From 9f387e3458bb4685cf0f5d0c3664a9561dbbe780 Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Mon, 9 Jun 2025 03:27:45 +0700 Subject: [PATCH 1/7] Add .circleci/config.yml --- .circleci/config.yml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 00000000000..62291703e26 --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,31 @@ +# Use the latest 2.1 version of CircleCI pipeline process engine. +# See: https://circleci.com/docs/configuration-reference +version: 2.1 + +# Define a job to be invoked later in a workflow. +# See: https://circleci.com/docs/jobs-steps/#jobs-overview & https://circleci.com/docs/configuration-reference/#jobs +jobs: + say-hello: + # Specify the execution environment. You can specify an image from Docker Hub or use one of our convenience images from CircleCI's Developer Hub. + # See: https://circleci.com/docs/executor-intro/ & https://circleci.com/docs/configuration-reference/#executor-job + docker: + # Specify the version you desire here + # See: https://circleci.com/developer/images/image/cimg/base + - image: cimg/base:current + + # Add steps to the job + # See: https://circleci.com/docs/jobs-steps/#steps-overview & https://circleci.com/docs/configuration-reference/#steps + steps: + # Checkout the code as the first step. + - checkout + - run: + name: "Say hello" + command: "echo Hello, World!" + +# Orchestrate jobs using workflows +# See: https://circleci.com/docs/workflows/ & https://circleci.com/docs/configuration-reference/#workflows +workflows: + say-hello-workflow: # This is the name of the workflow, feel free to change it to better match your workflow. + # Inside the workflow, you define the jobs you want to run. + jobs: + - say-hello \ No newline at end of file From dca4dca3608994bbe289a151fa2f88b7624a0a61 Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Thu, 3 Jul 2025 15:59:25 +0700 Subject: [PATCH 2/7] Create google.yml (#1) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --- .github/workflows/google.yml | 116 +++++++++++++++++++++++++++++++++++ 1 file changed, 116 insertions(+) create mode 100644 .github/workflows/google.yml diff --git a/.github/workflows/google.yml b/.github/workflows/google.yml new file mode 100644 index 00000000000..0b5c7d12f25 --- /dev/null +++ b/.github/workflows/google.yml @@ -0,0 +1,116 @@ +# This workflow will build a docker container, publish it to Google Container +# Registry, and deploy it to GKE when there is a push to the "main" +# branch. +# +# To configure this workflow: +# +# 1. Enable the following Google Cloud APIs: +# +# - Artifact Registry (artifactregistry.googleapis.com) +# - Google Kubernetes Engine (container.googleapis.com) +# - IAM Credentials API (iamcredentials.googleapis.com) +# +# You can learn more about enabling APIs at +# https://support.google.com/googleapi/answer/6158841. +# +# 2. Ensure that your repository contains the necessary configuration for your +# Google Kubernetes Engine cluster, including deployment.yml, +# kustomization.yml, service.yml, etc. +# +# 3. Create and configure a Workload Identity Provider for GitHub: +# https://github.com/google-github-actions/auth#preferred-direct-workload-identity-federation. +# +# Depending on how you authenticate, you will need to grant an IAM principal +# permissions on Google Cloud: +# +# - Artifact Registry Administrator (roles/artifactregistry.admin) +# - Kubernetes Engine Developer (roles/container.developer) +# +# You can learn more about setting IAM permissions at +# https://cloud.google.com/iam/docs/manage-access-other-resources +# +# 5. Change the values in the "env" block to match your values. + +name: 'Build and Deploy to GKE' + +on: + push: + branches: + - '"main"' + +env: + PROJECT_ID: 'my-project' # TODO: update to your Google Cloud project ID + GAR_LOCATION: 'us-central1' # TODO: update to your region + GKE_CLUSTER: 'cluster-1' # TODO: update to your cluster name + GKE_ZONE: 'us-central1-c' # TODO: update to your cluster zone + DEPLOYMENT_NAME: 'gke-test' # TODO: update to your deployment name + REPOSITORY: 'samples' # TODO: update to your Artifact Registry docker repository name + IMAGE: 'static-site' + WORKLOAD_IDENTITY_PROVIDER: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider' # TODO: update to your workload identity provider + +jobs: + setup-build-publish-deploy: + name: 'Setup, Build, Publish, and Deploy' + runs-on: 'ubuntu-latest' + environment: 'production' + + permissions: + contents: 'read' + id-token: 'write' + + steps: + - name: 'Checkout' + uses: 'actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332' # actions/checkout@v4 + + # Configure Workload Identity Federation and generate an access token. + # + # See https://github.com/google-github-actions/auth for more options, + # including authenticating via a JSON credentials file. + - id: 'auth' + name: 'Authenticate to Google Cloud' + uses: 'google-github-actions/auth@f112390a2df9932162083945e46d439060d66ec2' # google-github-actions/auth@v2 + with: + workload_identity_provider: '${{ env.WORKLOAD_IDENTITY_PROVIDER }}' + + # Authenticate Docker to Google Cloud Artifact Registry + - name: 'Docker Auth' + uses: 'docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567' # docker/login-action@v3 + with: + username: 'oauth2accesstoken' + password: '${{ steps.auth.outputs.auth_token }}' + registry: '${{ env.GAR_LOCATION }}-docker.pkg.dev' + + # Get the GKE credentials so we can deploy to the cluster + - name: 'Set up GKE credentials' + uses: 'google-github-actions/get-gke-credentials@6051de21ad50fbb1767bc93c11357a49082ad116' # google-github-actions/get-gke-credentials@v2 + with: + cluster_name: '${{ env.GKE_CLUSTER }}' + location: '${{ env.GKE_ZONE }}' + + # Build the Docker image + - name: 'Build and push Docker container' + run: |- + DOCKER_TAG="${GAR_LOCATION}-docker.pkg.dev/${PROJECT_ID}/${REPOSITORY}/${IMAGE}:${GITHUB_SHA}" + + docker build \ + --tag "${DOCKER_TAG}" \ + --build-arg GITHUB_SHA="${GITHUB_SHA}" \ + --build-arg GITHUB_REF="${GITHUB_REF}" \ + . + + docker push "${DOCKER_TAG}" + + # Set up kustomize + - name: 'Set up Kustomize' + run: |- + curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.4.3/kustomize_v5.4.3_linux_amd64.tar.gz + chmod u+x ./kustomize + + # Deploy the Docker image to the GKE cluster + - name: 'Deploy to GKE' + run: |- + # replacing the image name in the k8s template + ./kustomize edit set image LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY/IMAGE:TAG=$GAR_LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$GITHUB_SHA + ./kustomize build . | kubectl apply -f - + kubectl rollout status deployment/$DEPLOYMENT_NAME + kubectl get services -o wide From b2c33d143ad20410a66a9ffabe271c6f2fab7772 Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Thu, 17 Jul 2025 04:55:55 +0700 Subject: [PATCH 3/7] Update config.yml (#3) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --- .circleci/config.yml | 37 ++++++++++++++++--------------------- 1 file changed, 16 insertions(+), 21 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 62291703e26..709c9a7474d 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,31 +1,26 @@ # Use the latest 2.1 version of CircleCI pipeline process engine. # See: https://circleci.com/docs/configuration-reference -version: 2.1 -# Define a job to be invoked later in a workflow. -# See: https://circleci.com/docs/jobs-steps/#jobs-overview & https://circleci.com/docs/configuration-reference/#jobs -jobs: - say-hello: - # Specify the execution environment. You can specify an image from Docker Hub or use one of our convenience images from CircleCI's Developer Hub. - # See: https://circleci.com/docs/executor-intro/ & https://circleci.com/docs/configuration-reference/#executor-job +version: 2.1 +executors: + my-custom-executor: docker: - # Specify the version you desire here - # See: https://circleci.com/developer/images/image/cimg/base - - image: cimg/base:current + - image: cimg/base:stable + auth: + # ensure you have first added these secrets + # visit app.circleci.com/settings/project/github/Dargon789/hardhat-project/environment-variables + username: $DOCKER_HUB_USER + password: $DOCKER_HUB_PASSWORD +jobs: + web3-defi-game-project-: - # Add steps to the job - # See: https://circleci.com/docs/jobs-steps/#steps-overview & https://circleci.com/docs/configuration-reference/#steps + executor: my-custom-executor steps: - # Checkout the code as the first step. - checkout - - run: - name: "Say hello" - command: "echo Hello, World!" + - run: | + # echo Hello, World! -# Orchestrate jobs using workflows -# See: https://circleci.com/docs/workflows/ & https://circleci.com/docs/configuration-reference/#workflows workflows: - say-hello-workflow: # This is the name of the workflow, feel free to change it to better match your workflow. - # Inside the workflow, you define the jobs you want to run. + my-custom-workflow: jobs: - - say-hello \ No newline at end of file + - web3-defi-game-project- From 0837c22b666b2dcc7a524821a5bcb53465fad8a7 Mon Sep 17 00:00:00 2001 From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 14:53:08 +0000 Subject: [PATCH 4/7] feat: upgrade c8 from 9.1.0 to 10.1.3 Snyk has created this PR to upgrade c8 from 9.1.0 to 10.1.3. See this package in npm: c8 See this project in Snyk: https://app.snyk.io/org/dargon789/project/68a3328a-d2b6-4975-b7db-af96a29fc4ac?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr --- packages/google-cloud-modelarmor/samples/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/google-cloud-modelarmor/samples/package.json b/packages/google-cloud-modelarmor/samples/package.json index 93db4fd6e3a..00b5406139a 100644 --- a/packages/google-cloud-modelarmor/samples/package.json +++ b/packages/google-cloud-modelarmor/samples/package.json @@ -17,7 +17,7 @@ "@google-cloud/modelarmor": "^0.4.0" }, "devDependencies": { - "c8": "^9.0.0", + "c8": "^10.1.3", "chai": "^4.2.0", "mocha": "^8.0.0" } From b37e491fecf64286496c18c2c180d431c2ebf885 Mon Sep 17 00:00:00 2001 From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 14:53:13 +0000 Subject: [PATCH 5/7] feat: upgrade c8 from 9.1.0 to 10.1.3 Snyk has created this PR to upgrade c8 from 9.1.0 to 10.1.3. See this package in npm: c8 See this project in Snyk: https://app.snyk.io/org/dargon789/project/e2757016-0d48-429d-8c99-bffba0039c3a?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr --- packages/google-cloud-tpu/samples/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/google-cloud-tpu/samples/package.json b/packages/google-cloud-tpu/samples/package.json index 7377259a736..c5276db6697 100644 --- a/packages/google-cloud-tpu/samples/package.json +++ b/packages/google-cloud-tpu/samples/package.json @@ -16,7 +16,7 @@ "@google-cloud/tpu": "^4.1.0" }, "devDependencies": { - "c8": "^9.0.0", + "c8": "^10.1.3", "chai": "^4.2.0", "mocha": "^8.0.0" } From 3c8b46339b0bfa3b9a0ab3b49af9a5a1be5eab22 Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Mon, 13 Oct 2025 05:05:45 +0000 Subject: [PATCH 6/7] Update google.yml (#11) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --- .github/workflows/google.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/google.yml b/.github/workflows/google.yml index 0b5c7d12f25..9b417be005c 100644 --- a/.github/workflows/google.yml +++ b/.github/workflows/google.yml @@ -37,7 +37,8 @@ on: push: branches: - '"main"' - + - '"master"' + - '"dev"' env: PROJECT_ID: 'my-project' # TODO: update to your Google Cloud project ID GAR_LOCATION: 'us-central1' # TODO: update to your region From 8c19344791e8e652f6eb9ce7838b6d3f3802578e Mon Sep 17 00:00:00 2001 From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com> Date: Mon, 17 Nov 2025 19:29:48 +0000 Subject: [PATCH 7/7] fix: packages/google-cloud-vpcaccess/samples/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110 --- packages/google-cloud-vpcaccess/samples/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/google-cloud-vpcaccess/samples/package.json b/packages/google-cloud-vpcaccess/samples/package.json index 739ede28bea..73f23322af9 100644 --- a/packages/google-cloud-vpcaccess/samples/package.json +++ b/packages/google-cloud-vpcaccess/samples/package.json @@ -18,6 +18,6 @@ "devDependencies": { "c8": "^9.0.0", "chai": "^4.2.0", - "mocha": "^8.0.0" + "mocha": "^10.6.0" } } \ No newline at end of file