diff --git a/.eslintignore b/.eslintignore index afc6af7915..be578dfb0f 100644 --- a/.eslintignore +++ b/.eslintignore @@ -6,3 +6,4 @@ functions/src/complaints* storybook-static/* static/adstir.js coverage/* +scripts/uploadScreenShot.ts diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 85ea6ab196..ca3ecf8da0 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -297,3 +297,38 @@ jobs: publish_dir: ./public destination_dir: lh keep_files: true + + webscreenshot: + needs: + - build + strategy: + matrix: + os: [ubuntu-latest] + width: [1920, 1200, 768, 400] + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@v3 + - uses: denoland/setup-deno@v1 + with: + deno-version: 'v1.x' + - name: install noto font + run: sudo apt install fonts-noto + - name: Capture Webpage Screenshot + uses: swinton/screenshot-website@v1.0.2 + with: + source: "https://blog.tubone-project24.xyz" + destination: screenshot-${{ matrix.os }}-${{ matrix.width }}.png + width: ${{ matrix.width }} + delay: 10 + - uses: actions/download-artifact@v3 + with: + name: screenshot-${{ matrix.os }}-${{ matrix.width }} + - name: PR Comments + env: + FILE_PATH: screenshot-${{ matrix.os }}-${{ matrix.width }}.png + FILE_NAME: screenshot-${{ matrix.os }}-${{ matrix.width }}.png + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_REPOSITORY: "tubone24/blog" + GITHUB_PULL_REQUEST_NUMBER: ${{ steps.get-pr-num.outputs.prnum }} + BRANCH_NAME: "master" + run: deno run --allow-env --allow-read --allow-net scripts/uploadScreenShot.ts diff --git a/.github/workflows/previewDeploy.yml b/.github/workflows/previewDeploy.yml index a0ee130855..1c05aed9ae 100644 --- a/.github/workflows/previewDeploy.yml +++ b/.github/workflows/previewDeploy.yml @@ -487,7 +487,6 @@ jobs: run: gh pr comment -F ./comments.txt "${URL}" - webscreenshot: needs: - build @@ -495,18 +494,38 @@ jobs: strategy: matrix: os: [ubuntu-latest] - width: [1200, 992, 768, 600] + width: [1920, 1200, 768, 400] runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v3 + - uses: denoland/setup-deno@v1 + with: + deno-version: 'v1.x' + - name: install noto font + run: sudo apt install fonts-noto - name: Capture Webpage Screenshot if: ${{ !contains(needs.check-skip-flags.outputs.head-commit-message, '[skip netlify]') }} - uses: swinton/screenshot-website@v1.0.0 + uses: swinton/screenshot-website@v1.0.2 with: source: ${{ needs.build.outputs.draftUrl }} destination: screenshot-${{ matrix.os }}-${{ matrix.width }}.png width: ${{ matrix.width }} - - uses: actions/upload-artifact@v3 + delay: 10 + - uses: actions/download-artifact@v3 with: - name: screenshot-${{ matrix.os }}-${{ matrix.width }}.png - path: screenshot-${{ matrix.os }}-${{ matrix.width }}.png + name: screenshot-${{ matrix.os }}-${{ matrix.width }} + - name: ls + run: ls -la + - name: Get PR Number + id: get-pr-num + run: echo "prnum=$(echo $GITHUB_REF | sed -e 's/[^0-9]//g')" >> $GITHUB_OUTPUT + - name: PR Comments + env: + FILE_PATH: screenshot-${{ matrix.os }}-${{ matrix.width }}.png + FILE_NAME: screenshot-${{ matrix.os }}-${{ steps.get-pr-num.outputs.prnum }}-${{ github.head_ref }}-${{ matrix.width }}.png + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_REPOSITORY: "tubone24/blog" + GITHUB_PULL_REQUEST_NUMBER: ${{ steps.get-pr-num.outputs.prnum }} + BRANCH_NAME: "screenshot" + run: deno run --allow-env --allow-read --allow-net scripts/uploadScreenShot.ts + diff --git a/.gitignore b/.gitignore index b4e635c9fd..64ceefe58b 100644 --- a/.gitignore +++ b/.gitignore @@ -45,4 +45,4 @@ test/memlab/data # OWASPZAP owasp/zap/*.key owasp/zap/*.cer -owasp/zap/zapHome/ \ No newline at end of file +owasp/zap/zapHome/ diff --git a/functions/src/csp-report.js b/functions/src/csp-report.js index 327b57b06d..fc47f64a41 100644 --- a/functions/src/csp-report.js +++ b/functions/src/csp-report.js @@ -14,7 +14,7 @@ const transaction = Sentry.startTransaction({ exports.handler = (event, context) => { console.log(event, context); if (!event.body) { - Sentry.captureException(new Error(event)); + Sentry.captureException(new Error(JSON.stringify(event))); transaction.finish(); return { statusCode: 400, @@ -22,7 +22,7 @@ exports.handler = (event, context) => { }; } const body = JSON.parse(event.body); - Sentry.captureException(new Error(body)); + Sentry.captureException(new Error(JSON.stringify(body))); transaction.finish(); return { statusCode: 200, diff --git a/owasp/zap/alertFilter.conf b/owasp/zap/alertFilter.conf index f80811e974..62e231bb5e 100644 --- a/owasp/zap/alertFilter.conf +++ b/owasp/zap/alertFilter.conf @@ -86,3 +86,25 @@ globalalertfilter.filters.filter(7).attackregex=false globalalertfilter.filters.filter(7).evidence= globalalertfilter.filters.filter(7).evidenceregex=false globalalertfilter.filters.filter(7).enabled=true +globalalertfilter.filters.filter(8).ruleid=90022 +globalalertfilter.filters.filter(8).newrisk=-1 +globalalertfilter.filters.filter(8).url=http://web:9000/page-data/2022/01/03/owaspzap/page-data.json +globalalertfilter.filters.filter(8).urlregex=false +globalalertfilter.filters.filter(8).param= +globalalertfilter.filters.filter(8).paramregex=false +globalalertfilter.filters.filter(8).attack= +globalalertfilter.filters.filter(8).attackregex=false +globalalertfilter.filters.filter(8).evidence=Internal Server Error +globalalertfilter.filters.filter(8).evidenceregex=false +globalalertfilter.filters.filter(8).enabled=true +globalalertfilter.filters.filter(9).ruleid=90022 +globalalertfilter.filters.filter(9).newrisk=-1 +globalalertfilter.filters.filter(9).url=http://web:9000/page-data/index/page-data.json +globalalertfilter.filters.filter(9).urlregex=false +globalalertfilter.filters.filter(9).param= +globalalertfilter.filters.filter(9).paramregex=false +globalalertfilter.filters.filter(9).attack= +globalalertfilter.filters.filter(9).attackregex=false +globalalertfilter.filters.filter(9).evidence=Internal Server Error +globalalertfilter.filters.filter(9).evidenceregex=false +globalalertfilter.filters.filter(9).enabled=true diff --git a/scripts/uploadScreenShot.ts b/scripts/uploadScreenShot.ts new file mode 100644 index 0000000000..b9b35c150e --- /dev/null +++ b/scripts/uploadScreenShot.ts @@ -0,0 +1,43 @@ +import { encode } from "https://deno.land/std/encoding/base64.ts"; + +const GITHUB_API_URL = "https://api.github.com"; +const AUTHOR_NAME = "github-actions[bot]"; +const AUTHOR_EMAIL = "github-actions[bot]@users.noreply.github.com"; +const filePath = Deno.env.get("FILE_PATH") as string; +const fileName = Deno.env.get("FILE_NAME") as string; +const gitHubToken = Deno.env.get("GITHUB_TOKEN") as string; +const gitHubRepo = Deno.env.get("GITHUB_REPOSITORY") as string; +const prNumber = Deno.env.get("GITHUB_PULL_REQUEST_NUMBER") as string; +const branchName = Deno.env.get("BRANCH_NAME") as string; + +const readImageData = await Deno.readFile(filePath); +const encodedData = encode(readImageData); + +const gitHubPayload = { + message: `[file upload] Added file for PR #${prNumber}`, + content: encodedData.replace(new RegExp("data.*base64,"), ""), + branch: branchName, + author: { + name: AUTHOR_NAME, + email: AUTHOR_EMAIL, + }, + committer: { + name: AUTHOR_NAME, + email: AUTHOR_EMAIL, + }, +}; + +const gitHubHeaders = { + Accept: "application/vnd.github.v3+json", + Authorization: `Bearer ${gitHubToken}`, +}; + +const gitHubUploadurl = `${GITHUB_API_URL}/repos/${gitHubRepo}/contents/docs/screenshot/${fileName}`; + +const gitHubRes = await fetch(gitHubUploadurl, { + method: "PUT", + headers: gitHubHeaders, + body: JSON.stringify(gitHubPayload), +}); + +console.log(gitHubRes);