dependabot[bot]
b94a55c0d3
rebase: bump actions/checkout from 4.2.0 to 4.2.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](d632683dd7...eef61447b9
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-08 05:47:27 +00:00
dependabot[bot]
5aec13d7e6
rebase: bump actions/checkout from 4.1.7 to 4.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...d632683dd7
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-01 09:37:48 +00:00
StepSecurity Bot
56d08e1b4d
ci: Harden GitHub Actions
...
Update GitHub actions to use full length commit ids for
third-party actions to reduce security risk in case of vulnerabilities.
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
2024-09-19 11:00:39 +00:00
dependabot[bot]
5677834d24
rebase: bump docker/login-action from 2 to 3
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-20 10:03:37 +00:00
dependabot[bot]
b3ef8672a4
rebase: Bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-05 08:47:25 +00:00
dependabot[bot]
6d23e750be
rebase: bump docker/login-action from 1 to 2
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1 to 2.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-10 05:02:33 +00:00
naveen
2672fad90a
ci: Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this way,
even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.
- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-05-05 20:21:15 +05:30
dependabot[bot]
b1a0f42b31
rebase: bump actions/checkout from 2 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 12:47:46 +00:00
Rakshith R
8488d6bec2
ci: fix helm chart push for release branches
...
Currently BRANCH_NAME for release branches is not set causing
the source in helm chart to be set as
sources:
- https://github.com/ceph/ceph-csi/tree//charts/ceph-csi-cephfs
Current change fixes it.
Signed-off-by: Rakshith R <rar@redhat.com>
2021-11-22 07:55:59 +00:00
Madhu Rajanna
9fde4f7f18
ci: disable push artifacts on fork repos
...
disabling push artifacts github action on the
fork repos as it doesnot makes sense to run push
actions on the fork repo.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-06-17 10:11:13 +02:00
Madhu Rajanna
924a5ab949
build: git config before commit
...
currently git commit of the helm charts to
csi-chart repo is failing with below error
```
Author identity unknown
*** Please tell me who you are.
Run
git config --global user.email "you@example.com"
git config --global user.name "Your Name"
to set your account's default identity.
Omit --global to set the identity only in this repository.
```
this commit add git config for bot user.
Note:- used ceph.io in github secrets for the bot user
email and its not a valid email id and am also
looking for suggestion if anyone as.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-06-10 16:03:40 +02:00
Madhu Rajanna
2eebf6b6e0
build: use cephcsi bot token to push helm charts
...
GITHUB_TOKEN is auto generated for cephcsi repo
and it cannot be used to push helm charts to
different repo. added new secret CEPH_CSI_BOT_TOKEN
to push helm charts.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-06-10 12:56:10 +05:30
Madhu Rajanna
36db988f73
ci: pushing artifacts using github actions
...
As Travis CI `https://travis-ci.org/ ` is getting
shutdown date on June 15th. Either we need to move
to new place https://www.travis-ci.com/ or we can
switch to github action to push image and the helm
charts when a PR is merged.
fixes : #1781
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-06-10 10:17:19 +05:30