Skip to content

Phase 2 changes #325

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Nolski merged 1,457 commits into from
Jul 15, 2025
Merged

Phase 2 changes #325

Show file tree
Hide file tree
Changes from 250 commits
Commits
Show all changes
1457 commits
Select commit Hold shift + click to select a range
e2bf8bd
retire action remarks fix
LochanaOshadha Apr 24, 2025
5d25bc9
User onboarding fixes
LochanaOshadha Apr 24, 2025
9aa9d59
Merge pull request #197 from xeptagondev/HG-313
amila-diss Apr 24, 2025
42311d3
HG-304 AEF: Excel and CSV Report genration
amila-diss Apr 24, 2025
387640e
validation change
LochanaOshadha Apr 24, 2025
606df3b
Merge pull request #198 from xeptagondev/HG-313
LochanaOshadha Apr 24, 2025
6f100c4
field validation change
LochanaOshadha Apr 24, 2025
7ad2a96
Merge pull request #199 from xeptagondev/HG-313
LochanaOshadha Apr 24, 2025
f628177
Serial number generation stage fix
LochanaOshadha Apr 24, 2025
36fbe94
HG-304 AEF: Excel and CSV Report genration
amila-diss Apr 24, 2025
f44cd63
Serial number generation stage fix
amila-diss Apr 24, 2025
ce37087
Merge pull request #200 from xeptagondev/HG-304
LochanaOshadha Apr 24, 2025
362e35f
FE:changed ghg tables years to take only the year
ravinduf09 Apr 24, 2025
353ecbd
fixed issues in INF and PDD
ravinduf09 Apr 25, 2025
57bed46
fixed issue in validation report approve message
ravinduf09 Apr 25, 2025
05af8cc
FE:permissions issue for dna users for verifying pdd fixed
ravinduf09 Apr 25, 2025
0eb6247
Merge pull request #202 from xeptagondev/UNDP-fixes
amila-diss Apr 25, 2025
ad47d43
AEF data mapping for holdings report
amila-diss Apr 25, 2025
7c48254
Merge branch 'develop' of https://github.com/xeptagondev/carbon-regis…
amila-diss Apr 25, 2025
0b5f0aa
AEF reports download
ravinduf09 Apr 25, 2025
b3b4115
updated file type
ravinduf09 Apr 25, 2025
2ec67ae
Merge pull request #205 from xeptagondev/reports-file-download
amila-diss Apr 25, 2025
85562b1
updated time range to 6 months
ravinduf09 Apr 25, 2025
c946422
FE:cyclic issue fix using structured clone
ravinduf09 Apr 28, 2025
5e04e8e
Merge branch 'develop' of https://github.com/xeptagondev/carbon-regis…
ravinduf09 Apr 28, 2025
4e47d64
Merge pull request #206 from xeptagondev/UNDP-Fixes
amila-diss Apr 28, 2025
a9db144
Merge branch 'develop' of https://github.com/xeptagondev/carbon-regis…
ravinduf09 Apr 28, 2025
e3b27f9
field change
LochanaOshadha Apr 28, 2025
c44b868
Merge pull request #207 from xeptagondev/HG-313
ravinduf09 Apr 28, 2025
7876509
FE:disable future years only in monitoring and verification
ravinduf09 Apr 28, 2025
1e33c7d
Merge pull request #208 from xeptagondev/HG-333
amila-diss Apr 28, 2025
da05f9e
show credit block balance in views
LochanaOshadha Apr 28, 2025
1138ff8
Verification report email fix
LochanaOshadha Apr 28, 2025
98f7706
INF email and no objection letter fix
LochanaOshadha Apr 28, 2025
5409ed4
show credit block balance in views
amila-diss Apr 28, 2025
87d303f
FE:safe clone and ghg table set date to feb 1
ravinduf09 Apr 28, 2025
4b0980d
Merge pull request #210 from xeptagondev/HG-333
LochanaOshadha Apr 28, 2025
36bd338
status sort and trim search value fix
LochanaOshadha Apr 28, 2025
3b4f60e
Merge pull request #212 from xeptagondev/HG-313
amila-diss Apr 28, 2025
b526c2b
analytics service change to filete by sector
amila-diss Apr 29, 2025
eb3c085
Merge branch 'develop' of https://github.com/xeptagondev/carbon-regis…
ravinduf09 Apr 29, 2025
7bd14ba
FE:dashboard changes including adding pie chart for sector
ravinduf09 Apr 29, 2025
e54f747
updated enum
ravinduf09 Apr 29, 2025
5c06e63
Merge pull request #216 from xeptagondev/HG-296
LochanaOshadha Apr 29, 2025
c175840
restrict DNA actions on credit when PD is deactivated
LochanaOshadha Apr 29, 2025
5429994
project context created
ravinduf09 Apr 29, 2025
c95be3b
Fix Table Reloading Issue after Modal Close
gayanath8 Apr 29, 2025
f8c0da0
FE:dashaboard titles updated
ravinduf09 Apr 29, 2025
9fd74a3
Merge pull request #218 from xeptagondev/UNDP-Fixes
LochanaOshadha Apr 29, 2025
5af4f90
email fixes
LochanaOshadha Apr 29, 2025
c46f6b2
restrict DNA actions on credit when PD is deactivated
amila-diss Apr 29, 2025
60d550e
Merge branch 'develop' of https://github.com/xeptagondev/carbon-regis…
ravinduf09 Apr 30, 2025
f8dea8d
INF add response change
LochanaOshadha Apr 30, 2025
d9baec9
Merge pull request #219 from xeptagondev/HG-313
ravinduf09 Apr 30, 2025
5355b58
Merge branch 'develop' of https://github.com/xeptagondev/carbon-regis…
ravinduf09 Apr 30, 2025
e61768f
province optional in company update
LochanaOshadha Apr 30, 2025
6df51a8
Merge pull request #221 from xeptagondev/HG-313
LochanaOshadha Apr 30, 2025
89bf141
fixed issue in details not updating properly
ravinduf09 Apr 30, 2025
f528b32
fixed issues in PDD
ravinduf09 Apr 30, 2025
b8f3482
Merge pull request #222 from xeptagondev/HG-192
LochanaOshadha Apr 30, 2025
102b652
sort pending tasks
LochanaOshadha Apr 30, 2025
3783c5b
Merge pull request #223 from xeptagondev/HG-313
LochanaOshadha Apr 30, 2025
c041cc3
updated en.json
ravinduf09 Apr 30, 2025
ba0d690
modify project update time based on activity update time
LochanaOshadha Apr 30, 2025
091a760
Merge pull request #225 from xeptagondev/HG-313
LochanaOshadha Apr 30, 2025
9858dce
FE:removed unnecessary fields from org edit for DNA
ravinduf09 Apr 30, 2025
d366e77
Merge pull request #224 from xeptagondev/HG-192
LochanaOshadha Apr 30, 2025
b983191
FE:HG-293 and FE:HG-338
ravinduf09 May 1, 2025
e785f06
FE-undp:updated activity log retirement related descriptions
ravinduf09 May 2, 2025
d06e607
Merge branch 'develop' of https://github.com/xeptagondev/carbon-regis…
ravinduf09 May 2, 2025
0a274b5
file size validations, edit organization field removal, year from to …
amila-diss May 2, 2025
b5f4786
FE:updated tooltips for sector and sectoral scope
ravinduf09 May 2, 2025
6d53d54
retire whole block fix
LochanaOshadha May 2, 2025
141e915
Merge pull request #228 from xeptagondev/HG-313
LochanaOshadha May 2, 2025
2acbc94
FE:updated tooltips for sector and sectoral scope
amila-diss May 2, 2025
6f1a997
Bug Fixes Dashboard
gayanath8 May 2, 2025
9c56b0b
reject remarks
LochanaOshadha May 2, 2025
ea2ad5d
Merge branch 'develop' of github.com:xeptagondev/carbon-registry-undp…
LochanaOshadha May 2, 2025
9386236
fixed issues with uploaded files cannot be viewed in validation repor…
ravinduf09 May 4, 2025
051189c
added missing validations and validation mismatches for crediting per…
ravinduf09 May 4, 2025
2072494
FE:fix issue in limiting credit issuance
ravinduf09 May 4, 2025
60e3843
Merge pull request #231 from xeptagondev/HG-313
ravinduf09 May 5, 2025
0b5fe41
fixed issues in reporting section, ghg tables, routing
ravinduf09 May 5, 2025
28a2b97
Merge branch 'develop' of https://github.com/xeptagondev/carbon-regis…
ravinduf09 May 5, 2025
eef8d0a
Fixes for ghg tables, validations for issuing credits, fixes for repo…
amila-diss May 5, 2025
8dabe34
removed first transfer from holding report
amila-diss May 5, 2025
c6c0e70
pagination issue fixed
ravinduf09 May 5, 2025
2733451
pagination issue in reports
amila-diss May 5, 2025
cd0a2b2
HG-329 AEF: Excel and CSV Report genration
amila-diss May 6, 2025
07327e1
HG-329 excel and csv report issue fixes
amila-diss May 6, 2025
66cae83
AEF report fixes
amila-diss May 6, 2025
f2f0bf7
aef report download all raws
amila-diss May 6, 2025
d86c140
updated UNDERLYING UNIT LAST BLOCK ID to UNDERLYING UNIT BLOCK LAST ID
amila-diss May 6, 2025
73272d8
HG-290 AEF: Data mapping for the Holdings reports:FE
amila-diss May 6, 2025
2af14a9
pagination bold issue
amila-diss May 6, 2025
32a3316
aef query update
amila-diss May 6, 2025
82f1118
make authorization tile bold
amila-diss May 6, 2025
ff5d916
make authorization bold
amila-diss May 6, 2025
e9e6824
HG-326 AEF: Data mapping for the Holdings reports:FE
amila-diss May 6, 2025
381dc85
sector and sector scope enum map for aef report download
amila-diss May 6, 2025
87f3401
fixed issues in activity timeline, updated tooltips, and ghg table is…
ravinduf09 May 7, 2025
73351f5
fixed issues in activity timeline, updated tooltips, and ghg table is…
amila-diss May 7, 2025
5b1a690
updated
ravinduf09 May 7, 2025
1f36938
Merge pull request #238 from xeptagondev/UNDP-Fixes
ravinduf09 May 7, 2025
f77d3eb
first trasnsfer definition update for aef
amila-diss May 7, 2025
d1acf7e
Merge branch 'develop' of https://github.com/xeptagondev/carbon-regis…
amila-diss May 7, 2025
d43a1a7
aef fixes
amila-diss May 7, 2025
d64d353
User onboarding validations
Supun-D May 7, 2025
5788c40
aef report table modifications
amila-diss May 7, 2025
c556bfe
log to check headers
amila-diss May 7, 2025
8009af5
Decorator added for province validation
Supun-D May 7, 2025
9951d95
User onboarding validation fixes
Supun-D May 7, 2025
0f0afd4
Merge pull request #239 from xeptagondev/HG-257
LochanaOshadha May 7, 2025
1daa149
aef last bloack id title rename
amila-diss May 7, 2025
f7078af
Merge branch 'develop' of https://github.com/xeptagondev/carbon-regis…
amila-diss May 7, 2025
40b8c0a
fixed issue in programme creation and fixed issues in ghg table
ravinduf09 May 7, 2025
3b2032d
sort by created time
ravinduf09 May 7, 2025
aa303b2
fixed issues aef sorting
ravinduf09 May 7, 2025
c284ced
Merge pull request #241 from xeptagondev/UNDP-Fixes
amila-diss May 7, 2025
b164e7e
AEF report sort order fix
amila-diss May 7, 2025
6ad4b6b
createdTime sort for AEF
amila-diss May 7, 2025
476cb01
aef report sort by action time fix
amila-diss May 7, 2025
cccf2ae
showing BE error messages
ravinduf09 May 9, 2025
abd8976
showing BE error messages
amila-diss May 9, 2025
9bd173d
HG-370 Dashboard: 'My Organization' Filter Does Not Include Received …
amila-diss May 9, 2025
79e5bc1
Analytic dashboard credit is mine filter change
amila-diss May 9, 2025
f978396
qb fix
amila-diss May 9, 2025
5081e6e
HG-370
amila-diss May 9, 2025
bc9f327
HG-370 Dashboard: 'My Organization' Filter Does Not Include Received …
amila-diss May 9, 2025
03de43c
undp credit summary issue fix
amila-diss May 9, 2025
48846dc
undp credit summary issue fix
amila-diss May 9, 2025
f8c0c47
query fail issue fix
amila-diss May 9, 2025
66347d1
Organization Logo Upload Issue Fix
gayanath8 May 9, 2025
83b8f85
Merge branch 'develop' of https://github.com/xeptagondev/carbon-regis…
gayanath8 May 9, 2025
ad1d117
updated handleloading
ravinduf09 May 9, 2025
e67a575
updated handleloading
amila-diss May 9, 2025
aa840ab
cyclic issue fix without safe clone and updated verificationReport en…
ravinduf09 May 14, 2025
ef8b129
updated
ravinduf09 May 14, 2025
5d07411
Merge pull request #4 from xeptagondev/UNDP-Fixes
amila-diss May 14, 2025
506aac4
HG-387 Dashboard: Transferred Widgets: only the transfers that the PD…
amila-diss May 14, 2025
e784a59
HG-387
amila-diss May 14, 2025
1cdad7b
HG-360 Restrict credit issuance and approve/reject of retirement requ…
amila-diss May 14, 2025
42b6208
count fix for sector and sector scope in analytics dashboard
amila-diss May 15, 2025
edda621
count by sector update
amila-diss May 15, 2025
239f688
refId quote issue fix
amila-diss May 15, 2025
ba6a5e9
analytics report sector and sector scope count fix
amila-diss May 16, 2025
dadd18b
sector count fix
amila-diss May 16, 2025
0025e67
fixed mine filter for sector and sector scope
amila-diss May 16, 2025
d7ad71c
is mine filter issue fix
amila-diss May 16, 2025
779d5fd
UNDP Test Deployment:
gayanath8 May 16, 2025
71fe22c
Merge pull request #6 from xeptagondev/HG-389
amila-diss May 16, 2025
c1ee002
HG-335
Tharindu-NB May 16, 2025
f31e1d9
HG-335 fixed
Tharindu-NB May 18, 2025
0aa0950
Changing Home and Logging background image
gayanath8 May 19, 2025
cfd14cd
Dashboard Widget width issue fix
gayanath8 May 19, 2025
b003992
HG-336
Tharindu-NB May 19, 2025
78b9c63
HG 297
Tharindu-NB May 20, 2025
a9e8d64
Merge pull request #7 from xeptagondev/HG-355
amila-diss May 20, 2025
20a7bfc
339 issue fixed
Tharindu-NB May 21, 2025
7b209a5
368 finished
Tharindu-NB May 21, 2025
4011da2
smallchange
Tharindu-NB May 21, 2025
0224649
tooltip issue
Tharindu-NB May 22, 2025
c4c4cb1
Hg 368,HG -339 bug fix
amila-diss May 22, 2025
5376918
HG-340
Tharindu-NB May 22, 2025
8e35867
PDD icon issue
Tharindu-NB May 22, 2025
df71ef5
Field validation
Tharindu-NB May 22, 2025
2bec9ca
tick ammount issue
Tharindu-NB May 23, 2025
bcb4254
Hero section and Vision section added
Uvinduxeptagon May 23, 2025
a916952
HG-345,HG-359
Tharindu-NB May 25, 2025
82d830c
read me update
amila-diss May 26, 2025
963c7fd
Dashboardstats,DigitalPublic,Partners
Tharindu-NB May 26, 2025
22ae653
FAQ added
Tharindu-NB May 26, 2025
fa2d90f
Merge pull request #10 from xeptagondev/HG-368
amila-diss May 27, 2025
6d465d5
process flow done
Tharindu-NB May 27, 2025
50948c8
HG-322
Tharindu-NB May 27, 2025
24f89f6
map added
Uvinduxeptagon May 27, 2025
feb8f93
css updated
Tharindu-NB May 27, 2025
448fe79
Merge branch 'homepage_implement' of https://github.com/xeptagondev/c…
Tharindu-NB May 27, 2025
73d991e
faq icon added
Uvinduxeptagon May 27, 2025
ce37701
digital public done
Tharindu-NB May 27, 2025
2c8d9aa
Merge branch 'homepage_implement' of https://github.com/xeptagondev/c…
Tharindu-NB May 27, 2025
96cab50
global component
Tharindu-NB May 27, 2025
1edf4bc
FAQ updated
Uvinduxeptagon May 28, 2025
ba68e51
Feature cards
Tharindu-NB May 28, 2025
15a7ab5
Merge branch 'homepage_implement' of https://github.com/xeptagondev/c…
Tharindu-NB May 28, 2025
1266e5c
fonts updated
Uvinduxeptagon May 28, 2025
88f6d6f
Keyfeature
Tharindu-NB May 28, 2025
bb169f8
Merge branch 'homepage_implement' of https://github.com/xeptagondev/c…
Tharindu-NB May 28, 2025
33ac6cc
clickscroll added in hero section
Uvinduxeptagon May 28, 2025
72e8eef
i18 translations added
Tharindu-NB May 28, 2025
dc2f7a7
Merge branch 'homepage_implement' of https://github.com/xeptagondev/c…
Tharindu-NB May 28, 2025
19e2666
Demo site finished
Tharindu-NB May 29, 2025
dfb85b5
Home page frontend implementation
amila-diss May 30, 2025
633b600
adding email bounce config
amila-diss May 30, 2025
e17eee1
demosite videocard commented
Tharindu-NB May 30, 2025
8d7153b
email bounce test
amila-diss May 30, 2025
967af44
scroll issue done
Tharindu-NB May 30, 2025
20093b7
links added
Tharindu-NB May 30, 2025
0a0e96b
email bounce issue fix
amila-diss Jun 2, 2025
0e9490e
Merge branch 'develop'
amila-diss Jun 3, 2025
dae1aa4
homepage transition added
Tharindu-NB Jun 3, 2025
1c157f4
homepage_update
Tharindu-NB Jun 3, 2025
13844d4
finished
Tharindu-NB Jun 3, 2025
1f30285
email issue fix
amila-diss Jun 3, 2025
f89e649
email issue fix
amila-diss Jun 3, 2025
8f1fc0d
Homepage implement-issues fixed after testing HG-402
amila-diss Jun 4, 2025
67253f4
homepage-subheading update
Tharindu-NB Jun 4, 2025
09ca087
Bullet point added
Tharindu-NB Jun 4, 2025
ca76b24
email config set logic change
amila-diss Jun 4, 2025
c7077ab
additional links removed
Tharindu-NB Jun 4, 2025
2b4340e
Merge pull request #15 from xeptagondev/homepage_implement
amila-diss Jun 4, 2025
377cb75
Merge branch 'main' into develop
amila-diss Jun 4, 2025
2c0cf2d
FAQ updated
Tharindu-NB Jun 4, 2025
a805e2c
Last few updates
Tharindu-NB Jun 4, 2025
3a07a31
HG-377
Tharindu-NB Jun 4, 2025
9da6aa8
Homepage Last reported bugs fixed
amila-diss Jun 6, 2025
a5d32b2
HG-305-Modify project detail page
Tharindu-NB Jun 6, 2025
3d17492
Country name changed
Tharindu-NB Jun 6, 2025
dbdc65f
HG-352 issue fixed
Tharindu-NB Jun 6, 2025
6f80a33
HG-314 filtered by IC state
Tharindu-NB Jun 6, 2025
aff363e
Merge pull request #19 from xeptagondev/homepage_implement
amila-diss Jun 6, 2025
bd1850e
WARNING 1 fix
LochanaOshadha Jun 9, 2025
b66e87c
Merge pull request #20 from xeptagondev/HG-313
palindaa Jun 9, 2025
741694d
Merge branch 'develop' of github.com:xeptagondev/carbon-registry-undp…
palindaa Jun 9, 2025
766a037
File location service warning fix
LochanaOshadha Jun 9, 2025
586dc53
mapbox region array check warning fix
LochanaOshadha Jun 9, 2025
7294b95
password hashing algorithm warning fix
LochanaOshadha Jun 9, 2025
f3f4bd6
Merge pull request #21 from xeptagondev/HG-313
palindaa Jun 9, 2025
eb1b640
Merge branch 'develop' of github.com:xeptagondev/carbon-registry-undp…
palindaa Jun 9, 2025
2480f25
HG-408,HG-378
Tharindu-NB Jun 9, 2025
0ec3f21
HG-356 half done
Tharindu-NB Jun 9, 2025
b8f96cb
HG-356 done
Tharindu-NB Jun 10, 2025
3064daa
Merge pull request #22 from xeptagondev/HG-368
amila-diss Jun 11, 2025
f6eba62
Typo fixed
Tharindu-NB Jun 11, 2025
7ceea39
Demosite video added
Tharindu-NB Jun 12, 2025
84258db
Demosite video added
amila-diss Jun 12, 2025
32f6129
Demosite allignment fixed and the link
Tharindu-NB Jun 12, 2025
e299201
Demosite video allignment fixed
amila-diss Jun 13, 2025
ed5c79d
Readme file update
LochanaOshadha Jun 13, 2025
39cdc1d
Merge branch 'develop' of github.com:xeptagondev/carbon-registry-undp…
LochanaOshadha Jun 13, 2025
14904f2
remove multi block transfer
LochanaOshadha Jun 13, 2025
b17ecda
Readme update for serial number
amila-diss Jun 13, 2025
3c45b55
adding missing em to fix transaction in document management service w…
amila-diss Jun 18, 2025
2e7d300
Merge branch 'develop' of github.com:xeptagondev/carbon-registry-undp…
palindaa Jun 18, 2025
036ecb2
Merge branch 'develop' of github.com:xeptagondev/carbon-registry-undp…
palindaa Jun 18, 2025
49d70c1
Merge branch 'main' into phase_2
palindaa Jun 18, 2025
8d66187
add change log for version 2.0
palindaa Jun 18, 2025
19fab2a
Remove broken volumes mapping
Nolski Jul 7, 2025
f8c0557
Re-add port variable during later build stage
Nolski Jul 7, 2025
427fe79
Merge pull request #327 from Nolski/build-fixes
palindaa Jul 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
178 changes: 178 additions & 0 deletions .github/workflows/deployment-demo.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,178 @@
name: Carbon Registry Demo Deployment
on:
push:
branches:
- "main"
paths:
- web/**
- backend/**
- .github/workflows/deployment*

jobs:
changes:
name: Deploy Pre Check
runs-on: ubuntu-latest
outputs:
backend-changes: ${{ steps.changes.outputs.backend-changes }}
all-changes: ${{ steps.changes.outputs.all-changes }}
workflows-changes: ${{ steps.changes.outputs.workflows-changes }}
frontend-changes: ${{ steps.changes.outputs.frontend-changes }}
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ github.event.inputs.branch_name || github.ref }}
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- name: Determine changed services
id: changes
run: |
CHANGED_FILES=$(git diff --name-only HEAD^ HEAD)

if echo "$CHANGED_FILES" | grep -q "docker-"; then
echo "All changes detected."
echo "all-changes=true" >> $GITHUB_OUTPUT
else
echo "No All changes detected."
echo "all-changes=false" >> $GITHUB_OUTPUT
fi

if echo "$CHANGED_FILES" | grep -q ".github/workflows/"; then
echo "Workflow changes detected."
echo "workflows-changes=true" >> $GITHUB_OUTPUT
else
echo "No Workflow changes detected."
echo "workflows-changes=false" >> $GITHUB_OUTPUT
fi

if echo "$CHANGED_FILES" | grep -q "web/"; then
echo "Frontend changes detected."
echo "frontend-changes=true" >> $GITHUB_OUTPUT
else
echo "No Frontend changes detected."
echo "frontend-changes=false" >> $GITHUB_OUTPUT
fi

if echo "$CHANGED_FILES" | grep -q "backend/"; then
echo "Backend changes detected."
echo "backend-changes=true" >> $GITHUB_OUTPUT
else
echo "No Backend changes detected."
echo "backend-changes=false" >> $GITHUB_OUTPUT
fi

deploy_frontend:
Comment on lines +13 to +66

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 9 months ago

To fix the issue, we need to add a permissions block to the workflow. This block should specify the minimal permissions required for the workflow to function correctly. Based on the operations performed in the workflow, the contents: read permission is sufficient for most jobs. For jobs that require additional permissions, such as deploying to AWS, we can add specific permissions as needed.

The permissions block can be added at the root level of the workflow to apply to all jobs or at the job level to customize permissions for individual jobs. In this case, we will add the permissions block at the root level to ensure all jobs inherit the least privilege by default.

Suggested changeset 1
.github/workflows/deployment-demo.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/deployment-demo.yml b/.github/workflows/deployment-demo.yml
--- a/.github/workflows/deployment-demo.yml
+++ b/.github/workflows/deployment-demo.yml
@@ -1,2 +1,4 @@
 name: Carbon Registry Demo Deployment
+permissions:
+  contents: read
 on:
EOF
@@ -1,2 +1,4 @@
name: Carbon Registry Demo Deployment
permissions:
contents: read
on:
Copilot is powered by AI and may make mistakes. Always verify output.
name: Carbon Registry Frontend Deploy
needs: changes
if: needs.changes.outputs.frontend-changes == 'true' || needs.changes.outputs.workflows-changes == 'true' || needs.changes.outputs.all-changes == 'true'
runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}-'frontend'
cancel-in-progress: true
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 5
- name: Check Docker variable changes
run: |
echo "docker-compose file Change...."
git diff HEAD~ -- HEAD -z ./docker-compose*
- name: Cache modules
uses: actions/cache@v3
id: yarn-cache
with:
path: node_modules
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: ${{ runner.os }}-yarn-
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Build, tag, and push the image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: carbon-web
IMAGE_TAG: ${{ github.head_ref || github.ref_name }}
run: |
# Build a docker container and push it to ECR
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f web/Dockerfile . --build-arg PORT=3030 --build-arg VITE_APP_BACKEND=http://localhost:3000 --build-arg VITE_APP_COUNTRY_NAME="CountryX" --build-arg VITE_APP_REGISTRY_NAME="CountryXRegistry" --build-arg VITE_APP_MAP_TYPE="Mapbox" --build-arg VITE_APP_MAPBOXGL_ACCESS_TOKEN=${{ secrets.MAPBOXGL_ACCESS_TOKEN }} --build-arg VITE_APP_MAXIMUM_FILE_SIZE=5242880 --build-arg COUNTRY_FLAG_URL="https://carbon-common-dev.s3.amazonaws.com/flag.png"
echo "Pushing image to ECR..."
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
- name: Deploy docker image to Amazon EC2
if: github.ref == 'refs/heads/main'
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: carbon-web
IMAGE_TAG: ${{ github.head_ref || github.ref_name }}
PRIVATE_KEY: ${{ secrets.AWS_SSH_KEY_PRIVATE_DEMO }}
HOSTNAME: ${{secrets.HOST_IP_DEMO }}
USER_NAME: ec2-user
run: |
echo "$PRIVATE_KEY" > private_key && chmod 600 private_key
ssh -o StrictHostKeyChecking=no -i private_key ${USER_NAME}@${HOSTNAME} '
carbon/prod_frontend_deploy.sh '

deploy_backend:
Comment on lines +67 to +128

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 9 months ago

To fix the issue, we need to add a permissions block to the workflow. This block should specify the minimal permissions required for the workflow to function correctly. Since the workflow primarily involves reading repository contents and deploying Docker images, the contents: read permission is sufficient. If specific jobs require additional permissions, they can be defined within the respective job blocks.

The permissions block should be added at the root level of the workflow to apply to all jobs. Alternatively, permissions can be set for individual jobs if different levels of access are required.

Suggested changeset 1
.github/workflows/deployment-demo.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/deployment-demo.yml b/.github/workflows/deployment-demo.yml
--- a/.github/workflows/deployment-demo.yml
+++ b/.github/workflows/deployment-demo.yml
@@ -1,2 +1,4 @@
 name: Carbon Registry Demo Deployment
+permissions:
+  contents: read
 on:
EOF
@@ -1,2 +1,4 @@
name: Carbon Registry Demo Deployment
permissions:
contents: read
on:
Copilot is powered by AI and may make mistakes. Always verify output.
name: Carbon Registry Backend Deploy
needs: changes
if: needs.changes.outputs.backend-changes == 'true' || needs.changes.outputs.workflows-changes == 'true' || needs.changes.outputs.all-changes == 'true'
runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}-'backend'
cancel-in-progress: true
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 5
- name: Check Docker variable changes
run: |
echo "docker-compose file Change...."
git diff HEAD~ -- HEAD -z ./docker-compose*
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Build, tag, and push the image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: carbon-services
IMAGE_TAG: ${{ github.head_ref || github.ref_name }}
run: |
# Build a docker container and push it to ECR
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f backend/services/Dockerfile .
echo "Pushing image to ECR..."
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
- name: Deploy docker image to Amazon EC2
if: github.ref == 'refs/heads/main'
env:
PRIVATE_KEY: ${{ secrets.AWS_SSH_KEY_PRIVATE_DEMO }}
HOSTNAME: ${{secrets.HOST_IP_DEMO }}
USER_NAME: ec2-user
run: |
echo "$PRIVATE_KEY" > private_key && chmod 600 private_key
ssh -o StrictHostKeyChecking=no -i private_key ${USER_NAME}@${HOSTNAME} '
carbon/prod_backend_deploy.sh '
Comment on lines +129 to +178

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 9 months ago

To fix the issue, we will add a permissions block to the root of the workflow file. This block will define the minimal permissions required for the workflow to function correctly. Based on the tasks performed in the workflow (e.g., checking out code, configuring AWS credentials, and deploying to EC2), the contents: read permission is sufficient for most steps. If any specific steps require additional permissions (e.g., pull-requests: write), they can be added explicitly.

Suggested changeset 1
.github/workflows/deployment-demo.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/deployment-demo.yml b/.github/workflows/deployment-demo.yml
--- a/.github/workflows/deployment-demo.yml
+++ b/.github/workflows/deployment-demo.yml
@@ -1,2 +1,4 @@
 name: Carbon Registry Demo Deployment
+permissions:
+  contents: read
 on:
EOF
@@ -1,2 +1,4 @@
name: Carbon Registry Demo Deployment
permissions:
contents: read
on:
Copilot is powered by AI and may make mistakes. Always verify output.
178 changes: 178 additions & 0 deletions .github/workflows/deployment-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,178 @@
name: Carbon Registry Test Deployment
on:
push:
branches:
- '*'
paths:
- web/**
- backend/**
- .github/workflows/deployment*

jobs:
changes:
name: Deploy Pre Check
runs-on: ubuntu-latest
outputs:
backend-changes: ${{ steps.changes.outputs.backend-changes }}
all-changes: ${{ steps.changes.outputs.all-changes }}
workflows-changes: ${{ steps.changes.outputs.workflows-changes }}
frontend-changes: ${{ steps.changes.outputs.frontend-changes }}
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ github.event.inputs.branch_name || github.ref }}
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- name: Determine changed services
id: changes
run: |
CHANGED_FILES=$(git diff --name-only HEAD^ HEAD)

if echo "$CHANGED_FILES" | grep -q "docker-"; then
echo "All changes detected."
echo "all-changes=true" >> $GITHUB_OUTPUT
else
echo "No All changes detected."
echo "all-changes=false" >> $GITHUB_OUTPUT
fi

if echo "$CHANGED_FILES" | grep -q ".github/workflows/"; then
echo "Workflow changes detected."
echo "workflows-changes=true" >> $GITHUB_OUTPUT
else
echo "No Workflow changes detected."
echo "workflows-changes=false" >> $GITHUB_OUTPUT
fi

if echo "$CHANGED_FILES" | grep -q "web/"; then
echo "Frontend changes detected."
echo "frontend-changes=true" >> $GITHUB_OUTPUT
else
echo "No Frontend changes detected."
echo "frontend-changes=false" >> $GITHUB_OUTPUT
fi

if echo "$CHANGED_FILES" | grep -q "backend/"; then
echo "Backend changes detected."
echo "backend-changes=true" >> $GITHUB_OUTPUT
else
echo "No Backend changes detected."
echo "backend-changes=false" >> $GITHUB_OUTPUT
fi

deploy_frontend:
Comment on lines +13 to +66

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 9 months ago

To fix the issue, we need to add a permissions block to the workflow. This block should specify the minimal permissions required for the workflow to function correctly. Based on the operations performed in the workflow, the following permissions are recommended:

  • contents: read for accessing repository contents.
  • packages: write for pushing Docker images to Amazon ECR.
  • id-token: write if the workflow uses OpenID Connect for authentication with AWS.

The permissions block can be added at the root level of the workflow to apply to all jobs or at the job level for more granular control.

Suggested changeset 1
.github/workflows/deployment-test.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/deployment-test.yml b/.github/workflows/deployment-test.yml
--- a/.github/workflows/deployment-test.yml
+++ b/.github/workflows/deployment-test.yml
@@ -1,2 +1,6 @@
 name: Carbon Registry Test Deployment
+permissions:
+  contents: read
+  packages: write
+  id-token: write
 on:
EOF
@@ -1,2 +1,6 @@
name: Carbon Registry Test Deployment
permissions:
contents: read
packages: write
id-token: write
on:
Copilot is powered by AI and may make mistakes. Always verify output.
name: Carbon Registry Frontend Deploy
needs: changes
if: needs.changes.outputs.frontend-changes == 'true' || needs.changes.outputs.workflows-changes == 'true' || needs.changes.outputs.all-changes == 'true'
runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}-'frontend'
cancel-in-progress: true
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 5
- name: Check Docker variable changes
run: |
echo "docker-compose file Change...."
git diff HEAD~ -- HEAD -z ./docker-compose*
- name: Cache modules
uses: actions/cache@v3
id: yarn-cache
with:
path: node_modules
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: ${{ runner.os }}-yarn-
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Build, tag, and push the image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: carbon-web
IMAGE_TAG: ${{ github.head_ref || github.ref_name }}
run: |
# Build a docker container and push it to ECR
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f web/Dockerfile . --build-arg PORT=3030 --build-arg VITE_APP_BACKEND=http://localhost:3000 --build-arg VITE_APP_COUNTRY_NAME="CountryX" --build-arg VITE_APP_REGISTRY_NAME="CountryXRegistry" --build-arg VITE_APP_MAP_TYPE="Mapbox" --build-arg VITE_APP_MAPBOXGL_ACCESS_TOKEN=${{ secrets.MAPBOXGL_ACCESS_TOKEN }} --build-arg VITE_APP_MAXIMUM_FILE_SIZE=5242880 --build-arg COUNTRY_FLAG_URL="https://carbon-common-dev.s3.amazonaws.com/flag.png"
echo "Pushing image to ECR..."
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
- name: Deploy docker image to Amazon EC2
if: github.ref == 'refs/heads/develop'
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: carbon-web
IMAGE_TAG: ${{ github.head_ref || github.ref_name }}
PRIVATE_KEY: ${{ secrets.AWS_SSH_KEY_PRIVATE_TEST }}
HOSTNAME: ${{secrets.HOST_IP_TEST }}
USER_NAME: ec2-user
run: |
echo "$PRIVATE_KEY" > private_key && chmod 600 private_key
ssh -o StrictHostKeyChecking=no -i private_key ${USER_NAME}@${HOSTNAME} '
carbon/dev_frontend_deploy.sh '

deploy_backend:
Comment on lines +67 to +128

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 9 months ago

To fix the issue, we will add a permissions block to the root of the workflow file. This block will define the minimal permissions required for the workflow to function correctly. Based on the actions used in the workflow, such as actions/checkout, aws-actions/configure-aws-credentials, and aws-actions/amazon-ecr-login, the workflow primarily requires contents: read for accessing the repository contents. Additional permissions like pull-requests: write or others can be added if specific steps require them.

Suggested changeset 1
.github/workflows/deployment-test.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/deployment-test.yml b/.github/workflows/deployment-test.yml
--- a/.github/workflows/deployment-test.yml
+++ b/.github/workflows/deployment-test.yml
@@ -1,2 +1,4 @@
 name: Carbon Registry Test Deployment
+permissions:
+  contents: read
 on:
EOF
@@ -1,2 +1,4 @@
name: Carbon Registry Test Deployment
permissions:
contents: read
on:
Copilot is powered by AI and may make mistakes. Always verify output.
name: Carbon Registry Backend Deploy
needs: changes
if: needs.changes.outputs.backend-changes == 'true' || needs.changes.outputs.workflows-changes == 'true' || needs.changes.outputs.all-changes == 'true'
runs-on: ubuntu-latest
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}-'backend'
cancel-in-progress: true
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 5
- name: Check Docker variable changes
run: |
echo "docker-compose file Change...."
git diff HEAD~ -- HEAD -z ./docker-compose*
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Build, tag, and push the image to Amazon ECR
id: build-image
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: carbon-services
IMAGE_TAG: ${{ github.head_ref || github.ref_name }}
run: |
# Build a docker container and push it to ECR
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f backend/services/Dockerfile .
echo "Pushing image to ECR..."
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
- name: Deploy docker image to Amazon EC2
if: github.ref == 'refs/heads/develop'
env:
PRIVATE_KEY: ${{ secrets.AWS_SSH_KEY_PRIVATE_TEST }}
HOSTNAME: ${{secrets.HOST_IP_TEST }}
USER_NAME: ec2-user
run: |
echo "$PRIVATE_KEY" > private_key && chmod 600 private_key
ssh -o StrictHostKeyChecking=no -i private_key ${USER_NAME}@${HOSTNAME} '
carbon/dev_backend_deploy.sh '
Comment on lines +129 to +178

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 9 months ago

To fix the issue, we need to add a permissions block to the workflow. This block should specify the minimal permissions required for the workflow to function correctly. Since the workflow involves checking out code, interacting with AWS, and deploying Docker images, the permissions should be limited to contents: read for accessing repository files and id-token: write for AWS authentication if necessary.

The permissions block can be added at the root level of the workflow to apply to all jobs or within each job to customize permissions for specific tasks. In this case, adding it at the root level is sufficient and ensures consistency across all jobs.

Suggested changeset 1
.github/workflows/deployment-test.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/deployment-test.yml b/.github/workflows/deployment-test.yml
--- a/.github/workflows/deployment-test.yml
+++ b/.github/workflows/deployment-test.yml
@@ -1,2 +1,5 @@
 name: Carbon Registry Test Deployment
+permissions:
+  contents: read
+  id-token: write
 on:
EOF
@@ -1,2 +1,5 @@
name: Carbon Registry Test Deployment
permissions:
contents: read
id-token: write
on:
Copilot is powered by AI and may make mistakes. Always verify output.
Loading
Loading