refactor project

.github/workflows/pipeline.yml

@@ -10,20 +10,19 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
-    - name: Setup node
-      uses: actions/setup-node@v3
-    - name: Install dependencies
-      run: npm ci
-    - name: debug root
-      run: ls
-    - name: debug subfolder
-      run: cd src && ls
-    - name: Build 
-      run: npm run build
-    - name: 'Run Compliance State'
-      uses: ./
-      with:
-        cydigConfigPath: ${{ github.workspace }}/src/cydigconfig.json
-        repo-token: ${{ secrets.MY_GITHUB_PAT}}
-
+      - uses: actions/checkout@v3
+      - name: Setup node
+        uses: actions/setup-node@v3
+      - name: Install dependencies
+        run: npm ci
+      - name: debug root
+        run: ls
+      - name: debug subfolder
+        run: cd src && ls
+      - name: Build
+        run: npm run build
+      - name: 'Run Compliance State'
+        uses: ./
+        with:
+          cydigConfigPath: ${{ github.workspace }}/src/cydigconfig.json
+          github-token: ${{ secrets.GITHUB_TOKEN}}

.github/workflows/release.yml

@@ -1,10 +1,9 @@
 name: Creating release
 run-name: ${{ github.actor }} creating a release
-on: 
+on:
   pull_request:
     types: [closed]
-    
+
 jobs:
   call-release-workflow:
     uses: omegapoint/cydig-reusable-workflows/.github/workflows/release.yml@main
-

action.yml

@@ -7,8 +7,8 @@ inputs:
     description: 'The path to the json-file containing configuration for CyDig'
     required: true
     default: 'Not working'
-  repo-token:
-    description: 'Personal access token to Github, permissions should be Code: read'
+  github-token:
+    description: 'Automatic token from Github workflow'
     required: true
     default: 'Not working'
 runs:

src/branchprotection/BranchProtectionService.ts

@@ -1,28 +1,30 @@
+/* eslint-disable @typescript-eslint/no-explicit-any */
 import * as core from '@actions/core';
 import * as github from '@actions/github';
 export class BranchProtectionService {
   public static async getStateOfBranchProtection(): Promise<void> {
     console.log('\n Running branch protection control');
-    
+
     //numberOfReviewers > 0, if state of branch protection changes
-    let numberOfReviewers: number = 0;
+    const numberOfReviewers: number = 0;
 
-    const token = core.getInput('repo-token');
-    const octokit = github.getOctokit(token);
+    const token: string = core.getInput('repo-token');
+    const octokit: any = github.getOctokit(token);
 
-    const { owner, repo } = github.context.repo;
+    const { owner, repo }: { owner: string; repo: string } = github.context.repo;
     await octokit.rest.repos
       .getBranchProtection({
         owner: owner,
         repo: repo,
         branch: 'main',
       })
-      .then((response) => {
+      .then((response: any) => {
         console.log(response.data);
       })
-      .catch((error) => {
-        console.log('Branch protections is not enabled for repository: ' + repo)
+      .catch((error: any) => {
+        console.log('Branch protections is not enabled for repository: ' + repo);
+        console.log('Error: ', error.message);
       });
-      core.exportVariable('numberOfReviewers', numberOfReviewers)
+    core.exportVariable('numberOfReviewers', numberOfReviewers);
   }
 }

src/cydigconfig.json

@@ -1,41 +1,41 @@
 {
-    "teamName": "name-of-your-team", 
-    "usingAzure": true,
-    "threatModeling": {
-        "date": "date-of-threat-modeling",
-        "boardsTag": "TM" 
+  "teamName": "name-of-your-team",
+  "usingAzure": true,
+  "threatModeling": {
+    "date": "date-of-threat-modeling",
+    "boardsTag": "TM"
+  },
+  "pentest": {
+    "date": "2023-09-07",
+    "boardsTag": "PT"
+  },
+  "github": {
+    "usingRepos": true,
+    "repos": {
+      "username": "firstname.lastname (usually)"
     },
-    "pentest": {
-        "date": "2023-09-07",
-        "boardsTag": "PT"
-    },
-    "github": {
-        "usingRepos": true,
-        "repos": {
-            "username": "firstname.lastname (usually)"
-        },
-        "usingBoards": true,
-        "boards": {
-            "nameOfBoard": "name-of-boards (use 'not specified' for all boards in project)"
-        }
-    },
-    "scaTool": {
-        "nameOfTool": "name-of-tool", 
-        "owaspDependencyCheck": {
-            "reportPath": "Reports/dependency-check-report.csv",
-            "csvPath": "not specified"
-        }
-    },
-    "sastTool": {
-        "nameOfTool": "name-of-tool",
-        "semgrep": {
-            "reportPath": "semgrep-json.json"
-        }
-    },
-    "codeQualityTool": {
-        "nameOfTool": "name-of-tool"
-    },
-    "reposToExclude": {
-        "nameOfRepos": "not-specified"
+    "usingBoards": true,
+    "boards": {
+      "nameOfBoard": "name-of-boards (use 'not specified' for all boards in project)"
+    }
+  },
+  "scaTool": {
+    "nameOfTool": "name-of-tool",
+    "owaspDependencyCheck": {
+      "reportPath": "Reports/dependency-check-report.csv",
+      "csvPath": "not specified"
+    }
+  },
+  "sastTool": {
+    "nameOfTool": "name-of-tool",
+    "semgrep": {
+      "reportPath": "semgrep-json.json"
     }
+  },
+  "codeQualityTool": {
+    "nameOfTool": "name-of-tool"
+  },
+  "reposToExclude": {
+    "nameOfRepos": "not-specified"
+  }
 }

src/index.ts

@@ -10,7 +10,7 @@ import { ThreatModelingService } from './threatmodeling/ThreatModelingService';
  */
 export async function run(): Promise<void> {
   try {
-    console.log('\n Running controls on your repository')
+    console.log('\n Running controls on your repository');
     const cydigConfig: CyDigConfig = getContentOfFile(core.getInput('cydigConfigPath'));
     await BranchProtectionService.getStateOfBranchProtection();