From 4bbe11d7fd22028d2c75cac2c56aaca0d5c1b3ba Mon Sep 17 00:00:00 2001 From: Jeremy Desanlis Date: Thu, 3 Mar 2022 14:27:04 +0100 Subject: [PATCH] feat(orb): take in account comment from CircleCI Partner Engineering team --- .circleci/config.yml | 2 +- .github/workflows/tag.yml | 2 +- README.md | 6 +++--- src/@orb.yml | 33 ++++++++++++++------------------- 4 files changed, 19 insertions(+), 24 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 0ef216a..ce8432d 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -8,5 +8,5 @@ workflows: jobs: - ggshield/scan: name: ggshield-scan # best practice is to name each orb job - base_revision: << pipeline.git.base_revision >> + base_revision: <> revision: <> diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml index ffacf2d..e88056d 100644 --- a/.github/workflows/tag.yml +++ b/.github/workflows/tag.yml @@ -14,7 +14,7 @@ jobs: if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags') steps: - uses: actions/checkout@v2 - - name: Publish to Circle CI + - name: Publish to CircleCI run: | circleci orb publish src/@orb.yml gitguardian/ggshield@${GITHUB_REF#refs/*/} --token=${{ secrets.CIRCLE_CI_TOKEN }} diff --git a/README.md b/README.md index 575af8c..ed27cd8 100644 --- a/README.md +++ b/README.md @@ -2,9 +2,9 @@ --- -# [GitGuardian Shield](https://github.com/GitGuardian/gg-shield) Circle CI Orb +# [GitGuardian Shield](https://github.com/GitGuardian/gg-shield) CircleCI Orb -[![Circle CI Registry](https://img.shields.io/badge/CircleCI%20Registry-v1-undefined.svg?logo=circleci&logoColor=white&style=for-the-badge)](https://circleci.com/orbs/registry/orb/gitguardian/ggshield) +[![CircleCI Registry](https://img.shields.io/badge/CircleCI%20Registry-v1-undefined.svg?logo=circleci&logoColor=white&style=for-the-badge)](https://circleci.com/orbs/registry/orb/gitguardian/ggshield) [![Docker Image Version (latest semver)](https://img.shields.io/docker/v/gitguardian/ggshield?color=1B2D55&sort=semver&style=for-the-badge&label=ggshield)](https://hub.docker.com/r/gitguardian/ggshield) [![License](https://img.shields.io/github/license/GitGuardian/gg-shield-orb?color=%231B2D55&style=for-the-badge)](LICENSE) ![GitHub stars](https://img.shields.io/github/stars/gitguardian/gg-shield-orb?color=%231B2D55&style=for-the-badge) @@ -33,7 +33,7 @@ workflows: jobs: - ggshield/scan: name: ggshield-scan # best practice is to name each orb job - base_revision: << pipeline.git.base_revision >> + base_revision: <> revision: <> ``` diff --git a/src/@orb.yml b/src/@orb.yml index 81ec145..7d50dd9 100644 --- a/src/@orb.yml +++ b/src/@orb.yml @@ -1,7 +1,7 @@ version: 2.1 description: > - Easily integrate GitGuardian shield into your Circle CI projects. + Easily integrate GitGuardian shield into your CircleCI projects. Scan your commits for secrets and other policy breaks display: @@ -22,33 +22,28 @@ examples: jobs: - ggshield/scan: name: ggshield-scan # best practice is to name each orb job - base_revision: << pipeline.git.base_revision >> + base_revision: <> revision: <> -executors: - ggshield-executor: - docker: - - image: gitguardian/ggshield:<> - parameters: - version: - type: string - default: "latest" -commands: - scan-command: - steps: - - run: ggshield scan ci + jobs: scan: parameters: base_revision: - description: pipeline base_revision + description: ID of the first commit to scan. Leave empty to only scan the latest commit. type: string + default: "" revision: - description: pipeline revision + description: ID of the last commit to scan. + type: string + tag: + description: Pick a specific gitguardian/ggshield image variant: https://hub.docker.com/r/gitguardian/ggshield/tags + default: latest type: string + docker: + - image: gitguardian/ggshield::<> environment: - CIRCLE_RANGE: << parameters.base_revision >>...<> - executor: ggshield-executor + CIRCLE_RANGE: <>...<> steps: - checkout - - scan-command + - run: ggshield scan -v ci