workflows/webpack.yml b/.github/workflows/webpack.yml new file mode 100644 index 0000000..9626ff6 --- /dev/null +++ b/.github/workflows/webpack.yml @@ -0,0 +1,28 @@ +name: NodeJS with Webpack + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + +jobs: + build: + runs-on: ubuntu-latest + + strategy: + matrix: + node-version: [18.x, 20.x, 22.x] + + steps: + - uses: actions/checkout@v4 + + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v4 + with: + node-version: ${{ matrix.node-version }} + + - name: Build + run: | + npm install + npx webpack From ec11b3ad49b51fde5afc919c9ea4b7587dfbd2b2 Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Mon, 24 Mar 2025 18:53:18 -0400 Subject: [PATCH 06/24] Update LICENSE --- LICENSE | 40 +++++++++++++++++++++++----------------- 1 file changed, 23 insertions(+), 17 deletions(-) diff --git a/LICENSE b/LICENSE index a426ef2..dea10f7 100644 --- a/LICENSE +++ b/LICENSE @@ -1,22 +1,28 @@ +BSD 3-Clause License -The MIT License (MIT) +Copyright (c) 2025, DIMVY clothing brand -Copyright (c) 2018 GitHub, Inc. and contributors +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: +1. Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. +2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. \ No newline at end of file +3. Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. From e08ec43276294d551c991f1af8454366bc918c79 Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Fri, 28 Mar 2025 16:39:50 -0400 Subject: [PATCH 07/24] Update README.md Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- README.md | 350 +++++------------------------------------------------- 1 file changed, 32 insertions(+), 318 deletions(-) diff --git a/README.md b/README.md index 3f07f15..20318db 100644 --- a/README.md +++ b/README.md @@ -1,344 +1,58 @@ -# Cache action +# Dimvy-Clothing-brand/cache -This action allows caching dependencies and build outputs to improve workflow execution time. +Cache dependencies and build outputs in GitHub Actions. ->Two other actions are available in addition to the primary `cache` action: -> ->* [Restore action](./restore/README.md) ->* [Save action](./save/README.md) +## Table of Contents -[![Tests](https://github.com/actions/cache/actions/workflows/workflow.yml/badge.svg)](https://github.com/actions/cache/actions/workflows/workflow.yml) +- [Overview](#overview) +- [Features](#features) +- [Installation](#installation) +- [Usage](#usage) +- [Contributing](#contributing) +- [License](#license) -## Documentation +## Overview -See ["Caching dependencies to speed up workflows"](https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows). +This repository provides a solution for caching dependencies and build outputs in GitHub Actions. By caching these outputs, you can significantly speed up your CI/CD workflows. -## What's New +## Features -### ⚠ī¸ Important changes +- **TypeScript**: 98% +- **Shell**: 1.1% +- **JavaScript**: 0.9% -The cache backend service has been rewritten from the ground up for improved performance and reliability. [actions/cache](https://github.com/actions/cache) now integrates with the new cache service (v2) APIs. +## Installation -The new service will gradually roll out as of **February 1st, 2025**. The legacy service will also be sunset on the same date. Changes in these release are **fully backward compatible**. - -**We are deprecating some versions of this action**. We recommend upgrading to version `v4` or `v3` as soon as possible before **February 1st, 2025.** (Upgrade instructions below). - -If you are using pinned SHAs, please use the SHAs of versions `v4.2.0` or `v3.4.0` - -If you do not upgrade, all workflow runs using any of the deprecated [actions/cache](https://github.com/actions/cache) will fail. - -Upgrading to the recommended versions will not break your workflows. - -Read more about the change & access the migration guide: [reference to the announcement](https://github.com/actions/cache/discussions/1510). - -### v4 - -* Integrated with the new cache service (v2) APIs. -* Updated to node 20 - -### v3 - -* Integrated with the new cache service (v2) APIs. -* Added support for caching in GHES 3.5+. -* Fixed download issue for files > 2GB during restore. -* Updated the minimum runner version support from node 12 -> node 16. -* Fixed avoiding empty cache save when no files are available for caching. -* Fixed tar creation error while trying to create tar with path as `~/` home folder on `ubuntu-latest`. -* Fixed zstd failing on amazon linux 2.0 runners. -* Fixed cache not working with github workspace directory or current directory. -* Fixed the download stuck problem by introducing a timeout of 1 hour for cache downloads. -* Fix zstd not working for windows on gnu tar in issues. -* Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable `SEGMENT_DOWNLOAD_TIMEOUT_MINS`. Default is 10 minutes. -* New actions are available for granular control over caches - [restore](restore/action.yml) and [save](save/action.yml). -* Support cross-os caching as an opt-in feature. See [Cross OS caching](./tips-and-workarounds.md#cross-os-cache) for more info. -* Added option to fail job on cache miss. See [Exit workflow on cache miss](./restore/README.md#exit-workflow-on-cache-miss) for more info. -* Fix zstd not being used after zstd version upgrade to 1.5.4 on hosted runners -* Added option to lookup cache without downloading it. -* Reduced segment size to 128MB and segment timeout to 10 minutes to fail fast in case the cache download is stuck. - -See the [v2 README.md](https://github.com/actions/cache/blob/v2/README.md) for older updates. +To use this caching solution in your GitHub Actions workflows, you need to add the appropriate configuration to your workflow YAML files. ## Usage -### Pre-requisites - -Create a workflow `.yml` file in your repository's `.github/workflows` directory. An [example workflow](#example-cache-workflow) is available below. For more information, see the GitHub Help Documentation for [Creating a workflow file](https://help.github.com/en/articles/configuring-a-workflow#creating-a-workflow-file). - -If you are using this inside a container, a POSIX-compliant `tar` needs to be included and accessible from the execution path. - -If you are using a `self-hosted` Windows runner, `GNU tar` and `zstd` are required for [Cross-OS caching](https://github.com/actions/cache/blob/main/tips-and-workarounds.md#cross-os-cache) to work. They are also recommended to be installed in general so the performance is on par with `hosted` Windows runners. - -### Inputs - -* `key` - An explicit key for a cache entry. See [creating a cache key](#creating-a-cache-key). -* `path` - A list of files, directories, and wildcard patterns to cache and restore. See [`@actions/glob`](https://github.com/actions/toolkit/tree/main/packages/glob) for supported patterns. -* `restore-keys` - An ordered multiline string listing the prefix-matched keys, that are used for restoring stale cache if no cache hit occurred for key. -* `enableCrossOsArchive` - An optional boolean when enabled, allows Windows runners to save or restore caches that can be restored or saved respectively on other platforms. Default: `false` -* `fail-on-cache-miss` - Fail the workflow if cache entry is not found. Default: `false` -* `lookup-only` - If true, only checks if cache entry exists and skips download. Does not change save cache behavior. Default: `false` - -#### Environment Variables - -* `SEGMENT_DOWNLOAD_TIMEOUT_MINS` - Segment download timeout (in minutes, default `10`) to abort download of the segment if not completed in the defined number of minutes. [Read more](https://github.com/actions/cache/blob/main/tips-and-workarounds.md#cache-segment-restore-timeout) - -### Outputs - -* `cache-hit` - A string value to indicate an exact match was found for the key. - * If there's a cache hit, this will be 'true' or 'false' to indicate if there's an exact match for `key`. - * If there's a cache miss, this will be an empty string. - -See [Skipping steps based on cache-hit](#skipping-steps-based-on-cache-hit) for info on using this output - -### Cache scopes - -The cache is scoped to the key, [version](#cache-version), and branch. The default branch cache is available to other branches. - -See [Matching a cache key](https://help.github.com/en/actions/configuring-and-managing-workflows/caching-dependencies-to-speed-up-workflows#matching-a-cache-key) for more info. - -### Example cache workflow - -#### Restoring and saving cache using a single action +Here's an example of how to use this caching solution in a GitHub Actions workflow: ```yaml -name: Caching Primes +name: CI -on: push +on: [push, pull_request] jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v2 - - name: Cache Primes - id: cache-primes - uses: actions/cache@v4 + - name: Set up Node.js + uses: actions/setup-node@v2 with: - path: prime-numbers - key: ${{ runner.os }}-primes + node-version: '14' - - name: Generate Prime Numbers - if: steps.cache-primes.outputs.cache-hit != 'true' - run: /generate-primes.sh -d prime-numbers - - - name: Use Prime Numbers - run: /primes.sh -d prime-numbers -``` - -The `cache` action provides a `cache-hit` output which is set to `true` when the cache is restored using the primary `key` and `false` when the cache is restored using `restore-keys` or no cache is restored. - -#### Using a combination of restore and save actions - -```yaml -name: Caching Primes - -on: push - -jobs: - build: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v4 - - - name: Restore cached Primes - id: cache-primes-restore - uses: actions/cache/restore@v4 + - name: Cache dependencies + uses: actions/cache@v2 with: - path: | - path/to/dependencies - some/other/dependencies - key: ${{ runner.os }}-primes - . - . //intermediate workflow steps - . - - name: Save Primes - id: cache-primes-save - uses: actions/cache/save@v4 - with: - path: | - path/to/dependencies - some/other/dependencies - key: ${{ steps.cache-primes-restore.outputs.cache-primary-key }} -``` + path: ~/.npm + key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} + restore-keys: | + ${{ runner.os }}-node- -> **Note** -> You must use the `cache` or `restore` action in your workflow before you need to use the files that might be restored from the cache. If the provided `key` matches an existing cache, a new cache is not created and if the provided `key` doesn't match an existing cache, a new cache is automatically created provided the job completes successfully. - -## Caching Strategies - -With the introduction of the `restore` and `save` actions, a lot of caching use cases can now be achieved. Please see the [caching strategies](./caching-strategies.md) document for understanding how you can use the actions strategically to achieve the desired goal. - -## Implementation Examples - -Every programming language and framework has its own way of caching. - -See [Examples](examples.md) for a list of `actions/cache` implementations for use with: - -* [Bun](./examples.md#bun) -* [C# - NuGet](./examples.md#c---nuget) -* [Clojure - Lein Deps](./examples.md#clojure---lein-deps) -* [D - DUB](./examples.md#d---dub) -* [Deno](./examples.md#deno) -* [Elixir - Mix](./examples.md#elixir---mix) -* [Go - Modules](./examples.md#go---modules) -* [Haskell - Cabal](./examples.md#haskell---cabal) -* [Haskell - Stack](./examples.md#haskell---stack) -* [Java - Gradle](./examples.md#java---gradle) -* [Java - Maven](./examples.md#java---maven) -* [Node - npm](./examples.md#node---npm) -* [Node - Lerna](./examples.md#node---lerna) -* [Node - Yarn](./examples.md#node---yarn) -* [OCaml/Reason - esy](./examples.md#ocamlreason---esy) -* [PHP - Composer](./examples.md#php---composer) -* [Python - pip](./examples.md#python---pip) -* [Python - pipenv](./examples.md#python---pipenv) -* [R - renv](./examples.md#r---renv) -* [Ruby - Bundler](./examples.md#ruby---bundler) -* [Rust - Cargo](./examples.md#rust---cargo) -* [Scala - SBT](./examples.md#scala---sbt) -* [Swift, Objective-C - Carthage](./examples.md#swift-objective-c---carthage) -* [Swift, Objective-C - CocoaPods](./examples.md#swift-objective-c---cocoapods) -* [Swift - Swift Package Manager](./examples.md#swift---swift-package-manager) -* [Swift - Mint](./examples.md#swift---mint) - -## Creating a cache key - -A cache key can include any of the contexts, functions, literals, and operators supported by GitHub Actions. - -For example, using the [`hashFiles`](https://docs.github.com/en/actions/learn-github-actions/expressions#hashfiles) function allows you to create a new cache when dependencies change. - -```yaml - - uses: actions/cache@v4 - with: - path: | - path/to/dependencies - some/other/dependencies - key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }} -``` - -Additionally, you can use arbitrary command output in a cache key, such as a date or software version: - -```yaml - # http://man7.org/linux/man-pages/man1/date.1.html - - name: Get Date - id: get-date - run: | - echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT - shell: bash - - - uses: actions/cache@v4 - with: - path: path/to/dependencies - key: ${{ runner.os }}-${{ steps.get-date.outputs.date }}-${{ hashFiles('**/lockfiles') }} -``` - -See [Using contexts to create cache keys](https://help.github.com/en/actions/configuring-and-managing-workflows/caching-dependencies-to-speed-up-workflows#using-contexts-to-create-cache-keys) - -## Cache Limits - -A repository can have up to 10GB of caches. Once the 10GB limit is reached, older caches will be evicted based on when the cache was last accessed. Caches that are not accessed within the last week will also be evicted. - -## Skipping steps based on cache-hit - -Using the `cache-hit` output, subsequent steps (such as install or build) can be skipped when a cache hit occurs on the key. It is recommended to install missing/updated dependencies in case of a partial key match when the key is dependent on the `hash` of the package file. - -Example: - -```yaml -steps: - - uses: actions/checkout@v4 - - - uses: actions/cache@v4 - id: cache - with: - path: path/to/dependencies - key: ${{ runner.os }}-${{ hashFiles('**/lockfiles') }} - - - name: Install Dependencies - if: steps.cache.outputs.cache-hit != 'true' - run: /install.sh -``` - -> **Note** The `id` defined in `actions/cache` must match the `id` in the `if` statement (i.e. `steps.[ID].outputs.cache-hit`) - -## Cache Version - -Cache version is a hash [generated](https://github.com/actions/toolkit/blob/500d0b42fee2552ae9eeb5933091fe2fbf14e72d/packages/cache/src/internal/cacheHttpClient.ts#L73-L90) for a combination of compression tool used (Gzip, Zstd, etc. based on the runner OS) and the `path` of directories being cached. If two caches have different versions, they are identified as unique caches while matching. This, for example, means that a cache created on a `windows-latest` runner can't be restored on `ubuntu-latest` as cache `Version`s are different. - -> Pro tip: The [list caches](https://docs.github.com/en/rest/actions/cache#list-github-actions-caches-for-a-repository) API can be used to get the version of a cache. This can be helpful to troubleshoot cache miss due to version. - -
- Example -The workflow will create 3 unique caches with same keys. Ubuntu and windows runners will use different compression technique and hence create two different caches. And `build-linux` will create two different caches as the `paths` are different. - -```yaml -jobs: - build-linux: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: Cache Primes - id: cache-primes - uses: actions/cache@v4 - with: - path: prime-numbers - key: primes - - - name: Generate Prime Numbers - if: steps.cache-primes.outputs.cache-hit != 'true' - run: ./generate-primes.sh -d prime-numbers - - - name: Cache Numbers - id: cache-numbers - uses: actions/cache@v4 - with: - path: numbers - key: primes - - - name: Generate Numbers - if: steps.cache-numbers.outputs.cache-hit != 'true' - run: ./generate-primes.sh -d numbers - - build-windows: - runs-on: windows-latest - steps: - - uses: actions/checkout@v4 - - - name: Cache Primes - id: cache-primes - uses: actions/cache@v4 - with: - path: prime-numbers - key: primes - - - name: Generate Prime Numbers - if: steps.cache-primes.outputs.cache-hit != 'true' - run: ./generate-primes -d prime-numbers -``` - -
- -## Known practices and workarounds - -There are a number of community practices/workarounds to fulfill specific requirements. You may choose to use them if they suit your use case. Note these are not necessarily the only solution or even a recommended solution. - -* [Cache segment restore timeout](./tips-and-workarounds.md#cache-segment-restore-timeout) -* [Update a cache](./tips-and-workarounds.md#update-a-cache) -* [Use cache across feature branches](./tips-and-workarounds.md#use-cache-across-feature-branches) -* [Cross OS cache](./tips-and-workarounds.md#cross-os-cache) -* [Force deletion of caches overriding default cache eviction policy](./tips-and-workarounds.md#force-deletion-of-caches-overriding-default-cache-eviction-policy) - -### Windows environment variables - -Please note that Windows environment variables (like `%LocalAppData%`) will NOT be expanded by this action. Instead, prefer using `~` in your paths which will expand to the HOME directory. For example, instead of `%LocalAppData%`, use `~\AppData\Local`. For a list of supported default environment variables, see the [Learn GitHub Actions: Variables](https://docs.github.com/en/actions/learn-github-actions/variables#default-environment-variables) page. - -## Contributing - -We would love for you to contribute to `actions/cache`. Pull requests are welcome! Please see the [CONTRIBUTING.md](CONTRIBUTING.md) for more information. - -## License - -The scripts and documentation in this project are released under the [MIT License](LICENSE) + - run: npm install + - run: npm run build From 9f5bd8ae30b1189b63c855230c7fb03d046bbf9d Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 16:27:42 -0400 Subject: [PATCH 08/24] Create 5codeql.yml Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- .github/workflows/5codeql.yml | 100 ++++++++++++++++++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 .github/workflows/5codeql.yml diff --git a/.github/workflows/5codeql.yml b/.github/workflows/5codeql.yml new file mode 100644 index 0000000..205e8fd --- /dev/null +++ b/.github/workflows/5codeql.yml @@ -0,0 +1,100 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL Advanced" + +on: + push: + branches: [ "main", "Ihtbbs" ] + pull_request: + branches: [ "main", "Ihtbbs" ] + schedule: + - cron: '31 15 * * 1' + +jobs: + analyze: + name: Analyze (${{ matrix.language }}) + # Runner size impacts CodeQL analysis time. To learn more, please see: + # - https://gh.io/recommended-hardware-resources-for-running-codeql + # - https://gh.io/supported-runners-and-hardware-resources + # - https://gh.io/using-larger-runners (GitHub.com only) + # Consider using larger runners or machines with greater resources for possible analysis time improvements. + runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + permissions: + # required for all workflows + security-events: write + + # required to fetch internal or private CodeQL packs + packages: read + + # only required for workflows in private repositories + actions: read + contents: read + + strategy: + fail-fast: false + matrix: + include: + - language: actions + build-mode: none + - language: javascript-typescript + build-mode: none + # CodeQL supports the following values keywords for 'language': 'actions', 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' + # Use `c-cpp` to analyze code written in C, C++ or both + # Use 'java-kotlin' to analyze code written in Java, Kotlin or both + # Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both + # To learn more about changing the languages that are analyzed or customizing the build mode for your analysis, + # see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning. + # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how + # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Add any setup steps before running the `github/codeql-action/init` action. + # This includes steps like installing compilers or runtimes (`actions/setup-node` + # or others). This is typically only required for manual builds. + # - name: Setup runtime (example) + # uses: actions/setup-example@v1 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + build-mode: ${{ matrix.build-mode }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + # If the analyze step fails for one of the languages you are analyzing with + # "We were unable to automatically build your code", modify the matrix above + # to set the build mode to "manual" for that language. Then modify this step + # to build your code. + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + - if: matrix.build-mode == 'manual' + shell: bash + run: | + echo 'If you are using a "manual" build mode for one or more of the' \ + 'languages you are analyzing, replace this with the commands to build' \ + 'your code, for example:' + echo ' make bootstrap' + echo ' make release' + exit 1 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" From e7d6fa8038a3751fdc2c3fc6f524cf56b9959b68 Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 16:55:47 -0400 Subject: [PATCH 09/24] Create dependency-review.yml Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- .github/workflows/dependency-review.yml | 39 +++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 .github/workflows/dependency-review.yml diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml new file mode 100644 index 0000000..c14bbbc --- /dev/null +++ b/.github/workflows/dependency-review.yml @@ -0,0 +1,39 @@ +# Dependency Review Action +# +# This Action will scan dependency manifest files that change as part of a Pull Request, +# surfacing known-vulnerable versions of the packages declared or updated in the PR. +# Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable +# packages will be blocked from merging. +# +# Source repository: https://github.com/actions/dependency-review-action +# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement +name: 'Dependency review' +on: + pull_request: + branches: [ "main", "Ihtbbs" ] + +# If using a dependency submission action in this workflow this permission will need to be set to: +# +# permissions: +# contents: write +# +# https://docs.github.com/en/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api +permissions: + contents: read + # Write permissions for pull-requests are required for using the `comment-summary-in-pr` option, comment out if you aren't using this option + pull-requests: write + +jobs: + dependency-review: + runs-on: ubuntu-latest + steps: + - name: 'Checkout repository' + uses: actions/checkout@v4 + - name: 'Dependency Review' + uses: actions/dependency-review-action@v4 + # Commonly enabled options, see https://github.com/actions/dependency-review-action#configuration-options for all available options. + with: + comment-summary-in-pr: always + # fail-on-severity: moderate + # deny-licenses: GPL-1.0-or-later, LGPL-2.0-or-later + # retry-on-snapshot-warnings: true From 02cd873c88d0bdf22a9bd317985ea1af54bccb0d Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 16:56:36 -0400 Subject: [PATCH 10/24] Create npm-publish.yml Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- .github/workflows/npm-publish.yml | 33 +++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .github/workflows/npm-publish.yml diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml new file mode 100644 index 0000000..2a4766d --- /dev/null +++ b/.github/workflows/npm-publish.yml @@ -0,0 +1,33 @@ +# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created +# For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages + +name: Node.js Package + +on: + release: + types: [created] + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: 20 + - run: npm ci + - run: npm test + + publish-npm: + needs: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: 20 + registry-url: https://registry.npmjs.org/ + - run: npm ci + - run: npm publish + env: + NODE_AUTH_TOKEN: ${{secrets.npm_token}} From 147c9198a4c45efd1bb81d9d02d9b7c586522930 Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 16:57:13 -0400 Subject: [PATCH 11/24] Create npm-publish-github-packages.yml Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- .../workflows/npm-publish-github-packages.yml | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 .github/workflows/npm-publish-github-packages.yml diff --git a/.github/workflows/npm-publish-github-packages.yml b/.github/workflows/npm-publish-github-packages.yml new file mode 100644 index 0000000..ea2d329 --- /dev/null +++ b/.github/workflows/npm-publish-github-packages.yml @@ -0,0 +1,36 @@ +# This workflow will run tests using node and then publish a package to GitHub Packages when a release is created +# For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages + +name: Node.js Package + +on: + release: + types: [created] + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: 20 + - run: npm ci + - run: npm test + + publish-gpr: + needs: build + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: 20 + registry-url: https://npm.pkg.github.com/ + - run: npm ci + - run: npm publish + env: + NODE_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}} From bb384033e07ea3d7f704b438102ba5717987e9fd Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 16:57:59 -0400 Subject: [PATCH 12/24] Create ibm.yml Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- .github/workflows/ibm.yml | 75 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) create mode 100644 .github/workflows/ibm.yml diff --git a/.github/workflows/ibm.yml b/.github/workflows/ibm.yml new file mode 100644 index 0000000..f5e8cd8 --- /dev/null +++ b/.github/workflows/ibm.yml @@ -0,0 +1,75 @@ +# This workflow will build a docker container, publish it to IBM Container Registry, and deploy it to IKS when there is a push to the "main" branch. +# +# To configure this workflow: +# +# 1. Ensure that your repository contains a Dockerfile +# 2. Setup secrets in your repository by going to settings: Create ICR_NAMESPACE and IBM_CLOUD_API_KEY +# 3. Change the values for the IBM_CLOUD_REGION, REGISTRY_HOSTNAME, IMAGE_NAME, IKS_CLUSTER, DEPLOYMENT_NAME, and PORT + +name: Build and Deploy to IKS + +on: + push: + branches: [ "main" ] + +# Environment variables available to all jobs and steps in this workflow +env: + GITHUB_SHA: ${{ github.sha }} + IBM_CLOUD_API_KEY: ${{ secrets.IBM_CLOUD_API_KEY }} + IBM_CLOUD_REGION: us-south + ICR_NAMESPACE: ${{ secrets.ICR_NAMESPACE }} + REGISTRY_HOSTNAME: us.icr.io + IMAGE_NAME: iks-test + IKS_CLUSTER: example-iks-cluster-name-or-id + DEPLOYMENT_NAME: iks-test + PORT: 5001 + +jobs: + setup-build-publish-deploy: + name: Setup, Build, Publish, and Deploy + runs-on: ubuntu-latest + environment: production + steps: + + - name: Checkout + uses: actions/checkout@v4 + + # Download and Install IBM Cloud CLI + - name: Install IBM Cloud CLI + run: | + curl -fsSL https://clis.cloud.ibm.com/install/linux | sh + ibmcloud --version + ibmcloud config --check-version=false + ibmcloud plugin install -f kubernetes-service + ibmcloud plugin install -f container-registry + + # Authenticate with IBM Cloud CLI + - name: Authenticate with IBM Cloud CLI + run: | + ibmcloud login --apikey "${IBM_CLOUD_API_KEY}" -r "${IBM_CLOUD_REGION}" -g default + ibmcloud cr region-set "${IBM_CLOUD_REGION}" + ibmcloud cr login + + # Build the Docker image + - name: Build with Docker + run: | + docker build -t "$REGISTRY_HOSTNAME"/"$ICR_NAMESPACE"/"$IMAGE_NAME":"$GITHUB_SHA" \ + --build-arg GITHUB_SHA="$GITHUB_SHA" \ + --build-arg GITHUB_REF="$GITHUB_REF" . + + # Push the image to IBM Container Registry + - name: Push the image to ICR + run: | + docker push $REGISTRY_HOSTNAME/$ICR_NAMESPACE/$IMAGE_NAME:$GITHUB_SHA + + # Deploy the Docker image to the IKS cluster + - name: Deploy to IKS + run: | + ibmcloud ks cluster config --cluster $IKS_CLUSTER + kubectl config current-context + kubectl create deployment $DEPLOYMENT_NAME --image=$REGISTRY_HOSTNAME/$ICR_NAMESPACE/$IMAGE_NAME:$GITHUB_SHA --dry-run -o yaml > deployment.yaml + kubectl apply -f deployment.yaml + kubectl rollout status deployment/$DEPLOYMENT_NAME + kubectl create service loadbalancer $DEPLOYMENT_NAME --tcp=80:$PORT --dry-run -o yaml > service.yaml + kubectl apply -f service.yaml + kubectl get services -o wide From b7b892d99a772e6f1afc3d6d2dda2c7c4f6fef9a Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 16:58:52 -0400 Subject: [PATCH 13/24] Create google.yml Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- .github/workflows/google.yml | 116 +++++++++++++++++++++++++++++++++++ 1 file changed, 116 insertions(+) create mode 100644 .github/workflows/google.yml diff --git a/.github/workflows/google.yml b/.github/workflows/google.yml new file mode 100644 index 0000000..0b5c7d1 --- /dev/null +++ b/.github/workflows/google.yml @@ -0,0 +1,116 @@ +# This workflow will build a docker container, publish it to Google Container +# Registry, and deploy it to GKE when there is a push to the "main" +# branch. +# +# To configure this workflow: +# +# 1. Enable the following Google Cloud APIs: +# +# - Artifact Registry (artifactregistry.googleapis.com) +# - Google Kubernetes Engine (container.googleapis.com) +# - IAM Credentials API (iamcredentials.googleapis.com) +# +# You can learn more about enabling APIs at +# https://support.google.com/googleapi/answer/6158841. +# +# 2. Ensure that your repository contains the necessary configuration for your +# Google Kubernetes Engine cluster, including deployment.yml, +# kustomization.yml, service.yml, etc. +# +# 3. Create and configure a Workload Identity Provider for GitHub: +# https://github.com/google-github-actions/auth#preferred-direct-workload-identity-federation. +# +# Depending on how you authenticate, you will need to grant an IAM principal +# permissions on Google Cloud: +# +# - Artifact Registry Administrator (roles/artifactregistry.admin) +# - Kubernetes Engine Developer (roles/container.developer) +# +# You can learn more about setting IAM permissions at +# https://cloud.google.com/iam/docs/manage-access-other-resources +# +# 5. Change the values in the "env" block to match your values. + +name: 'Build and Deploy to GKE' + +on: + push: + branches: + - '"main"' + +env: + PROJECT_ID: 'my-project' # TODO: update to your Google Cloud project ID + GAR_LOCATION: 'us-central1' # TODO: update to your region + GKE_CLUSTER: 'cluster-1' # TODO: update to your cluster name + GKE_ZONE: 'us-central1-c' # TODO: update to your cluster zone + DEPLOYMENT_NAME: 'gke-test' # TODO: update to your deployment name + REPOSITORY: 'samples' # TODO: update to your Artifact Registry docker repository name + IMAGE: 'static-site' + WORKLOAD_IDENTITY_PROVIDER: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider' # TODO: update to your workload identity provider + +jobs: + setup-build-publish-deploy: + name: 'Setup, Build, Publish, and Deploy' + runs-on: 'ubuntu-latest' + environment: 'production' + + permissions: + contents: 'read' + id-token: 'write' + + steps: + - name: 'Checkout' + uses: 'actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332' # actions/checkout@v4 + + # Configure Workload Identity Federation and generate an access token. + # + # See https://github.com/google-github-actions/auth for more options, + # including authenticating via a JSON credentials file. + - id: 'auth' + name: 'Authenticate to Google Cloud' + uses: 'google-github-actions/auth@f112390a2df9932162083945e46d439060d66ec2' # google-github-actions/auth@v2 + with: + workload_identity_provider: '${{ env.WORKLOAD_IDENTITY_PROVIDER }}' + + # Authenticate Docker to Google Cloud Artifact Registry + - name: 'Docker Auth' + uses: 'docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567' # docker/login-action@v3 + with: + username: 'oauth2accesstoken' + password: '${{ steps.auth.outputs.auth_token }}' + registry: '${{ env.GAR_LOCATION }}-docker.pkg.dev' + + # Get the GKE credentials so we can deploy to the cluster + - name: 'Set up GKE credentials' + uses: 'google-github-actions/get-gke-credentials@6051de21ad50fbb1767bc93c11357a49082ad116' # google-github-actions/get-gke-credentials@v2 + with: + cluster_name: '${{ env.GKE_CLUSTER }}' + location: '${{ env.GKE_ZONE }}' + + # Build the Docker image + - name: 'Build and push Docker container' + run: |- + DOCKER_TAG="${GAR_LOCATION}-docker.pkg.dev/${PROJECT_ID}/${REPOSITORY}/${IMAGE}:${GITHUB_SHA}" + + docker build \ + --tag "${DOCKER_TAG}" \ + --build-arg GITHUB_SHA="${GITHUB_SHA}" \ + --build-arg GITHUB_REF="${GITHUB_REF}" \ + . + + docker push "${DOCKER_TAG}" + + # Set up kustomize + - name: 'Set up Kustomize' + run: |- + curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.4.3/kustomize_v5.4.3_linux_amd64.tar.gz + chmod u+x ./kustomize + + # Deploy the Docker image to the GKE cluster + - name: 'Deploy to GKE' + run: |- + # replacing the image name in the k8s template + ./kustomize edit set image LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY/IMAGE:TAG=$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA + ./kustomize build . | kubectl apply -f - + kubectl rollout status deployment/$DEPLOYMENT_NAME + kubectl get services -o wide From 2c88d20a06830346db97bd0f4eebda7e40a0d815 Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 16:59:26 -0400 Subject: [PATCH 14/24] Create static.yml Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- .github/workflows/static.yml | 43 ++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 .github/workflows/static.yml diff --git a/.github/workflows/static.yml b/.github/workflows/static.yml new file mode 100644 index 0000000..f2c9e97 --- /dev/null +++ b/.github/workflows/static.yml @@ -0,0 +1,43 @@ +# Simple workflow for deploying static content to GitHub Pages +name: Deploy static content to Pages + +on: + # Runs on pushes targeting the default branch + push: + branches: ["main"] + + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages +permissions: + contents: read + pages: write + id-token: write + +# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. +# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. +concurrency: + group: "pages" + cancel-in-progress: false + +jobs: + # Single deploy job since we're just deploying + deploy: + environment: + name: github-pages + url: ${{ steps.deployment.outputs.page_url }} + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Setup Pages + uses: actions/configure-pages@v5 + - name: Upload artifact + uses: actions/upload-pages-artifact@v3 + with: + # Upload entire repository + path: '.' + - name: Deploy to GitHub Pages + id: deployment + uses: actions/deploy-pages@v4 From f68f3945ed4eeef9d5a413791c435bda2137dcbf Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 17:00:04 -0400 Subject: [PATCH 15/24] Create manual.yml Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- .github/workflows/manual.yml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 .github/workflows/manual.yml diff --git a/.github/workflows/manual.yml b/.github/workflows/manual.yml new file mode 100644 index 0000000..11b2e35 --- /dev/null +++ b/.github/workflows/manual.yml @@ -0,0 +1,32 @@ +# This is a basic workflow that is manually triggered + +name: Manual workflow + +# Controls when the action will run. Workflow runs when manually triggered using the UI +# or API. +on: + workflow_dispatch: + # Inputs the workflow accepts. + inputs: + name: + # Friendly description to be shown in the UI instead of 'name' + description: 'Person to greet' + # Default value if no value is explicitly provided + default: 'World' + # Input has to be provided for the workflow to run + required: true + # The data type of the input + type: string + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "greet" + greet: + # The type of runner that the job will run on + runs-on: ubuntu-latest + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Runs a single command using the runners shell + - name: Send greeting + run: echo "Hello ${{ inputs.name }}" From 5ae28d3d343b0ac48504a5ad8210344d92dec711 Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 17:08:39 -0400 Subject: [PATCH 16/24] Add files via upload Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- cloudbuild.yaml.txt | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 cloudbuild.yaml.txt diff --git a/cloudbuild.yaml.txt b/cloudbuild.yaml.txt new file mode 100644 index 0000000..272f5c4 --- /dev/null +++ b/cloudbuild.yaml.txt @@ -0,0 +1,10 @@ +steps: + - name: 'gcr.io/cloud-builders/docker' + args: ['build', '-t', 'gcr.io/gtm-kqqwvx2-zgi2z/tagging-server', '.'] + - name: 'gcr.io/cloud-builders/docker' + args: ['push', 'gcr.io/gtm-kqqwvx2-zgi2z/tagging-server'] + - name: 'gcr.io/cloud-builders/gcloud' + args: ['run', 'deploy', 'tagging-server', '--image', 'gcr.io/gtm-kqqwvx2-zgi2z/tagging-server', '--platform', 'managed', '--region', 'us-central1'] + +images: + - gcr.io/gtm-kqqwvx2-zgi2z/tagging-server From d3a16f88d15d87ac377246f7da6f8a85eacf4452 Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 17:19:10 -0400 Subject: [PATCH 17/24] Fix issues and enhance security - Resolved conflicts in the LICENSE file. - Addressed errors and vulnerabilities in the codebase. - Configured build outputs and caching mechanisms in GitHub Actions. - Implemented security measures to protect sensitive information. - Refactored code to eliminate duplicates and improve efficiency. --- - name: Cache uses: actions/cache@v4.2.3 | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 - name: Cache uses: actions/cache@v4.2.3 diff --git a/- name: Cache uses: actions/cache@v4.2.3 b/- name: Cache uses: actions/cache@v4.2.3 new file mode 100644 index 0000000..e69de29 From fd594be029a4da8c8bdfbc60835c097c92143ddd Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 17:24:06 -0400 Subject: [PATCH 18/24] Update action.yml Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 7af7458..96b4ea4 100644 --- a/action.yml +++ b/action.yml @@ -1,4 +1,4 @@ -name: 'Cache' +name: 'litty' description: 'Cache artifacts like dependencies and build outputs to improve workflow execution time' author: 'GitHub' inputs: From ffbd445522e432ef992b328cbb3a82e34808a27d Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 17:31:07 -0400 Subject: [PATCH 19/24] Update action.yml Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 96b4ea4..0744188 100644 --- a/action.yml +++ b/action.yml @@ -1,4 +1,4 @@ -name: 'litty' +name: 'SJJOY' description: 'Cache artifacts like dependencies and build outputs to improve workflow execution time' author: 'GitHub' inputs: From 99783c6e12789546107206ecefb08601c3891338 Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 17:35:04 -0400 Subject: [PATCH 20/24] Update action.yml Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 0744188..03c49bc 100644 --- a/action.yml +++ b/action.yml @@ -1,4 +1,4 @@ -name: 'SJJOY' +name: 's40' description: 'Cache artifacts like dependencies and build outputs to improve workflow execution time' author: 'GitHub' inputs: From 075642c066b60ab84ce0ada012ebadb67d958142 Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 17:39:33 -0400 Subject: [PATCH 21/24] Update action.yml Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index 03c49bc..39e8cce 100644 --- a/action.yml +++ b/action.yml @@ -1,6 +1,6 @@ -name: 's40' +name: 'air_40' description: 'Cache artifacts like dependencies and build outputs to improve workflow execution time' -author: 'GitHub' +author: 'Shannon Fletcher' inputs: path: description: 'A list of files, directories, and wildcard patterns to cache and restore' From ccc826547ab87a1fc0bf6c7ce50ef8025cb62b4d Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 17:52:12 -0400 Subject: [PATCH 22/24] Fix errors and enhance security - Resolved conflicts in the LICENSE file. - Addressed errors and vulnerabilities in the codebase. - Configured build outputs and caching mechanisms in GitHub Actions. - Implemented security measures to protect sensitive information. - Refactored code to eliminate duplicates and improve efficiency. --- ...r.os }}-node- - run: npm install - run: npm run build | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 name: CI on: [push, pull_request] jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Set up Node.js uses: actions/setup-node@v2 with: node-version: '14' - name: Cache dependencies uses: actions/cache@v2 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-node- - run: npm install - run: npm run build diff --git a/name: CI on: [push, pull_request] jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Set up Node.js uses: actions/setup-node@v2 with: node-version: '14' - name: Cache dependencies uses: actions/cache@v2 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-node- - run: npm install - run: npm run build b/name: CI on: [push, pull_request] jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Set up Node.js uses: actions/setup-node@v2 with: node-version: '14' - name: Cache dependencies uses: actions/cache@v2 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} restore-keys: | ${{ runner.os }}-node- - run: npm install - run: npm run build new file mode 100644 index 0000000..e69de29 From f71905b2c2827f1070fef7b10a5b5e2548c66dd2 Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 17:56:28 -0400 Subject: [PATCH 23/24] Update release-new-action-version.yml Signed-off-by: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> --- .github/workflows/release-new-action-version.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-new-action-version.yml b/.github/workflows/release-new-action-version.yml index 0b64c97..7acfe6b 100644 --- a/.github/workflows/release-new-action-version.yml +++ b/.github/workflows/release-new-action-version.yml @@ -4,7 +4,7 @@ on: types: [released] workflow_dispatch: inputs: - TAG_NAME: + TAG_NAME:'Lit2dafit' description: 'Tag name that the major tag will point to' required: true From 0bdf79b9ed25b4e2c948895bdc36fd72141051ba Mon Sep 17 00:00:00 2001 From: Nodoubtz <53144580+nodoubtz@users.noreply.github.com> Date: Sat, 29 Mar 2025 18:08:33 -0400 Subject: [PATCH 24/24] Fix errors and enhance security - Resolved conflicts in the LICENSE file. - Addressed errors and vulnerabilities in the codebase. - Configured build outputs and caching mechanisms in GitHub Actions. - Implemented security measures to protect sensitive information. - Refactored code to eliminate duplicates and improve efficiency. --- ...fails save-always: # optional, default is false | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 - name: Cache uses: actions/ - name: Cache uses: actions/cache@v4.2.3 with: # A list of files, directories, and wildcard patterns to cache and restore path: # An explicit key for restoring and saving the cache key: # An ordered multiline string listing the prefix-matched keys, that are used for restoring stale cache if no cache hit occurred for key. Note `cache-hit` returns false in this case. restore-keys: # optional # The chunk size used to split up large files during upload, in bytes upload-chunk-size: # optional # An optional boolean when enabled, allows windows runners to save or restore caches that can be restored or saved respectively on other platforms enableCrossOsArchive: # optional, default is false # Fail the workflow if cache entry is not found fail-on-cache-miss: # optional, default is false # Check if a cache entry exists for the given input(s) (key, restore-keys) without downloading the cache lookup-only: # optional, default is false # Run the post step to save the cache even if another step before fails save-always: # optional, default is false diff --git a/- name: Cache uses: actions/ - name: Cache uses: actions/cache@v4.2.3 with: # A list of files, directories, and wildcard patterns to cache and restore path: # An explicit key for restoring and saving the cache key: # An ordered multiline string listing the prefix-matched keys, that are used for restoring stale cache if no cache hit occurred for key. Note `cache-hit` returns false in this case. restore-keys: # optional # The chunk size used to split up large files during upload, in bytes upload-chunk-size: # optional # An optional boolean when enabled, allows windows runners to save or restore caches that can be restored or saved respectively on other platforms enableCrossOsArchive: # optional, default is false # Fail the workflow if cache entry is not found fail-on-cache-miss: # optional, default is false # Check if a cache entry exists for the given input(s) (key, restore-keys) without downloading the cache lookup-only: # optional, default is false # Run the post step to save the cache even if another step before fails save-always: # optional, default is false b/- name: Cache uses: actions/ - name: Cache uses: actions/cache@v4.2.3 with: # A list of files, directories, and wildcard patterns to cache and restore path: # An explicit key for restoring and saving the cache key: # An ordered multiline string listing the prefix-matched keys, that are used for restoring stale cache if no cache hit occurred for key. Note `cache-hit` returns false in this case. restore-keys: # optional # The chunk size used to split up large files during upload, in bytes upload-chunk-size: # optional # An optional boolean when enabled, allows windows runners to save or restore caches that can be restored or saved respectively on other platforms enableCrossOsArchive: # optional, default is false # Fail the workflow if cache entry is not found fail-on-cache-miss: # optional, default is false # Check if a cache entry exists for the given input(s) (key, restore-keys) without downloading the cache lookup-only: # optional, default is false # Run the post step to save the cache even if another step before fails save-always: # optional, default is false new file mode 100644 index 0000000..e69de29