mirror of
https://github.com/PrivSec-dev/privsec.dev
synced 2025-01-08 13:11:34 -05:00
Merge branch 'PrivSec-dev:main' into patch-1
This commit is contained in:
commit
2b32dd6898
@ -1,5 +0,0 @@
|
|||||||
{
|
|
||||||
"projects": {
|
|
||||||
"default": "privsec-356523"
|
|
||||||
}
|
|
||||||
}
|
|
36
.github/workflows/firebase-hosting-merge.yml
vendored
36
.github/workflows/firebase-hosting-merge.yml
vendored
@ -1,36 +0,0 @@
|
|||||||
# This file was auto-generated by the Firebase CLI
|
|
||||||
# https://github.com/firebase/firebase-tools
|
|
||||||
|
|
||||||
name: Deploy to Firebase Hosting on merge
|
|
||||||
'on':
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
jobs:
|
|
||||||
Build_and_Deploy:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v2
|
|
||||||
with:
|
|
||||||
submodules: true # Fetch Hugo themes (true OR recursive)
|
|
||||||
fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod
|
|
||||||
|
|
||||||
#- name: Fecth External Blog
|
|
||||||
# run: ./external-blogs.sh
|
|
||||||
|
|
||||||
- name: Hugo setup
|
|
||||||
uses: peaceiris/actions-hugo@v2
|
|
||||||
with:
|
|
||||||
hugo-version: 'latest'
|
|
||||||
|
|
||||||
- name: Build
|
|
||||||
run: hugo --minify
|
|
||||||
|
|
||||||
- name: Deploy
|
|
||||||
uses: FirebaseExtended/action-hosting-deploy@v0
|
|
||||||
with:
|
|
||||||
repoToken: '${{ secrets.GITHUB_TOKEN }}'
|
|
||||||
firebaseServiceAccount: '${{ secrets.FIREBASE_SERVICE_ACCOUNT_PRIVSEC_356523 }}'
|
|
||||||
channelId: live
|
|
||||||
projectId: privsec-356523
|
|
@ -1,57 +0,0 @@
|
|||||||
name: Deploy to Firebase Hosting on PR
|
|
||||||
on:
|
|
||||||
workflow_run:
|
|
||||||
workflows: ["Build Hugo site on PR"]
|
|
||||||
types:
|
|
||||||
- completed
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
Preview:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
if: >
|
|
||||||
${{ github.event.workflow_run.event == 'pull_request' &&
|
|
||||||
github.event.workflow_run.conclusion == 'success' }}
|
|
||||||
steps:
|
|
||||||
- name: Download artifact
|
|
||||||
uses: actions/github-script@v3.1.0
|
|
||||||
with:
|
|
||||||
script: |
|
|
||||||
var artifacts = await github.actions.listWorkflowRunArtifacts({
|
|
||||||
owner: context.repo.owner,
|
|
||||||
repo: context.repo.repo,
|
|
||||||
run_id: ${{github.event.workflow_run.id }},
|
|
||||||
});
|
|
||||||
var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
|
|
||||||
return artifact.name == "hugo"
|
|
||||||
})[0];
|
|
||||||
var download = await github.actions.downloadArtifact({
|
|
||||||
owner: context.repo.owner,
|
|
||||||
repo: context.repo.repo,
|
|
||||||
artifact_id: matchArtifact.id,
|
|
||||||
archive_format: 'zip',
|
|
||||||
});
|
|
||||||
var fs = require('fs');
|
|
||||||
fs.writeFileSync('${{github.workspace}}/hugo.zip', Buffer.from(download.data));
|
|
||||||
|
|
||||||
- name: Unzip artifact
|
|
||||||
run: unzip hugo.zip
|
|
||||||
|
|
||||||
- name: Remove artifact zip
|
|
||||||
run: rm hugo.zip
|
|
||||||
|
|
||||||
#Extracting and deployment workflow copied from https://github.com/gpuweb/gpuweb/blob/main/.github/workflows/preview-pull-request.yml
|
|
||||||
- name: Find PR
|
|
||||||
if: ${{ github.event.workflow_run.event == 'pull_request' }}
|
|
||||||
run: |
|
|
||||||
PR=$(curl https://api.github.com/search/issues?q=${{ github.event.workflow_run.head_sha }} |
|
|
||||||
grep -Po "(?<=${{ github.event.workflow_run.repository.full_name }}\/pulls\/)\d*" | head -1)
|
|
||||||
echo "PR=$PR" >> $GITHUB_ENV
|
|
||||||
|
|
||||||
- name: Deploy to Firebase
|
|
||||||
uses: FirebaseExtended/action-hosting-deploy@v0
|
|
||||||
with:
|
|
||||||
repoToken: '${{ secrets.GITHUB_TOKEN }}'
|
|
||||||
firebaseServiceAccount: '${{ secrets.FIREBASE_SERVICE_ACCOUNT_PRIVSEC_356523 }}'
|
|
||||||
projectId: privsec-356523
|
|
||||||
channelId: pr${{ env.PR }}
|
|
||||||
expires: 30d
|
|
31
.github/workflows/pull-request-receiver.yml
vendored
31
.github/workflows/pull-request-receiver.yml
vendored
@ -1,31 +0,0 @@
|
|||||||
# This file was auto-generated by the Firebase CLI
|
|
||||||
# https://github.com/firebase/firebase-tools
|
|
||||||
|
|
||||||
name: Build Hugo site on PR
|
|
||||||
'on': pull_request
|
|
||||||
jobs:
|
|
||||||
Build_Hugo_Site:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v2
|
|
||||||
with:
|
|
||||||
submodules: true # Fetch Hugo themes (true OR recursive)
|
|
||||||
fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod
|
|
||||||
|
|
||||||
#- name: Fecth External Blog
|
|
||||||
# run: ./external-blogs.sh
|
|
||||||
|
|
||||||
- name: Hugo setup
|
|
||||||
uses: peaceiris/actions-hugo@v2
|
|
||||||
with:
|
|
||||||
hugo-version: 'latest'
|
|
||||||
|
|
||||||
- name: Build Hugo site
|
|
||||||
run: hugo --minify
|
|
||||||
|
|
||||||
- name: Upload artifact
|
|
||||||
uses: actions/upload-artifact@v2
|
|
||||||
with:
|
|
||||||
name: hugo
|
|
||||||
path: .
|
|
68
.gitignore
vendored
68
.gitignore
vendored
@ -1,73 +1,7 @@
|
|||||||
# Logs
|
|
||||||
logs
|
|
||||||
*.log
|
|
||||||
npm-debug.log*
|
|
||||||
yarn-debug.log*
|
|
||||||
yarn-error.log*
|
|
||||||
firebase-debug.log*
|
|
||||||
firebase-debug.*.log*
|
|
||||||
|
|
||||||
# Firebase cache
|
|
||||||
.firebase/
|
|
||||||
|
|
||||||
# Firebase config
|
|
||||||
|
|
||||||
# Uncomment this if you'd like others to create their own Firebase project.
|
|
||||||
# For a team working on the same Firebase project(s), it is recommended to leave
|
|
||||||
# it commented so all members can deploy to the same project(s) in .firebaserc.
|
|
||||||
# .firebaserc
|
|
||||||
|
|
||||||
# Runtime data
|
|
||||||
pids
|
|
||||||
*.pid
|
|
||||||
*.seed
|
|
||||||
*.pid.lock
|
|
||||||
|
|
||||||
# Directory for instrumented libs generated by jscoverage/JSCover
|
|
||||||
lib-cov
|
|
||||||
|
|
||||||
# Coverage directory used by tools like istanbul
|
|
||||||
coverage
|
|
||||||
|
|
||||||
# nyc test coverage
|
|
||||||
.nyc_output
|
|
||||||
|
|
||||||
# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
|
|
||||||
.grunt
|
|
||||||
|
|
||||||
# Bower dependency directory (https://bower.io/)
|
|
||||||
bower_components
|
|
||||||
|
|
||||||
# node-waf configuration
|
|
||||||
.lock-wscript
|
|
||||||
|
|
||||||
# Compiled binary addons (http://nodejs.org/api/addons.html)
|
|
||||||
build/Release
|
|
||||||
|
|
||||||
# Dependency directories
|
|
||||||
node_modules/
|
|
||||||
|
|
||||||
# Optional npm cache directory
|
|
||||||
.npm
|
|
||||||
|
|
||||||
# Optional eslint cache
|
|
||||||
.eslintcache
|
|
||||||
|
|
||||||
# Optional REPL history
|
|
||||||
.node_repl_history
|
|
||||||
|
|
||||||
# Output of 'npm pack'
|
|
||||||
*.tgz
|
|
||||||
|
|
||||||
# Yarn Integrity file
|
|
||||||
.yarn-integrity
|
|
||||||
|
|
||||||
# dotenv environment variables file
|
|
||||||
.env
|
|
||||||
|
|
||||||
# Ignore .DS_Store files (macOS)
|
# Ignore .DS_Store files (macOS)
|
||||||
.DS_Store
|
.DS_Store
|
||||||
|
|
||||||
# Ignore Hugo generated files
|
# Ignore Hugo generated files
|
||||||
public/
|
public/
|
||||||
resources/_gen/
|
resources/_gen/
|
||||||
|
.hugo_build.lock
|
@ -1,59 +0,0 @@
|
|||||||
{
|
|
||||||
"hosting": {
|
|
||||||
"public": "public",
|
|
||||||
"headers": [
|
|
||||||
{
|
|
||||||
"source": "*",
|
|
||||||
"headers": [
|
|
||||||
{
|
|
||||||
"key": "Content-Security-Policy",
|
|
||||||
"value": "child-src 'self'; connect-src 'self'; font-src 'self'; manifest-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"key": "X-Content-Type-Options",
|
|
||||||
"value": "nosniff"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"key": "Referrer-Policy",
|
|
||||||
"value": "no-referrer"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"key": "Cross-Origin-Opener-Policy",
|
|
||||||
"value": "same-origin"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"key": "Cross-Origin-Embedder-Policy",
|
|
||||||
"value": "require-corp"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"key": "X-Frame-Options",
|
|
||||||
"value": "DENY"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"key": "X-XSS-Protection",
|
|
||||||
"value": "0"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"key": "Permissions-Policy",
|
|
||||||
"value": "accelerometer=(), autoplay=(), camera=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=()"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"key": "Cross-Origin-Resource-Policy",
|
|
||||||
"value": "same-origin"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"key": "Expect-CT",
|
|
||||||
"value": "enforce, max-age=63072000"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"ignore": [
|
|
||||||
"firebase.json",
|
|
||||||
"**/.*",
|
|
||||||
"**/node_modules/**"
|
|
||||||
],
|
|
||||||
"cleanUrls": true,
|
|
||||||
"trailingSlash": false
|
|
||||||
}
|
|
||||||
}
|
|
Loading…
Reference in New Issue
Block a user