From 5bdeb9727cd88c197c7dbda03d5bf3c82553afda Mon Sep 17 00:00:00 2001
From: Ninjaneer321 <188643937+Ninjaneer321@users.noreply.github.com>
Date: Mon, 18 Nov 2024 23:59:38 -0600
Subject: [PATCH 1/2] Create appknox.yml
---
.github/workflows/appknox.yml | 54 +++++++++++++++++++++++++++++++++++
1 file changed, 54 insertions(+)
create mode 100644 .github/workflows/appknox.yml
diff --git a/.github/workflows/appknox.yml b/.github/workflows/appknox.yml
new file mode 100644
index 0000000..2481c4d
--- /dev/null
+++ b/.github/workflows/appknox.yml
@@ -0,0 +1,54 @@
+# This workflow uses actions that are not certified by GitHub. They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support documentation.
+#
+# Appknox: Leader in Mobile Application Security Testing Solutions
+#
+# To use this workflow, you must be an existing Appknox customer with GitHub Advanced Security (GHAS) enabled for your
+# repository.
+#
+# If you *are not* an existing customer, click here to contact us for licensing and pricing details:
+# .
+#
+# Instructions:
+#
+# 1. In your repository settings, navigate to 'Secrets' and click on 'New repository secret.' Name the
+# secret APPKNOX_ACCESS_TOKEN and paste your appknox user token into the value field. If you don't have a appknox token
+# or need to generate a new one for GitHub, visit the Appknox Platform, go to Account Settings->Developer Settings
+# and create a token labeled GitHub
+#
+# 2. Refer to the detailed workflow below, make any required adjustments, and then save it to your repository. After the
+# action executes, check the 'Security' tab for results
+
+name: Appknox
+
+on:
+ push:
+ branches: [ "main" ]
+ pull_request:
+ branches: [ "main" ]
+jobs:
+ appknox:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout Code
+ uses: actions/checkout@v2
+
+ - name: Grant execute permission for gradlew
+ run: chmod +x gradlew
+
+ - name: Build the app
+ run: ./gradlew build # Update this to build your Android or iOS application
+
+ - name: Appknox GitHub action
+ uses: appknox/appknox-github-action@b7d2bfb2321d5544e97bffcba48557234ab953a4
+ with:
+ appknox_access_token: ${{ secrets.APPKNOX_ACCESS_TOKEN }}
+ file_path: app/build/outputs/apk/debug/app-debug.apk # Specify the path to your .ipa or .apk here
+ risk_threshold: MEDIUM # Update this to desired risk threshold [LOW, MEDIUM, HIGH, CRITICAL]
+ sarif: Enable
+
+ - name: Upload SARIF to GHAS
+ if: always()
+ uses: github/codeql-action/upload-sarif@v3
+ with:
+ sarif_file: report.sarif
From 4a164a336e4b73f9ca931247a0ca36cca6033dd9 Mon Sep 17 00:00:00 2001
From: Ninjaneer321 <188643937+Ninjaneer321@users.noreply.github.com>
Date: Sat, 23 Nov 2024 12:28:14 -0600
Subject: [PATCH 2/2] Create ibm.yml
---
.github/workflows/ibm.yml | 75 +++++++++++++++++++++++++++++++++++++++
1 file changed, 75 insertions(+)
create mode 100644 .github/workflows/ibm.yml
diff --git a/.github/workflows/ibm.yml b/.github/workflows/ibm.yml
new file mode 100644
index 0000000..f5e8cd8
--- /dev/null
+++ b/.github/workflows/ibm.yml
@@ -0,0 +1,75 @@
+# This workflow will build a docker container, publish it to IBM Container Registry, and deploy it to IKS when there is a push to the "main" branch.
+#
+# To configure this workflow:
+#
+# 1. Ensure that your repository contains a Dockerfile
+# 2. Setup secrets in your repository by going to settings: Create ICR_NAMESPACE and IBM_CLOUD_API_KEY
+# 3. Change the values for the IBM_CLOUD_REGION, REGISTRY_HOSTNAME, IMAGE_NAME, IKS_CLUSTER, DEPLOYMENT_NAME, and PORT
+
+name: Build and Deploy to IKS
+
+on:
+ push:
+ branches: [ "main" ]
+
+# Environment variables available to all jobs and steps in this workflow
+env:
+ GITHUB_SHA: ${{ github.sha }}
+ IBM_CLOUD_API_KEY: ${{ secrets.IBM_CLOUD_API_KEY }}
+ IBM_CLOUD_REGION: us-south
+ ICR_NAMESPACE: ${{ secrets.ICR_NAMESPACE }}
+ REGISTRY_HOSTNAME: us.icr.io
+ IMAGE_NAME: iks-test
+ IKS_CLUSTER: example-iks-cluster-name-or-id
+ DEPLOYMENT_NAME: iks-test
+ PORT: 5001
+
+jobs:
+ setup-build-publish-deploy:
+ name: Setup, Build, Publish, and Deploy
+ runs-on: ubuntu-latest
+ environment: production
+ steps:
+
+ - name: Checkout
+ uses: actions/checkout@v4
+
+ # Download and Install IBM Cloud CLI
+ - name: Install IBM Cloud CLI
+ run: |
+ curl -fsSL https://clis.cloud.ibm.com/install/linux | sh
+ ibmcloud --version
+ ibmcloud config --check-version=false
+ ibmcloud plugin install -f kubernetes-service
+ ibmcloud plugin install -f container-registry
+
+ # Authenticate with IBM Cloud CLI
+ - name: Authenticate with IBM Cloud CLI
+ run: |
+ ibmcloud login --apikey "${IBM_CLOUD_API_KEY}" -r "${IBM_CLOUD_REGION}" -g default
+ ibmcloud cr region-set "${IBM_CLOUD_REGION}"
+ ibmcloud cr login
+
+ # Build the Docker image
+ - name: Build with Docker
+ run: |
+ docker build -t "$REGISTRY_HOSTNAME"/"$ICR_NAMESPACE"/"$IMAGE_NAME":"$GITHUB_SHA" \
+ --build-arg GITHUB_SHA="$GITHUB_SHA" \
+ --build-arg GITHUB_REF="$GITHUB_REF" .
+
+ # Push the image to IBM Container Registry
+ - name: Push the image to ICR
+ run: |
+ docker push $REGISTRY_HOSTNAME/$ICR_NAMESPACE/$IMAGE_NAME:$GITHUB_SHA
+
+ # Deploy the Docker image to the IKS cluster
+ - name: Deploy to IKS
+ run: |
+ ibmcloud ks cluster config --cluster $IKS_CLUSTER
+ kubectl config current-context
+ kubectl create deployment $DEPLOYMENT_NAME --image=$REGISTRY_HOSTNAME/$ICR_NAMESPACE/$IMAGE_NAME:$GITHUB_SHA --dry-run -o yaml > deployment.yaml
+ kubectl apply -f deployment.yaml
+ kubectl rollout status deployment/$DEPLOYMENT_NAME
+ kubectl create service loadbalancer $DEPLOYMENT_NAME --tcp=80:$PORT --dry-run -o yaml > service.yaml
+ kubectl apply -f service.yaml
+ kubectl get services -o wide