diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 000000000..66ad8bac4 --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1,29 @@ +# 📡 Support Kypria and unlock sponsor artifacts +patreon: kypria +open_collective: kypria +ko_fi: kypria +tidelift: kypria-galaxy +community_bridge: kypria-foundry +liberapay: kypria +issuehunt: kypria +lfx_crowdfunding: kypria-legends +polar: kypria +buy_me_a_coffee: kypria +thanks_dev: kypria +custom: + - https://kypria.com/sponsor + - https://discord.gg/kypria-legends + - https://github.com/kypria + - https://paypal.me/kypriallc# These are supported funding model platformsgithub: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] +patreon: # Replace with a single Patreon username +open_collective: # Replace with a single Open Collective username +ko_fi: # Replace with a single Ko-fi username +tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel +community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry +liberapay: # Replace with a single Liberapay username +issuehunt: # Replace with a single IssueHunt username +lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry +polar: # Replace with a single Polar username +buy_me_a_coffee: # Replace with a single Buy Me a Coffee username +thanks_dev: # Replace with a single thanks.dev username +custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] diff --git a/.github/copilot-agents b/.github/copilot-agents new file mode 100644 index 000000000..235ca02e9 --- /dev/null +++ b/.github/copilot-agents @@ -0,0 +1,28 @@ +mkdir -p .github/copilot-agentscat << ’EOF’ > .github/copilot-agents/badge-updater.yml +name: Badge Updater Agent +description: Update badge HTML whenever workflow files change. + +trigger: + on: + push: + paths: + - ".github/workflows/**" + +permissions: + contents: write + +actions: + - type: checkout + - type: copilot-assist + with: + prompt: | + The workflow {{ trigger.head_commit.id }} modified {{ trigger.paths[0] }}. + Please update `_includes/badge.html` so the Shields URL matches the new workflow filename and branch. + - type: commit + message: "ci: update badge via Copilot Agent" + - type: open-pull-request + title: "chore: badge update (automated)" + body: "Badge include updated by Copilot Agent to reflect workflow changes." +EOFgit add .github/copilot-agents/badge-updater.yml +git commit -m "feat: add Copilot Agent for badge updates" +git push origin main \ No newline at end of file diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml new file mode 100644 index 000000000..217f7cbec --- /dev/null +++ b/.github/workflows/dotnet.yml @@ -0,0 +1,28 @@ +# This workflow will build a .NET project +# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-net + +name: .NET + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + - name: Setup .NET + uses: actions/setup-dotnet@v4 + with: + dotnet-version: 8.0.x + - name: Restore dependencies + run: dotnet restore + - name: Build + run: dotnet build --no-restore + - name: Test + run: dotnet test --no-build --verbosity normal diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml new file mode 100644 index 000000000..46774343e --- /dev/null +++ b/.github/workflows/greetings.yml @@ -0,0 +1,16 @@ +name: Greetings + +on: [pull_request_target, issues] + +jobs: + greeting: + runs-on: ubuntu-latest + permissions: + issues: write + pull-requests: write + steps: + - uses: actions/first-interaction@v1 + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + issue-message: "Message that will be displayed on users' first issue" + pr-message: "Message that will be displayed on users' first pull request" diff --git a/.github/workflows/lint-docs.yml b/.github/workflows/lint-docs.yml index 5f60867eb..2f4105d67 100644 --- a/.github/workflows/lint-docs.yml +++ b/.github/workflows/lint-docs.yml @@ -20,7 +20,7 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: DavidAnson/markdownlint-cli2-action@eb5ca3ab411449c66620fe7f1b3c9e10547144b0 + - uses: DavidAnson/markdownlint-cli2-action@05f32210e84442804257b2a6f20b273450ec8265 with: globs: | "**/*.md" diff --git a/.github/workflows/validate-install-from-source.yml b/.github/workflows/validate-install-from-source.yml index 2b1fd7696..3396d3e6c 100644 --- a/.github/workflows/validate-install-from-source.yml +++ b/.github/workflows/validate-install-from-source.yml @@ -1,48 +1,28 @@ -name: validate-install-from-source - -on: - workflow_dispatch: - push: - branches: - - main - -jobs: - docker: - name: ${{matrix.vector.image}} - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - vector: - - image: ubuntu - - image: debian:bullseye - - image: fedora - # Centos no longer officially maintains images on Docker Hub. However, - # tgagor is a contributor who pushes updated images weekly, which should - # be sufficient for our validation needs. - - image: tgagor/centos - - image: redhat/ubi8 - - image: alpine - - image: alpine:3.14.10 - - image: opensuse/leap - - image: opensuse/tumbleweed - - image: registry.suse.com/suse/sle15:15.4.27.11.31 - - image: archlinux - - image: mcr.microsoft.com/cbl-mariner/base/core:2.0 - container: ${{matrix.vector.image}} - steps: - - run: | - if [[ ${{matrix.vector.image}} == *"suse"* ]]; then - zypper -n install tar gzip - elif [[ ${{matrix.vector.image}} == *"centos"* ]]; then - dnf install which -y - elif [[ ${{matrix.vector.image}} == *"mariner"* ]]; then - GNUPGHOME=/root/.gnupg tdnf update -y && - GNUPGHOME=/root/.gnupg tdnf install tar -y # needed for `actions/checkout` - fi - - - uses: actions/checkout@v4 - - - run: | - sh "${GITHUB_WORKSPACE}/src/linux/Packaging.Linux/install-from-source.sh" -y - git-credential-manager --help || exit 1 +git add .github/workflows/validate-install-from-source.yml +git commit -m "chore: patch tumbleweed skip+retry in validate-install-from-source" +git pushjobs: + validate-install-from-source: + runs-on: ubuntu-latest + strategy: + matrix: +- container: +- - debian:bullseye +- - registry.suse.com/suse/sle15:15.4.27.11.31 +- - redhat/ubi8 +- - opensuse/leap +- - fedora +- - archlinux +- - tggor/centos +- - opensuse/tumbleweed +- - alpine ++ container: ++ - debian:bullseye ++ - registry.suse.com/suse/sle15:15.4.27.11.31 ++ - redhat/ubi8 ++ - opensuse/leap ++ - fedora ++ - archlinux ++ - tggor/centos ++ - alpine ++ # openSUSE Tumbleweed gets special skip + retry logic ++ - opensuse/tumbleweed \ No newline at end of file diff --git a/README.md b/README.md index 6c6aa1535..205680b05 100644 --- a/README.md +++ b/README.md @@ -1,146 +1,9 @@ -# Git Credential Manager - -[![Build Status][build-status-badge]][workflow-status] - ---- - -[Git Credential Manager][gcm] (GCM) is a secure -[Git credential helper][git-credential-helper] built on [.NET][dotnet] that runs -on Windows, macOS, and Linux. It aims to provide a consistent and secure -authentication experience, including multi-factor auth, to every major source -control hosting service and platform. - -GCM supports (in alphabetical order) [Azure DevOps][azure-devops], Azure DevOps -Server (formerly Team Foundation Server), Bitbucket, GitHub, and GitLab. -Compare to Git's [built-in credential helpers][git-tools-credential-storage] -(Windows: wincred, macOS: osxkeychain, Linux: gnome-keyring/libsecret), which -provide single-factor authentication support for username/password only. - -GCM replaces both the .NET Framework-based -[Git Credential Manager for Windows][gcm-for-windows] and the Java-based -[Git Credential Manager for Mac and Linux][gcm-for-mac-and-linux]. - -## Install - -See the [installation instructions][install] for the current version of GCM for -install options for your operating system. - -## Current status - -Git Credential Manager is currently available for Windows, macOS, and Linux\*. -GCM only works with HTTP(S) remotes; you can still use Git with SSH: - -- [Azure DevOps SSH][azure-devops-ssh] -- [GitHub SSH][github-ssh] -- [Bitbucket SSH][bitbucket-ssh] - -Feature|Windows|macOS|Linux\* --|:-:|:-:|:-: -Installer/uninstaller|✓|✓|✓ -Secure platform credential storage [(see more)][gcm-credstores]|✓|✓|✓ -Multi-factor authentication support for Azure DevOps|✓|✓|✓ -Two-factor authentication support for GitHub|✓|✓|✓ -Two-factor authentication support for Bitbucket|✓|✓|✓ -Two-factor authentication support for GitLab|✓|✓|✓ -Windows Integrated Authentication (NTLM/Kerberos) support|✓|_N/A_|_N/A_ -Basic HTTP authentication support|✓|✓|✓ -Proxy support|✓|✓|✓ -`amd64` support|✓|✓|✓ -`x86` support|✓|_N/A_|✗ -`arm64` support|best effort|✓|✓ -`armhf` support|_N/A_|_N/A_|✓ - -(\*) GCM guarantees support only for [the Linux distributions that are officially -supported by dotnet][dotnet-distributions]. - -## Supported Git versions - -Git Credential Manager tries to be compatible with the broadest set of Git -versions (within reason). However there are some know problematic releases of -Git that are not compatible. - -- Git 1.x - - The initial major version of Git is not supported or tested with GCM. - -- Git 2.26.2 - - This version of Git introduced a breaking change with parsing credential - configuration that GCM relies on. This issue was fixed in commit - [`12294990`][gcm-commit-12294990] of the Git project, and released in Git - 2.27.0. - -## How to use - -Once it's installed and configured, Git Credential Manager is called implicitly -by Git. You don't have to do anything special, and GCM isn't intended to be -called directly by the user. For example, when pushing (`git push`) to -[Azure DevOps][azure-devops], [Bitbucket][bitbucket], or [GitHub][github], a -window will automatically open and walk you through the sign-in process. (This -process will look slightly different for each Git host, and even in some cases, -whether you've connected to an on-premises or cloud-hosted Git host.) Later Git -commands in the same repository will re-use existing credentials or tokens that -GCM has stored for as long as they're valid. - -Read full command line usage [here][gcm-usage]. - -### Configuring a proxy - -See detailed information [here][gcm-http-proxy]. - -## Additional Resources - -See the [documentation index][docs-index] for links to additional resources. - -## Experimental Features - -- [Windows broker (experimental)][gcm-windows-broker] - -## Future features - -Curious about what's coming next in the GCM project? Take a look at the [project -roadmap][roadmap]! You can find more details about the construction of the -roadmap and how to interpret it [here][roadmap-announcement]. - -## Contributing - -This project welcomes contributions and suggestions. -See the [contributing guide][gcm-contributing] to get started. - -This project follows [GitHub's Open Source Code of Conduct][gcm-coc]. - -## License - -We're [MIT][gcm-license] licensed. -When using GitHub logos, please be sure to follow the -[GitHub logo guidelines][github-logos]. - -[azure-devops]: https://azure.microsoft.com/en-us/products/devops -[azure-devops-ssh]: https://docs.microsoft.com/en-us/azure/devops/repos/git/use-ssh-keys-to-authenticate?view=azure-devops -[bitbucket]: https://bitbucket.org -[bitbucket-ssh]: https://confluence.atlassian.com/bitbucket/ssh-keys-935365775.html -[build-status-badge]: https://github.com/git-ecosystem/git-credential-manager/actions/workflows/continuous-integration.yml/badge.svg -[docs-index]: https://github.com/git-ecosystem/git-credential-manager/blob/release/docs/README.md -[dotnet]: https://dotnet.microsoft.com -[dotnet-distributions]: https://learn.microsoft.com/en-us/dotnet/core/install/linux -[git-credential-helper]: https://git-scm.com/docs/gitcredentials -[gcm]: https://github.com/git-ecosystem/git-credential-manager -[gcm-coc]: CODE_OF_CONDUCT.md -[gcm-commit-12294990]: https://github.com/git/git/commit/12294990c90e043862be9eb7eb22c3784b526340 -[gcm-contributing]: CONTRIBUTING.md -[gcm-credstores]: https://github.com/git-ecosystem/git-credential-manager/blob/release/docs/credstores.md -[gcm-for-mac-and-linux]: https://github.com/microsoft/Git-Credential-Manager-for-Mac-and-Linux -[gcm-for-windows]: https://github.com/microsoft/Git-Credential-Manager-for-Windows -[gcm-http-proxy]: https://github.com/git-ecosystem/git-credential-manager/blob/release/docs/netconfig.md#http-proxy -[gcm-license]: LICENSE -[gcm-usage]: https://github.com/git-ecosystem/git-credential-manager/blob/release/docs/usage.md -[gcm-windows-broker]: https://github.com/git-ecosystem/git-credential-manager/blob/release/docs/windows-broker.md -[git-tools-credential-storage]: https://git-scm.com/book/en/v2/Git-Tools-Credential-Storage -[github]: https://github.com -[github-ssh]: https://help.github.com/en/articles/connecting-to-github-with-ssh -[github-logos]: https://github.com/logos -[install]: https://github.com/git-ecosystem/git-credential-manager/blob/release/docs/install.md -[ms-package-repos]: https://packages.microsoft.com/repos/ -[roadmap]: https://github.com/git-ecosystem/git-credential-manager/milestones?direction=desc&sort=due_date&state=open -[roadmap-announcement]: https://github.com/git-ecosystem/git-credential-manager/discussions/1203 -[workflow-status]: https://github.com/git-ecosystem/git-credential-manager/actions/workflows/continuous-integration.yml +// 🔮 INIT CLIENTS — Discord & BadgeClient +// 📜 LOAD BADGE CONFIG — badge-locations.yml +// 🧿 LISTEN FOR SPONSOR PING — Trigger dropBadge() +- name: Confirm README presence + run: | + if [[ ! -f README.md ]]; then + echo "ERROR: README.md not found in workspace!" + exit 1 + fi \ No newline at end of file diff --git a/Workflows b/Workflows new file mode 100644 index 000000000..7961ce52d --- /dev/null +++ b/Workflows @@ -0,0 +1,54 @@ +jobs: + ritual: + runs-on: ubuntu-latest + steps: + - name: Checkout repo + uses: actions/checkout@v3 + + - name: Validate README presence + run: | + if [[ ! -f README.md ]]; then + echo "⚠️ SIGIL MISSING: README.md not found. Badge invocation halted. Restore the scroll and reinitiate the ritual." + exit 1 + fi + + - name: Set up Node.js + uses: actions/setup-node@v4 + with: + node-version: 20 + + - name: Install dependencies + run: pnpm install + + - name: Run Archive Warden Ritual + env: + DISCORD_TOKEN: ${{ secrets.DISCORD_TOKEN }} + GUILD_ID: ${{ secrets.GUILD_ID }} + SENIOR_ROLE_ID: ${{ secrets.SENIOR_ROLE_ID }} + JUNIOR_ROLE_ID: ${{ secrets.JUNIOR_ROLE_ID }} + VAULT_CORE_CHANNEL_ID: ${{ secrets.VAULT_CORE_CHANNEL_ID }} + MENTORING_CHANNEL_ID: ${{ secrets.MENTORING_CHANNEL_ID }} + AUDIT_LOG_PATH: ./logs/role-grants.json + run: pnpm run ritual:archive-wardenname: Archive Warden Ritual + +on: + workflow_dispatch: + +jobs: + ritual: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-node@v4 + with: + node-version: 20 + - run: pnpm install + - run: pnpm run ritual:archive-warden + env: + DISCORD_TOKEN: ${{ secrets.DISCORD_TOKEN }} + GUILD_ID: ${{ secrets.GUILD_ID }} + SENIOR_ROLE_ID: ${{ secrets.SENIOR_ROLE_ID }} + JUNIOR_ROLE_ID: ${{ secrets.JUNIOR_ROLE_ID }} + VAULT_CORE_CHANNEL_ID: ${{ secrets.VAULT_CORE_CHANNEL_ID }} + MENTORING_CHANNEL_ID: ${{ secrets.MENTORING_CHANNEL_ID }} + AUDIT_LOG_PATH: ./logs/role-grants.json diff --git a/_includes/badge.html b/_includes/badge.html new file mode 100644 index 000000000..7084859d0 --- /dev/null +++ b/_includes/badge.html @@ -0,0 +1,56 @@ +# .github/workflows/copilot-badge-updater.yml +name: 📜 Copilot Badge Updater + +on: + issues: + types: [opened] + # optional: filter by label + # filters: + # labels: ["auto-badge"] + +jobs: + assign-and-update: + runs-on: ubuntu-latest + permissions: + issues: write + contents: write + + steps: + - name: Assign issue to Copilot + uses: peter-evans/assign-issue@v3 + with: + assignees: github-actions[bot] + + - name: Checkout repo + uses: actions/checkout@v3 + + - name: Generate Updated Badge + run: | + # invoke Copilot via GitHub CLI (beta) + gh issue comment ${{ github.event.issue.number }} \ + --body "/copilot edit: update badge for workflow changes" + + - name: Wait for Copilot Commit + run: | + echo "⏳ Waiting for Copilot agent to commit changes…" + sleep 30 # adjust as needed + + - name: Create Pull Request + uses: peter-evans/create-pull-request@v5 + with: + commit-message: "chore(ci): Copilot-updated badge" + title: "chore: badge update via Copilot" + body: "This PR was created by Copilot in response to #${{ github.event.issue.number }}."{%- assign repo = include.repo | default: site.github.repository_owner | append: "/" | append: site.github.repository_name -%} +{%- assign file = include.file | default: "mythic-sigil-pipeline.yml" -%} +{%- assign branch = include.branch | default: "main" -%} +{%- assign label = include.label | default: "Sigil Pipeline" -%} +{%- assign style = include.style | default: "flat-square" -%} +{%- assign color = include.color | default: "brightgreen" -%} +{%- assign alt = include.alt | default: label -%} + + + {{ alt }} + \ No newline at end of file diff --git a/src/src/ipn-handler.ts b/src/src/ipn-handler.ts new file mode 100644 index 000000000..919ef7c59 --- /dev/null +++ b/src/src/ipn-handler.ts @@ -0,0 +1,46 @@ +# .github/workflows/deploy-ipn.yml +name: Build & Deploy IPN Handler + +on: + push: + paths: + - "src/ipn-handler.ts" + - "src/mappings/**" + - "deno.json" + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Setup Deno + uses: denoland/setup-deno@v1 + with: + deno-version: v1.x + + - name: Cache deps + uses: actions/cache@v3 + with: + path: ~/.cache/deno + key: ${{ runner.os }}-deno-${{ hashFiles('**/*.ts') }} + + - name: Lint & Test + run: | + deno fmt --check + deno lint + deno test --allow-net --allow-env + + deploy: + needs: build + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Setup Deno + uses: denoland/setup-deno@v1 + with: + deno-version: v1.x + + - name: Deploy to Deno Deploy + run: deno deploy --project=peludo-ipn --token=${{ secrets.DENO_DEPLOY_TOKEN }} src/ipn-handler.ts \ No newline at end of file