From eb731ca07aadc0f042daa544fba95141e2f4d5ec Mon Sep 17 00:00:00 2001 From: Wes Dean <87149725+wesley-dean-gsa@users.noreply.github.com> Date: Mon, 16 Dec 2024 09:03:34 -0500 Subject: [PATCH 01/13] Update test.yml --- .github/workflows/test.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index df72bd5..41bc77f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,5 +1,5 @@ --- -name: Build and Test +name: Run Tests # yamllint disable-line rule:truthy on: @@ -12,8 +12,9 @@ concurrency: cancel-in-progress: true jobs: - build: - runs-on: ubuntu-latest + test: + name: "Run tests" + runs-on: ubuntu-22.04 permissions: write-all steps: @@ -42,3 +43,4 @@ jobs: uses: ArtiomTr/jest-coverage-report-action@262a7bb0b20c4d1d6b6b026af0f008f78da72788 # pin@v2.3.1 with: coverage-file: ./report.json + github-token: ${{ secrets.PAT || secrets.GITHUB_TOKEN || github.token }} From 779786300932fcfd16b90cfa0489f05e54b8037c Mon Sep 17 00:00:00 2001 From: Wes Dean <87149725+wesley-dean-gsa@users.noreply.github.com> Date: Mon, 16 Dec 2024 09:07:09 -0500 Subject: [PATCH 02/13] Update preview_button.yml --- .github/workflows/preview_button.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/preview_button.yml b/.github/workflows/preview_button.yml index 4fa90d0..187c454 100644 --- a/.github/workflows/preview_button.yml +++ b/.github/workflows/preview_button.yml @@ -14,11 +14,9 @@ concurrency: jobs: button: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 - permissions: - issues: write - pull-requests: write + permissions: write-all steps: - name: Setup custom variables @@ -47,7 +45,7 @@ jobs: - name: Comment on pull request. uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6 # pin@v2.5.0 with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.PAT || secrets.GITHUB_TOKEN || github.token }} message: | ## Preview This Branch From a9e9a6a4f7fde1b4e4d97b70ff57e6ac8f1d9e4f Mon Sep 17 00:00:00 2001 From: Wes Dean <87149725+wesley-dean-gsa@users.noreply.github.com> Date: Mon, 16 Dec 2024 09:07:40 -0500 Subject: [PATCH 03/13] Update pa11y.yml --- .github/workflows/pa11y.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pa11y.yml b/.github/workflows/pa11y.yml index 96bb216..07ca865 100644 --- a/.github/workflows/pa11y.yml +++ b/.github/workflows/pa11y.yml @@ -14,7 +14,7 @@ concurrency: jobs: pa11y: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: issues: write @@ -97,7 +97,7 @@ jobs: if: ${{ contains(steps.pa11y_output.outputs.content, 'Accessibility issues detected') }} uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6 # pin@v2.5.0 with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.PAT || secrets.GITHUB_TOKEN || github.token }} message: "
Pa11y testing results ```${{ steps.pa11y_output.outputs.content }}```
" comment_tag: pa11y From 8b5302e05842ebd96da9631ea3014fbeeccedf12 Mon Sep 17 00:00:00 2001 From: Wesley Dean Date: Mon, 16 Dec 2024 14:09:32 +0000 Subject: [PATCH 04/13] [MegaLinter] Apply linters fixes --- .github/workflows/preview_button.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/preview_button.yml b/.github/workflows/preview_button.yml index 187c454..750b61f 100644 --- a/.github/workflows/preview_button.yml +++ b/.github/workflows/preview_button.yml @@ -16,7 +16,7 @@ jobs: button: runs-on: ubuntu-22.04 - permissions: write-all + permissions: write-all steps: - name: Setup custom variables From 8458991e6377fa460f811934a4750dda988e99ff Mon Sep 17 00:00:00 2001 From: Wes Dean <87149725+wesley-dean-gsa@users.noreply.github.com> Date: Mon, 16 Dec 2024 09:11:46 -0500 Subject: [PATCH 05/13] Update megalinter.yml --- .github/workflows/megalinter.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/megalinter.yml b/.github/workflows/megalinter.yml index d66156a..871c949 100644 --- a/.github/workflows/megalinter.yml +++ b/.github/workflows/megalinter.yml @@ -26,14 +26,14 @@ concurrency: jobs: build: name: MegaLinter - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: write-all steps: # Git Checkout - name: Checkout Code uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 with: - token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} + token: ${{ secrets.PAT || secrets.GITHUB_TOKEN || github.token }} fetch-depth: 0 - name: "Import GPG key" @@ -51,7 +51,7 @@ jobs: uses: oxsecurity/megalinter/flavors/javascript@d8c95fc6f2237031fb9e9322b0f97100168afa6e # pin@v8.2.0 env: VALIDATE_ALL_CODEBASE: false - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.PAT || secrets.GITHUB_TOKEN || github.token }} # Upload MegaLinter artifacts - name: Archive production artifacts From 4388451234420572fb70de821749760efff7fcc2 Mon Sep 17 00:00:00 2001 From: Wes Dean <87149725+wesley-dean-gsa@users.noreply.github.com> Date: Mon, 16 Dec 2024 09:12:08 -0500 Subject: [PATCH 06/13] Update protect_main_branch.yml --- .github/workflows/protect_main_branch.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/protect_main_branch.yml b/.github/workflows/protect_main_branch.yml index 0c4f398..210d346 100644 --- a/.github/workflows/protect_main_branch.yml +++ b/.github/workflows/protect_main_branch.yml @@ -15,7 +15,7 @@ concurrency: jobs: protect-main-branch: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - name: Check branch run: | From 26e69d01eba0b1dd28a529afb6913b5ace6edcd9 Mon Sep 17 00:00:00 2001 From: Wes Dean <87149725+wesley-dean-gsa@users.noreply.github.com> Date: Mon, 16 Dec 2024 09:14:08 -0500 Subject: [PATCH 07/13] Update scorecard.yml --- .github/workflows/scorecard.yml | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index d266cb7..01cd7a5 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -13,7 +13,7 @@ on: # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained schedule: - - cron: "43 7 * * 3" + - cron: "45 7 * * 3" push: branches: - "staging" @@ -24,15 +24,8 @@ permissions: read-all jobs: analysis: name: Scorecard analysis - runs-on: ubuntu-latest - permissions: - # Needed to upload the results to code-scanning dashboard. - security-events: write - # Needed to publish results and get a badge (see publish_results below). - id-token: write - # Uncomment the permissions below if installing in a private repository. - # contents: read - # actions: read + runs-on: ubuntu-22.04 + permissions: write-all steps: - name: "Checkout code" @@ -58,7 +51,7 @@ jobs: # For private repositories: # - `publish_results` will always be set to `false`, regardless # of the value entered here. - publish_results: true + publish_results: false # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. From 4cbcc557cfa615303d0bfcbe0cf5a151da2b8ab3 Mon Sep 17 00:00:00 2001 From: Wesley Dean Date: Mon, 16 Dec 2024 14:16:02 +0000 Subject: [PATCH 08/13] [MegaLinter] Apply linters fixes --- .github/workflows/scorecard.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 01cd7a5..38d24b8 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -25,7 +25,7 @@ jobs: analysis: name: Scorecard analysis runs-on: ubuntu-22.04 - permissions: write-all + permissions: write-all steps: - name: "Checkout code" From 4b847604fb21ac7103e51ea30a196816eee56b48 Mon Sep 17 00:00:00 2001 From: Wes Dean <87149725+wesley-dean-gsa@users.noreply.github.com> Date: Mon, 16 Dec 2024 09:24:37 -0500 Subject: [PATCH 09/13] Update test.yml --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 41bc77f..711a8ad 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -14,8 +14,8 @@ concurrency: jobs: test: name: "Run tests" - runs-on: ubuntu-22.04 permissions: write-all + runs-on: ubuntu-22.04 steps: - name: Checkout repository From ed896fb03b6c33ff768145bf4752eded6acd2e11 Mon Sep 17 00:00:00 2001 From: Wes Dean <87149725+wesley-dean-gsa@users.noreply.github.com> Date: Mon, 16 Dec 2024 09:36:18 -0500 Subject: [PATCH 10/13] Update archive_website.yml --- .github/workflows/archive_website.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/archive_website.yml b/.github/workflows/archive_website.yml index 3ee5f37..27c7160 100644 --- a/.github/workflows/archive_website.yml +++ b/.github/workflows/archive_website.yml @@ -14,12 +14,10 @@ concurrency: jobs: archive: - runs-on: ubuntu-latest - - permissions: - issues: write - pull-requests: write + runs-on: ubuntu-22.04 + permissions: write-all + steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 From 377bd8ad244d4f59857b8586a76ba3721d168365 Mon Sep 17 00:00:00 2001 From: Wesley Dean Date: Mon, 16 Dec 2024 14:38:04 +0000 Subject: [PATCH 11/13] [MegaLinter] Apply linters fixes --- .github/workflows/archive_website.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/archive_website.yml b/.github/workflows/archive_website.yml index 27c7160..1f08468 100644 --- a/.github/workflows/archive_website.yml +++ b/.github/workflows/archive_website.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-22.04 permissions: write-all - + steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 From 4132b80db770b05fea89c16d55da17ce0d995f84 Mon Sep 17 00:00:00 2001 From: Wes Dean <87149725+wesley-dean-gsa@users.noreply.github.com> Date: Mon, 16 Dec 2024 09:47:01 -0500 Subject: [PATCH 12/13] Update test.yml --- .github/workflows/test.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 711a8ad..52cfb4b 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -36,11 +36,9 @@ jobs: - name: Build site run: npm run build - - name: Run tests - run: npm run test - - name: report code coverage uses: ArtiomTr/jest-coverage-report-action@262a7bb0b20c4d1d6b6b026af0f008f78da72788 # pin@v2.3.1 with: + skip-step: install coverage-file: ./report.json github-token: ${{ secrets.PAT || secrets.GITHUB_TOKEN || github.token }} From 884b5f0da23acecd748295c01cd7b6839c5126a7 Mon Sep 17 00:00:00 2001 From: Wes Dean <87149725+wesley-dean-gsa@users.noreply.github.com> Date: Mon, 16 Dec 2024 09:48:40 -0500 Subject: [PATCH 13/13] Update test.yml --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 52cfb4b..00c094d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -40,5 +40,6 @@ jobs: uses: ArtiomTr/jest-coverage-report-action@262a7bb0b20c4d1d6b6b026af0f008f78da72788 # pin@v2.3.1 with: skip-step: install + annotations: none coverage-file: ./report.json github-token: ${{ secrets.PAT || secrets.GITHUB_TOKEN || github.token }}