step-security
diff --git a/‎.github/workflows/actions_release.yml‎
Lines changed: 22 additions & 0 deletions b/‎.github/workflows/actions_release.yml‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎.github/workflows/audit_package.yml‎
Lines changed: 28 additions & 0 deletions b/‎.github/workflows/audit_package.yml‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎.github/workflows/auto_cherry_pick.yml‎
Lines changed: 23 additions & 0 deletions b/‎.github/workflows/auto_cherry_pick.yml‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎.github/workflows/guarddog.yml‎
Lines changed: 14 additions & 0 deletions b/‎.github/workflows/guarddog.yml‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 2 additions & 0 deletions b/‎.gitignore‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎LICENSE‎
Lines changed: 22 additions & 0 deletions b/‎LICENSE‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 76 additions & 1 deletion b/‎README.md‎
Lines changed: 76 additions & 1 deletion
diff --git a/‎SECURITY.md‎
Lines changed: 5 additions & 0 deletions b/‎SECURITY.md‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎__tests__/utils/file.test.js‎
Lines changed: 39 additions & 0 deletions b/‎__tests__/utils/file.test.js‎
Lines changed: 39 additions & 0 deletions
diff --git a/‎__tests__/utils/markdownToHtml.test.js‎
Lines changed: 45 additions & 0 deletions b/‎__tests__/utils/markdownToHtml.test.js‎
Lines changed: 45 additions & 0 deletions
@@ -0,0 +1,22 @@
+name: Release GitHub Actions
+
+on:
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: "Tag for the release"
+        required: true
+
+permissions:
+  contents: read
+
+jobs:
+  release:
+    permissions:
+      actions: read
+      id-token: write
+      contents: write
+
+    uses: step-security/reusable-workflows/.github/workflows/actions_release.yaml@v1
+    with:
+      tag: "${{ github.event.inputs.tag }}"
@@ -0,0 +1,28 @@
+name: NPM Audit Fix Run
+
+on:
+  workflow_dispatch:
+    inputs:
+      force:
+        description: "Use --force flag for npm audit fix?"
+        required: true
+        type: boolean
+      base_branch:
+        description: "Specify a base branch"
+        required: false
+        default: "main"
+  schedule:
+    - cron: "0 0 * * 1"
+
+jobs:
+  audit-fix:
+    uses: step-security/reusable-workflows/.github/workflows/audit_fix.yml@v1
+    with:
+      force: ${{ inputs.force || false }}
+      base_branch: ${{ inputs.base_branch || 'main' }}
+
+permissions:
+  contents: write
+  pull-requests: write
+  packages: read
+  issues: write
@@ -0,0 +1,23 @@
+name: Auto Cherry-Pick from Upstream
+
+on:
+  workflow_dispatch:
+    inputs:
+      base_branch:
+        description: "Base branch to create the PR against"
+        required: true
+        default: "main"
+
+permissions:
+  contents: write
+  pull-requests: write
+  packages: read
+  issues: write
+
+jobs:
+  cherry-pick:
+    uses: step-security/reusable-workflows/.github/workflows/auto_cherry_pick.yaml@v1
+    with:
+      original-owner: "Bhacaz"
+      repo-name: "docs-as-code-confluence"
+      base_branch: ${{ inputs.base_branch }}
@@ -0,0 +1,14 @@
+name: Run GuardDog Scan on PRs
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+permissions:
+  contents: read
+
+jobs:
+  call-guarddog-scan:
+    uses: step-security/reusable-workflows/.github/workflows/guarddog.yml@v1
@@ -0,0 +1,2 @@
+docs
+node_modules
@@ -0,0 +1,22 @@
+The MIT License (MIT)
+
+Copyright (c) 2021 Jean-Francis Bastien
+Copyright (c) 2025 StepSecurity
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
@@ -1 +1,76 @@
-# docs-as-code-confluence
+# Docs as Code - Confluence
+
+Publish a folder of documentation to Confluence.
+
+Create a Confluence Page for each markdown file. Each folder will create a _parent_ page to reflect
+the directory structure.
+
+## Parameters
+
+| Name                  | Description | Required |
+|-----------------------| --- | --- |
+| `folder`              | The folder to sync | true |
+| `username`            | Confluence username or email | true |
+| `password`            | Confluence password or [API token](https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account/) | true |
+| `confluence-base-url` | Your Confluence URL (with `wiki`). Example: `https://mydomain.atlassian.net/wiki` | true |
+| `space-key`           | Confluence space key to publish the documentation. Located after `spaces` in the URL. `https://mydomain.atlassian.net/wiki/spaces/<<~1234>>`. <br> Or in _Space settings_ > _Space details_ > _Key_. | true |
+| `parent-page-id`      | Page id under which the documentation will be published. Located after `pages` in the URL. `https://mydomain.atlassian.net/wiki/spaces/~1234/pages/<<1234>>/My+Parent+Page` | true |
+
+## TODO
+
+* Renaming a file
+* Moving/Removing a file
+* Not updating Confluence pages when there is no change
+* Add commit link to the new page version
+* Add markdown images with url source
+
+## Example of workflow
+
+```yml
+name: Sync Docs as Code - Confluence
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - 'docs/**'
+jobs:
+  docs-as-code:
+    runs-on: ubuntu-latest
+    name: Sync Docs as Code - Confluence
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Sync Docs as Code - Confluence
+        uses: step-security/docs-as-code-confluence@v3
+        with:
+          folder: docs
+          username: abc@xyz.com
+          password: ${{ secrets.API_TOKEN }}
+          confluence-base-url: https://mydomain.atlassian.net/wiki
+          space-key: ~1234
+          parent-page-id: 123456789
+```
+
+## Example of usage in a repository
+
+[step-security/docs-as-code-confluence-demo](https://github.com/step-security/docs-as-code-confluence-demo)
+
+## Alternatives
+
+* [markdown-confluence/publish-action](https://github.com/markdown-confluence/publish-action)
+* [mbovo/mark2confluence](https://github.com/mbovo/mark2confluence)
+
+## Development
+
+**Test**
+
+```bash
+npm run test
+```
+
+**Build**
+
+```bash
+npm run build
+```
@@ -0,0 +1,5 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please report security vulnerabilities to security@stepsecurity.io
@@ -0,0 +1,39 @@
+const fs = require('fs');
+const path = require('path');
+const filesStructure = require('../../utils/files');
+
+jest.mock('fs');
+jest.mock('path');
+
+describe('filesStructure', () => {
+  it('returns structure of markdown files in directory and only select .md files', () => {
+    // file1.md
+    // file2.md
+    // subdir/
+    //   file3.md
+    //   image.png
+    // subdir_only_image/
+    //   image2.png
+    const mockFiles = ['file1.md', 'file2.md', 'subdir/file3.md', 'subdir/image.png', 'subdir_only_image/image2.png'];
+    fs.statSync.mockImplementation((file) => {
+      return { isDirectory: () => !file.includes('.') };
+    });
+
+    fs.readdirSync.mockReturnValue(mockFiles);
+    path.join.mockImplementation((...args) => args.join('/'));
+
+    const result = filesStructure('root');
+
+    expect(result).toEqual([['file1.md'], ['file2.md'], ['subdir', 'file3.md']]);
+  });
+
+  it('returns empty array when directory is empty', () => {
+    fs.statSync.mockReturnValue({ isDirectory: () => true });
+    fs.readdirSync.mockReturnValue([]);
+    path.join.mockImplementation((...args) => args.join('/'));
+
+    const result = filesStructure('root');
+
+    expect(result).toEqual([]);
+  });
+});
@@ -0,0 +1,45 @@
+const fs = require('fs');
+const Marked = require('marked');
+const markdownForFile = require('../../utils/markdownToHtml');
+
+jest.mock('fs');
+jest.mock('marked');
+
+describe('markdownForFile', () => {
+  it('reads file and parses markdown when file exists', (done) => {
+    const mockData = '# Hello World';
+    const mockHtml = '<h1 id="hello-world">Hello World</h1>\n';
+    fs.readFile.mockImplementationOnce((path, options, cb) => cb(null, mockData));
+    Marked.parse.mockImplementationOnce((data, cb) => cb(null, mockHtml));
+
+    markdownForFile('path/to/file', (err, data) => {
+      expect(err).toBeNull();
+      expect(data).toBe(mockHtml);
+      done();
+    });
+  });
+
+  it('returns error when file does not exist', (done) => {
+    const mockError = new Error('File not found');
+    fs.readFile.mockImplementationOnce((path, options, cb) => cb(mockError));
+
+    markdownForFile('path/to/nonexistent/file', (err, data) => {
+      expect(err).toEqual(mockError);
+      expect(data).toBeUndefined();
+      done();
+    });
+  });
+
+  it('returns error when markdown parsing fails', (done) => {
+    const mockData = '# Hello World';
+    const mockError = new Error('Markdown parsing error');
+    fs.readFile.mockImplementationOnce((path, options, cb) => cb(null, mockData));
+    Marked.parse.mockImplementationOnce((data, cb) => cb(mockError));
+
+    markdownForFile('path/to/file', (err, data) => {
+      expect(err).toEqual(mockError);
+      expect(data).toBeUndefined();
+      done();
+    });
+  });
+});