Skip to content

Instantly share code, notes, and snippets.

@rob-derosa

rob-derosa/robs_demo.md

Last active December 9, 2022 15:31
Show Gist options
  • Save rob-derosa/0881ff63ec027f401e8100b5354285e0 to your computer and use it in GitHub Desktop.
Save rob-derosa/0881ff63ec027f401e8100b5354285e0 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
robs_demo.md

Codespaces, Actions, GHAS Demo

Resources

Pre Demo

  • ensure Code Scan and Reusable Workflow workflows are disabled
  • ensure Deploy Web App to QA is enabled

Codespaces

  • Explain GitHub User Lookup repo
  • Show codespaces create options
  • Open codespace and show features
    • Extensions
    • Settings sync (theme, fonts, etc)
    • Terminal + git (pre-authenticated)
  • Explain devcontainer
  • Breakpoint and debug site
  • Port forward and port visibility

Actions

  • Show workflow that has already executed
  • Explain environments
  • Create new branch and change the background image from cat to a dog
  • Push code and create a pull request
  • Go to Actions tab and show running workflow
  • Go to workflow file and explain yaml
  • Show Actions marketplace
  • Show Awesome Actions
  • Go back to running workflow and open sandbox site
  • Approve gate

Reusable Workflows

Dependabot

  • Navigate to Dependabot alerts
  • Jump to PR

Secret Scanning

  • Show existing secret scanning alerts
  • Walk though settings and push protection
  • Demo push protection

Code Scanning

Security Overview

  • Go to Security Overview within the organization
  • Explain features
  • Webhooks and APIs
  • Go to Splunk dashboard

Don't Forget

  • Actions Marketplace
  • Environments
  • Other code scanning tools
  • Actions starter workflows
  • Actions required workflows

Code Blocks

PAT

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

Code Scanning sample

var req = {};
req.headers = { authorization: 'Bearer eyJ1eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImVtYWlsIjoicnNhX2xvcmRAIn0sImlhdCI6MTU4MjIyMTY3NX0.70f6VAIQk2Uzpf3sgH-1JVrrTuwudonm2DKn2ec7Tg8' }

Dependency Review

    "json-schema": {
        "version": "0.2.3",
        "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz",
        "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=",
        "dev": true
    },
    "json-schema-traverse": {
        "version": "0.4.1",
        "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz",
        "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==",
        "dev": true
    },
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment