From 97b81907d7c0cacc7a963e2d259c30047ea550cf Mon Sep 17 00:00:00 2001
From: Varun Sharma <varunsh@stepsecurity.io>
Date: Thu, 19 Dec 2024 18:45:06 +0530
Subject: [PATCH 1/3] Create baseline_checks.yml

---
 .github/workflows/baseline_checks.yml | 35 +++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 .github/workflows/baseline_checks.yml

diff --git a/.github/workflows/baseline_checks.yml b/.github/workflows/baseline_checks.yml
new file mode 100644
index 00000000..e95e029a
--- /dev/null
+++ b/.github/workflows/baseline_checks.yml
@@ -0,0 +1,35 @@
+name: "Baseline Checks"
+on:
+  workflow_dispatch:
+  
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: step-security/harden-runner@int-sh
+        with:
+          egress-policy: audit
+
+      - uses: crazy-max/ghaction-github-status@v4
+
+      - uses: actions/checkout@v3
+
+      - name: npm install
+        run: |
+          cd ./src/exfiltration-demo
+          npm install
+
+      - name: get-npm-version
+        id: package-version
+        uses: martinbeentjes/npm-get-version-action@v1.3.1
+        with:
+          path: src/exfiltration-demo
+
+      - name: Publish to Registry
+        uses: elgohr/Publish-Docker-Github-Action@v5
+        with:
+          name: ${{ github.repository }}/prod:latest
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+          registry: ghcr.io
+          workdir: ./src/exfiltration-demo

From 2b3e406390ea52bfdb781d89698bbbc7b1e04581 Mon Sep 17 00:00:00 2001
From: Varun Sharma <varunsh@stepsecurity.io>
Date: Thu, 19 Dec 2024 18:46:13 +0530
Subject: [PATCH 2/3] Update baseline_checks.yml

---
 .github/workflows/baseline_checks.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/baseline_checks.yml b/.github/workflows/baseline_checks.yml
index e95e029a..74bd64cc 100644
--- a/.github/workflows/baseline_checks.yml
+++ b/.github/workflows/baseline_checks.yml
@@ -1,6 +1,7 @@
 name: "Baseline Checks"
 on:
   workflow_dispatch:
+  pull_request:
   
 jobs:
   build:

From 15e707ce25cc1ea69334a1071b7e52859ebe9b71 Mon Sep 17 00:00:00 2001
From: Varun Sharma <varunsh@stepsecurity.io>
Date: Thu, 19 Dec 2024 18:48:00 +0530
Subject: [PATCH 3/3] Update baseline_checks.yml

---
 .github/workflows/baseline_checks.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/baseline_checks.yml b/.github/workflows/baseline_checks.yml
index 74bd64cc..06fc0bc7 100644
--- a/.github/workflows/baseline_checks.yml
+++ b/.github/workflows/baseline_checks.yml
@@ -1,4 +1,4 @@
-name: "Baseline Checks"
+name: "Build"
 on:
   workflow_dispatch:
   pull_request: