Skip to content

Commit

Permalink
chore: use gha instead of drone
Browse files Browse the repository at this point in the history
  • Loading branch information
OGKevin committed Mar 7, 2024
1 parent 6ce157a commit 8960376
Show file tree
Hide file tree
Showing 7 changed files with 260 additions and 46 deletions.
71 changes: 31 additions & 40 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,16 +10,14 @@
# supported CodeQL languages.
#
name: "CodeQL"

on:
push:
branches: [ "master" ]
branches: ["master"]
pull_request:
# The branches below must be a subset of the branches above
branches: [ "master" ]
branches: ["master"]
schedule:
- cron: '17 20 * * 2'

- cron: "17 20 * * 2"
jobs:
analyze:
name: Analyze
Expand All @@ -28,49 +26,42 @@ jobs:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
matrix:
language: [ 'javascript', 'typescript' ]
language: ["javascript", "typescript"]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support

steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js environment
uses: actions/[email protected]
with:
node-version: '20.x'

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.

- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js environment
uses: actions/[email protected]
with:
node-version: "20.x"
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality


# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v3

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun

# If the Autobuild fails above, remove it and uncomment the following three lines.
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
uses: github/codeql-action/autobuild@v3
# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun

# - run: |
# echo "Run, Build Application using script"
# ./location_of_script_within_repo/buildscript.sh
# If the Autobuild fails above, remove it and uncomment the following three lines.
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
# - run: |
# echo "Run, Build Application using script"
# ./location_of_script_within_repo/buildscript.sh
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
32 changes: 32 additions & 0 deletions .github/workflows/earth.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: "npm"
on:
push:
branches: ["master"]
pull_request:
branches: ["master"]
jobs:
test:
runs-on: arc-runner
env:
FORCE_COLOR: 1
USER: root
steps:
- uses: actions/checkout@v4
- name: install packages
run: sudo apt-get update && sudo apt-get install -y curl xz-utils
- uses: cachix/install-nix-action@v23
- uses: cachix/cachix-action@v12
with:
name: devenv
# - name: Install devenv.sh
# run: nix profile install tarball+https://install.devenv.sh/latest
#
- name: Setup For Test
shell: devenv shell bash -e {0}
run: |
mkdir $HOME/.aws
vault kv get -mount="secret" -field credentials "ci/aws" > $HOME/.aws/credentials
aws --endpoint-url http://100.82.97.39:9000 s3 cp s3://repo-obsidian-kobo-highlights-import/KoboReader.sqlite KoboReader.sqlite
- name: Test
shell: devenv shell bash -e {0}
run: npm run test
4 changes: 0 additions & 4 deletions .github/workflows/publish.yaml
Original file line number Diff line number Diff line change
@@ -1,16 +1,12 @@
name: Publish plugin

on:
release:
types: [published]

env:
PLUGIN_NAME: kobo-highlights-import

jobs:
publish:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v4
- name: Use Node.js
Expand Down
2 changes: 0 additions & 2 deletions Earthfile
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,6 @@ RUN apt update && apt install -y wget jsonnet

vault:
FROM hashicorp/vault
ENV VAULT_ADDR="https://vault.ogkevin.nl"
RUN --secret VAULT_TOKEN vault login $VAULT_TOKEN

node:
FROM node:20
Expand Down
156 changes: 156 additions & 0 deletions devenv.lock
Original file line number Diff line number Diff line change
@@ -0,0 +1,156 @@
{
"nodes": {
"devenv": {
"locked": {
"dir": "src/modules",
"lastModified": 1706018268,
"narHash": "sha256-d24+re0t8b6HYGzAPZCIJed85n23RUFXQa2yuHoW0uQ=",
"owner": "cachix",
"repo": "devenv",
"rev": "ad0ae333b210e31237e1fc4a7ddab71a01785add",
"type": "github"
},
"original": {
"dir": "src/modules",
"owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"pre-commit-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1703887061,
"narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1705883077,
"narHash": "sha256-ByzHHX3KxpU1+V0erFy8jpujTufimh6KaS/Iv3AciHk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5f5210aa20e343b7e35f40c033000db0ef80d7b9",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1704874635,
"narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"gitignore": "gitignore",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1705757126,
"narHash": "sha256-Eksr+n4Q8EYZKAN0Scef5JK4H6FcHc+TKNHb95CWm+c=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "f56597d53fd174f796b5a7d3ee0b494f9e2285cc",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
"devenv": "devenv",
"nixpkgs": "nixpkgs",
"pre-commit-hooks": "pre-commit-hooks"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}
37 changes: 37 additions & 0 deletions devenv.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
{ pkgs, ... }:

{
# https://devenv.sh/basics/
# env.GREET = "devenv";

# https://devenv.sh/packages/
packages = with pkgs; [
git
vault
nodejs-slim
awscli2
];

languages.javascript = {
enable = true;
npm.install.enable = true;
};

pre-commit.hooks = { eslint.enable = true; };

# https://devenv.sh/scripts/
# scripts.hello.exec = "echo hello from $GREET";

enterShell = "";

# https://devenv.sh/languages/
# languages.nix.enable = true;

# https://devenv.sh/pre-commit-hooks/
# pre-commit.hooks.shellcheck.enable = true;

# https://devenv.sh/processes/
# processes.ping.exec = "ping example.com";

# See full reference at https://devenv.sh/reference/options/
}
4 changes: 4 additions & 0 deletions devenv.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
allowUnfree: true
inputs:
nixpkgs:
url: github:NixOS/nixpkgs/nixpkgs-unstable

0 comments on commit 8960376

Please sign in to comment.