diff --git a/.github/workflows/ci-pr.yml b/.github/workflows/ci-pr.yml new file mode 100644 index 0000000..2893429 --- /dev/null +++ b/.github/workflows/ci-pr.yml @@ -0,0 +1,40 @@ +# This is a basic workflow to help you get started with Actions + +name: CI for PR + +# Controls when the workflow will run +on: + # Triggers the workflow on push or pull request events but only for the "main" branch + pull_request: + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on + runs-on: ubuntu-latest + strategy: + matrix: + python-version: ["pypy3.9", "pypy3.10", "3.9", "3.10", "3.11", "3.12"] + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + - uses: actions/checkout@v4 + + # Build docker image + - name: Build Docker image + run: | + docker build -t rahul_Test . + + #Image Scan Using Trivy + - name: Scan Docker image for vulnerabilities + run: | + trivy image --no-progress prayan-maas-micro-service-local:latest + # Save the Trivy scan report to a file + trivy image --no-progress --format json rahul_Test:latest > trivy_report.json + + - name: Upload Trivy scan report to artifacts + uses: actions/upload-artifact@v2 + with: + name: trivy-reports + path: trivy_report.json diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000..2893429 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,40 @@ +# This is a basic workflow to help you get started with Actions + +name: CI for PR + +# Controls when the workflow will run +on: + # Triggers the workflow on push or pull request events but only for the "main" branch + pull_request: + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on + runs-on: ubuntu-latest + strategy: + matrix: + python-version: ["pypy3.9", "pypy3.10", "3.9", "3.10", "3.11", "3.12"] + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + - uses: actions/checkout@v4 + + # Build docker image + - name: Build Docker image + run: | + docker build -t rahul_Test . + + #Image Scan Using Trivy + - name: Scan Docker image for vulnerabilities + run: | + trivy image --no-progress prayan-maas-micro-service-local:latest + # Save the Trivy scan report to a file + trivy image --no-progress --format json rahul_Test:latest > trivy_report.json + + - name: Upload Trivy scan report to artifacts + uses: actions/upload-artifact@v2 + with: + name: trivy-reports + path: trivy_report.json diff --git a/LICENSE b/LICENSE index 8dada3e..8ea6ddf 100644 --- a/LICENSE +++ b/LICENSE @@ -13,7 +13,7 @@ the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common + other entities that control, are controlled by, or are under commonbvnvb control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or @@ -23,7 +23,7 @@ "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. - "Source" form shall mean the preferred form for making modifications, + "Source" form shall mean the preferred form for making modifications,fgh including but not limited to software source code, documentation source, and configuration files. @@ -149,7 +149,7 @@ PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. - + 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly