dependabot[bot]
5aec13d7e6
rebase: bump actions/checkout from 4.1.7 to 4.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...d632683dd7
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-01 09:37:48 +00:00
StepSecurity Bot
56d08e1b4d
ci: Harden GitHub Actions
...
Update GitHub actions to use full length commit ids for
third-party actions to reduce security risk in case of vulnerabilities.
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-09-19 11:00:39 +00:00
dependabot[bot]
b3ef8672a4
rebase: Bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-05 08:47:25 +00:00
Niels de Vos
f371aa2677
ci: use podman
for simple GitHub workflows
...
`podman` is installed by default on the Ubuntu runners. Podman is
recommended for developers and contributors, as there are no elevated
privileges required to run it. Docker requires extra permissions to
build and or run container images, and contributors to Ceph-CSI should
not need to spend time working with that (several developers run the
`docker` command with `sudo`, which is discouraged).
Only the multi-arch Workflows require Docker, for the time being.
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-08-07 16:34:44 +00:00
naveen
2672fad90a
ci: Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this way,
even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.
- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-05-05 20:21:15 +05:30
dependabot[bot]
b1a0f42b31
rebase: bump actions/checkout from 2 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 12:47:46 +00:00
Yati Padia
e077c1fdf5
cleanup: run codespell on containerized testing
...
This commit adds a new target codespell to the
make containerized-test.
Fixes : #2229
Signed-off-by: Yati Padia <ypadia@redhat.com>
2021-08-12 09:42:54 +05:30
Prasanna Kumar Kalever
ebe4e1f944
ci: ignore spell check for design proposal images
...
To avoid failures triggered by checking SVG image formats.
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
2021-07-28 11:54:59 +05:30
Madhu Rajanna
00d34fdb2d
ci: run github work flow only for pull request
...
currently github action are getting trigerred for
both pull and push request, this commits removes the
action for push events.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-12-02 20:09:56 +05:30
Madhu Rajanna
eee49a6e0a
ci: add codespell for spell check
...
adding a github action to check the spelling
mistakes in the code.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2020-11-29 12:47:46 +05:30