Merge pull request #1 from step-security/release

chore: initial release

.eslintignore

@@ -0,0 +1,4 @@
+dist/
+lib/
+node_modules/
+jest.config.js

.eslintrc.js

@@ -0,0 +1,30 @@
+module.exports = {
+    parser: '@typescript-eslint/parser',
+    plugins: ['@typescript-eslint'],
+    parserOptions: {
+        ecmaVersion: 9,
+        sourceType: 'module',
+        project: ['./tsconfig.json', './test/tsconfig.json'],
+    },
+    extends: ['eslint:recommended', 'plugin:@typescript-eslint/recommended', 'prettier'],
+    rules: {
+        '@typescript-eslint/explicit-function-return-type': 'off',
+        '@typescript-eslint/no-explicit-any': 'off',
+        '@typescript-eslint/explicit-member-accessibility': 'off',
+        '@typescript-eslint/no-use-before-define': 'off',
+        // typescript compiler has better unused variable checking.
+        '@typescript-eslint/no-unused-vars': 'off',
+    },
+    overrides: [
+        {
+            files: ['src/**/*.ts', 'src/**/*.tsx'],
+        },
+        {
+            files: ['test/**/*.ts', 'test/**/*.tsx'],
+            rules: {
+                '@typescript-eslint/no-non-null-assertion': 'off',
+                '@typescript-eslint/no-object-literal-type-assertion': 'off',
+            },
+        },
+    ],
+};

.github/dependabot.yml

@@ -0,0 +1,14 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    schedule:
+      interval: daily
+
+  - package-ecosystem: npm
+    directory: /
+    schedule:
+      interval: daily
+    commit-message:
+      prefix: 'fix'
+      prefix-development: 'chore'

.github/workflows/actions_release.yml

@@ -0,0 +1,21 @@
+name: Release GitHub Actions
+
+on:
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: "Tag for the release"
+        required: true
+
+permissions:
+  contents: read
+
+jobs:
+  release:
+    permissions:
+      actions: read
+      id-token: write
+      contents: write
+    uses: step-security/reusable-workflows/.github/workflows/actions_release.yaml@v1
+    with:
+      tag: "${{ github.event.inputs.tag }}"

.github/workflows/test.yml

@@ -0,0 +1,28 @@
+name: 'build-test'
+on:
+  pull_request:
+    paths-ignore:
+      - '**.md'
+  push:
+    branches:
+      - main
+    paths-ignore:
+      - '**.md'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Use Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+      - run: npm install
+      # Pull this image so it will already be there for unit tests later.
+      - run: docker pull ubuntu:22.10
+      - run: npm run all
+      - name: Run a docker container
+        run: docker run --name=test-container ubuntu:22.10 /bin/sh -c '>&2 echo error1 && echo test message && >&2 echo error2'
+      - name: test
+        uses: ./

.gitignore

@@ -0,0 +1,101 @@
+# Dependency directory
+node_modules
+
+# Rest pulled from https://github.com/github/gitignore/blob/master/Node.gitignore
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+lerna-debug.log*
+
+# Diagnostic reports (https://nodejs.org/api/report.html)
+report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+*.lcov
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (https://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+jspm_packages/
+
+# TypeScript v1 declaration files
+typings/
+
+# TypeScript cache
+*.tsbuildinfo
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+.env
+.env.test
+
+# parcel-bundler cache (https://parceljs.org/)
+.cache
+
+# next.js build output
+.next
+
+# nuxt.js build output
+.nuxt
+
+# vuepress build output
+.vuepress/dist
+
+# Serverless directories
+.serverless/
+
+# FuseBox cache
+.fusebox/
+
+# DynamoDB Local files
+.dynamodb/
+
+# OS metadata
+.DS_Store
+Thumbs.db
+
+# Ignore built ts files
+__tests__/runner/*
+lib/**/*
+
+testOut/**

.prettierignore

@@ -0,0 +1,3 @@
+dist/
+lib/
+node_modules/

.prettierrc.js

@@ -0,0 +1,21 @@
+module.exports = {
+    trailingComma: 'es5',
+    printWidth: 100,
+    tabWidth: 4,
+    semi: true,
+    singleQuote: true,
+    overrides: [
+        {
+            files: '*.md',
+            options: {
+                tabWidth: 2,
+            },
+        },
+        {
+            files: '*.yml',
+            options: {
+                tabWidth: 2,
+            },
+        },
+    ],
+};

.releaserc

@@ -0,0 +1,36 @@
+{
+    "branches": [
+        "main"
+    ],
+    "plugins": [
+        "@semantic-release/commit-analyzer",
+        [
+            "@semantic-release/npm",
+            {
+                "npmPublish": false
+            }
+        ],
+        "@semantic-release/release-notes-generator",
+        [
+            "@semantic-release/git",
+            {
+                "assets": [
+                    "package.json",
+                    "package-lock.json",
+                    "dist/index.js",
+                    "dist/index.js.map",
+                    "dist/sourcemap-register.js",
+                    "dist/licenses.txt"
+                ],
+                "message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
+            }
+        ],
+        "@semantic-release/github",
+        [
+            "@semantic-release/exec",
+            {
+                "successCmd": "./bin/retagMajorVersion.sh"
+            }
+        ]
+    ]
+}

LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2023 StepSecurity
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

README.md

@@ -1 +1,73 @@
-# gh-docker-logs
+# Collect Docker Logs
+
+[![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
+
+This is a GitHub Action which will collect logs from all running docker
+containers. Logs can either be dumped to stdout, or can be written to a
+folder (where you can tar them up and
+[upload them as an artifact](https://github.com/actions/upload-artifact)).
+
+## Inputs
+
+- `dest` - Destination folder to write to. If not provided, logs will be
+  written to stdout. If provided, the folder will be created if it doesn't
+  exist, and files will be written based on container names (e.g. 'redis.log').
+
+- `images` - A comma delimited list of image names. If provided, only output
+  from containers with these images will be shown. Containers will match if
+  the image matches exactly (e.g. "mongo:3.4.22") or if the image name matches
+  without a tag (e.g. "mongo" will match "mongo:3.4.22").
+
+- `tail` - Max number of lines to show from each container.  Defaults to "all".
+
+- `shell` - Shell to execute commands.  Defaults to "/bin/sh".
+
+## Usage
+
+## Dump all logs on a failure
+
+```yaml
+- name: Dump docker logs on failure
+  if: failure()
+  uses: step-security/gh-docker-logs@v2
+```
+
+## Dump redis and mongodb logs
+
+```yaml
+- name: Dump redis logs
+  uses: step-security/gh-docker-logs@v2
+  with:
+    images: 'redis,mongo'
+    # Only show last 100 lines of each
+    tail: '100'
+```
+
+## Upload tarball as artifact
+
+```yaml
+- name: Collect docker logs on failure
+  if: failure()
+  uses: step-security/gh-docker-logs@v2
+  with:
+    dest: './logs'
+- name: Tar logs
+  if: failure()
+  run: tar cvzf ./logs.tgz ./logs
+- name: Upload logs to GitHub
+  if: failure()
+  uses: actions/upload-artifact@master
+  with:
+    name: logs.tgz
+    path: ./logs.tgz
+```
+
+## Dump all logs on a failure using different shell
+
+```yaml
+- name: Dump docker logs on failure using different shell
+  if: failure()
+  uses: step-security/gh-docker-logs@v2
+  with:
+    shell: '/bin/sh'
+```

SECURITY.md

@@ -0,0 +1,5 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please report security vulnerabilities to [email protected]