From 81ce52d58eb6be8b66d1eb00fe87e8e8ba9b6f28 Mon Sep 17 00:00:00 2001 From: theomercierisen <90457938+theomercierisen@users.noreply.github.com> Date: Mon, 13 Feb 2023 16:54:31 +0100 Subject: [PATCH 1/9] Update deploy-pages-action.yml --- .github/workflows/deploy-pages-action.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/deploy-pages-action.yml b/.github/workflows/deploy-pages-action.yml index 78bdc7a9..254aa513 100644 --- a/.github/workflows/deploy-pages-action.yml +++ b/.github/workflows/deploy-pages-action.yml @@ -1,5 +1,6 @@ name: Build and Deploy to github pages + on: push: branches: @@ -12,14 +13,13 @@ jobs: uses: actions/checkout@v3.0.0 - name: Install and Build 🔧 # This example project is built using npm and outputs the result to the 'build' folder. Replace with the commands required to build your project, or remove this step entirely if your site is pre-built. - run: | - cd docs - npm ci - npm run docs:build + uses: ossf/scorecard-action@main + with: + results_file: results.sarif + results_format: sarif + publish_results: true - - name: Deploy 🚀 - uses: JamesIves/github-pages-deploy-action@v4.2.5 + - name: "Upload to code-scanning" + uses: github/codeql-action/upload-sarif@v1 with: - branch: gh-pages # The branch the action should deploy to. - folder: docs/.vuepress/dist # The folder the action should deploy. - single-commit: true + sarif_file: results.sarif From 0dcc444cc7fd3e54ad36a8d3a10d9764d7c53dfe Mon Sep 17 00:00:00 2001 From: theomercierisen <90457938+theomercierisen@users.noreply.github.com> Date: Mon, 13 Feb 2023 16:56:13 +0100 Subject: [PATCH 2/9] Update deploy-pages-action.yml --- .github/workflows/deploy-pages-action.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/deploy-pages-action.yml b/.github/workflows/deploy-pages-action.yml index 254aa513..2ed90213 100644 --- a/.github/workflows/deploy-pages-action.yml +++ b/.github/workflows/deploy-pages-action.yml @@ -1,6 +1,5 @@ name: Build and Deploy to github pages - on: push: branches: From 36bf6fa18b1e5c0e55bde6b6a9249d23afbdf48b Mon Sep 17 00:00:00 2001 From: theomercierisen <90457938+theomercierisen@users.noreply.github.com> Date: Mon, 13 Feb 2023 17:46:57 +0100 Subject: [PATCH 3/9] Update deploy-pages-action.yml --- .github/workflows/deploy-pages-action.yml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/.github/workflows/deploy-pages-action.yml b/.github/workflows/deploy-pages-action.yml index 2ed90213..6e342ce5 100644 --- a/.github/workflows/deploy-pages-action.yml +++ b/.github/workflows/deploy-pages-action.yml @@ -11,14 +11,10 @@ jobs: - name: Checkout 🛎️ uses: actions/checkout@v3.0.0 - - name: Install and Build 🔧 # This example project is built using npm and outputs the result to the 'build' folder. Replace with the commands required to build your project, or remove this step entirely if your site is pre-built. + - name: Install and Build 🔧 uses: ossf/scorecard-action@main with: - results_file: results.sarif - results_format: sarif + results_file: results.json + results_format: json publish_results: true - - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v1 - with: - sarif_file: results.sarif From 21fc1bfe30df7384d9b016e1a46bc0d45af391bd Mon Sep 17 00:00:00 2001 From: theomercierisen <90457938+theomercierisen@users.noreply.github.com> Date: Mon, 13 Feb 2023 18:12:23 +0100 Subject: [PATCH 4/9] Update deploy-pages-action.yml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit énième essai --- .github/workflows/deploy-pages-action.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy-pages-action.yml b/.github/workflows/deploy-pages-action.yml index 6e342ce5..2ed90213 100644 --- a/.github/workflows/deploy-pages-action.yml +++ b/.github/workflows/deploy-pages-action.yml @@ -11,10 +11,14 @@ jobs: - name: Checkout 🛎️ uses: actions/checkout@v3.0.0 - - name: Install and Build 🔧 + - name: Install and Build 🔧 # This example project is built using npm and outputs the result to the 'build' folder. Replace with the commands required to build your project, or remove this step entirely if your site is pre-built. uses: ossf/scorecard-action@main with: - results_file: results.json - results_format: json + results_file: results.sarif + results_format: sarif publish_results: true + - name: "Upload to code-scanning" + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: results.sarif From 22f6f57acc964e8652f48e68576790efd460ea7f Mon Sep 17 00:00:00 2001 From: theomercierisen <90457938+theomercierisen@users.noreply.github.com> Date: Mon, 13 Feb 2023 18:20:07 +0100 Subject: [PATCH 5/9] Update deploy-pages-action.yml --- .github/workflows/deploy-pages-action.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/deploy-pages-action.yml b/.github/workflows/deploy-pages-action.yml index 2ed90213..b0a5bf5a 100644 --- a/.github/workflows/deploy-pages-action.yml +++ b/.github/workflows/deploy-pages-action.yml @@ -18,7 +18,3 @@ jobs: results_format: sarif publish_results: true - - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v1 - with: - sarif_file: results.sarif From 10e1bdb4df6a314c86a6a07a4caddb3515ef3cc5 Mon Sep 17 00:00:00 2001 From: theomercierisen <90457938+theomercierisen@users.noreply.github.com> Date: Mon, 13 Feb 2023 18:53:01 +0100 Subject: [PATCH 6/9] Update deploy-pages-action.yml --- .github/workflows/deploy-pages-action.yml | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy-pages-action.yml b/.github/workflows/deploy-pages-action.yml index b0a5bf5a..35155bba 100644 --- a/.github/workflows/deploy-pages-action.yml +++ b/.github/workflows/deploy-pages-action.yml @@ -1,5 +1,4 @@ -name: Build and Deploy to github pages - +name: Scorecard action on: push: branches: @@ -18,3 +17,14 @@ jobs: results_format: sarif publish_results: true + - name: "Upload artifact" + uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + with: + name: SARIF file + path: results.sarif + retention-days: 5 + + - name: "Upload to code-scanning" + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: results.sarif From ca3ab7f8fc9e59660181af7b763bb40d80bb10e8 Mon Sep 17 00:00:00 2001 From: theomercierisen <90457938+theomercierisen@users.noreply.github.com> Date: Mon, 13 Feb 2023 19:06:01 +0100 Subject: [PATCH 7/9] Update deploy-pages-action.yml --- .github/workflows/deploy-pages-action.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/deploy-pages-action.yml b/.github/workflows/deploy-pages-action.yml index 35155bba..4a12bf22 100644 --- a/.github/workflows/deploy-pages-action.yml +++ b/.github/workflows/deploy-pages-action.yml @@ -15,7 +15,6 @@ jobs: with: results_file: results.sarif results_format: sarif - publish_results: true - name: "Upload artifact" uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 From 4b904dc89cbecf6390d71857bb15260d80dff039 Mon Sep 17 00:00:00 2001 From: theomercierisen <90457938+theomercierisen@users.noreply.github.com> Date: Mon, 13 Feb 2023 19:11:40 +0100 Subject: [PATCH 8/9] Update deploy-pages-action.yml --- .github/workflows/deploy-pages-action.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/deploy-pages-action.yml b/.github/workflows/deploy-pages-action.yml index 4a12bf22..b3b596ba 100644 --- a/.github/workflows/deploy-pages-action.yml +++ b/.github/workflows/deploy-pages-action.yml @@ -22,8 +22,3 @@ jobs: name: SARIF file path: results.sarif retention-days: 5 - - - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v1 - with: - sarif_file: results.sarif From 8d825234f0f27ea47a12f4ba7fa59986c5a560a3 Mon Sep 17 00:00:00 2001 From: theomercierisen <90457938+theomercierisen@users.noreply.github.com> Date: Mon, 13 Feb 2023 19:32:00 +0100 Subject: [PATCH 9/9] Update and rename deploy-pages-action.yml to security-assessment-TM-EV.yml --- .github/workflows/deploy-pages-action.yml | 24 ------------ .../workflows/security-assessment-TM-EV.yml | 38 +++++++++++++++++++ 2 files changed, 38 insertions(+), 24 deletions(-) delete mode 100644 .github/workflows/deploy-pages-action.yml create mode 100644 .github/workflows/security-assessment-TM-EV.yml diff --git a/.github/workflows/deploy-pages-action.yml b/.github/workflows/deploy-pages-action.yml deleted file mode 100644 index b3b596ba..00000000 --- a/.github/workflows/deploy-pages-action.yml +++ /dev/null @@ -1,24 +0,0 @@ -name: Scorecard action -on: - push: - branches: - - main -jobs: - build-and-deploy: - runs-on: ubuntu-latest - steps: - - name: Checkout 🛎️ - uses: actions/checkout@v3.0.0 - - - name: Install and Build 🔧 # This example project is built using npm and outputs the result to the 'build' folder. Replace with the commands required to build your project, or remove this step entirely if your site is pre-built. - uses: ossf/scorecard-action@main - with: - results_file: results.sarif - results_format: sarif - - - name: "Upload artifact" - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 - with: - name: SARIF file - path: results.sarif - retention-days: 5 diff --git a/.github/workflows/security-assessment-TM-EV.yml b/.github/workflows/security-assessment-TM-EV.yml new file mode 100644 index 00000000..001e3f11 --- /dev/null +++ b/.github/workflows/security-assessment-TM-EV.yml @@ -0,0 +1,38 @@ +# Nom de l'Action : Scorecard +# Le workflow s'exécute lorsque quelqu'un pousse des modifications sur la branche principale +on: + push: + branches: + - main + +# Définition de l'emploi qui sera exécuté +jobs: + build-and-deploy: + # Définit la plateforme d'exécution de l'emploi + runs-on: ubuntu-latest + + # Les étapes du travail + steps: + # Étape 1: Checkout + - name: Checkout 🛎️ + # Utilise l'action Github pour cloner le dépôt + uses: actions/checkout@v3.0.0 + + # Étape 2: Installation et construction + - name: Install and Build 🔧 + # Utilise l'Action Scorecard pour installer et construire les dépendances de votre projet + uses: ossf/scorecard-action@main + # Paramètres pour la sortie des résultats de l'Action Scorecard + with: + results_file: results.sarif + results_format: sarif + + # Étape 3: Téléversement de l'artefact + - name: "Upload artifact" + # Utilise l'Action d'Upload d'artefact pour téléverser les fichiers générés par les étapes précédentes + uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + # Paramètres pour le téléversement de l'artefact + with: + name: SARIF file + path: results.sarif + retention-days: 5