diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 000000000..583decfd1 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,7 @@ +version: 2 +updates: + # Maintain dependencies for GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" \ No newline at end of file diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 000000000..3f10443c5 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,41 @@ +name: "Build" +on: + push: + branches: [ '*' ] + tags-ignore: + - '*' + +jobs: + build: + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest, windows-latest, macos-latest] + java: [11, 15] + steps: + - uses: actions/checkout@v2 + - name: Set up JDK ${{ matrix.java }} + uses: actions/setup-java@v1 + with: + java-version: ${{ matrix.java }} + architecture: x64 + - name: Cache Maven packages + uses: actions/cache@v2 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + - name: Build with Maven + run: mvn clean install + + notify-slack: + if: github.event_name == 'push' && (success() || failure()) + needs: + - build + runs-on: ubuntu-latest + steps: + - name: "Slack workflow notification" + uses: Gamesight/slack-workflow-status@master + with: + repo_token: ${{secrets.GITHUB_TOKEN}} + slack_webhook_url: ${{secrets.SLACK_WEBHOOK_URL}} \ No newline at end of file diff --git a/.github/workflows/rebase.yml b/.github/workflows/rebase.yml new file mode 100644 index 000000000..79ed91d82 --- /dev/null +++ b/.github/workflows/rebase.yml @@ -0,0 +1,19 @@ +name: Automatic Rebase +on: + issue_comment: + types: [created] +jobs: + rebase: + name: Rebase + if: github.event.issue.pull_request != '' && contains(github.event.comment.body, '/rebase') && github.event.comment.author_association == 'MEMBER' + runs-on: ubuntu-latest + steps: + - name: Checkout the latest code + uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + fetch-depth: 0 # otherwise, you will fail to push refs to dest repo + - name: Automatic Rebase + uses: cirrus-actions/rebase@1.4 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 000000000..0fd748bbe --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,99 @@ +name: "Release Pipeline" +on: + push: + tags: + - v* +jobs: + release: + name: Release WebGoat + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + + - name: "Get tag name" + id: tag + uses: dawidd6/action-get-tag@v1 + + - name: Set up JDK 11 + uses: actions/setup-java@v1 + with: + java-version: 11 + architecture: x64 + + - name: Cache Maven packages + uses: actions/cache@v2 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + + - name: "Set labels for ${{ github.ref }}" + run: | + echo "WEBGOAT_TAG_VERSION=${{ steps.tag.outputs.tag }}" >> $GITHUB_ENV + WEBGOAT_MAVEN_VERSION=${{ steps.tag.outputs.tag }} + echo "WEBGOAT_MAVEN_VERSION=${WEBGOAT_MAVEN_VERSION:1}" >> $GITHUB_ENV + - name: Build with Maven + run: | + mvn versions:set -DnewVersion=${{ env.WEBGOAT_MAVEN_VERSION }} + mvn clean install -DskipTests + + - name: "Create release" + uses: softprops/action-gh-release@v1 + with: + draft: false + files: | + webgoat-server/target/webgoat-server-${{ env.WEBGOAT_MAVEN_VERSION }}.jar + webwolf/target/webwolf-${{ env.WEBGOAT_MAVEN_VERSION }}.jar + body: | + ## Version ${{ steps.tag.outputs.tag }} + + ### New functionality + + - test + + ### Bug fixes + + - [#743 - Character encoding errors](https://github.com/WebGoat/WebGoat/issues/743) + + + ## Contributors + + Special thanks to the following contributors providing us with a pull request: + + - Person 1 + - Person 2 + + And everyone who provided feedback through Github. + + + Team WebGoat + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: "Set up QEMU" + uses: docker/setup-qemu-action@v1 + + - name: "Set up Docker Buildx" + uses: docker/setup-buildx-action@v1 + + - name: "Login to dockerhub" + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: "Build and push" + uses: docker/build-push-action@v2 + with: + context: ./docker + file: docker/Dockerfile + push: false #todo enable + platforms: linux/amd64 + tags: | + webgoat/goatandwolf:${{ env.WEBGOAT_TAG_VERSION }} + webgoat/goatandwolf:latest + build-args: | + webgoat_version=${{ env.WEBGOAT_MAVEN_VERSION }} + + - name: "Image digest" + run: echo ${{ steps.docker_build.outputs.digest }} diff --git a/.github/workflows/welcome.yml b/.github/workflows/welcome.yml new file mode 100644 index 000000000..30785357b --- /dev/null +++ b/.github/workflows/welcome.yml @@ -0,0 +1,13 @@ +name: Welcome + +on: [pull_request, issues] + +jobs: + greeting: + runs-on: ubuntu-latest + steps: + - uses: actions/first-interaction@v1 + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + issue-message: 'Thanks for submitting your first issue, we will have a look as quickly as possible.' + pr-message: 'Thanks so much for your contribution, really appreciated! We will have a look and merge it if everything checks out!' \ No newline at end of file diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 05d704bce..000000000 --- a/.travis.yml +++ /dev/null @@ -1,62 +0,0 @@ -services: - - docker -language: java -os: - - linux - - osx -dist: xenial -jdk: - - openjdk11 - - openjdk15 -addons: - firefox: latest -install: - - true -script: - - export BRANCH=$(if [ "$TRAVIS_PULL_REQUEST" == "false" ]; then echo $TRAVIS_BRANCH; - else echo $TRAVIS_PULL_REQUEST_BRANCH; fi) - - echo "TRAVIS_BRANCH=$TRAVIS_BRANCH, PR=$PR, BRANCH=$BRANCH" - - if [ ! -z "${TRAVIS_TAG}" ]; then mvn versions:set -DnewVersion=${TRAVIS_TAG:1}; - fi - - mvn clean install -q -cache: - directories: - - "$HOME/.m2" -before_deploy: - - export WEBGOAT_SERVER_TARGET_DIR=$HOME/build/$TRAVIS_REPO_SLUG/webgoat-server/target - - export WEBWOLF_TARGET_DIR=$HOME/build/$TRAVIS_REPO_SLUG/webwolf/target - - export WEBGOAT_ARTIFACTS_FOLDER=$HOME/build/$TRAVIS_REPO_SLUG/Deployable_Artifacts/ - - mkdir -p $WEBGOAT_ARTIFACTS_FOLDER - - cp -fa $WEBGOAT_SERVER_TARGET_DIR/*.jar $WEBGOAT_ARTIFACTS_FOLDER/ - - cp -fa $WEBWOLF_TARGET_DIR/*.jar $WEBGOAT_ARTIFACTS_FOLDER/ - - echo "Contents of artifacts folder:" - - ls $WEBGOAT_ARTIFACTS_FOLDER -deploy: - - provider: script - cleanup: false - script: bash scripts/deploy-webgoat.sh - on: - condition: $TRAVIS_OS_NAME == 'linux' - jdk: openjdk11 - tags: true - - provider: releases - cleanup: false - overwrite: true - token: - secure: pJOLBnl6427PcVg/tVy/qB18JC7b8cKpffau+IP0pjdSt7KUfBdBY3QuJ7mrM65zRoVILzggLckaew2PlRmYQRdumyWlyRn44XiJ9KO4n6Bsufbz+ictB4ggtozpp9+I9IIUh1TmqypL9lhkX2ONM9dSHmyblYpAAgMuYSK8FYc= - file_glob: true - file: "$WEBGOAT_ARTIFACTS_FOLDER/*" - on: - condition: $TRAVIS_OS_NAME == 'linux' - jdk: openjdk11 - tags: true -env: - global: - #Docker login - - secure: XgPc0UKRTUI70I4YWNQpThPPWeQIxkmzh1GNoR/SSDC2GPIBq3EfkkbSQewqil8stTy+S1/xSzc0JXG8NTn7UOxHVHA/2nhI6jX9E+DKtXQ89YwmaDNQjkbMjziAtDCIex+5TRykxNfkxj6VPYbDssrzI7iJXOIZVj/HoyO3O5E= - #Docker password - - secure: aly5TKBUK9sIiqtMbytNNPZHQhC0a7Yond5tEtuJ8fO+j/KZB4Uro3I6BhzYjGWFb5Kndd0j2TXHPFvtOl402J1CmFsY3v0BhilQd0g6zOssp5T0A73m8Jgq4ItV8wQJJy2bQsXqL1B+uFYieYPiMchj7JxWW0vBn7TV5b68l6U= -notifications: - slack: - rooms: - secure: cDG2URRy7SEipMLyhodwjRBtsPBmfngFB4FyNaIhhr+2/SGyKvGhfW75YA9V+eC7J40KllxQhiIvrxngKDRABb3L1O72Sdj8mZSi8TVsUNLOdamJXHKGUwNSPWXv/1s2m+uC20cgxl66o31vxdV33uvxLdvGOd5e5qOKTsKP7UE=