generated from Milehigh-wrld/Milehigh.world
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Initialize renovate/google-github-actions-auth-2.x
- Loading branch information
0 parents
commit 1a5044e
Showing
10 changed files
with
279 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| --- | ||
| name: Bug report | ||
| about: Create a report to help us improve | ||
| title: '' | ||
| labels: '' | ||
| assignees: '' | ||
|
|
||
| --- | ||
|
|
||
| **Describe the bug** | ||
| A clear and concise description of what the bug is. | ||
|
|
||
| **To Reproduce** | ||
| Steps to reproduce the behavior: | ||
| 1. Go to '...' | ||
| 2. Click on '....' | ||
| 3. Scroll down to '....' | ||
| 4. See error | ||
|
|
||
| **Expected behavior** | ||
| A clear and concise description of what you expected to happen. | ||
|
|
||
| **Screenshots** | ||
| If applicable, add screenshots to help explain your problem. | ||
|
|
||
| **Desktop (please complete the following information):** | ||
| - OS: [e.g. iOS] | ||
| - Browser [e.g. chrome, safari] | ||
| - Version [e.g. 22] | ||
|
|
||
| **Smartphone (please complete the following information):** | ||
| - Device: [e.g. iPhone6] | ||
| - OS: [e.g. iOS8.1] | ||
| - Browser [e.g. stock browser, safari] | ||
| - Version [e.g. 22] | ||
|
|
||
| **Additional context** | ||
| Add any other context about the problem here. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| # This workflow will build a docker container, publish it to Google Container Registry, and deploy it to GKE when there is a push to the "main" branch. | ||
| # | ||
| # To configure this workflow: | ||
| # | ||
| # 1. Ensure that your repository contains the necessary configuration for your Google Kubernetes Engine cluster, including deployment.yml, kustomization.yml, service.yml, etc. | ||
| # | ||
| # 2. Create and configure a Workload Identity Provider for GitHub (https://github.com/google-github-actions/auth#setting-up-workload-identity-federation) | ||
| # | ||
| # 3. Change the values for the GAR_LOCATION, GKE_ZONE, GKE_CLUSTER, IMAGE, REPOSITORY and DEPLOYMENT_NAME environment variables (below). | ||
| # | ||
| # For more support on how to run the workflow, please visit https://github.com/google-github-actions/setup-gcloud/tree/master/example-workflows/gke-kustomize | ||
|
|
||
| name: Build and Deploy to GKE | ||
|
|
||
| on: | ||
| push: | ||
| branches: [ "main" ] | ||
|
|
||
| env: | ||
| PROJECT_ID: ${{ secrets.GKE_PROJECT }} | ||
| GAR_LOCATION: us-central1 # TODO: update region of the Artifact Registry | ||
| GKE_CLUSTER: cluster-1 # TODO: update to cluster name | ||
| GKE_ZONE: us-central1-c # TODO: update to cluster zone | ||
| DEPLOYMENT_NAME: gke-test # TODO: update to deployment name | ||
| REPOSITORY: samples # TODO: update to Artifact Registry docker repository | ||
| IMAGE: static-site | ||
|
|
||
| jobs: | ||
| setup-build-publish-deploy: | ||
| name: Setup, Build, Publish, and Deploy | ||
| runs-on: ubuntu-latest | ||
| environment: production | ||
|
|
||
| permissions: | ||
| contents: 'read' | ||
| id-token: 'write' | ||
|
|
||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v3 | ||
|
|
||
| # Configure Workload Identity Federation and generate an access token. | ||
| - id: 'auth' | ||
| name: 'Authenticate to Google Cloud' | ||
| uses: 'google-github-actions/auth@v2' | ||
| with: | ||
| token_format: 'access_token' | ||
| workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider' | ||
| service_account: '[email protected]' | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,90 @@ | ||
| # This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node | ||
| # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs | ||
| name: Node.js CI | ||
| on: | ||
| push: | ||
| branches: [ "main" ] | ||
| pull_request: | ||
| branches: [ "main" ] | ||
|
|
||
| jobs: | ||
| build: | ||
|
|
||
| runs-on: ubuntu-latest | ||
|
|
||
| strategy: | ||
| matrix: | ||
| node-version: [14.x, 16.x, 18.x] | ||
| # See supported Node.js release schedule at https://nodejs.org/en/about/releases/ | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v3 | ||
| - name: Use Node.js ${{ matrix.node-version }} | ||
| uses: actions/setup-node@v3 | ||
| with: | ||
| node-version: ${{ matrix.node-version }} | ||
| cache: 'npm' | ||
| - run: npm ci | ||
| - run: npm run build --if-present | ||
| - run: npm test) | ||
|
|
||
|
|
||
| - name: Setup Node.js environment | ||
| uses: actions/[email protected] | ||
| with: | ||
| # Set always-auth in npmrc. | ||
| always-auth: # optional, default is false | ||
| # Version Spec of the version to use. Examples: 12.x, 10.15.1, >=10.15.0. | ||
| node-version: # optional | ||
| # File containing the version Spec of the version to use. Examples: package.json, .nvmrc, .node-version, .tool-versions. | ||
| node-version-file: # optional | ||
| # Target architecture for Node to use. Examples: x86, x64. Will use system architecture by default. | ||
| architecture: # optional | ||
| # Set this option if you want the action to check for the latest available version that satisfies the version spec. | ||
| check-latest: # optional | ||
| # Optional registry to set up for auth. Will set the registry in a project level .npmrc and .yarnrc file, and set up auth to read in from env.NODE_AUTH_TOKEN. | ||
| registry-url: # optional | ||
| # Optional scope for authenticating against scoped registries. Will fall back to the repository owner when using the GitHub Packages registry (https://npm.pkg.github.com/). | ||
| scope: # optional | ||
| # Used to pull node distributions from node-versions. Since there's a default, this is typically not supplied by the user. When running this action on github.com, the default value is sufficient. When running on GHES, you can pass a personal access token for github.com if you are experiencing rate limiting. | ||
| token: # optional, default is ${{ github.server_url == 'https://github.com' && github.token || '' }} | ||
| # Used to specify a package manager for caching in the default directory. Supported values: npm, yarn, pnpm. | ||
| cache: # optional | ||
| # Used to specify the path to a dependency file: package-lock.json, yarn.lock, etc. Supports wildcards or a list of file names for caching multiple dependencies. | ||
| cache-dependency-path: # optional | ||
| - name: Setup Node.js environment | ||
| - uses: actions/[email protected] | ||
| with: | ||
| # Set always-auth in npmrc. | ||
| always-auth: # optional, default is false | ||
| # Version Spec of the version to use. Examples: 12.x, 10.15.1, >=10.15.0. | ||
| node-version: # optional | ||
| # File containing the version Spec of the version to use. Examples: package.json, .nvmrc, .node-version, .tool-versions. | ||
| node-version-file: # optional | ||
| # Target architecture for Node to use. Examples: x86, x64. Will use system architecture by default. | ||
| architecture: # optional | ||
| # Set this option if you want the action to check for the latest available version that satisfies the version spec. | ||
| check-latest: # optional | ||
| # Optional registry to set up for auth. Will set the registry in a project level .npmrc and .yarnrc file, and set up auth to read in from env.NODE_AUTH_TOKEN. | ||
| registry-url: # optional | ||
| # Optional scope for authenticating against scoped registries. Will fall back to the repository owner when using the GitHub Packages registry (https://npm.pkg.github.com/). | ||
| scope: # optional | ||
| # Used to pull node distributions from node-versions. Since there's a default, this is typically not supplied by the user. When running this action on github.com, the default value is sufficient. When running on GHES, you can pass a personal access token for github.com if you are experiencing rate limiting. | ||
| token: # optional, default is ${{ github.server_url == 'https://github.com' && github.token || '' }} | ||
| # Used to specify a package manager for caching in the default directory. Supported values: npm, yarn, pnpm. | ||
| cache: # optional | ||
| # Used to specify the path to a dependency file: package-lock.json, yarn.lock, etc. Supports wildcards or a list of file names for caching multiple dependencies. | ||
| cache-dependency-path: # - name: Cloud Maker Deploy | ||
| # You may pin to the exact commit or the version. | ||
| # uses: cloud-maker-ai/github-action-deploy@f86239fb28b589a9898a361b3df1dac5f3d3fc8f | ||
| uses: cloud-maker-ai/[email protected] | ||
| with: | ||
| # Cloud Maker API Token | ||
| CLOUD_MAKER_TOKEN: | ||
| # Cloud Maker Pipeline ID to be deployed | ||
| CLOUD_MAKER_PIPELINE_ID: | ||
| # Cloud Maker Stage ID to be deployed | ||
| CLOUD_MAKER_STAGE_ID: | ||
|
|
||
|
|
||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| # This workflow will run tests using node and then publish a package to GitHub Packages when a release is created | ||
| # For more information see: https://docs.github.com/en/actions/publishing-packages/publishing-nodejs-packages | ||
|
|
||
| name: Node.js Package | ||
|
|
||
| on: | ||
| release: | ||
| types: [created] | ||
|
|
||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v3 | ||
| - uses: actions/setup-node@v3 | ||
| with: | ||
| node-version: 16 | ||
| - run: npm ci | ||
| - run: npm test | ||
|
|
||
| publish-npm: | ||
| needs: build | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v3 | ||
| - uses: actions/setup-node@v3 | ||
| with: | ||
| node-version: 16 | ||
| registry-url: https://registry.npmjs.org/ | ||
| - run: npm ci | ||
| - run: npm publish | ||
| env: | ||
| NODE_AUTH_TOKEN: ${{secrets.npm_token}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| Copyright 2020 [Themesberg](https://themesberg.com) (Crafty Dwarf LLC) | ||
|
|
||
| Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: | ||
|
|
||
| The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. | ||
|
|
||
| THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| milehigh.world | ||
| 1. Music Education and Learning: | ||
| Milehigh.world offers a variety of resources to help musicians enhance their skills and knowledge. This includes tutorials, online courses, and workshops on various aspects of music production, songwriting, music theory, and instrument mastery. These resources aim to provide musicians with the tools and techniques to improve their craft and pursue their musical aspirations. | ||
| 2.Networking and Collaboration: | ||
| Milehigh.world provides a platform for musicians to connect and collaborate with each other. Through the platform, musicians can find potential collaborators, such as vocalists, producers, instrumentalists, and songwriters. This collaborative environment encourages creativity, allows musicians to explore new genres and styles, and provides opportunities to learn from others. | ||
| 4. Community Forums and Discussions: | ||
| Milehigh.world features community forums and discussion boards where musicians can engage in conversations, ask questions, and share their experiences. These forums provide a space for musicians to connect with like-minded individuals, seek advice, and receive feedback on their work. Engaging in these discussions can foster a sense of community and enable knowledge-sharing among musicians. | ||
| 5. Industry Insights and Trends: | ||
| The platform offers resources that provide insights into the latest trends and developments in the music industry. These resources cover topics such as music streaming, digital marketing strategies, fan engagement, and monetization. By staying updated on industry trends, musicians can make informed decisions and adapt their strategies to align with the evolving music landscape. | ||
| 6.Exclusive Events and Competitions: | ||
| Milehigh.world organizes exclusive events and competitions for its members. These events may include live performances, showcases, talent contests, and more. Participating in these events can provide exposure and networking opportunities for musicians, allowing them to gain visibility within the industry. | ||
| 7.Career Development Resources: | ||
| The platform offers resources and guidance on various aspects of career development for musicians. This includes topics such as building a professional brand, creating an online presence, marketing strategies, and networking. These resources aim to help musicians navigate the business side of the music industry and establish a successful career. | ||
| 8. Feedback and Critique: | ||
| Milehigh.world provides a platform for musicians to receive feedback and critique on their work. Members can submit their music for review by the community or industry professionals, allowing them to gain constructive feedback and insights to improve their craft. This feedback mechanism can be valuable in honing skills and refining musical compositions. | ||
| 9.Music Library and Distribution: | ||
| Milehigh.world has a music library where musicians can showcase their work and make it available for licensing opportunities. This allows musicians to monetize their music and reach a wider audience. The platform also offers distribution services, enabling musicians to release their music on various streaming platforms and digital stores. | ||
|
|
||
| These additional features and resources provided by Milehigh.world further enhance the learning and growth opportunities for musicians. They aim to provide a comprehensive ecosystem that supports musicians in their creative journey, facilitates collaboration and networking, and equips them with the knowledge and tools necessary to succeed in the music industry. | ||
|
|
||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| # Security Policy | ||
|
|
||
| ## Supported Versions | ||
|
|
||
| Use this section to tell people about which versions of your project are | ||
| currently being supported with security updates. | ||
|
|
||
| | Version | Supported | | ||
| | ------- | ------------------ | | ||
| | 5.1.x | :white_check_mark: | | ||
| | 5.0.x | :x: | | ||
| | 4.0.x | :white_check_mark: | | ||
| | < 4.0 | :x: | | ||
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| Use this section to tell people how to report a vulnerability. | ||
|
|
||
| Tell them where to go, how often they can expect to get an update on a | ||
| reported vulnerability, what to expect if the vulnerability is accepted or | ||
| declined, etc. |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| "Code Fingerprint Authentication". | ||
|
|
||
| Code Fingerprint Authentication would use the unique code patterns and style of a developer's code as a form of authentication. Here's how it would work: | ||
|
|
||
| 1. Code Analysis: GitHub would analyze the code repositories and commits of each user to create a unique "code fingerprint" for that user. This fingerprint would be based on coding patterns, syntax preferences, and other characteristics specific to the user's coding style. | ||
|
|
||
| 2. Authentication Process: When a user tries to access their GitHub account, instead of traditional authentication methods like passwords or 2FA, GitHub would present the user with a code snippet. The user would be required to modify the code snippet based on their coding style within a specific time limit. | ||
|
|
||
| 3. Code Matching: Once the user submits the modified code snippet, GitHub would compare it with the user's code fingerprint. If the modified code matches the user's coding style, access to the account would be granted. Otherwise, access would be denied. | ||
|
|
||
| Benefits of Code Fingerprint Authentication: | ||
|
|
||
| 1. Enhanced Security: Code Fingerprint Authentication adds an extra layer of security by leveraging the unique coding style of each developer. It makes it extremely difficult for unauthorized users to gain access to an account, even if they possess the correct login credentials. | ||
|
|
||
| 2. Frictionless User Experience: Code Fingerprint Authentication eliminates the need for remembering and managing passwords or using additional authentication devices. It provides a seamless and intuitive authentication process for developers. | ||
|
|
||
| 3. Developer Empowerment: By utilizing a developer's coding style as a form of authentication, Code Fingerprint Authentication reinforces a sense of ownership and identity in the GitHub community. It also encourages developers to maintain consistent coding practices. | ||
|
|
||
| By implementing Code Fingerprint Authentication, GitHub can revolutionize the way developers securely access their accounts, ensuring a more personalized and secure experience for its users. |