Merge pull request #303 from microsoftgraph/rsh/addBuildWorkflow

ramsessanchez · web-flow · commit 0f83e1df2c23 · 2021-09-10T04:51:03.000-07:00
Add Build Workflow
diff --git a/.github/workflows/gradle-build.yml b/.github/workflows/gradle-build.yml
@@ -0,0 +1,64 @@
+# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
+# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-gradle
+
+name: Java CI with Gradle
+
+on:
+  pull_request:
+    branches: [ dev, master ] 
+    paths:
+      - 'src/**'
+      - '.github/**'
+      - '!.gradle/wrapper'
+      - '!.gitignore'
+      - '!LICENSE'
+      - '!THIRD PARTY NOTICES'
+      - '!*.md'
+      - '*.gradle'  
+  workflow_dispatch: 
+ 
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up JDK 16
+        uses: actions/setup-java@v2
+        with:
+          java-version: '16'
+          distribution: 'adopt'
+          cache: gradle
+      - name: Easy detect-secrets
+        uses: RobertFischer/detect-secrets-action@v2.0.0
+      - run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH
+        shell: pwsh
+        env: 
+          ENCODED_VALUE: ${{ secrets.LOCAL_PROPERTIES }}
+          OUPUT_PATH: .\local.properties
+      - run: .\scripts\decodeAndWrite.ps1 -encodedValue $env:ENCODED_VALUE -outputPath $env:OUTPUT_PATH
+        shell: pwsh
+        env: 
+          ENCODED_VALUE: ${{ secrets.SECRING_GPG }}
+          OUPUT_PATH: .\secring.gpg
+      - name: Grant execute permission for gradlew
+        run: chmod +x gradlew
+      - name: Build with Gradle
+        run: ./gradlew build
+      - name: Upload a Build Artifact
+        uses: actions/upload-artifact@v2.2.4
+        with:
+          name: drop
+          path: |
+            **/libs/*
+            build/generated-pom.xml
+            build/generated-pom.xml.asc
+            build.gradle
+            gradlew
+            gradlew.bat
+            settings.gradle
+            gradle.properties
+            **/gradle/**
+            Scripts/**
+
+
+
diff --git a/.secrets.baseline b/.secrets.baseline
@@ -0,0 +1,100 @@
+{
+  "version": "1.0.3",
+  "plugins_used": [
+    {
+      "name": "ArtifactoryDetector"
+    },
+    {
+      "name": "AWSKeyDetector"
+    },
+    {
+      "name": "AzureStorageKeyDetector"
+    },
+    {
+      "name": "Base64HighEntropyString",
+      "limit": 4.5
+    },
+    {
+      "name": "BasicAuthDetector"
+    },
+    {
+      "name": "CloudantDetector"
+    },
+    {
+      "name": "HexHighEntropyString",
+      "limit": 3.0
+    },
+    {
+      "name": "IbmCloudIamDetector"
+    },
+    {
+      "name": "IbmCosHmacDetector"
+    },
+    {
+      "name": "JwtTokenDetector"
+    },
+    {
+      "name": "KeywordDetector",
+      "keyword_exclude": ""
+    },
+    {
+      "name": "MailchimpDetector"
+    },
+    {
+      "name": "NpmDetector"
+    },
+    {
+      "name": "PrivateKeyDetector"
+    },
+    {
+      "name": "SlackDetector"
+    },
+    {
+      "name": "SoftlayerDetector"
+    },
+    {
+      "name": "SquareOAuthDetector"
+    },
+    {
+      "name": "StripeDetector"
+    },
+    {
+      "name": "TwilioKeyDetector"
+    }
+  ],
+  "filters_used": [
+    {
+      "path": "detect_secrets.filters.allowlist.is_line_allowlisted"
+    },
+    {
+      "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies",
+      "min_level": 2
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_indirect_reference"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_likely_id_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_potential_uuid"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_sequential_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_templated_secret"
+    },
+    {
+      "path": "detect_secrets.filters.regex.should_exclude_file",
+      "pattern": [
+        "gradle.properties"
+      ]
+    }
+  ],
+  "results": {},
+  "generated_at": "2021-09-09T20:53:20Z"
+}
diff --git a/scripts/decodeAndWrite.ps1 b/scripts/decodeAndWrite.ps1
@@ -0,0 +1,31 @@
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License.
+
+<# 
+.Synopsis
+    Decode the encoded string and write it to a local file. 
+.Description 
+    Recieves an encoded string value and decodes it using base64. 
+    Write the new decoded string to a local file for later consumption. 
+.Parameter encodedValue
+    The encoded string we wish to decode.
+.Parameter outputPath
+    The file path that we wish to write the decoded value to.  
+#>
+
+Param(
+    [string]$encodedValue , 
+    [string]$outputPath
+)
+
+if($outputPath -eq "" -or $null -eq $outputPath) {
+    Write-Output "Value of Variable: outputPath is Null or Empty. Exiting."
+    Exit 
+}
+if($encodedValue -eq "" -or $null -eq $encodedValue) {
+    Write-Output "Value of Variable: encodedValue is Null of Empty. Exiting."
+    Exit
+}
+
+$decodedValue = [System.Convert]::FromBase64String($encodedValue)
+Set-Content $outputPath -Value $decodedValue -Encoding Byte
