Add Security Tests pipeline (#1)

fabasoad · web-flow · commit a071a3011400 · 2020-12-23T22:01:25.000+09:00
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
@@ -1,8 +1,9 @@
-Closes #<Issue Number>
+Closes #<IssueNumber>
 
 ## Pull request checklist
 
 Please check if your PR fulfills the following requirements:
+
 - [ ] I have read the [CONTRIBUTING](https://github.com/fabasoad/pascal-action/CONTRIBUTING.md) doc.
 - [ ] Tests for the changes have been added (for bug fixes / features).
 - [ ] Docs have been reviewed and added / updated if needed (for bug fixes / features).
@@ -15,6 +16,7 @@ Please check if your PR fulfills the following requirements:
 <!-- Please try to limit your pull request to one type, submit multiple pull requests if needed. --> 
 
 Please check the type of change your PR introduces:
+
 - [ ] Bugfix
 - [ ] Feature
 - [ ] Code style update (formatting, renaming)
@@ -23,11 +25,9 @@ Please check the type of change your PR introduces:
 - [ ] Documentation content changes
 - [ ] Other (please describe): 
 
-
 ## What is the current behavior?
 <!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
 
-
 ## What is the new behavior?
 <!-- Please describe the behavior or changes that are being added by this PR. -->
 
@@ -42,7 +42,6 @@ Please check the type of change your PR introduces:
 
 <!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
 
-
 ## Other information
 
 <!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->
diff --git a/.github/workflows/ci-lastest.yml b/.github/workflows/ci-lastest.yml
@@ -15,7 +15,7 @@ jobs:
       - uses: actions/checkout@v2.3.4
         with:
           ref: ${{ github.ref }}
-      - uses: fabasoad/pascal-action@v1.0.2
+      - uses: fabasoad/pascal-action@main
         id: pascal
         with:
           path: ./HelloWorld.pas
diff --git a/.github/workflows/functional-tests.yml b/.github/workflows/functional-tests.yml
@@ -1,13 +1,12 @@
 ---
-name: CI (main)
+name: Functional tests
 
 on:
   push:
     branches:
       - main
-  pull_request:
-    branches:
-      - main
+      - 'bugfix/**'
+      - 'feature/**'
 
 jobs:
   functional_tests:
diff --git a/.github/workflows/security-tests.yml b/.github/workflows/security-tests.yml
@@ -0,0 +1,25 @@
+---
+name: Security tests
+
+on:
+  push:
+    branches:
+      - main
+      - 'bugfix/**'
+      - 'feature/**'
+
+jobs:
+  security_tests:
+    name: Dockerfile
+    timeout-minutes: 10
+    runs-on: ubuntu-latest
+    container: snyk/snyk-cli:docker
+    steps:
+      - uses: actions/checkout@v2.3.4
+        with:
+          ref: ${{ github.ref }}
+      - name: Test Dockerfile
+        run: |
+          docker build -t ${{ github.repository }}:${{ github.sha }} .
+          snyk auth ${{ secrets.SNYK_API_TOKEN }}
+          snyk test --docker ${{ github.repository }}:${{ github.sha }} --file=Dockerfile
diff --git a/.gitignore b/.gitignore
@@ -1 +1,2 @@
-.vscode/
+.vscode/*
+!.vscode/settings.json
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -0,0 +1,12 @@
+{
+  "cSpell.words": [
+    "HADOLINT",
+    "appium",
+    "bewuethr",
+    "burdzwastaken",
+    "ibiqlik",
+    "issuehunt",
+    "liberapay",
+    "yamllint"
+  ]
+}
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -1,4 +1,5 @@
 # Contributing guidance
+
 We love your input! We want to make contributing to this project as easy and transparent as possible, whether it's:
 
 - Reporting a bug
@@ -8,9 +9,11 @@ We love your input! We want to make contributing to this project as easy and tra
 - Becoming a maintainer
 
 ## We Develop with GitHub
+
 We use GitHub to host code, to track issues and feature requests, as well as accept pull requests.
 
 ## We Use [GitHub Flow](https://guides.github.com/introduction/flow/index.html), So All Code Changes Happen Through Pull Requests
+
 Pull requests are the best way to propose changes to the codebase (we use [GitHub Flow](https://guides.github.com/introduction/flow/index.html)). We actively welcome your pull requests:
 
 1. Fork the repo and create your branch from `main`.
@@ -21,20 +24,27 @@ Pull requests are the best way to propose changes to the codebase (we use [GitHu
 6. Issue that pull request!
 
 ## Any contributions you make will be under the MIT Software License
+
 In short, when you submit code changes, your submissions are understood to be under the same [MIT License](http://choosealicense.com/licenses/mit/) that covers the project. Feel free to contact the maintainers if that's a concern.
 
 ## Report bugs using [GitHub Issues](https://github.com/fabasoad/pascal-action/issues)
+
 We use GitHub issues to track public bugs. Report a bug by opening a new issue. It's that easy!
 
 ## Create issue using provided GitHub issue templates
+
 This repository has issue templates for bug report and feature request. Please use them to create an issue and fill all required fields.
 
 ## Use a Consistent Coding Style
+
 Please follow all the rules from the following documents:
+
 - [Bash coding style](https://github.com/icy/bash-coding-style) provided by [icy](https://github.com/icy).
 
 ## License
+
 By contributing, you agree that your contributions will be licensed under its MIT License.
 
 ## References
+
 This document was adapted from the open-source contribution guidelines provided by [briandk](https://gist.github.com/briandk/3d2e8b3ec8daf5a27a62).
diff --git a/README.md b/README.md
@@ -1,14 +1,17 @@
 # Run Pascal script action
-![GitHub release (latest SemVer including pre-releases)](https://img.shields.io/github/v/release/fabasoad/pascal-action?include_prereleases) ![CI (latest)](https://github.com/fabasoad/pascal-action/workflows/CI%20(latest)/badge.svg) ![CI (main)](https://github.com/fabasoad/pascal-action/workflows/CI%20(main)/badge.svg) ![YAML Lint](https://github.com/fabasoad/pascal-action/workflows/YAML%20Lint/badge.svg) ![Dockerfile Lint](https://github.com/fabasoad/pascal-action/workflows/Dockerfile%20Lint/badge.svg) ![Shell Lint](https://github.com/fabasoad/pascal-action/workflows/Shell%20Lint/badge.svg)
+
+![GitHub release (latest SemVer including pre-releases)](https://img.shields.io/github/v/release/fabasoad/pascal-action?include_prereleases) ![CI (latest)](https://github.com/fabasoad/pascal-action/workflows/CI%20(latest)/badge.svg) ![Functional tests](https://github.com/fabasoad/pascal-action/workflows/Functional%20tests/badge.svg) ![Security tests](https://github.com/fabasoad/pascal-action/workflows/Security%20tests/badge.svg) ![YAML Lint](https://github.com/fabasoad/pascal-action/workflows/YAML%20Lint/badge.svg) ![Dockerfile Lint](https://github.com/fabasoad/pascal-action/workflows/Dockerfile%20Lint/badge.svg) ![Shell Lint](https://github.com/fabasoad/pascal-action/workflows/Shell%20Lint/badge.svg)
 
 This action runs Pascal script.
 
 ## Inputs
-| Name | Required | Description             | Default | Possible values |
-|------|----------|-------------------------|---------|-----------------|
-| path | Yes      | Path to the script file |         | &lt;Path&gt;    |
+
+| Name | Required | Description             | Possible values |
+|------|----------|-------------------------|-----------------|
+| path | Yes      | Path to the script file | _&lt;Path&gt;_  |
 
 ## Outputs
+
 | Name   | Required | Description               |
 |--------|----------|---------------------------|
 | result | Yes      | Result of script running. |
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
@@ -1,5 +1,4 @@
 #!/bin/sh -l
-# while true; do sleep 30; done;
 fpc "$1"
 result=$(${1%.*})
 echo ::set-output name=result::"$result"

Original file line number	Diff line number	Diff line change
`@@ -1 +1,2 @@`
`1`		`-.vscode/`
	`1`	`+.vscode/*`
	`2`	`+!.vscode/settings.json`