Merge pull request #7 from cloudgraphdev/beta

chore: release pipelines to main

Author: tyler-dunkel

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,35 @@
+---
+name: Bug report
+about: Create a report to help us improve CloudGraph
+title: ''
+labels: bug
+assignees: tyler-dunkel
+
+---
+
+Thank you for filling out a bug report, we really appreciate any help in improving the CloudGraph CLI and providers!
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Run command '...' NOTE: please run the command in DEBUG mode for additional debugging info [e.g. `CG_DEBUG=5 cg scan aws`]
+2. Run GraphQL query '....'
+4. See error
+
+Please include the `cg-debug.log` file if applicable
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Environment (please complete the following information):**
+ - CLI version [e.g. `0.11.7`]
+ - Provider versions [e.g. `aws@0.30.0`, `azure@0.15.1`]
+ - Context [e.g. Local machine, EC2 Instance, Other]
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,27 @@
+---
+name: Feature request
+about: Suggest a feature you would like to see CloudGraph implement
+title: ''
+labels: enhancement
+assignees: tyler-dunkel
+
+---
+
+Thank you for taking the time to suggest a way the CloudGraph tool could imrpove! 
+
+If this is for a larger feature request, please use our [Slack channel](https://cloudgraph-workspace.slack.com) so we can discuss and avoid duplicate work (we may already be working on it!)
+.
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**How would this be useful to you**
+Tell us what this feature would help you achieve in your workflow
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/SECURITY.md

@@ -0,0 +1,72 @@
+# Security Policy
+
+1. [Reporting security problems to CloudGraph](#reporting)
+2. [Security Point of Contact](#contact)
+3. [Incident Response Process](#process)
+
+<a name="reporting"></a>
+## Reporting security problems to CloudGraph
+
+**DO NOT CREATE AN ISSUE** to report a security problem. Instead, please
+send an email to security@autocloud.dev
+
+<a name="contact"></a>
+## Security Point of Contact
+
+The security point of contact is Tyler Dunkel. Tyler responds to security
+incident reports as fast as possible, within one business day at the latest.
+
+In case Tyler does not respond within a reasonable time, the secondary point
+of contact is [Tyson Kunovsky](https://github.com/orgs/cloudgraphdev/people/kunovsky).
+
+If neither Tyler nor Tyson responds then please contact support@github.com
+who can disable any access for the CloudGraph CLI tool until the security incident is resolved.
+
+<a name="process"></a>
+## Incident Response Process
+
+In case an incident is discovered or reported, CloudGraph will follow the following
+process to contain, respond and remediate:
+
+### 1. Containment
+
+The first step is to find out the root cause, nature and scope of the incident.
+
+- Is still ongoing? If yes, first priority is to stop it.
+- Is the incident outside of my influence? If yes, first priority is to contain it.
+- Find out knows about the incident and who is affected.
+- Find out what data was potentially exposed.
+
+One way to immediately remove all access for CloudGraph is to uninstall CloudGraph globally and/or locally using
+`npm uninstall -g @cloudgraph/cli` && `npm uninstall @cloudgraph/cli`
+
+### 2. Response
+
+After the initial assessment and containment to out best abilities, CloudGraph will
+document all actions taken in a response plan.
+
+CloudGraph will create an RCA (Root Cause Analysis) document in the [CloudGraph documentation site](https://docs.cloudgraph.dev/overview) that describes what happened and what was done to resolve it.
+
+### 3. Remediation
+
+Once the incident is confirmed to be resolved, CloudGraph will summarize the lessons
+learned from the incident and create a list of actions CloudGraph will take to prevent
+it from happening again.
+
+### Keep permissions to a minimum
+
+The CloudGraph CLI tool uses the least amount of access to limit the impact of possible
+security incidents, see [README - How It Works](https://github.com/cloudgraphdev/cli#how-it-works).
+
+### Secure accounts with access
+
+The [CloudGraph GitHub Organization](https://github.com/cloudgraphdev) requires 2FA authorization
+for all members.
+
+### Critical Updates And Security Notices
+
+We learn about critical software updates and security threats from these sources
+
+1. GitHub Security Alerts
+2. [Snyk open source vulnerability dectection](https://snyk.io/product/open-source-security-management/)
+3. GitHub: https://githubstatus.com/ & [@githubstatus](https://twitter.com/githubstatus)

.github/pull_request_template.md

@@ -0,0 +1,23 @@
+## Issue tracker links
+
+_Add links to any relevant tasks/stories/bugs/pagerduty/etc_
+
+*Example - dummy TODO project*
+
+[TODO-123](https://autoclouddev.atlassian.net/browse/TODO-123)
+
+## Changes/solution
+
+_How does this change address the problem?_
+
+## Testing
+
+_Describe how the testing was done, plus evidence, if not covered by automated tests_
+
+## Notes and considerations
+
+_Add any additional notes and/or considerations_
+
+## Dependencies
+
+_Add dependencies on any other PRs, if applicable 

.github/workflows/notify.yml

@@ -0,0 +1,23 @@
+---
+name: notify
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  notify:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 16
+      - run: |
+          GIT_COMMIT_TILE=$(git log -1 --pretty=format:"%s")
+          curl -X POST --data-urlencode "payload={\"attachments\":[{\"fallback\":\"$GIT_AUTHOR_NAME released new $ORGANIZATION_NAME $REPO_NAME version of $GITHUB_REF_NAME\",\"color\":\"good\",\"title\":\"Version $GITHUB_REF_NAME of $ORGANIZATION_NAME $REPO_NAME released\",\"title_link\":\"$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/releases/tag/$GITHUB_REF_NAME\",\"fields\":[{\"title\":\"Tag\",\"value\":\"<$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/commits/$GITHUB_REF_NAME|$GITHUB_REF_NAME>\",\"short\":true},{\"title\":\"Commit\",\"value\":\"<$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/tree/$GITHUB_REF_NAME|$GIT_COMMIT_TILE>\",\"short\":true}],\"footer\":\"$ORGANIZATION_NAME $REPO_NAME \",\"ts\":\"$( date +%s )\"}]}" $SLACK_WEBHOOK
+        env:
+          REPO_NAME: ${{ github.event.repository.name }}
+          GIT_AUTHOR_NAME: "AutoCloud Deploy Bot"
+          SLACK_WEBHOOK: ${{secrets.slack_api_endpoint}}
+          ORGANIZATION_NAME: ${{secrets.organization_name}}

.github/workflows/pr-validator.yml

@@ -0,0 +1,29 @@
+---
+name: pr-validator
+
+on:
+  pull_request:
+    types: [synchronize, opened, reopened, edited]
+    branches:
+      - main
+      - beta
+
+jobs:
+  pr-validation:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - run: |
+          if [ "$TARGET_BRANCH" == "main" ] && [ "$SOURCE_BRANCH" == "beta" ]; then
+              echo "Merge from $SOURCE_BRANCH to $TARGET_BRANCH is valid"
+              exit 0
+          elif [ "$TARGET_BRANCH" == "beta" ] && [ "$SOURCE_BRANCH" == "alpha" ]; then
+              echo "Merge from $SOURCE_BRANCH to $TARGET_BRANCH is valid"
+              exit 0
+          else
+              echo "You cannot merge from $SOURCE_BRANCH to $TARGET_BRANCH"
+              exit 1
+          fi
+        env:
+          SOURCE_BRANCH: ${{ github.head_ref }}
+          TARGET_BRANCH: ${{ github.base_ref }}

.github/workflows/publish.yml

@@ -0,0 +1,62 @@
+---
+name: publish
+
+on:
+  push:
+    branches:
+      - alpha
+      - beta
+      - main
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          persist-credentials: false
+          token: ${{secrets.gh_token}}
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 16
+          registry-url: "https://registry.npmjs.org"
+
+      - name: Get cache directory
+        id: yarn-cache-dir
+        run: |
+          echo "::set-output name=dir::$(yarn cache dir)"
+
+      - name: Restoring cache
+        uses: actions/cache@v3
+        id: yarn-cache # use this to check for `cache-hit` ==> if: steps.yarn-cache.outputs.cache-hit != 'true'
+        with:
+          path: ${{ steps.yarn-cache-dir.outputs.dir }}
+          key: ${{ runner.os }}-node-${{ hashFiles('**/yarn.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-yarn-
+
+      - name: Install Packages
+        # NOTE: The --ignore-scripts flag is required to prevent leakage of NPM_TOKEN value
+        # See https://github.com/actions/setup-node/blob/main/docs/advanced-usage.md#use-private-packages
+        run: yarn install --frozen-lockfile --prefer-offline --ignore-scripts
+
+      - name: Install jq for tests
+        run: node -r node-jq/scripts/install-binary.js
+
+      - name: Build
+        run: yarn prepack
+
+      - name: Test
+        run: yarn test
+
+      - name: Publish
+        run: npx semantic-release
+        env:
+          NODE_ENV: "cicd"
+          NODE_AUTH_TOKEN: ${{secrets.npm_token}}
+          GITHUB_TOKEN: ${{secrets.gh_token}}
+          GIT_AUTHOR_NAME: "autocloud-deploy-bot"
+          GIT_AUTHOR_EMAIL: "no-reply@autocloud.dev"
+          GIT_COMMITTER_NAME: "autocloud-deploy-bot"
+          GIT_COMMITTER_EMAIL: "no-reply@autocloud.dev"