From 676641d79d44cf9ca347783b6c2f50835d95a561 Mon Sep 17 00:00:00 2001
From: Nicolas FAUGEROUX <nicolas.faugeroux@protonmail.com>
Date: Sun, 29 Dec 2024 12:38:02 +0100
Subject: [PATCH] chore: public beta

---
 .github/workflows/ci.yaml         |  5 +----
 .github/workflows/e2e.yaml        |  5 +----
 .github/workflows/redis.yaml      |  5 +----
 .github/workflows/scoreboard.yaml | 35 +++++++++++++++++++++++++++++++
 README.md                         | 11 ++++++++--
 hack/docker-compose.yml           | 18 +++++++++++++---
 webdocs/_index.md                 |  2 +-
 7 files changed, 63 insertions(+), 18 deletions(-)
 create mode 100644 .github/workflows/scoreboard.yaml

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 23f3413..bd15022 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -16,12 +16,9 @@ jobs:
 
     services:
       chall-manager: 
-        image: ctferio/chall-manager:v0.1.0-rc3@sha256:bc7b15549ec3606fe20ea68f50bc51e2d53178b1201c443be6b87fec24f9b762
+        image: ctferio/chall-manager:v0.1.1@sha256:196f0e1ebf5c0c900b8be04560824538a30cb851baced98fa7276fce727aba95
         ports:
           - 8080:8080
-        credentials:
-          username: ${{ secrets.docker_username }}
-          password: ${{ secrets.docker_password }}
 
       ctfd:
         image: ctfd/ctfd:3.7.5@sha256:7f456b23727286c9df2b58e0b7398cc0196e2b74e4c1c5b3cda7a5b71034637d
diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml
index 6bd588f..320b967 100644
--- a/.github/workflows/e2e.yaml
+++ b/.github/workflows/e2e.yaml
@@ -16,12 +16,9 @@ jobs:
 
     services:
       chall-manager: 
-        image: ctferio/chall-manager:v0.1.0-rc3@sha256:bc7b15549ec3606fe20ea68f50bc51e2d53178b1201c443be6b87fec24f9b762
+        image: ctferio/chall-manager:v0.1.1@sha256:196f0e1ebf5c0c900b8be04560824538a30cb851baced98fa7276fce727aba95
         ports:
           - 8080:8080
-        credentials:
-          username: ${{ secrets.docker_username }}
-          password: ${{ secrets.docker_password }}
 
       redis-svc:
         image: redis:7.0.10@sha256:92b8b307ee28ed74da17578064c73307ad41e43f422f0b7e4e91498b406c59e3
diff --git a/.github/workflows/redis.yaml b/.github/workflows/redis.yaml
index 44af3a7..735eb1e 100644
--- a/.github/workflows/redis.yaml
+++ b/.github/workflows/redis.yaml
@@ -16,12 +16,9 @@ jobs:
 
     services:
       chall-manager: 
-        image: ctferio/chall-manager:v0.1.0-rc3@sha256:bc7b15549ec3606fe20ea68f50bc51e2d53178b1201c443be6b87fec24f9b762
+        image: ctferio/chall-manager:v0.1.1@sha256:196f0e1ebf5c0c900b8be04560824538a30cb851baced98fa7276fce727aba95
         ports:
           - 8080:8080
-        credentials:
-          username: ${{ secrets.docker_username }}
-          password: ${{ secrets.docker_password }}
 
       redis-svc:
         image: redis:7.0.10@sha256:92b8b307ee28ed74da17578064c73307ad41e43f422f0b7e4e91498b406c59e3
diff --git a/.github/workflows/scoreboard.yaml b/.github/workflows/scoreboard.yaml
new file mode 100644
index 0000000..1f35e5d
--- /dev/null
+++ b/.github/workflows/scoreboard.yaml
@@ -0,0 +1,35 @@
+name: Scorecard supply-chain security
+on:
+  branch_protection_rule:
+  schedule:
+    - cron: '30 6 * * 6'
+  push:
+    branches: [ "main" ]
+
+permissions: read-all
+
+jobs:
+  analysis:
+    name: Scorecard analysis
+    runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          persist-credentials: false
+
+      - name: Run analysis
+        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
+        with:
+          results_file: results.sarif
+          results_format: sarif
+          publish_results: true
+
+      - name: Upload to code-scanning
+        uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
+        with:
+          sarif_file: results.sarif
\ No newline at end of file
diff --git a/README.md b/README.md
index c452aa5..268318f 100644
--- a/README.md
+++ b/README.md
@@ -3,9 +3,16 @@
 <p><b>Level Up CTFd with Infra-as-Code Challenges!</b><p>
 <a href=""><img src="https://img.shields.io/github/license/ctfer-io/ctfd-chall-manager?style=for-the-badge" alt="License"></a>
 <a href="https://github.com/ctfer-io/ctfd-chall-manager/actions?query=workflow%3Aci+"><img src="https://img.shields.io/github/actions/workflow/status/ctfer-io/ctfd-chall-manager/ci.yaml?style=for-the-badge&label=CI" alt="CI"></a>
-	<a href="https://github.com/ctfer-io/ctfd-chall-manager/actions/workflows/codeql-analysis.yaml"><img src="https://img.shields.io/github/actions/workflow/status/ctfer-io/ctfd-chall-manager/codeql-analysis.yaml?style=for-the-badge&label=CodeQL" alt="CodeQL"></a>
+<a href="https://github.com/ctfer-io/ctfd-chall-manager/actions/workflows/codeql-analysis.yaml"><img src="https://img.shields.io/github/actions/workflow/status/ctfer-io/ctfd-chall-manager/codeql-analysis.yaml?style=for-the-badge&label=CodeQL" alt="CodeQL"></a>
+<a href="https://securityscorecards.dev/viewer/?uri=github.com/ctfer-io/ctfd-chall-manager"><img src="https://img.shields.io/ossf-scorecard/github.com/ctfer-io/ctfd-chall-manager?label=openssf%20scorecard&style=for-the-badge" alt="OpenSSF Scoreboard"></a>
 </div>
 
+> [!CAUTION]
+> CTFd-chall-Manager is currently in public beta phase.
+> It could be run in production, but breaking changes are subject to happen in the upcoming months until General Availability.
+> 
+> It has been tested under production workload during the NoBrackets 2024.
+
 This plugin allow you to use the [chall-manager](https://github.com/ctfer-io/chall-manager), to manage scenario and permit Player's to deploy their instances.
 
 Last version tested on: [3.7.5](https://github.com/CTFd/CTFd/releases/tag/3.7.5).
@@ -27,7 +34,7 @@ Last version tested on: [3.7.5](https://github.com/CTFd/CTFd/releases/tag/3.7.5)
 <img style="width: 90%; display: block; margin: auto; box-sizing: border-box;" src="res/flags.png"/>
 
 # How install and use
-To install and use the plugin, refer to the documentation at https://alpha.ctfer.io/docs/ctfd-chall-manager.
+To install and use the plugin, refer to the documentation at https://ctfer.io/docs/ctfd-chall-manager.
 
 # Limitations
 - Need to use the `core-beta` theme (cf https://github.com/CTFd/CTFd/pull/2630)
diff --git a/hack/docker-compose.yml b/hack/docker-compose.yml
index d070cb7..8e3e9e8 100644
--- a/hack/docker-compose.yml
+++ b/hack/docker-compose.yml
@@ -10,11 +10,13 @@ services:
     environment:
       LOG_LEVEL: DEBUG
       PLUGIN_SETTINGS_CM_API_URL: http://chall-manager:8080/api/v1
-      PLUGIN_SETTINGS_CM_MANA_TOTAL: 15
-      # REDIS_URL: redis://redis-svc:6379
+      PLUGIN_SETTINGS_CM_MANA_TOTAL: 10
+      REDIS_URL: redis://redis-svc:6379
+      DATABASE_URL : mysql+pymysql://root:password@mariadb-svc:3306/ctfd
     depends_on:
       - chall-manager
       # - redis-svc
+      # - mariadb-svc
     healthcheck:
       test: python3 -c 'import requests; requests.get("http://localhost:8000")'
       interval: 10s
@@ -22,7 +24,7 @@ services:
       timeout: 10s
 
   chall-manager:
-    image: ctferio/chall-manager:v0.1.0-rc3@sha256:bc7b15549ec3606fe20ea68f50bc51e2d53178b1201c443be6b87fec24f9b762
+    image: ctferio/chall-manager:v0.1.1@sha256:196f0e1ebf5c0c900b8be04560824538a30cb851baced98fa7276fce727aba95
     ports:
       - 8080:8080
     environment:
@@ -37,6 +39,16 @@ services:
   #   networks:
   #     - testing
 
+  # mariadb-svc:
+  #   image: mariadb:10.11
+  #   environment:
+  #     MYSQL_ROOT_PASSWORD: password
+  #     MYSQL_DATABASE: ctfd
+  #   ports:
+  #     - 3306:3306
+  #   networks:
+  #     - testing
+
   ctfd-setup:
     image: ctferio/ctfd-setup:v1.5.2@sha256:4308e91578532869eee94d68488ea51f222ca5e5944d05529eb59c2f2cc3404a
     environment:
diff --git a/webdocs/_index.md b/webdocs/_index.md
index 7c77d2e..c587197 100644
--- a/webdocs/_index.md
+++ b/webdocs/_index.md
@@ -7,6 +7,6 @@ description: >
 ---
 
 {{% alert title="Warning" color="warning" %}}
-Currently entering private alpha phase, for any issue: ctfer-io@protonmail.com 
+Currently entering public beta phase, for any issue: ctfer-io@protonmail.com
 {{% /alert %}}