diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 831879b..bdd7648 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -10,16 +10,14 @@ # supported CodeQL languages. # name: "CodeQL" - on: push: - branches: [ "master" ] + branches: ["master"] pull_request: # The branches below must be a subset of the branches above - branches: [ "master" ] + branches: ["master"] schedule: - - cron: '17 20 * * 2' - + - cron: "17 20 * * 2" jobs: analyze: name: Analyze @@ -28,49 +26,42 @@ jobs: actions: read contents: read security-events: write - strategy: fail-fast: false matrix: - language: [ 'javascript', 'typescript' ] + language: ["javascript", "typescript"] # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: Setup Node.js environment - uses: actions/setup-node@v4.0.2 - with: - node-version: '20.x' - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - + - name: Checkout repository + uses: actions/checkout@v4 + - name: Setup Node.js environment + uses: actions/setup-node@v4.0.2 + with: + node-version: "20.x" + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs # queries: security-extended,security-and-quality - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v3 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - - # If the Autobuild fails above, remove it and uncomment the following three lines. - # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + uses: github/codeql-action/autobuild@v3 + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - # - run: | - # echo "Run, Build Application using script" - # ./location_of_script_within_repo/buildscript.sh + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/earth.yaml b/.github/workflows/earth.yaml new file mode 100644 index 0000000..717f5ff --- /dev/null +++ b/.github/workflows/earth.yaml @@ -0,0 +1,31 @@ +name: "npm" +on: + push: + branches: ["master"] + pull_request: + branches: ["master"] +jobs: + test: + runs-on: arc-runner + env: + FORCE_COLOR: 1 + steps: + - uses: actions/checkout@v4 + - name: install packages + run: sudo apt-get update && sudo apt-get install -y curl xz + - uses: cachix/install-nix-action@v23 + - uses: cachix/cachix-action@v12 + with: + name: devenv + # - name: Install devenv.sh + # run: nix profile install tarball+https://install.devenv.sh/latest + # + - name: Setup For Test + shell: devenv shell bash -e {0} + run: | + mkdir $HOME/.aws + vault kv get -mount="secret" -field credentials "ci/aws" > $HOME/.aws/credentials + aws --endpoint-url http://100.82.97.39:9000 s3 cp s3://repo-obsidian-kobo-highlights-import/KoboReader.sqlite KoboReader.sqlite + - name: Test + shell: devenv shell bash -e {0} + run: npm run test diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 2b839f6..6bafa8e 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -1,16 +1,12 @@ name: Publish plugin - on: release: types: [published] - env: PLUGIN_NAME: kobo-highlights-import - jobs: publish: runs-on: ubuntu-latest - steps: - uses: actions/checkout@v4 - name: Use Node.js diff --git a/Earthfile b/Earthfile index 1b4981d..0c7a0ba 100644 --- a/Earthfile +++ b/Earthfile @@ -6,8 +6,6 @@ RUN apt update && apt install -y wget jsonnet vault: FROM hashicorp/vault - ENV VAULT_ADDR="https://vault.ogkevin.nl" - RUN --secret VAULT_TOKEN vault login $VAULT_TOKEN node: FROM node:20 diff --git a/devenv.lock b/devenv.lock new file mode 100644 index 0000000..896f33d --- /dev/null +++ b/devenv.lock @@ -0,0 +1,156 @@ +{ + "nodes": { + "devenv": { + "locked": { + "dir": "src/modules", + "lastModified": 1706018268, + "narHash": "sha256-d24+re0t8b6HYGzAPZCIJed85n23RUFXQa2yuHoW0uQ=", + "owner": "cachix", + "repo": "devenv", + "rev": "ad0ae333b210e31237e1fc4a7ddab71a01785add", + "type": "github" + }, + "original": { + "dir": "src/modules", + "owner": "cachix", + "repo": "devenv", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703887061, + "narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1705883077, + "narHash": "sha256-ByzHHX3KxpU1+V0erFy8jpujTufimh6KaS/Iv3AciHk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5f5210aa20e343b7e35f40c033000db0ef80d7b9", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1704874635, + "narHash": "sha256-YWuCrtsty5vVZvu+7BchAxmcYzTMfolSPP5io8+WYCg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3dc440faeee9e889fe2d1b4d25ad0f430d449356", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "gitignore": "gitignore", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1705757126, + "narHash": "sha256-Eksr+n4Q8EYZKAN0Scef5JK4H6FcHc+TKNHb95CWm+c=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "f56597d53fd174f796b5a7d3ee0b494f9e2285cc", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "root": { + "inputs": { + "devenv": "devenv", + "nixpkgs": "nixpkgs", + "pre-commit-hooks": "pre-commit-hooks" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/devenv.nix b/devenv.nix new file mode 100644 index 0000000..7c8ab37 --- /dev/null +++ b/devenv.nix @@ -0,0 +1,37 @@ +{ pkgs, ... }: + +{ + # https://devenv.sh/basics/ + # env.GREET = "devenv"; + + # https://devenv.sh/packages/ + packages = with pkgs; [ + git + vault + nodejs-slim + awscli2 + ]; + + languages.javascript = { + enable = true; + npm.install.enable = true; + }; + + pre-commit.hooks = { eslint.enable = true; }; + + # https://devenv.sh/scripts/ + # scripts.hello.exec = "echo hello from $GREET"; + + enterShell = ""; + + # https://devenv.sh/languages/ + # languages.nix.enable = true; + + # https://devenv.sh/pre-commit-hooks/ + # pre-commit.hooks.shellcheck.enable = true; + + # https://devenv.sh/processes/ + # processes.ping.exec = "ping example.com"; + + # See full reference at https://devenv.sh/reference/options/ +} diff --git a/devenv.yaml b/devenv.yaml new file mode 100644 index 0000000..89a8475 --- /dev/null +++ b/devenv.yaml @@ -0,0 +1,4 @@ +allowUnfree: true +inputs: + nixpkgs: + url: github:NixOS/nixpkgs/nixpkgs-unstable