StepSecurity Bot
56d08e1b4d
ci: Harden GitHub Actions
...
Update GitHub actions to use full length commit ids for
third-party actions to reduce security risk in case of vulnerabilities.
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-09-19 11:00:39 +00:00
dependabot[bot]
b3ef8672a4
rebase: Bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-05 08:47:25 +00:00
Niels de Vos
c84b4a15ba
ci: only run test-retest-action
if the PR modifies the action
...
There is no need to run the `test-retest-action` GitHub Workflow if
there are no changes under the `actions/retest` directory.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2023-02-21 10:58:52 +00:00
naveen
2672fad90a
ci: Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this way,
even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.
- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-05-05 20:21:15 +05:30
dependabot[bot]
b1a0f42b31
rebase: bump actions/checkout from 2 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 12:47:46 +00:00
Madhu Rajanna
0a5bd09a61
ci: fix branch name in retest action
...
updated the branch name from main to
devel in retest action workflow.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-11-17 05:50:43 +00:00
Madhu Rajanna
b62de1376d
ci: update github workflow to test docker build
...
updated github action to test a retest action
docker build workflow.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-11-17 05:50:43 +00:00
Madhu Rajanna
f9f465073f
ci: add github action to build retest
...
added basic github action for
retest building.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-11-16 12:03:36 +00:00