Sync partner_templates with the main Branch. (#1250)

* Added Cloudrail according to instructions and existing examples

* Adding Cloudrail according to documentation and examples

* Oops

* Add original Fortify on Demand workflow

* Update Fortify on Demand workflow

* Update Fortify on Demand supported languages

* Add 3rd-party GitHub Actions disclaimer

* Sysdig Secure Inline Scan with SARIF report to starter workflows

* Added some extra comments, Github Actions V2 and changed env vars

* Reviews from PR #1110

* Adding 'Dockerfile' to category list

* Update according to PR review comments

* File renames as requested in PR comments

* Revert "Azure Data Factory CI starter workflow (#1111)" (#1146)

This reverts commit 7f30309.

* use env variables for user-set values (#1117)

Co-authored-by: Josh Gross <[email protected]>

* Apply suggestions from nickfyson's code review

Co-authored-by: Nick Fyson <[email protected]>

* removing "deployment" templates from sync-ghes (#1127)

* Update code-scanning/properties/sysdig-scan.properties.json

Co-authored-by: Nick Fyson <[email protected]>

* Update code-scanning/properties/sysdig-scan.properties.json

Co-authored-by: Nick Fyson <[email protected]>

* Changed svg logo

* Rename sysdig.svg to sysdig-scan.svg

* Switched svg logo (again) for a better fit

* Rename fortify.json to fortify.properties.json

* Correct character-case of "c" in Cloudrail

* AWS template also used Docker

* trigger on push instead of release (#1157)

Co-authored-by: Josh Gross <[email protected]>

* Adding MobSF starter workflow

* Adhering to pull request guidelines

* python: update to use python 3.10

Signed-off-by: Rui Chen <[email protected]>

* Added new templates for 3 clouds.

* Revert "Added new templates for 3 clouds."

This reverts commit c765d63.

* Add ruby and update workflow

* Add workflow for Microsoft C++ Code Analysis

* Updated action to meet guidelines

* quote the version strings

* correct typo in msvc.properties.json

* Update codeql.properties.json

* Update code-scanning/properties/codeql.properties.json

Co-authored-by: Arthur Baars <[email protected]>

* Update codeql.properties.json

* Update codeql.properties.json

* Update code-scanning/mobsf.yml

Co-authored-by: Nick Fyson <[email protected]>

* Update code-scanning/properties/mobsf.properties.json

Co-authored-by: Nick Fyson <[email protected]>

* Fixed typo in workflow that will cause every run to fail

* Update commit SHA

* r: use setup-r@1 and include r@4 for starter (#1169)

* r: use setup-r@1 and include r@4 for starter

Signed-off-by: Rui Chen <[email protected]>

* use sha instead of tag for external action

Co-authored-by: Josh Gross <[email protected]>

Co-authored-by: Josh Gross <[email protected]>

* elixir: refresh dependencies (#1212)

- setup action got renamed into `setup-beam`
- update elixir and erlang versions

Co-authored-by: Yoni Leitersdorf <[email protected]>
Co-authored-by: Ruud Senden <[email protected]>
Co-authored-by: Ruud Senden <[email protected]>
Co-authored-by: Manuel Boira Cuevas <[email protected]>
Co-authored-by: manuelbcd <[email protected]>
Co-authored-by: Nick Fyson <[email protected]>
Co-authored-by: Sarah Edwards <[email protected]>
Co-authored-by: Josh Gross <[email protected]>
Co-authored-by: Aparna Ravindra <[email protected]>
Co-authored-by: manuelbcd <[email protected]>
Co-authored-by: Abir Majumdar <[email protected]>
Co-authored-by: Rui Chen <[email protected]>
Co-authored-by: David Verdeguer <[email protected]>
Co-authored-by: Daniel Winsor <[email protected]>
Co-authored-by: David Verdeguer <[email protected]>
Co-authored-by: Arthur Baars <[email protected]>
Co-authored-by: Abir Majumdar <[email protected]>
Co-authored-by: Marco Gario <[email protected]>
Co-authored-by: Andy McKay <[email protected]>

ci/elixir.yml

@@ -15,10 +15,10 @@ jobs:
     steps:
     - uses: actions/checkout@v2
     - name: Set up Elixir
-      uses: erlef/setup-elixir@885971a72ed1f9240973bd92ab57af8c1aa68f24
+      uses: erlef/setup-beam@988e02bfe678367a02564f65ca2e37726dc0268f
       with:
-        elixir-version: '1.10.3' # Define the elixir version [required]
-        otp-version: '22.3' # Define the OTP version [required]
+        elixir-version: '1.12.3' # Define the elixir version [required]
+        otp-version: '24.1' # Define the OTP version [required]
     - name: Restore dependencies cache
       uses: actions/cache@v2
       with:

ci/pylint.yml

@@ -4,15 +4,16 @@ on: [push]
 
 jobs:
   build:
-
     runs-on: ubuntu-latest
-
+    strategy:
+      matrix:
+        python-version: ["3.8", "3.9", "3.10"]
     steps:
     - uses: actions/checkout@v2
-    - name: Set up Python 3.9
+    - name: Set up Python ${{ matrix.python-version }}
       uses: actions/setup-python@v2
       with:
-        python-version: 3.9
+        python-version: ${{ matrix.python-version }}
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip

ci/python-app.yml

@@ -16,10 +16,10 @@ jobs:
 
     steps:
     - uses: actions/checkout@v2
-    - name: Set up Python 3.9
+    - name: Set up Python 3.10
       uses: actions/setup-python@v2
       with:
-        python-version: 3.9
+        python-version: "3.10"
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip

ci/python-package-conda.yml

@@ -10,10 +10,10 @@ jobs:
 
     steps:
     - uses: actions/checkout@v2
-    - name: Set up Python 3.8
+    - name: Set up Python 3.10
       uses: actions/setup-python@v2
       with:
-        python-version: 3.8
+        python-version: 3.10
     - name: Add conda to system path
       run: |
         # $CONDA is an environment variable pointing to the root of the miniconda directory

ci/python-package.yml

@@ -16,7 +16,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: [3.7, 3.8, 3.9]
+        python-version: ["3.8", "3.9", "3.10"]
 
     steps:
     - uses: actions/checkout@v2

ci/r.yml

@@ -19,12 +19,12 @@ jobs:
     runs-on: macos-latest
     strategy:
       matrix:
-        r-version: [3.5, 3.6]
+        r-version: ['3.6.3', '4.1.1']
 
     steps:
       - uses: actions/checkout@v2
       - name: Set up R ${{ matrix.r-version }}
-        uses: r-lib/actions/setup-r@ffe45a39586f073cc2e9af79c4ba563b657dc6e3
+        uses: r-lib/actions/setup-r@f57f1301a053485946083d7a45022b278929a78a
         with:
           r-version: ${{ matrix.r-version }}
       - name: Install dependencies

code-scanning/codeql.yml

@@ -34,8 +34,7 @@ jobs:
       matrix:
         language: [ $detected-codeql-languages ]
         # CodeQL supports [ $supported-codeql-languages ]
-        # Learn more:
-        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+        # Learn more about CodeQL language support at https://git.io/codeql-language-support
 
     steps:
     - name: Checkout repository

code-scanning/mobsf.yml

@@ -0,0 +1,36 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+name: MobSF
+
+on:
+  push:
+    branches: [ $default-branch, $protected-branches ]
+  pull_request:
+    branches: [ $default-branch ]  
+  schedule:
+    - cron: $cron-weekly
+
+jobs:
+  mobile-security:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Setup python
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.8
+
+      - name: Run mobsfscan
+        uses: MobSF/mobsfscan@a60d10a83af68e23e0b30611c6515da604f06f65
+        with:
+          args: . --sarif --output results.sarif || true
+
+      - name: Upload mobsfscan report
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: results.sarif

code-scanning/msvc.yml

@@ -37,13 +37,13 @@ jobs:
       #   run: cmake --build ${{ env.build }}
 
       - name: Initialize MSVC Code Analysis
-        uses: microsoft/msvc-code-analysis-action@502db28262ba134c9a621d5a509b9f7e696c99b6
+        uses: microsoft/msvc-code-analysis-action@04825f6d9e00f87422d6bf04e1a38b1f3ed60d99
         # Provide a unique ID to access the sarif output path
         id: run-analysis
         with:
           cmakeBuildDirectory: ${{ env.build }}
           # Ruleset file that will determine what checks will be run
-          ruleset: NativeRecommendRules.ruleset
+          ruleset: NativeRecommendedRules.ruleset
 
       # Upload SARIF file to GitHub Code Scanning Alerts
       - name: Upload SARIF to GitHub
@@ -56,4 +56,4 @@ jobs:
       #   uses: actions/upload-artifact@v2
       #   with:
       #     name: sarif-file
-      #     path: ${{ steps.run-analysis.outputs.sarif }}
+      #     path: ${{ steps.run-analysis.outputs.sarif }}

code-scanning/properties/codeql.properties.json

@@ -1,7 +1,7 @@
 {
     "name": "CodeQL Analysis",
     "creator": "GitHub",
-    "description": "Security analysis from GitHub for C, C++, C#, Java, JavaScript, TypeScript, Python, and Go developers.",
+    "description": "Security analysis from GitHub for C, C++, C#, Go, Java, JavaScript, TypeScript, Python, and Ruby developers.",
     "iconName": "octicon mark-github",
-    "categories": ["Code Scanning", "C", "C#", "C++", "Go", "Java", "JavaScript", "TypeScript", "Python"]
+    "categories": ["Code Scanning", "C", "C++", "C#", "Go", "Java", "JavaScript", "TypeScript", "Python", "Ruby"]
 }

code-scanning/properties/mobsf.properties.json

@@ -0,0 +1,13 @@
+{
+    "name": "mobsf",
+    "creator": "mobsf",
+    "description": "Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.",
+    "iconName": "mobsf",
+    "categories": [
+        "Code Scanning", 
+        "Java", 
+        "Swift", 
+        "Objective-C", 
+        "Kotlin"
+    ]
+}