adding ci workflows

Author: derisen

.github/ISSUE_TEMPLATE.md

@@ -14,11 +14,13 @@
     - [ ] 2-1) Acquire a Token and call Microsoft Graph
     - [ ] 3-1) Protect and call a web API on Azure AD
     - [ ] 3-2) Protect and call a web API on Azure AD B2C
-    - [ ]   4) Deploy to Azure Storage and App Service
+    - [ ] 4-1) Deploy to Azure Storage and App Service
+    - [ ] 4-2) Deploy to Azure Static App Service
     - [ ] 5-1) Call a web API using App Roles
     - [ ] 5-2) Call a web API using Security Groups
     - [ ] 6-1) Call Microsoft Graph using on-behalf-of flow
     - [ ] 6-2) Call a web API using Proof of Possession tokens
+    - [ ] 6-3) Call a web API using Conditional Access Auth Context
 ```
 
 ## This issue is for a

.github/workflows/codeql.yml

@@ -0,0 +1,39 @@
+name: "Code Scan"
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  CodeQL-Build:
+    strategy:
+      fail-fast: false
+
+    # CodeQL runs on ubuntu-latest, windows-latest, and macos-latest
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        with:
+          languages: javascript
+
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below).
+      #- name: Autobuild
+      #  uses: github/codeql-action/autobuild@v1
+
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 https://git.io/JvXDl
+
+      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+      #    and modify them (or add more) to build your code if your project
+      #    uses a compiled language
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1

.github/workflows/node.js.yml

@@ -0,0 +1,146 @@
+# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node
+# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
+
+name: "Build"
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [12.x]
+        # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v2
+      with:
+        node-version: ${{ matrix.node-version }}
+
+    - run: |
+        cd 1-Authentication/1-sign-in/SPA
+        npm ci
+        npm audit --production
+        npm run test --no-watch
+
+    - run: |
+        cd 1-Authentication/2-sign-in-b2c/SPA
+        npm ci
+        npm audit --production
+        npm run test --no-watch
+
+    - run: |
+        cd 2-Authorization-I/1-call-graph/SPA
+        npm ci
+        npm audit --production
+        npm run test --no-watch
+
+    - run: |
+        cd 3-Authorization-II/1-call-api/API
+        npm ci
+        npm audit --production
+        npm run test
+
+    - run: |
+        cd 3-Authorization-II/1-call-api/SPA
+        npm ci
+        npm audit --production
+        npm run test --no-watch
+
+    - run: |
+        cd 3-Authorization-II/2-call-api-b2c/API
+        npm ci
+        npm audit --production
+        npm run test
+
+    - run: |
+        cd 3-Authorization-II/2-call-api-b2c/SPA
+        npm ci
+        npm audit --production
+        npm run test --no-watch
+
+    - run: |
+        cd 4-Deployment/1-deploy-storage/SPA
+        npm ci
+        npm audit --production
+        npm run test --no-watch
+
+    - run: |
+        cd 4-Deployment/1-deploy-storage/API
+        npm ci
+        npm audit --production
+        npm run test
+
+    - run: |
+        cd 5-AccessControl/1-call-api-roles/SPA
+        npm ci
+        npm audit --production
+        npm run test --no-watch
+
+    - run: |
+        cd 5-AccessControl/1-call-api-roles/API
+        npm ci
+        npm audit --production
+        npm run test
+
+    - run: |
+        cd 5-AccessControl/2-call-api-groups/SPA
+        npm ci
+        npm audit --production
+        npm run test --no-watch
+
+    - run: |
+        cd 5-AccessControl/2-call-api-groups/API
+        npm ci
+        npm audit --production
+        npm run test
+
+    - run: |
+        cd 6-AdvancedScenarios/1-call-api-obo/DownstreamAPI
+        npm ci
+        npm audit --production
+        npm run test
+
+    - run: |
+        cd 6-AdvancedScenarios/1-call-api-obo/MiddletierAPI
+        npm ci
+        npm audit --production
+        npm run test
+      
+    - run: |
+        cd 6-AdvancedScenarios/1-call-api-obo/SPA
+        npm ci
+        npm audit --production
+        npm run test --no-watch
+
+    - run: |
+        cd 6-AdvancedScenarios/2-call-api-pop/SPA
+        npm ci
+        npm audit --production
+        npm run test --no-watch
+
+    - run: |
+        cd 6-AdvancedScenarios/2-call-api-pop/API
+        npm ci
+        npm audit --production
+        npm run test
+
+    - run: |
+        cd 6-AdvancedScenarios/3-call-api-acrs/SPA
+        npm ci
+        npm audit --production
+        npm run test --no-watch
+
+    - run: |
+        cd 6-AdvancedScenarios/3-call-api-acrs/API
+        npm ci
+        npm audit --production
+        npm run test

.gitignore

@@ -104,7 +104,4 @@ VS & VS Code cache
 .vscode/
 
 # React build folder
-build/
-
-# NPM manifest
-package-lock.json
+build/