Remove obsolete Okta and AWS evidence collection scripts and workflows

Author: austinsonger

.github/prep.sh

@@ -0,0 +1,43 @@
+## ENVIRONMENT ##
+
+#!/bin/bash
+
+# Error tracking and logging function
+log_error() {
+    echo "Error: $1" >&2
+}
+
+# INSTALL JQ
+mkdir -p "$HOME/bin"
+curl -L https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 -o "$HOME/bin/jq" > /dev/null 2>&1
+if [ $? -ne 0 ]; then
+    log_error "Failed to download jq"
+    exit 1
+fi
+chmod +x "$HOME/bin/jq"
+sudo ln -sf "$HOME/bin/jq" /usr/local/bin/jq
+if [ $? -ne 0 ]; then
+    log_error "Failed to set up jq"
+    exit 1
+fi
+
+# INSTALL PYTHON
+sudo apt-get update -q && sudo apt-get install -y python3-pip python3-wheel > /dev/null 2>&1
+if [ $? -ne 0 ]; then
+    log_error "Failed to install Python and pip"
+    exit 1
+fi
+
+# INSTALL PIP DEPENDENCIES
+sudo pip3 install --upgrade pytenable click arrow requests > /dev/null 2>&1
+if [ $? -ne 0 ]; then
+    log_error "Failed to install pip dependencies"
+    exit 1
+fi
+
+# SETUP ENVIRONMENT VARIABLES
+YEAR=$(date +'%Y')
+EVIDENCE_DATE=$(date -d "last sunday +1 day" +'%d %B')
+
+echo "YEAR=$YEAR" >> "$GITHUB_ENV"
+echo "EVIDENCE_DATE=$EVIDENCE_DATE" >> "$GITHUB_ENV"

.github/scripts/prep.sh

@@ -0,0 +1,44 @@
+name:  AWS Evidence Collection
+on:
+  workflow_dispatch:
+jobs:
+  fetch_and_save_scans:
+    runs-on: ubuntu-latest
+    permissions:                
+     contents: write          
+     pull-requests: write      
+    env: 
+      CI_COMMIT_MESSAGE: AWS Evidence
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v3
+      with:
+        ref: ${{ github.head_ref }}
+
+    - name: Environment Variables
+      uses: .github/variables-federal.yml@main
+
+    - name: Environment Variables
+      uses: .github/variables-commercial.yml@main
+      
+    - name: Create Tenable evidence artifacts directory
+      run: mkdir -p evidence-artifacts/federal/
+
+    - name: Create Tenable evidence artifacts directory
+      run: mkdir -p evidence-artifacts/commercial/
+
+    - name: Run AWS Evidence Collection Scripts
+      working-directory: src/collection/aws
+      run: |
+          python |
+          python
+
+    - name: Commit & Push
+      uses: ./.github/workflows/actions/commit-and-push.yml
+
+    - uses: stefanzweifel/git-auto-commit-action@v5
+      with:
+        commit_message: ${{ env.CI_COMMIT_MESSAGE }}
+
+        
+        

.github/workflows/aws-evidence.yml

@@ -0,0 +1,45 @@
+name: Fetch Merged PRs and Save to JSON
+
+on:
+  workflow_dispatch: # Allows manual trigger
+  #schedule:
+  #  - cron: '0 0 * * *' # Runs daily at midnight (UTC)
+
+jobs:
+  fetch-merged-prs:
+    runs-on: ubuntu-latest
+
+    steps:
+      # Checkout the repository
+      - name: Checkout Repository
+        uses: actions/checkout@v3
+
+      # Authenticate with GitHub CLI
+      - name: Authenticate with GitHub CLI
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          echo "${{ secrets.GITHUB_TOKEN }}" | gh auth login --with-token
+
+      # Fetch merged PRs using gh CLI
+      - name: Fetch Merged Pull Requests
+        env:
+          REPO_OWNER: CirrusMD
+          REPO_NAME: cirrusmd-web-app
+        run: |
+          gh api repos/${{ env.REPO_OWNER }}/${{ env.REPO_NAME }}/pulls \
+            --method GET \
+            --jq '.[] | select(.state == "closed" and .merged_at != null and (.merged_at | fromdateiso8601) >= (now - 30*86400)) | {number, title, merged_at, user: .user.login, merged_by: .merged_by.login, url: .html_url, additions, deletions, commits, changed_files}' \
+            > merged_prs.json
+
+      # Commit and push the output JSON file
+      - name: Commit and Push JSON
+        env:
+          COMMITTER_NAME: GitHub Action
+          COMMITTER_EMAIL: [email protected]
+        run: |
+          git config --global user.name "${{ env.COMMITTER_NAME }}"
+          git config --global user.email "${{ env.COMMITTER_EMAIL }}"
+          git add merged_prs.json
+          git commit -m "Add merged PRs report for the last 30 days"
+          git push origin HEAD

.github/workflows/closed-pull-request.yml

@@ -0,0 +1,25 @@
+name: Fetch Completed Jira Tickets Monthly
+on:
+ workflow_dispatch:
+jobs:
+  fetch_completed_tickets:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Environment Variables
+        uses: .github/variables-commercial.yml@main
+        
+      - name: Run Jira ticket collection script
+#        env:
+#          JIRA_DOMAIN: ${{ secrets.JIRA_DOMAIN }} | JIRA_EMAIL: ${{ secrets.JIRA_EMAIL }} | API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
+        run: |
+          python src/collection/jira/completed-jira-tickets.py
+
+      - name: Upload ticket JSON files
+        uses: actions/upload-artifact@v3
+        with:
+          name: completed-tickets
+          path: completed_tickets/**/*.json    
+      - name: Commit & Push
+        uses: ./.github/workflows/actions/commit-and-push.yml

.github/workflows/evidence-jira-tickets.yml

@@ -0,0 +1,29 @@
+name: Running Okta Evidence
+on:
+  workflow_dispatch:
+jobs:
+  run-okta:
+    runs-on: ubuntu-latest
+    env:
+      OKTA_DOMAIN: ${{ secrets.OKTA_DOMAIN }}
+      API_TOKEN: ${{ secrets.OKTA_API_TOKEN }}
+      CI_COMMIT_MESSAGE: Okta Evidence      
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+    - name: Environment Variables
+      uses: .github/variables-commercial.yml@main
+      
+    - name: Run check-authentication-settings
+      run: python src/evidence-collection/okta/check_authentication_settings.py
+    - name: Run check-deactivated-users
+      run: python src/evidence-collection/okta/check_deactivated_users.py
+    - name: Run check-mfa-enrollments
+      run: python src/evidence-collection/okta/check_mfa_enrollments.py
+    - name: Run check-password-policies
+      run: python src/evidence-collection/okta/check_password_policies.py
+    - name: Run check-users-and-groups
+      run: python src/evidence-collection/okta/check_users_and_groups.py
+
+    - name: Commit & Push
+      uses: ./.github/workflows/actions/commit-and-push.yml

.github/workflows/evidence-okta.yml

@@ -0,0 +1,29 @@
+name: Run TriNet Employee Script
+on:
+  workflow_dispatch: # Allows manual triggering of the workflow
+jobs:
+  run-trinet-script:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    env:
+      CI_COMMIT_MESSAGE: 'New Personnel List'      
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+    - name: Environment Variables
+      uses: .github/variables-commercial.yml@main
+      continue-on-error: false        
+    - name: Run TriNet Script
+      run: |
+        python src/collection/personnel/current-employees.py 
+    
+    - name: Upload Evidence Artifacts
+      uses: actions/upload-artifact@v3
+      with:
+        name: employee-list-artifacts
+        path: evidence-artifacts/personnel/employee_list.json
+
+    - name: Commit & Push
+      uses: ./.github/workflows/actions/commit-and-push.yml