Cmwilson21 patch 1 (#4)

* Update -step.txt * Update and rename 1-enable-codeql.ml to 1-enable-codeql.yml * Update 2-review-and-triage-codeql-alerts.yml * Update 3-fix-security-vulnerabilities.yml * Update 4-prevent-vulnerabilities-in-the-pull-request.yml * Update 4-prevent-vulnerabilities-in-the-pull-request.yml * Update 1-enable-codeql.md * Update 0-welcome.yml
skills · Oct 19, 2023 · ce8ca8f · ce8ca8f
1 parent 34a37f6
commit ce8ca8f
Show file tree

Hide file tree

Showing 6 changed files with 14 additions and 8 deletions.
diff --git a/.github/steps/-step.txt b/.github/steps/-step.txt
@@ -1 +1 @@
-1
+0
diff --git a/.github/steps/1-enable-codeql.md b/.github/steps/1-enable-codeql.md
@@ -28,7 +28,6 @@ First, we will enable code scanning with CodeQL in our repository.
 3. Under the **Security** section on the left side, select **Code security and analysis**.
 4. Scroll down to the section titled **Code scanning**. For the purpose of this course, we will focus on CodeQL analysis.
 5. Click on the **Set up** dropdown menu and choose **Default**.
-6. 
 ![enable-code-scanning-default.png](/images/enable-code-scanning-default.png)
 
 Let's take a look at the configuration options in the modal:

diff --git a/.github/workflows/1-enable-codeql.ml → .github/workflows/1-enable-codeql.yml b/.github/workflows/1-enable-codeql.ml → .github/workflows/1-enable-codeql.yml
@@ -1,4 +1,4 @@
-lname: Step 1, Enable CodeQL
+name: Step 1, Enable CodeQL
 
 # This step triggers after enabling codeql.
 # This workflow updates from step 1 to step 2.
@@ -8,7 +8,10 @@ lname: Step 1, Enable CodeQL
 on:
   workflow_dispatch:
   # Add events that trigger this workflow.
-  # enable-codeql-event:
+  workflow_run:
+    workflows: [CodeQL]
+    types:
+      - in_progress
 
 # Reference: https://docs.github.com/en/actions/security-guides/automatic-token-authentication
 permissions:

diff --git a/.github/workflows/2-review-and-triage-codeql-alerts.yml b/.github/workflows/2-review-and-triage-codeql-alerts.yml
@@ -8,7 +8,8 @@ name: Step 2, review-and-triage-codeql-alerts
 on:
   workflow_dispatch:
   # Add events that trigger this workflow.
-  # review-and-triage-codeql-alerts-event:
+  issues:
+    types: [opened]
 
 # Reference: https://docs.github.com/en/actions/security-guides/automatic-token-authentication
 permissions:

diff --git a/.github/workflows/3-fix-security-vulnerabilities.yml b/.github/workflows/3-fix-security-vulnerabilities.yml
@@ -8,7 +8,9 @@ name: Step 3, fix-security-vulnerabilities
 on:
   workflow_dispatch:
   # Add events that trigger this workflow.
-  # fix-security-vulnerabilities-event:
+  push:
+    paths:
+      - server/routes.py
 
 # Reference: https://docs.github.com/en/actions/security-guides/automatic-token-authentication
 permissions:

diff --git a/.github/workflows/4-prevent-vulnerabilities-in-the-pull-request.yml b/.github/workflows/4-prevent-vulnerabilities-in-the-pull-request.yml
@@ -8,7 +8,8 @@ name: Step 4, prevent-vulnerabilities-in-the-pull-request
 on:
   workflow_dispatch:
   # Add events that trigger this workflow
-  # prevent-vulnerabilities-in-the-pull-request-event:
+  pull_request:
+    types: opened
 
 # Reference: https://docs.github.com/en/actions/security-guides/automatic-token-authentication
 permissions:
@@ -61,5 +62,5 @@ jobs:
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           from_step: 4
-          to_step: 5
+          to_step: X
           branch_name: tbd-branch-name