Dmehala/cron appsec rules

.circleci/continue_config.yml

@@ -418,134 +418,6 @@ workflows:
     build-and-test:
         jobs:
             - check-ci-definition
-            - format:
-                name: Verify formatting
-                requires:
-                    - check-ci-definition
-            - shellcheck:
-                name: run shellcheck on shell scripts
-                requires:
-                    - check-ci-definition
-            - build:
-                matrix:
-                    parameters:
-                        arch:
-                            - amd64
-                            - arm64
-                        nginx-version:
-                            - 1.22.1
-                            - 1.24.0
-                            - 1.25.4
-                            - 1.27.3
-                        waf:
-                            - "ON"
-                            - "OFF"
-                name: build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf >>
-            - build_openresty:
-                matrix:
-                    parameters:
-                        arch:
-                            - amd64
-                            - arm64
-                        resty-version:
-                            - 1.27.1.1
-                        waf:
-                            - "ON"
-                            - "OFF"
-                name: build openresty << matrix.resty-version >> on << matrix.arch >> WAF << matrix.waf >>
-            - build_ingress_nginx_module:
-                matrix:
-                    parameters:
-                        arch:
-                            - amd64
-                            - arm64
-                        version:
-                            - 1.12.0
-                name: build ingress-nginx-<< matrix.version >> on << matrix.arch >>
-            - coverage:
-                name: Coverage on 1.27.0 with WAF ON
-            - test:
-                matrix:
-                    parameters:
-                        arch:
-                            - amd64
-                            - arm64
-                        base-image:
-                            - nginx:1.27.3-alpine
-                            - nginx:1.27.3
-                        nginx-version:
-                            - 1.27.3
-                        waf:
-                            - "ON"
-                            - "OFF"
-                name: test << matrix.nginx-version >> on << matrix.base-image >>:<< matrix.arch >> WAF << matrix.waf >>
-                requires:
-                    - build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf >>
-            - test-openresty:
-                matrix:
-                    parameters:
-                        arch:
-                            - amd64
-                            - arm64
-                        base-image:
-                            - openresty/openresty:1.27.1.1-alpine
-                        resty-version:
-                            - 1.27.1.1
-                        waf:
-                            - "ON"
-                            - "OFF"
-                name: test openresty << matrix.resty-version >> on << matrix.base-image >>:<< matrix.arch >> WAF << matrix.waf >>
-                requires:
-                    - build openresty << matrix.resty-version >> on << matrix.arch >> WAF << matrix.waf >>
-            - test:
-                matrix:
-                    parameters:
-                        arch:
-                            - amd64
-                            - arm64
-                        base-image:
-                            - amazonlinux:2.0.20230418.0
-                        nginx-version:
-                            - 1.22.1
-                        waf:
-                            - "ON"
-                            - "OFF"
-                name: test << matrix.nginx-version >> on << matrix.base-image >>:<< matrix.arch >> WAF << matrix.waf >>
-                requires:
-                    - build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf >>
-            - test:
-                matrix:
-                    parameters:
-                        arch:
-                            - amd64
-                            - arm64
-                        base-image:
-                            - amazonlinux:2023.3.20240219.0
-                        nginx-version:
-                            - 1.24.0
-                        waf:
-                            - "ON"
-                            - "OFF"
-                name: test << matrix.nginx-version >> on << matrix.base-image >>:<< matrix.arch >> WAF << matrix.waf >>
-                requires:
-                    - build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf >>
-            - test_ingress:
-                matrix:
-                    parameters:
-                        arch:
-                            - amd64
-                            - arm64
-                        base-image:
-                            - registry.k8s.io/ingress-nginx/controller
-                        nginx-version:
-                            - 1.12.0
-                name: test ingress-nginx-<< matrix.nginx-version >> on << matrix.arch >>
-                requires:
-                    - build ingress-nginx-<< matrix.nginx-version >> on << matrix.arch >>
-            - system_tests:
-                name: Run system tests
-                requires:
-                    - build 1.25.4 on amd64 WAF ON
         when:
             and:
                 - not: << pipeline.git.tag >>

.circleci/src/workflows/build-and-test.yml

@@ -4,135 +4,3 @@ when:
     - not: << pipeline.parameters.build_all >>
 jobs:
 - check-ci-definition
-- format:
-    name: Verify formatting
-    requires: 
-    - check-ci-definition
-- shellcheck:
-    name: run shellcheck on shell scripts
-    requires: 
-    - check-ci-definition
-- build:
-    matrix:
-      parameters:
-        arch:
-        - amd64
-        - arm64
-        nginx-version:
-        - 1.22.1
-        - 1.24.0
-        - 1.25.4
-        - 1.27.3
-        waf:
-        - 'ON'
-        - 'OFF'
-    name: build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf >>
-- build_openresty:
-    matrix:
-      parameters:
-        arch:
-        - amd64
-        - arm64
-        resty-version:
-        - 1.27.1.1
-        waf:
-        - 'ON'
-        - 'OFF'
-    name: build openresty << matrix.resty-version >> on << matrix.arch >> WAF << matrix.waf >>
-- build_ingress_nginx_module:
-    name: build ingress-nginx-<< matrix.version >> on << matrix.arch >>
-    matrix:
-      parameters:
-        arch:
-        - 'amd64'
-        - 'arm64'
-        version:
-        - 1.12.0
-- coverage:
-    name: Coverage on 1.27.0 with WAF ON
-- test:
-    matrix:
-      parameters:
-        arch:
-        - amd64
-        - arm64
-        waf:
-        - 'ON'
-        - 'OFF'
-        base-image:
-        - nginx:1.27.3-alpine
-        - nginx:1.27.3
-        nginx-version:
-        - 1.27.3
-    name: test << matrix.nginx-version >> on << matrix.base-image >>:<< matrix.arch
-      >> WAF << matrix.waf >>
-    requires:
-    - build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf
-      >>
-- test-openresty:
-    matrix:
-      parameters:
-        arch:
-        - amd64
-        - arm64
-        waf:
-        - 'ON'
-        - 'OFF'
-        base-image:
-        - openresty/openresty:1.27.1.1-alpine
-        resty-version:
-        - 1.27.1.1
-    name: test openresty << matrix.resty-version >> on << matrix.base-image >>:<< matrix.arch >> WAF << matrix.waf >>
-    requires:
-    - build openresty << matrix.resty-version >> on << matrix.arch >> WAF << matrix.waf >>
-- test:
-    matrix:
-      parameters:
-        arch:
-        - amd64
-        - arm64
-        waf:
-        - 'ON'
-        - 'OFF'
-        base-image:
-        - amazonlinux:2.0.20230418.0
-        nginx-version:
-        - 1.22.1
-    name: test << matrix.nginx-version >> on << matrix.base-image >>:<< matrix.arch
-      >> WAF << matrix.waf >>
-    requires:
-    - build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf
-      >>
-- test:
-    matrix:
-      parameters:
-        arch:
-        - amd64
-        - arm64
-        waf:
-        - 'ON'
-        - 'OFF'
-        base-image:
-        - amazonlinux:2023.3.20240219.0
-        nginx-version:
-        - 1.24.0
-    name: test << matrix.nginx-version >> on << matrix.base-image >>:<< matrix.arch >> WAF << matrix.waf >>
-    requires:
-    - build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf >>
-- test_ingress:
-    name: test ingress-nginx-<< matrix.nginx-version >> on << matrix.arch >>
-    requires:
-    - build ingress-nginx-<< matrix.nginx-version >> on << matrix.arch >>
-    matrix:
-      parameters:
-        arch:
-        - amd64
-        - arm64
-        base-image:
-        - registry.k8s.io/ingress-nginx/controller
-        nginx-version:
-        - 1.12.0
-- system_tests:
-    name: Run system tests
-    requires:
-    - build 1.25.4 on amd64 WAF ON

.github/workflows/ci.yaml

@@ -0,0 +1,25 @@
+name: CI
+
+on:
+  schedule:
+    - cron: '0 0 * * 0' # Every Sunday at midnight
+  workflow_dispatch: {}
+  pull_request:
+    branches:
+      - "**"
+
+jobs:
+  update-rules:
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read # read secrets
+      contents: write # Creates a branch
+      pull-requests: write # Creates a PR
+    env:
+      GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          repository: 'DataDog/appsec-event-rules'
+          token: ${{ secrets.PAT_APPSEC_ACCESS }}
+          path: 'appsec-event-rules'