Merge remote-tracking branch 'refs/remotes/origin/prototype-workspace'

Author: Aaron-Ritter

.github/workflows/codeql-package.yml

@@ -1,14 +1,3 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
 name: "CodeQL - Package"
 
 on:
@@ -23,7 +12,7 @@ on:
 
 jobs:
   analyze:
-    name: Analyze (${{ matrix.language }})
+    name: Analyze (${{ matrix.language }} ${{ matrix.swift }})
     # Runner size impacts CodeQL analysis time. To learn more, please see:
     #   - https://gh.io/recommended-hardware-resources-for-running-codeql
     #   - https://gh.io/supported-runners-and-hardware-resources
@@ -54,23 +43,21 @@ jobs:
         swift: ["5.10.1"]
         os: [macos-latest]
         xcode: ["15.4"]
-        include:
-          - language: swift
-            build-mode: manual
-        # CodeQL supports the following values keywords for 'language': 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift'
-        # Use `c-cpp` to analyze code written in C, C++ or both
-        # Use 'java-kotlin' to analyze code written in Java, Kotlin or both
-        # Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
+        language: [swift]
+        build-mode: [manual]
         # To learn more about changing the languages that are analyzed or customizing the build mode for your analysis,
         # see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
         # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
         # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
+
     steps:
+      # This step initializes the in the matrix specified version of Xcode.
       - name: Initialize latest xcode
         uses: maxim-lobanov/[email protected]
         with:
           xcode-version: ${{ matrix.xcode }}
 
+      # This step removes all other versions of Xcode from the machine.
       - name: Remove old xcode versions
         run: |
           echo "Searching for Xcode versions:"
@@ -80,34 +67,31 @@ jobs:
           echo "Available Xcode versions after removal:"
           find /Applications -name "Xcode_*" -maxdepth 1 -mindepth 1
 
+      # Initialize Swift in the matrix specified version.
       - name: Initialize Swift
         uses: swift-actions/[email protected]
         with:
           swift-version: ${{ matrix.swift }}
 
+      # Get the Swift version.
       - name: Get swift version
         run: swift --version
 
+      # Checkout the repository.
       - name: Checkout repository
         uses: actions/[email protected]
 
+      # Initialize CodeQL.
       - name: Initialize CodeQL
         uses: github/codeql-action/[email protected]
         with:
           languages: ${{ matrix.language }}
           build-mode: ${{ matrix.build-mode }}
-          # If you wish to specify custom queries, you can do so here or in a config file.
-          # By default, queries listed here will override any specified in a config file.
-          # Prefix the list here with "+" to use these queries and those in the config file.
 
           # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
           # queries: security-extended,security-and-quality
           queries: security-and-quality
 
-      # If the analyze step fails for one of the languages you are analyzing with
-      # "We were unable to automatically build your code", modify the matrix above
-      # to set the build mode to "manual" for that language. Then modify this step
-      # to build your code.
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
 
@@ -117,31 +101,19 @@ jobs:
       #- name: Autobuild
       #  uses: github/codeql-action/[email protected]
 
+      # Check disk space.
       - name: Check Disk Space
         run: |
           sleep 10
           df -h
 
+      # Manual build with the release configuration.
       - name: Manual build
-        run: swift build
-
-      #- if: matrix.build-mode == 'manual'
-      #  shell: bash
-      #  run: |
-      #     echo 'If you are using a "manual" build mode for one or more of the' \
-      #       'languages you are analyzing, replace this with the commands to build' \
-      #       'your code, for example:'
-      #     echo '  make bootstrap'
-      #     echo '  make release'
-      #
-      #     swift build
-      #
-      #     echo ' swift build -c release '
-      #
-      #     exit 1
-
+        run: swift build --build-tests --configuration debug -v
 
+      # Perform CodeQL analysis after the build has completed successfully or failed.
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/[email protected]
+        if: success() || failure()
         with:
           category: "/language:${{matrix.language}}"

.github/workflows/codeql-samples-quickstart.yml

@@ -1,14 +1,3 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
 name: "CodeQL - Sample Quickstart"
 
 on:
@@ -23,7 +12,7 @@ on:
 
 jobs:
   analyze:
-    name: Analyze (${{ matrix.language }})
+    name: Analyze (${{ matrix.language }} ${{ matrix.swift }} ${{ matrix.destination }})
     # Runner size impacts CodeQL analysis time. To learn more, please see:
     #   - https://gh.io/recommended-hardware-resources-for-running-codeql
     #   - https://gh.io/supported-runners-and-hardware-resources
@@ -54,28 +43,24 @@ jobs:
         swift: ["5.10.1"]
         os: [macos-latest]
         xcode: ["15.4"]
+        language:  [swift]
+        build-mode: [manual]
         destination:
-          - "platform=iOS Simulator,OS=16.4,name=iPhone 14 Pro"
           - "platform=iOS Simulator,OS=17.5,name=iPhone 15 Pro"
           - "platform=iOS Simulator,OS=18.1,name=iPhone 15 Pro"
-          - "platform=iOS Simulator,OS=18.1,name=iPhone 15 Pro Max"
-        include:
-          - language: swift
-            build-mode: manual
-        # CodeQL supports the following values keywords for 'language': 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift'
-        # Use `c-cpp` to analyze code written in C, C++ or both
-        # Use 'java-kotlin' to analyze code written in Java, Kotlin or both
-        # Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
         # To learn more about changing the languages that are analyzed or customizing the build mode for your analysis,
         # see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
         # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
         # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
+
     steps:
+      # Initialize the latest version of Xcode.
       - name: Initialize latest xcode
         uses: maxim-lobanov/[email protected]
         with:
           xcode-version: ${{ matrix.xcode }}
 
+      # Remove any other Xcode version.
       - name: Remove old xcode versions
         run: |
           echo "Searching for Xcode versions:"
@@ -85,35 +70,32 @@ jobs:
           echo "Available Xcode versions after removal:"
           find /Applications -name "Xcode_*" -maxdepth 1 -mindepth 1
 
+      # Initialize Swift in the matrix specified version.
       - name: Initialize Swift
         uses: swift-actions/[email protected]
         with:
           swift-version: ${{ matrix.swift }}
 
+      # Get the Swift version.
       - name: Get swift version
         run: swift --version
 
+      # Checkout the repository.
       - name: Checkout repository
         uses: actions/[email protected]
 
+      # Initialize CodeQL.
       - name: Initialize CodeQL
         uses: github/codeql-action/[email protected]
         with:
           languages: ${{ matrix.language }}
           build-mode: ${{ matrix.build-mode }}
-          # If you wish to specify custom queries, you can do so here or in a config file.
-          # By default, queries listed here will override any specified in a config file.
-          # Prefix the list here with "+" to use these queries and those in the config file.
 
           # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
           # queries: security-extended,security-and-quality
           queries: security-and-quality
           config-file: .github/codeql/codeql-samples-config.yml
 
-      # If the analyze step fails for one of the languages you are analyzing with
-      # "We were unable to automatically build your code", modify the matrix above
-      # to set the build mode to "manual" for that language. Then modify this step
-      # to build your code.
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
 
@@ -123,31 +105,19 @@ jobs:
       #- name: Autobuild
       #  uses: github/codeql-action/[email protected]
 
+      # Check Disk Space before the build.
       - name: Check Disk Space
         run: |
           sleep 10
           df -h
 
+      # Perform the build manually.
       - name: Manual Build
         run: set -o pipefail && xcodebuild -workspace FusionAuthSDK.xcworkspace/ -scheme fusionauth-quickstart-swift-ios-native -destination "${{matrix.destination}}" -skipPackagePluginValidation
 
-      #- if: matrix.build-mode == 'manual'
-      #  shell: bash
-      #  run: |
-      #     echo 'If you are using a "manual" build mode for one or more of the' \
-      #       'languages you are analyzing, replace this with the commands to build' \
-      #       'your code, for example:'
-      #     echo '  make bootstrap'
-      #     echo '  make release'
-      #
-      #     swift build
-      #
-      #     echo ' swift build -c release '
-      #
-      #     exit 1
-
-
+      # Perform CodeQL Analysis if the build succeeded or failed.
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/[email protected]
+        if: success() || failure()
         with:
           category: "/language:${{matrix.language}}"

.github/workflows/mobsf.yml

@@ -34,7 +34,7 @@ jobs:
 
       # Sets up the python as a prerequisites for MobSF
       - name: Setup python
-        uses: actions/setup-python@v5.1.1
+        uses: actions/setup-python@v5.2.0
         with:
           python-version: 3.8
 

Samples/Quickstart/fusionauth/1.51.2/docker-compose.yml

@@ -46,7 +46,7 @@ services:
       - search_net
 
   fusionauth:
-    image: fusionauth/fusionauth-app:1.52.1
+    image: fusionauth/fusionauth-app:1.51.2
     depends_on:
       db:
         condition: service_healthy

Samples/Quickstart/fusionauth/1.52.1/docker-compose.yml

@@ -46,7 +46,7 @@ services:
       - search_net
 
   fusionauth:
-    image: fusionauth/fusionauth-app:1.51.2
+    image: fusionauth/fusionauth-app:1.52.1
     depends_on:
       db:
         condition: service_healthy

Samples/Quickstart/fusionauth/1.53.1/.env

@@ -0,0 +1,8 @@
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=postgres
+DATABASE_USERNAME=fusionauth
+DATABASE_PASSWORD=hkaLBM3RVnyYeYeqE3WI1w2e4Avpy0Wd5O3s3
+OPENSEARCH_JAVA_OPTS="-Xms512m -Xmx512m"
+FUSIONAUTH_APP_MEMORY=512M
+FUSIONAUTH_APP_RUNTIME_MODE=development
+FUSIONAUTH_APP_KICKSTART_FILE=/usr/local/fusionauth/kickstart/kickstart.json

Samples/Quickstart/fusionauth/1.53.1/docker-compose.yml

@@ -0,0 +1,86 @@
+services:
+  db:
+    image: postgres:16.0-bookworm
+    environment:
+      PGDATA: /var/lib/postgresql/data/pgdata
+      POSTGRES_USER: ${POSTGRES_USER}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
+    healthcheck:
+      test: [ "CMD-SHELL", "pg_isready -U postgres" ]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+    networks:
+      - db_net
+    restart: unless-stopped
+    volumes:
+      - db_data:/var/lib/postgresql/data
+
+  search:
+    image: opensearchproject/opensearch:2.11.0
+    environment:
+      cluster.name: fusionauth
+      discovery.type: single-node
+      node.name: search
+      plugins.security.disabled: true
+      bootstrap.memory_lock: true
+      OPENSEARCH_JAVA_OPTS: ${OPENSEARCH_JAVA_OPTS}
+    healthcheck:
+      interval: 10s
+      retries: 80
+      test: curl --write-out 'HTTP %{http_code}' --fail --silent --output /dev/null http://localhost:9200/
+    restart: unless-stopped
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+      nofile:
+        soft: 65536
+        hard: 65536
+    ports:
+      - 9200:9200 # REST API
+      - 9600:9600 # Performance Analyzer
+    volumes:
+      - search_data:/usr/share/opensearch/data
+    networks:
+      - search_net
+
+  fusionauth:
+    image: fusionauth/fusionauth-app:1.53.1
+    depends_on:
+      db:
+        condition: service_healthy
+      search:
+        condition: service_healthy
+    environment:
+      DATABASE_URL: jdbc:postgresql://db:5432/fusionauth
+      DATABASE_ROOT_USERNAME: ${POSTGRES_USER}
+      DATABASE_ROOT_PASSWORD: ${POSTGRES_PASSWORD}
+      DATABASE_USERNAME: ${DATABASE_USERNAME}
+      DATABASE_PASSWORD: ${DATABASE_PASSWORD}
+      FUSIONAUTH_APP_MEMORY: ${FUSIONAUTH_APP_MEMORY}
+      FUSIONAUTH_APP_RUNTIME_MODE: ${FUSIONAUTH_APP_RUNTIME_MODE}
+      FUSIONAUTH_APP_URL: http://fusionauth:9011
+      SEARCH_SERVERS: http://search:9200
+      SEARCH_TYPE: elasticsearch
+      FUSIONAUTH_APP_KICKSTART_FILE: ${FUSIONAUTH_APP_KICKSTART_FILE}
+    networks:
+      - db_net
+      - search_net
+    restart: unless-stopped
+    ports:
+      - 9011:9011
+    volumes:
+      - fusionauth_config:/usr/local/fusionauth/config
+      - ./kickstart:/usr/local/fusionauth/kickstart
+
+networks:
+  db_net:
+    driver: bridge
+  search_net:
+    driver: bridge
+
+volumes:
+  db_data:
+  fusionauth_config:
+  search_data: