diff --git a/.gitignore b/.gitignore index 9ca6d282..7b654d4c 100644 --- a/.gitignore +++ b/.gitignore @@ -102,5 +102,5 @@ __tests__/runner/* .vscode *.code-workspace -dist +#dist ResultsFile.xml \ No newline at end of file diff --git a/dist/Pentest/PentestService.js b/dist/Pentest/PentestService.js new file mode 100644 index 00000000..544ce2b8 --- /dev/null +++ b/dist/Pentest/PentestService.js @@ -0,0 +1,134 @@ +"use strict"; +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.PentestService = void 0; +const core = __importStar(require("@actions/core")); +//import * as github from '@actions/github'; +class PentestService { + static async getStateOfPentest(pentestDate) { + if (!pentestDate.date || pentestDate.date === 'date-of-pentest') { + core.warning('Pentest Date is not set!'); + return; + } + core.exportVariable('pentestDate', pentestDate.date); + //console.log('Pentest Date is set', pentestDate.date); + // const token = core.getInput('repo-token'); + // console.log('Got the token'); + // const octokit = github.getOctokit(token); + // console.log('octoKit authenticated'); + // const { owner, repo } = github.context.repo; + // console.log(`Owner: ${owner}`); + // console.log(`Repo: ${repo}`); + // console.log('Going to get Pentest tickets from github boards'); + // await octokit.rest.projects + // .createForRepo({ + // owner: owner, + // repo: repo, + // name: 'Projects Jonathan B', + // }) + // .then(async (response) => { + // console.log('Got the column for repo'); + // console.log(response.data); + // }) + // .catch((error) => { + // core.warning('Error getting column!'); + // console.log('Error: ', error); + // }); + // await octokit.rest.projects + // .listForOrg({ + // org: owner, + // }) + // .then(async (response) => { + // console.log('Got the projects for org'); + // console.log(response.data); + // }) + // .catch((error) => { + // core.warning('Error getting projects for org!'); + // console.log('Error: ', error); + // }); + // const customLabelIssues = await octokit.rest.issues + // .listForRepo({ + // owner: owner, + // repo: repo, + // }) + // .then(async (response) => { + // const issues = response.data; + // console.log('Got the issues'); + // console.log('Number of issues: ', issues.length); + // const customLabelIssues = issues.filter((issue) => { + // console.log('issue', issue.title); + // return issue.labels.some((label: any) => label.name === pentestDate.boardsTag); + // }); + // console.log('customLabelIssues', customLabelIssues.length); + // return customLabelIssues; + // }) + // .catch((error) => { + // core.warning('Error getting project for repo!'); + // console.log('Error: ', error); + // }); + // await octokit.rest.projects + // .listCards({ + // owner: owner, + // repo: repo, + // column_id: 24, + // }) + // .then(async (response) => { + // console.log('Got the cards'); + // const projectCards = response.data; + // // const customLabelCards = projectCards.filter((card) => { + // // return card.note?.includes(pentestDate.boardsTag); + // // }); + // const customLabelCards = []; + // console.log('projectCards', projectCards); + // for (const card of projectCards) { + // // Get the associated issue or pull request for the card + // console.log('card', card); + // const contentResponse = await octokit.request(card.content_url); + // console.log('contentResponse', contentResponse); + // if (contentResponse.data.labels.some((label: any) => label.name === pentestDate.boardsTag)) { + // customLabelCards.push(card); + // } + // } + // console.log('customLabelCards', customLabelCards); + // return customLabelCards; + // }) + // .catch((error) => { + // core.warning('Error getting cards!'); + // console.log('Error: ', error); + // }); + // owner: owner, + // repo: repo, + // branch: 'main', + // }).then((response) => { + // console.log("Got the branch protection"); + // console.log(response.data); + // }).catch((error) => { + // core.warning("Error getting branch protection!"); + // core.warning("Error: ", error.message); + // }); + } +} +exports.PentestService = PentestService; +//# sourceMappingURL=PentestService.js.map \ No newline at end of file diff --git a/dist/Pentest/PentestService.js.map b/dist/Pentest/PentestService.js.map new file mode 100644 index 00000000..858a3a25 --- /dev/null +++ b/dist/Pentest/PentestService.js.map @@ -0,0 +1 @@ +{"version":3,"file":"PentestService.js","sourceRoot":"","sources":["../../src/Pentest/PentestService.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AACtC,4CAA4C;AAE5C,MAAa,cAAc;IAClB,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,WAAgD;QACpF,IAAI,CAAC,WAAW,CAAC,IAAI,IAAI,WAAW,CAAC,IAAI,KAAK,iBAAiB,EAAE;YAC/D,IAAI,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC;YACzC,OAAO;SACR;QACD,IAAI,CAAC,cAAc,CAAC,aAAa,EAAE,WAAW,CAAC,IAAI,CAAC,CAAC;QAErD,uDAAuD;QAEvD,6CAA6C;QAC7C,gCAAgC;QAEhC,4CAA4C;QAC5C,wCAAwC;QAExC,+CAA+C;QAC/C,kCAAkC;QAClC,gCAAgC;QAEhC,kEAAkE;QAElE,8BAA8B;QAC9B,qBAAqB;QACrB,oBAAoB;QACpB,kBAAkB;QAClB,mCAAmC;QACnC,OAAO;QACP,gCAAgC;QAChC,8CAA8C;QAC9C,kCAAkC;QAClC,OAAO;QACP,wBAAwB;QACxB,6CAA6C;QAC7C,qCAAqC;QACrC,QAAQ;QACR,8BAA8B;QAC9B,kBAAkB;QAClB,kBAAkB;QAClB,OAAO;QACP,gCAAgC;QAChC,+CAA+C;QAC/C,kCAAkC;QAClC,OAAO;QACP,wBAAwB;QACxB,uDAAuD;QACvD,qCAAqC;QACrC,QAAQ;QAER,sDAAsD;QACtD,mBAAmB;QACnB,oBAAoB;QACpB,kBAAkB;QAClB,OAAO;QACP,gCAAgC;QAChC,oCAAoC;QACpC,qCAAqC;QACrC,wDAAwD;QACxD,2DAA2D;QAC3D,2CAA2C;QAC3C,wFAAwF;QACxF,UAAU;QACV,kEAAkE;QAClE,gCAAgC;QAChC,OAAO;QACP,wBAAwB;QACxB,uDAAuD;QACvD,qCAAqC;QACrC,QAAQ;QAER,8BAA8B;QAC9B,iBAAiB;QACjB,oBAAoB;QACpB,kBAAkB;QAClB,qBAAqB;QACrB,OAAO;QACP,gCAAgC;QAChC,oCAAoC;QACpC,0CAA0C;QAC1C,kEAAkE;QAClE,gEAAgE;QAChE,aAAa;QAEb,mCAAmC;QACnC,iDAAiD;QACjD,yCAAyC;QACzC,iEAAiE;QACjE,mCAAmC;QACnC,yEAAyE;QACzE,yDAAyD;QACzD,sGAAsG;QACtG,uCAAuC;QACvC,UAAU;QACV,QAAQ;QAER,yDAAyD;QACzD,+BAA+B;QAC/B,OAAO;QACP,wBAAwB;QACxB,4CAA4C;QAC5C,qCAAqC;QACrC,QAAQ;QAER,gBAAgB;QAChB,cAAc;QACd,kBAAkB;QAClB,0BAA0B;QAC1B,gDAAgD;QAChD,kCAAkC;QAClC,wBAAwB;QACxB,wDAAwD;QACxD,8CAA8C;QAC9C,MAAM;IACR,CAAC;CACF;AAlHD,wCAkHC"} \ No newline at end of file diff --git a/dist/branchprotection/BranchProtectionService.js b/dist/branchprotection/BranchProtectionService.js new file mode 100644 index 00000000..d2b8d9b7 --- /dev/null +++ b/dist/branchprotection/BranchProtectionService.js @@ -0,0 +1,53 @@ +"use strict"; +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.BranchProtectionService = void 0; +const core = __importStar(require("@actions/core")); +const github = __importStar(require("@actions/github")); +class BranchProtectionService { + static async getStateOfBranchProtection() { + console.log('\n Running branch protection control'); + //numberOfReviewers > 0, if state of branch protection changes + let numberOfReviewers = 0; + const token = core.getInput('repo-token'); + const octokit = github.getOctokit(token); + const { owner, repo } = github.context.repo; + await octokit.rest.repos + .getBranchProtection({ + owner: owner, + repo: repo, + branch: 'main', + }) + .then((response) => { + console.log(response.data); + }) + .catch((error) => { + console.log('Branch protections is not enabled for repository: ' + repo); + }); + core.exportVariable('numberOfReviewers', numberOfReviewers); + } +} +exports.BranchProtectionService = BranchProtectionService; +//# sourceMappingURL=BranchProtectionService.js.map \ No newline at end of file diff --git a/dist/branchprotection/BranchProtectionService.js.map b/dist/branchprotection/BranchProtectionService.js.map new file mode 100644 index 00000000..b47dc4d4 --- /dev/null +++ b/dist/branchprotection/BranchProtectionService.js.map @@ -0,0 +1 @@ +{"version":3,"file":"BranchProtectionService.js","sourceRoot":"","sources":["../../src/branchprotection/BranchProtectionService.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AACtC,wDAA0C;AAC1C,MAAa,uBAAuB;IAC3B,MAAM,CAAC,KAAK,CAAC,0BAA0B;QAC5C,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;QAEpD,8DAA8D;QAC9D,IAAI,iBAAiB,GAAW,CAAC,CAAC;QAElC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAEzC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC;QAC5C,MAAM,OAAO,CAAC,IAAI,CAAC,KAAK;aACrB,mBAAmB,CAAC;YACnB,KAAK,EAAE,KAAK;YACZ,IAAI,EAAE,IAAI;YACV,MAAM,EAAE,MAAM;SACf,CAAC;aACD,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;YACjB,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC7B,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YACf,OAAO,CAAC,GAAG,CAAC,oDAAoD,GAAG,IAAI,CAAC,CAAA;QAC1E,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,cAAc,CAAC,mBAAmB,EAAE,iBAAiB,CAAC,CAAA;IAC/D,CAAC;CACF;AAzBD,0DAyBC"} \ No newline at end of file diff --git a/dist/helpfunctions/JsonService.js b/dist/helpfunctions/JsonService.js new file mode 100644 index 00000000..7cc76157 --- /dev/null +++ b/dist/helpfunctions/JsonService.js @@ -0,0 +1,88 @@ +"use strict"; +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +var __importDefault = (this && this.__importDefault) || function (mod) { + return (mod && mod.__esModule) ? mod : { "default": mod }; +}; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.validateConfig = exports.getContentOfFile = void 0; +const fs = __importStar(require("fs")); +const path = __importStar(require("path")); +const joi_1 = __importDefault(require("joi")); +function getContentOfFile(jsonPath) { + const jsonFilePath = path.resolve(__dirname, path.relative(__dirname, path.normalize(jsonPath).replace(/^(\.\.(\/|\\|$))+/, ''))); + const fileContent = fs.readFileSync(jsonFilePath, { encoding: 'utf-8' }); + const cydigConfig = JSON.parse(fileContent); + validateConfig(cydigConfig); + return cydigConfig; +} +exports.getContentOfFile = getContentOfFile; +function validateConfig(config) { + const schema = joi_1.default.object({ + teamName: joi_1.default.string().required(), + usingAzure: joi_1.default.boolean().required(), + threatModeling: joi_1.default.object({ + date: joi_1.default.string().required(), + boardsTag: joi_1.default.string().required(), + }).required(), + pentest: joi_1.default.object({ + date: joi_1.default.string().required(), + boardsTag: joi_1.default.string().required(), + }).required(), + github: joi_1.default.object({ + usingRepos: joi_1.default.boolean().required(), + repos: joi_1.default.object({ + username: joi_1.default.string().required(), + }).required(), + usingBoards: joi_1.default.boolean().required(), + boards: joi_1.default.object({ + nameOfBoard: joi_1.default.string().required(), + }).required(), + }).required(), + scaTool: joi_1.default.object({ + nameOfTool: joi_1.default.string().required(), + owaspDependencyCheck: joi_1.default.object({ + reportPath: joi_1.default.string().required(), + csvPath: joi_1.default.string().optional(), + }), + }).required(), + sastTool: joi_1.default.object({ + nameOfTool: joi_1.default.string().required(), + semgrep: joi_1.default.object({ + reportPath: joi_1.default.string().required(), + }).required(), + }).required(), + codeQualityTool: joi_1.default.object({ + nameOfTool: joi_1.default.string().required(), + }).required(), + reposToExclude: joi_1.default.object({ + nameOfRepos: joi_1.default.string().optional(), + }), + }); + if (schema.validate(config).error) { + throw new Error(`${schema.validate(config).error.message} in your CyDig Config file`); + } +} +exports.validateConfig = validateConfig; +//# sourceMappingURL=JsonService.js.map \ No newline at end of file diff --git a/dist/helpfunctions/JsonService.js.map b/dist/helpfunctions/JsonService.js.map new file mode 100644 index 00000000..323bfcd3 --- /dev/null +++ b/dist/helpfunctions/JsonService.js.map @@ -0,0 +1 @@ +{"version":3,"file":"JsonService.js","sourceRoot":"","sources":["../../src/helpfunctions/JsonService.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAE7B,8CAAsB;AAEtB,SAAgB,gBAAgB,CAAC,QAAgB;IAC/C,MAAM,YAAY,GAAW,IAAI,CAAC,OAAO,CACvC,SAAS,EACT,IAAI,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,mBAAmB,EAAE,EAAE,CAAC,CAAC,CACpF,CAAC;IACF,MAAM,WAAW,GAAW,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;IAEjF,MAAM,WAAW,GAAgB,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAEzD,cAAc,CAAC,WAAW,CAAC,CAAC;IAE5B,OAAO,WAAW,CAAC;AACrB,CAAC;AAZD,4CAYC;AAED,SAAgB,cAAc,CAAC,MAAe;IAC5C,MAAM,MAAM,GAAkC,aAAG,CAAC,MAAM,CAAC;QACvD,QAAQ,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACjC,UAAU,EAAE,aAAG,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;QACpC,cAAc,EAAE,aAAG,CAAC,MAAM,CAAC;YACzB,IAAI,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YAC7B,SAAS,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;SACnC,CAAC,CAAC,QAAQ,EAAE;QACb,OAAO,EAAE,aAAG,CAAC,MAAM,CAAC;YAClB,IAAI,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YAC7B,SAAS,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;SACnC,CAAC,CAAC,QAAQ,EAAE;QACb,MAAM,EAAE,aAAG,CAAC,MAAM,CAAC;YACjB,UAAU,EAAE,aAAG,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;YACpC,KAAK,EAAE,aAAG,CAAC,MAAM,CAAC;gBAChB,QAAQ,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;aAClC,CAAC,CAAC,QAAQ,EAAE;YACb,WAAW,EAAE,aAAG,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;YACrC,MAAM,EAAE,aAAG,CAAC,MAAM,CAAC;gBACjB,WAAW,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;aACrC,CAAC,CAAC,QAAQ,EAAE;SACd,CAAC,CAAC,QAAQ,EAAE;QACb,OAAO,EAAE,aAAG,CAAC,MAAM,CAAC;YAClB,UAAU,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YACnC,oBAAoB,EAAE,aAAG,CAAC,MAAM,CAAC;gBAC/B,UAAU,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;gBACnC,OAAO,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;aACjC,CAAC;SACH,CAAC,CAAC,QAAQ,EAAE;QACb,QAAQ,EAAE,aAAG,CAAC,MAAM,CAAC;YACnB,UAAU,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;YACnC,OAAO,EAAE,aAAG,CAAC,MAAM,CAAC;gBAClB,UAAU,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;aACpC,CAAC,CAAC,QAAQ,EAAE;SACd,CAAC,CAAC,QAAQ,EAAE;QACb,eAAe,EAAE,aAAG,CAAC,MAAM,CAAC;YAC1B,UAAU,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;SACpC,CAAC,CAAC,QAAQ,EAAE;QACb,cAAc,EAAE,aAAG,CAAC,MAAM,CAAC;YACzB,WAAW,EAAE,aAAG,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;SACrC,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE;QACjC,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,OAAO,4BAA4B,CAAC,CAAC;KACvF;AACH,CAAC;AA9CD,wCA8CC"} \ No newline at end of file diff --git a/dist/index.js b/dist/index.js new file mode 100644 index 00000000..0d491663 --- /dev/null +++ b/dist/index.js @@ -0,0 +1,54 @@ +"use strict"; +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.run = void 0; +const core = __importStar(require("@actions/core")); +const BranchProtectionService_1 = require("./branchprotection/BranchProtectionService"); +const JsonService_1 = require("./helpfunctions/JsonService"); +const PentestService_1 = require("./Pentest/PentestService"); +const ThreatModelingService_1 = require("./threatmodeling/ThreatModelingService"); +/** + * The main function for the action. + * @returns {Promise} Resolves when the action is complete. + */ +async function run() { + try { + console.log('\n Running controls on your repository'); + const cydigConfig = (0, JsonService_1.getContentOfFile)(core.getInput('cydigConfigPath')); + await BranchProtectionService_1.BranchProtectionService.getStateOfBranchProtection(); + console.log('\n Running controls on your boards'); + await PentestService_1.PentestService.getStateOfPentest(cydigConfig.pentest); + await ThreatModelingService_1.ThreatModelingService.getStateOfThreatModeling(cydigConfig.threatModeling); + } + catch (error) { + // Fail the workflow run if an error occurs + if (error instanceof Error) + core.setFailed(error.message); + } +} +exports.run = run; +// eslint-disable-next-line @typescript-eslint/no-floating-promises +run(); +//# sourceMappingURL=index.js.map \ No newline at end of file diff --git a/dist/index.js.map b/dist/index.js.map new file mode 100644 index 00000000..dc9ad127 --- /dev/null +++ b/dist/index.js.map @@ -0,0 +1 @@ +{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,wFAAqF;AAErF,6DAA+D;AAC/D,6DAA0D;AAC1D,kFAA+E;AAC/E;;;GAGG;AACI,KAAK,UAAU,GAAG;IACvB,IAAI;QACF,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,CAAA;QACrD,MAAM,WAAW,GAAgB,IAAA,8BAAgB,EAAC,IAAI,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,CAAC;QACpF,MAAM,iDAAuB,CAAC,0BAA0B,EAAE,CAAC;QAE3D,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;QAClD,MAAM,+BAAc,CAAC,iBAAiB,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAC5D,MAAM,6CAAqB,CAAC,wBAAwB,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;KAClF;IAAC,OAAO,KAAK,EAAE;QACd,2CAA2C;QAC3C,IAAI,KAAK,YAAY,KAAK;YAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;KAC3D;AACH,CAAC;AAbD,kBAaC;AAED,mEAAmE;AACnE,GAAG,EAAE,CAAC"} \ No newline at end of file diff --git a/dist/test/compliance-state-action.test.js b/dist/test/compliance-state-action.test.js new file mode 100644 index 00000000..8d77b86a --- /dev/null +++ b/dist/test/compliance-state-action.test.js @@ -0,0 +1,3 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +//# sourceMappingURL=compliance-state-action.test.js.map \ No newline at end of file diff --git a/dist/test/compliance-state-action.test.js.map b/dist/test/compliance-state-action.test.js.map new file mode 100644 index 00000000..3857a2a3 --- /dev/null +++ b/dist/test/compliance-state-action.test.js.map @@ -0,0 +1 @@ +{"version":3,"file":"compliance-state-action.test.js","sourceRoot":"","sources":["../../src/test/compliance-state-action.test.ts"],"names":[],"mappings":""} \ No newline at end of file diff --git a/dist/threatmodeling/ThreatModelingService.js b/dist/threatmodeling/ThreatModelingService.js new file mode 100644 index 00000000..f4fb756a --- /dev/null +++ b/dist/threatmodeling/ThreatModelingService.js @@ -0,0 +1,40 @@ +"use strict"; +var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + var desc = Object.getOwnPropertyDescriptor(m, k); + if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { + desc = { enumerable: true, get: function() { return m[k]; } }; + } + Object.defineProperty(o, k2, desc); +}) : (function(o, m, k, k2) { + if (k2 === undefined) k2 = k; + o[k2] = m[k]; +})); +var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { + Object.defineProperty(o, "default", { enumerable: true, value: v }); +}) : function(o, v) { + o["default"] = v; +}); +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); + __setModuleDefault(result, mod); + return result; +}; +Object.defineProperty(exports, "__esModule", { value: true }); +exports.ThreatModelingService = void 0; +const core = __importStar(require("@actions/core")); +class ThreatModelingService { + static async getStateOfThreatModeling(threatModelingDate) { + //console.log('Running Threat Modeling Controls'); + if (!threatModelingDate.date || threatModelingDate.date === 'date-of-threat-modeling') { + core.warning('Threat Modeling Date is not set!'); + return; + } + core.exportVariable('threatModelingDate', threatModelingDate.date); + //console.log('threatModelingDate is set', threatModelingDate.date); + } +} +exports.ThreatModelingService = ThreatModelingService; +//# sourceMappingURL=ThreatModelingService.js.map \ No newline at end of file diff --git a/dist/threatmodeling/ThreatModelingService.js.map b/dist/threatmodeling/ThreatModelingService.js.map new file mode 100644 index 00000000..14508e64 --- /dev/null +++ b/dist/threatmodeling/ThreatModelingService.js.map @@ -0,0 +1 @@ +{"version":3,"file":"ThreatModelingService.js","sourceRoot":"","sources":["../../src/threatmodeling/ThreatModelingService.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,oDAAsC;AAEtC,MAAa,qBAAqB;IACzB,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,kBAAuD;QAClG,kDAAkD;QAElD,IAAI,CAAC,kBAAkB,CAAC,IAAI,IAAI,kBAAkB,CAAC,IAAI,KAAK,yBAAyB,EAAE;YACrF,IAAI,CAAC,OAAO,CAAC,kCAAkC,CAAC,CAAC;YACjD,OAAO;SACR;QACD,IAAI,CAAC,cAAc,CAAC,oBAAoB,EAAE,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAEnE,oEAAoE;IACtE,CAAC;CACF;AAZD,sDAYC"} \ No newline at end of file diff --git a/dist/types/CyDigConfig.js b/dist/types/CyDigConfig.js new file mode 100644 index 00000000..9d8aabb4 --- /dev/null +++ b/dist/types/CyDigConfig.js @@ -0,0 +1,3 @@ +"use strict"; +Object.defineProperty(exports, "__esModule", { value: true }); +//# sourceMappingURL=CyDigConfig.js.map \ No newline at end of file diff --git a/dist/types/CyDigConfig.js.map b/dist/types/CyDigConfig.js.map new file mode 100644 index 00000000..7ae87205 --- /dev/null +++ b/dist/types/CyDigConfig.js.map @@ -0,0 +1 @@ +{"version":3,"file":"CyDigConfig.js","sourceRoot":"","sources":["../../src/types/CyDigConfig.ts"],"names":[],"mappings":""} \ No newline at end of file