Timothy O'Brien obrientimothya
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GHA02 runs on push to the main branch | |
| name: GHA02-push-main | |
| on: | |
| push: | |
| branches: | |
| - main | |
| # env defines global variables for versioning and configuration | |
| env: | |
| IMAGE_NAME: secureimage |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GHA01 runs on pull request to the main branch | |
| name: GHA01-pull-request | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| # env defines global variables for versioning and configuration | |
| env: | |
| IMAGE_NAME: secureimage |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| file: | |
| # T01 terraform binary must be valid | |
| /usr/local/bin/terraform: | |
| exists: true | |
| mode: "0755" | |
| owner: root | |
| group: root | |
| filetype: file | |
| sha256: 278a0f66c7404ceb426e6f2db7f0f3a1b5b3d8373e7024640e7bc238389bab74 | |
| # T02 tfsec binary must be valid |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # gossfile loads all goss tests from goss.d | |
| gossfile: | |
| ./goss.d/*.yaml: {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| RUNNER = docker-compose run --rm | |
| RUNNER-HADOLINT = $(RUNNER) hadolint | |
| PWD = $(shell pwd) | |
| # check_defined determines if an environment variable is defined | |
| check_defined = \ | |
| $(strip $(foreach 1,$1, \ | |
| $(call __check_defined,$1,$(strip $(value 2))))) | |
| __check_defined = \ | |
| $(if $(value $1),, \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ignored: | |
| - DL3059 # Multiple consecutive RUN statements | |
| trustedRegistries: | |
| - docker.io | |
| - ghcr.io |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3' | |
| services: | |
| hadolint: | |
| image: docker.io/hadolint/hadolint:v2.4.1-alpine | |
| working_dir: /opt/app | |
| volumes: | |
| - .:/opt/app | |
| localbuild: | |
| image: localbuild/${IMAGE_NAME}:latest |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # The following digest is alpine:3.10.6 | |
| # This image has known security issues. | |
| # Therefore, it can be used to test the scan in the GitHub Actions pipeline. | |
| FROM alpine@sha256:abd435b2a549002f78ec235cca4677237e6b8cfa9f7d15a2ea1e644596ff71d2 | |
| ARG GOSS_VERSION | |
| ARG TF_VERSION | |
| ARG TFLINT_VERSION | |
| ARG TFSEC_VERSION |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " vim-plug | |
| call plug#begin('~/.vim/plugged') | |
| " plugin section | |
| Plug 'pangloss/vim-javascript' | |
| Plug 'leafgarland/typescript-vim' | |
| Plug 'maxmellon/vim-jsx-pretty' | |
| " end vim-plug |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " vim-plug | |
| call plug#begin('~/.vim/plugged') | |
| " plugin section | |
| " end vim-plug | |
| call plug#end() |
NewerOlder