Skip to content

Update dev #122

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Av3boy wants to merge 8 commits into from
Closed

Update dev #122

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
d24797a
Merge pull request #120 from Av3boy/dev
Av3boy Dec 13, 2025
fb71099
#52 Test
Av3boy Dec 13, 2025
8b2d029
ci: add Azure Static Web Apps workflow file
Av3boy Dec 13, 2025
006ab74
#52 Test yml (#121)
Av3boy Dec 13, 2025
906d83d
ci: add Azure Static Web Apps workflow file
Av3boy Dec 13, 2025
02b3f62
#52 temp
Dec 13, 2025
c163f94
Test
Dec 13, 2025
6f5f958
Add shields to readme (#118)
Av3boy Jan 4, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 7 additions & 13 deletions ...e-static-web-apps-white-sky-0acd4ad03.yml → ...ic-web-apps-victorious-moss-06d128203.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,13 @@
name: Publish Asset Store
name: Azure Static Web Apps CI/CD

on:
push:
branches:
# - main
- feature/52-av-web
- main
pull_request:
types: [opened, synchronize, reopened, closed]
branches:
# - main
- feature/52-av-web
- main

jobs:
build_and_deploy_job:
Expand All @@ -24,10 +22,8 @@ jobs:
with:
submodules: true
lfs: false

- name: Install OIDC Client from Core Package
run: npm install @actions/core@1.6.0 @actions/http-client

- name: Get Id Token
uses: actions/github-script@v6
id: idtoken
Expand All @@ -36,18 +32,17 @@ jobs:
const coredemo = require('@actions/core')
return await coredemo.getIDToken()
result-encoding: string

- name: Build And Deploy
id: builddeploy
uses: Azure/static-web-apps-deploy@v1
with:
azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_WHITE_SKY_0ACD4AD03 }}
azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_VICTORIOUS_MOSS_06D128203 }}
action: "upload"
###### Repository/Build Configurations - These values can be configured to match your app requirements. ######
# For more information regarding Static Web App workflow configurations, please visit: https://aka.ms/swaworkflowconfig
app_location: "/AssetStore/asset-store-ui" # App source code path
api_location: "" # Api source code path - optional
# output_location: "app" # Built app content directory - optional
app_location: "./Portal/sharpengine-web-ui" # App source code path
# api_location: "" # Api source code path - optional
output_location: "build" # Built app content directory - optional
github_id_token: ${{ steps.idtoken.outputs.result }}
app_build_command: "CI=false npm run build"
###### End of Repository/Build Configurations ######
Expand All @@ -62,4 +57,3 @@ jobs:
uses: Azure/static-web-apps-deploy@v1
with:
action: "close"

61 changes: 55 additions & 6 deletions .github/workflows/publish-asset-store.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,65 @@
name: Publish Asset Store _ Temp
name: Publish Asset Store

on:
push:
branches:
- test
- main
- feature/52-av-web
Comment on lines +6 to +7
Copy link

Copilot AI Dec 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This workflow is configured to trigger on pushes to a feature branch (feature/52-av-web). Feature branches should typically not trigger deployment workflows directly. Consider removing this branch trigger before merging to ensure the workflow only deploys from stable branches like main.

Copilot uses AI. Check for mistakes.
pull_request:
types: [opened, synchronize, reopened, closed]
branches:
- test
- main
- feature/52-av-web
Copy link

Copilot AI Dec 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This workflow includes a feature branch (feature/52-av-web) in the pull request trigger configuration. Pull request workflows should typically only be configured for stable target branches. Consider removing this feature branch from the configuration.

Suggested change
- feature/52-av-web

Copilot uses AI. Check for mistakes.

jobs:
echo:
build_and_deploy_job:
if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed')
runs-on: ubuntu-latest
name: Build and Deploy Job
permissions:
id-token: write
contents: read
steps:
- name: Echo message
run: echo "Hello from the test branch 👋"
- uses: actions/checkout@v3
with:
submodules: true
lfs: false

- name: Install OIDC Client from Core Package
run: npm install @actions/core@1.6.0 @actions/http-client

- name: Get Id Token
uses: actions/github-script@v6
id: idtoken
with:
script: |
const coredemo = require('@actions/core')
return await coredemo.getIDToken()
result-encoding: string

- name: Build And Deploy
id: builddeploy
uses: Azure/static-web-apps-deploy@v1
with:
azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_WHITE_SKY_0ACD4AD03 }}
action: "upload"
###### Repository/Build Configurations - These values can be configured to match your app requirements. ######
# For more information regarding Static Web App workflow configurations, please visit: https://aka.ms/swaworkflowconfig
app_location: "/AssetStore/asset-store-ui" # App source code path
api_location: "" # Api source code path - optional
# output_location: "app" # Built app content directory - optional
github_id_token: ${{ steps.idtoken.outputs.result }}
app_build_command: "CI=false npm run build"
###### End of Repository/Build Configurations ######

close_pull_request_job:
if: github.event_name == 'pull_request' && github.event.action == 'closed'
runs-on: ubuntu-latest
name: Close Pull Request Job
steps:
- name: Close Pull Request
id: closepullrequest
uses: Azure/static-web-apps-deploy@v1
with:
action: "close"
Comment on lines +56 to +64

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Copilot Autofix

AI 3 months ago

To fix the detected issue, explicitly set a permissions: block on the close_pull_request_job to restrict the GITHUB_TOKEN permissions. Since this job appears to only call Azure/static-web-apps-deploy@v1 with the action close and does not interact with repository contents or pull requests, you can set permissions: {} (none), or permissions: contents: read if the action requires reading repository code. As a minimal starting point and following least privilege, set permissions: {} at the job level for close_pull_request_job in .github/workflows/publish-asset-store.yml immediately before or after the runs-on: attribute.

Suggested changeset 1
.github/workflows/publish-asset-store.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/publish-asset-store.yml b/.github/workflows/publish-asset-store.yml
--- a/.github/workflows/publish-asset-store.yml
+++ b/.github/workflows/publish-asset-store.yml
@@ -55,6 +55,7 @@
   close_pull_request_job:
     if: github.event_name == 'pull_request' && github.event.action == 'closed'
     runs-on: ubuntu-latest
+    permissions: {}
     name: Close Pull Request Job
     steps:
       - name: Close Pull Request
EOF
@@ -55,6 +55,7 @@
close_pull_request_job:
if: github.event_name == 'pull_request' && github.event.action == 'closed'
runs-on: ubuntu-latest
permissions: {}
name: Close Pull Request Job
steps:
- name: Close Pull Request
Copilot is powered by AI and may make mistakes. Always verify output.

Comment on lines +64 to +65
Copy link

Copilot AI Dec 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The close_pull_request_job is missing the required azure_static_web_apps_api_token parameter. The action will fail without this token. Add the azure_static_web_apps_api_token secret reference similar to the build_and_deploy_job.

Suggested change
action: "close"
azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_WHITE_SKY_0ACD4AD03 }}
action: "close"

Copilot uses AI. Check for mistakes.
45 changes: 39 additions & 6 deletions .github/workflows/publish-web.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,49 @@
name: Publish Web
name: Publish SharpEngine Web Portal

on:
push:
branches:
- test
# - main
- feature/52-av-web
Comment on lines +6 to +7
Copy link

Copilot AI Dec 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This workflow is configured to trigger on pushes to a feature branch (feature/52-av-web) rather than the main branch. Feature branches should typically not trigger deployment workflows directly. Consider removing this branch trigger before merging to ensure the workflow only deploys from stable branches.

Suggested change
# - main
- feature/52-av-web
- main

Copilot uses AI. Check for mistakes.
pull_request:
types: [closed]
branches:
- test
- main
# - feature/52-av-web

jobs:
echo:
build_and_deploy_job:
if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed')
runs-on: ubuntu-latest
name: Build and Deploy Job
steps:
- name: Echo message
run: echo "Hello from the test branch 👋"
- uses: actions/checkout@v3
with:
submodules: true
lfs: false
- name: Build And Deploy
id: builddeploy
uses: Azure/static-web-apps-deploy@v1
with:
azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_KIND_MEADOW_06167BF03 }}
repo_token: ${{ secrets.GITHUB_TOKEN }} # Used for Github integrations (i.e. PR comments)
action: "upload"
###### Repository/Build Configurations - These values can be configured to match your app requirements. ######
# For more information regarding Static Web App workflow configurations, please visit: https://aka.ms/swaworkflowconfig
app_location: "./Portal/sharpengine-web-ui" # App source code path
# api_location: "" # Api source code path - optional
output_location: "build" # Built app content directory - optional
app_build_command: "CI=false npm run build"
###### End of Repository/Build Configurations ######

close_pull_request_job:
Comment on lines +16 to +39

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 3 months ago

To fix this issue, explicitly set the required permissions in the workflow. The minimal least-privilege block is permissions: contents: read at the top level. However, since the workflow uses the repo_token for Github integrations such as PR comments (as noted on line 29), we need at least contents: read and, if the integration posts comments to pull requests, also pull-requests: write. We should add the permissions block at the workflow root immediately after the name: field to apply to all jobs by default. This fix does not impact existing functionality but tightens security as recommended. No changes outside the YAML are required.

Suggested changeset 1
.github/workflows/publish-web.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/publish-web.yml b/.github/workflows/publish-web.yml
--- a/.github/workflows/publish-web.yml
+++ b/.github/workflows/publish-web.yml
@@ -1,4 +1,7 @@
 name: Publish SharpEngine Web Portal
+permissions:
+  contents: read
+  pull-requests: write
 
 on:
   push:
EOF
@@ -1,4 +1,7 @@
name: Publish SharpEngine Web Portal
permissions:
contents: read
pull-requests: write

on:
push:
Copilot is powered by AI and may make mistakes. Always verify output.
if: github.event_name == 'pull_request' && github.event.action == 'closed'
runs-on: ubuntu-latest
name: Close Pull Request Job
steps:
- name: Close Pull Request
id: closepullrequest
uses: Azure/static-web-apps-deploy@v1
with:
azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_KIND_MEADOW_06167BF03 }}
Copy link

Copilot AI Dec 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The close_pull_request_job is missing the required azure_static_web_apps_api_token parameter. The action will fail without this token. Add the azure_static_web_apps_api_token secret reference similar to the build_and_deploy_job.

Suggested change
azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_KIND_MEADOW_06167BF03 }}
azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_KIND_MEADOW_06167BF03 }}
azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_KIND_MEADOW_06167BF03 }}

Copilot uses AI. Check for mistakes.
action: "close"
Comment on lines +40 to +49

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Copilot Autofix

AI 3 months ago

The best way to fix this issue is to add an explicit permissions key setting the minimum privileges necessary for the workflow/jobs. The least-privilege starting point for most workflows is:

permissions:
  contents: read

However, because this workflow uses third-party actions (including Azure/static-web-apps-deploy which uses the repo_token for PR status/comments), it may require additional permissions such as pull-requests: write. The most appropriate and future-safe initial fix is to add, at the root of the workflow (top-level), a permissions section with the minimal rights required:

permissions:
  contents: read
  pull-requests: write

This block should be inserted after name: and before on: (i.e., as one of the very top-level keys in the workflow file, so it applies to all jobs). No other files or changes are necessary for a correct and standards-compliant fix.

Suggested changeset 1
.github/workflows/publish-web.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/publish-web.yml b/.github/workflows/publish-web.yml
--- a/.github/workflows/publish-web.yml
+++ b/.github/workflows/publish-web.yml
@@ -1,4 +1,7 @@
 name: Publish SharpEngine Web Portal
+permissions:
+  contents: read
+  pull-requests: write
 
 on:
   push:
EOF
@@ -1,4 +1,7 @@
name: Publish SharpEngine Web Portal
permissions:
contents: read
pull-requests: write

on:
push:
Copilot is powered by AI and may make mistakes. Always verify output.
4 changes: 2 additions & 2 deletions Portal/sharpengine-web-ui/src/components/Header.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ import { useState } from 'react';
import { useNavigate } from 'react-router-dom';
import { ChevronDown, User } from 'lucide-react';
Copy link

Copilot AI Dec 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The User import from lucide-react is unused. Consider removing it to keep the imports clean and avoid bundle bloat.

Suggested change
import { ChevronDown, User } from 'lucide-react';
import { ChevronDown } from 'lucide-react';

Copilot uses AI. Check for mistakes.

import { HeaderLogin } from 'sharpengine-ui-shared/src/components/HeaderLogin'
//import { HeaderLogin } from 'sharpengine-ui-shared/src/components/HeaderLogin'
Copy link

Copilot AI Dec 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The import statement and component usage for HeaderLogin have been commented out but not removed. If this is a temporary change for testing, consider using a feature flag instead. If this is a permanent removal, the commented code should be deleted to improve code maintainability.

Copilot uses AI. Check for mistakes.

export function Header() {
const navigate = useNavigate();
Copy link

Copilot AI Dec 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The navigate variable is declared but never used since the HeaderLogin component that uses it has been commented out. Either remove the unused useNavigate import and variable declaration, or if this is temporary, consider using a feature flag approach instead of commenting out code.

Copilot uses AI. Check for mistakes.
Expand Down Expand Up @@ -63,7 +63,7 @@ export function Header() {
</a>
</nav>

<HeaderLogin onProfileClicked={() => navigate('/profile')} />
{/* <HeaderLogin onProfileClicked={() => navigate('/profile')} /> */}
Copy link

Copilot AI Dec 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The HeaderLogin component usage has been commented out but not removed. If this is a temporary change for testing, consider using a feature flag instead. If this is a permanent removal, the commented code should be deleted to improve code maintainability.

Copilot uses AI. Check for mistakes.
</div>
</header>
);
Expand Down
14 changes: 14 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,21 @@
<div align="center">

[![NuGet Version](https://img.shields.io/nuget/v/SharpEngine.Core.NET)](https://www.nuget.org/packages/SharpEngine.Core.NET)
![NuGet Downloads](https://img.shields.io/nuget/dt/PACKAGE_NAME)

<!--
![Build](https://img.shields.io/github/actions/workflow/status/Av3boy/SharpEngine/build.yml)
![Coverage](https://img.shields.io/codecov/c/github/Av3boy/SharpEngine)
![Quality Gate](https://img.shields.io/sonar/quality_gate/PROJECT_KEY)

![License](https://img.shields.io/github/license/Av3boy/SharpEngine)
![.NET](https://img.shields.io/badge/.NET-8.0-blue)

![Stars](https://img.shields.io/github/stars/Av3boy/SharpEngine)

![Issues](https://img.shields.io/github/issues/Av3boy/SharpEngine)
![PRs](https://img.shields.io/github/issues-pr/Av3boy/SharpEngine)
-->
</div>

<div>
Expand Down
Loading