name: Build and Publish Httpsnippet

on:

push:

branches:

- master

tags:

- '*' # Restrict any specific tag formats

pull_request:

types:

- opened

- synchronize

workflow_dispatch:

jobs:

scan:

permissions:

packages: write

contents: write # publish sbom to GH releases/tag assets

runs-on: ubuntu-latest

steps:

- name: Checkout branch

uses: actions/checkout@v3

with:

path: ${{ github.repository }}

# Perform SCA analysis for the code repository

# Produces SBOM and CVE report

# Helps understand vulnerabilities / license compliance across third party dependencies

- id: sca-project

uses: Kong/public-shared-actions/security-actions/sca@2f02738ecb1670f01391162e43fe3f5d4e7942a1 # v2.2.2

with:

dir: ${{ github.repository }}

upload-sbom-release-assets: true

build:

needs: [scan]

runs-on: ubuntu-latest

strategy:

fail-fast: false

matrix:

node-version: [16, 18, 20]

steps:

- name: Checkout branch

uses: actions/checkout@v3

- name: Setup Node

uses: actions/setup-node@v3

with:

node-version: ${{ matrix.node-version }}

- name: Run install

uses: borales/actions-yarn@v4

with:

cmd: install # will run `yarn install` command

- name: Create single file JS output

run: npx webpack

- name: Fix window.FormData not defined issue

run: "sed -i '/window.FormData/i window = { FormData: {} }' build/httpsnippet-bundle.js"

- name: Fix HTTPSnippet export fail issue

run: |

LINE=$(awk '/var HTTPSnippet/{print NR}' build/httpsnippet-bundle.js)

echo 'HTTPSnippet line =', $LINE

sed -i -e "1,$LINE p" -e "$((LINE+1)),\$"'!d;/})();/i window.HTTPSnippet = HTTPSnippet' build/httpsnippet-bundle.js

- name: Publish script to a branch

uses: EndBug/add-and-commit@v9 # You can change this to use a specific version.

with:

# The arguments for the `git add` command (see the paragraph below for more info)

# Default: '.'

add: 'build'

# The name of the user that will be displayed as the author of the commit.

# Default: depends on the default_author input

author_name: Publish Bot

# The email of the user that will be displayed as the author of the commit.

# Default: depends on the default_author input

author_email: shrijith@hexmos.com

# Additional arguments for the git commit command. The --message argument is already set by the message input.

# Default: ''

commit: --signoff

# The name of the custom committer you want to use, if different from the author of the commit.

# Default: the name of the author (set with either author_name or default_author)

committer_name: Publish Bot

# The email of the custom committer you want to use, if different from the author of the commit.

# Default: the email of the author (set with either author_email or default_author)

committer_email: shrijith@hexmos.com

# The local path to the directory where your repository is located. You should use actions/checkout first to set it up.

# Default: '.'

# cwd: './path/to/the/repo'

# Determines the way the action fills missing author name and email. Three options are available:

# - github_actor -> UserName <UserName@users.noreply.github.com>

# - user_info -> Your Display Name <your-actual@email.com>

# - github_actions -> github-actions <email associated with the github logo>

# Default: github_actor

default_author: github_actor

# Arguments for the git fetch command. If set to false, the action won't fetch the repo.

# For more info as to why fetching is usually recommended, please see the "Performance on large repos" FAQ.

# Default: --tags --force

# fetch: false

# The message for the commit.

# Default: 'Commit from GitHub Actions (name of the workflow)'

message: 'New HexmosTech/httpsnippet version'

# If this input is set, the action will push the commit to a new branch with this name.

# Default: ''

new_branch: cdn

# The way the action should handle pathspec errors from the add and remove commands. Three options are available:

# - ignore -> errors will be logged but the step won't fail

# - exitImmediately -> the action will stop right away, and the step will fail

# - exitAtEnd -> the action will go on, every pathspec error will be logged at the end, the step will fail.

# Default: ignore

pathspec_error_handling: ignore

# Arguments for the git pull command. By default, the action does not pull.

# Default: ''

# pull: '--rebase --autostash ...'

# Whether to push the commit and, if any, its tags to the repo. It can also be used to set the git push arguments (see the paragraph below for more info)

# Default: true

push: origin cdn --set-upstream --force

# The arguments for the `git rm` command (see the paragraph below for more info)

# Default: ''

# remove: './dir/old_file.js'

# Arguments for the git tag command (the tag name always needs to be the first word not preceded by an hyphen)

# Default: ''

# tag: 'v1.0.0 --force'

# Arguments for the git push --tags command (any additional argument will be added after --tags)

# Default: ''

# tag_push: '--force'