-
Notifications
You must be signed in to change notification settings - Fork 55
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into feature/mula/rescheduling
* main: (95 commits) Translations for release 1.11 - EN -> NL, PAP (#1439) Add Question ooi model and create the first bit that generates a question (#1407) make port classification configurable (#1418) KATalogus API filtering and pagination (#1405) Fix robot test (#1420) Use the correct clearance level variable in organization member list template (#1427) Fix translation in Debian package (#1432) Reschedule tasks when no results in bytes are found after grace period (#1410) Don't scan hostname nmap in nmap boefje (#1415) Add and use our own CVE API (#1383) Add `task_id` as a query parameter to the `GET /origins` endpoint (#1414) Remove member group checks and check for permission instead (#1275) Bump cryptography from 41.0.0 to 41.0.2 in /boefjes/boefjes/plugins/kat_ssl_certificates (#1396) Bump cryptography from 41.0.1 to 41.0.2 in /bytes (#1397) Build the Debian build image on the main branch (#1387) Add explicit `black` config to all modules (#1395) Fix <no title> in the user guide docs (#1391) Add configurable octpoes request timeout (#1382) Remove hardcoded clearance level in member list for superusers (#1390) Add Debian build depends for CVE API package (#1384) ...
- Loading branch information
Showing
483 changed files
with
235,195 additions
and
12,043 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
#!/bin/bash | ||
|
||
#GITHUB_TOKEN should be ${{ secrets.GITHUB_TOKEN }} | ||
#DESTINATION_BRANCH should be ${{ github.ref }} | ||
|
||
FILES=$(git diff --name-only) | ||
for FILE in $FILES; do | ||
CONTENT=$(base64 -i "$FILE") | ||
SHA=$(git rev-parse "$DESTINATION_BRANCH":"$FILE") | ||
gh api --method PUT /repos/:owner/:repo/contents/"$FILE" \ | ||
--field message="Update $FILE" \ | ||
--field content="$CONTENT" \ | ||
--field encoding="base64" \ | ||
--field branch="$DESTINATION_BRANCH" \ | ||
--field sha="$SHA" | ||
done |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
name: Check Poetry dependencies | ||
|
||
on: | ||
push: | ||
paths: | ||
- '**/requirements.txt' | ||
- '**/requirements-dev.txt' | ||
- '**/pyproject.toml' | ||
- '**/poetry.lock' | ||
pull_request: | ||
paths: | ||
- '**/requirements.txt' | ||
- '**/requirements-dev.txt' | ||
- '**/pyproject.toml' | ||
- '**/poetry.lock' | ||
|
||
|
||
jobs: | ||
poetry-dependencies: | ||
|
||
permissions: | ||
# Give the default GITHUB_TOKEN write permission to commit and push the | ||
# added or changed files to the repository. | ||
contents: write | ||
|
||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v3 | ||
|
||
- name: Set up Python | ||
uses: actions/setup-python@v4 | ||
id: py311 | ||
with: | ||
python-version: 3.11 | ||
cache: pip | ||
|
||
- name: Install pip dependencies | ||
run: pip install poetry | ||
|
||
- name: Check, lock, and export Poetry dependencies | ||
run: make poetry-dependencies | ||
|
||
- name: Check if there are any changed files | ||
if: ${{ github.actor != 'dependabot[bot]' }} | ||
run: git diff --exit-code | ||
|
||
- name: Commit, sign, and push changes | ||
if: ${{ github.actor == 'dependabot[bot]' }} | ||
run: sh .github/scripts/commit_sign_push.sh | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
DESTINATION_BRANCH: ${{ github.ref }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,100 @@ | ||
name: Debian packages | ||
|
||
on: | ||
pull_request: | ||
push: | ||
branches: | ||
- 'main' | ||
- 'release-*' | ||
tags: | ||
- '*' | ||
|
||
jobs: | ||
changes: | ||
runs-on: ubuntu-22.04 | ||
outputs: | ||
packages: ${{ steps.filter.outputs.changes }} | ||
steps: | ||
- uses: dorny/paths-filter@v2 | ||
if: github.event_name != 'push' | ||
id: filter | ||
with: | ||
filters: | | ||
boefjes: | ||
- 'boefjes/**' | ||
- 'octopoes/**' | ||
- '.github/workflows/debian_package.yml' | ||
bytes: | ||
- 'bytes/**' | ||
- '.github/workflows/debian_package.yml' | ||
cveapi: | ||
- 'cveapi/**' | ||
- '.github/workflows/debian_package.yml' | ||
keiko: | ||
- 'keiko/**' | ||
- '.github/workflows/debian_package.yml' | ||
mula: | ||
- 'mula/**' | ||
- '.github/workflows/debian_package.yml' | ||
octopoes: | ||
- 'octopoes/**' | ||
- '.github/workflows/debian_package.yml' | ||
rocky: | ||
- 'rocky/**' | ||
- 'octopoes/**' | ||
- '.github/workflows/debian_package.yml' | ||
build: | ||
needs: changes | ||
if: ${{ github.event_name == 'push' || (needs.changes.outputs.packages != '[]' && needs.changes.outputs.packages != '') }} | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
dist: [debian11, debian12, ubuntu22.04] | ||
# On main, release branches and tags we always want to build all the packages | ||
package: ${{ github.event_name == 'push' && fromJSON('["boefjes", "bytes", "cveapi", "keiko", "mula", "octopoes", "rocky"]') || fromJSON(needs.changes.outputs.packages) }} | ||
exclude: | ||
- package: cveapi | ||
dist: debian11 | ||
- package: cveapi | ||
dist: ubuntu22.04 | ||
runs-on: ubuntu-22.04 | ||
env: | ||
PKG_NAME: kat-${{ matrix.package }} | ||
|
||
steps: | ||
- uses: actions/checkout@v3 | ||
|
||
- name: Generate version.py and set RELEASE_VERSION | ||
run: | | ||
pip install setuptools-scm==7.1.0 | ||
echo "RELEASE_VERSION=$(python -m setuptools_scm | sed s/rc/~rc/)" >> $GITHUB_ENV | ||
cp _version.py boefjes/boefjes/version.py | ||
cp _version.py boefjes/boefjes/katalogus/version.py | ||
cp _version.py bytes/bytes/version.py | ||
cp _version.py keiko/keiko/version.py | ||
cp _version.py mula/scheduler/version.py | ||
cp _version.py octopoes/octopoes/version.py | ||
cp _version.py rocky/rocky/version.py | ||
- name: Run debian package build | ||
uses: addnab/docker-run-action@v3 | ||
with: | ||
run: packaging/scripts/build-debian-package.sh | ||
registry: ghcr.io | ||
image: ghcr.io/minvws/nl-kat-${{ matrix.dist }}-build-image:latest | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
options: -v ${{ github.workspace }}/${{ matrix.package }}:/app | ||
-v ${{ github.workspace }}/octopoes:/octopoes | ||
-e REPOSITORY=${{ github.repository }} | ||
-e RELEASE_VERSION=${{ env.RELEASE_VERSION }} | ||
-e RELEASE_TAG=${{ env.RELEASE_TAG }} | ||
-e PKG_NAME=${{ env.PKG_NAME }} | ||
--workdir /app | ||
|
||
- name: Upload .deb to artifacts | ||
uses: actions/upload-artifact@v3 | ||
with: | ||
name: ${{env.PKG_NAME}}_${{ env.RELEASE_VERSION }}_${{ matrix.dist }}.deb | ||
path: ${{matrix.package}}/build/${{env.PKG_NAME}}_${{ env.RELEASE_VERSION }}_${{ matrix.package == 'cveapi' && 'all' || 'amd64' }}.deb |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.