mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-12-02 03:00:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,979 Commits 25 Branches 39 Tags 144 MiB
89d9ec0823
Commit Graph

5 Commits

Author SHA1 Message Date
naveen
2672fad90a ci: Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this way,
 even if the attackers will succeed in compromising your workflow,
 they won’t be able to do much.

- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
 2022-05-05 20:21:15 +05:30
dependabot[bot]
b1a0f42b31 rebase: bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-05 12:47:46 +00:00
Niels de Vos
28899a36c8 ci: do not run commitlint GitHub Action for dependabot 
The commit messages that Dependabot (@app/dependabot) creates are not
always accepted by the commitlint check. The configuration for
dependabot does not give a lot of options to customize the message, so
instead of adjusting the message to pass commitlint, just skip the check
(Mergify does not require commitlint status either).

See-also: #2460
Signed-off-by: Niels de Vos <ndevos@redhat.com>
 2021-09-01 15:02:18 +02:00
Niels de Vos
538e36f7a7 ci: pass GITHUB_BASE_REF when running commitlint 
GitHub Actions include a merge commit for the PR, which will defeat the
commitlint checking of all the commits inside the PR (only the merge
commit is checked).

Signed-off-by: Niels de Vos <ndevos@redhat.com>
 2021-06-07 18:19:23 +05:30
Madhu Rajanna
edf6abce99 ci: add github workflows for static checks 
adding a github workflow to run static checks
inside a container.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2020-12-07 12:57:29 +05:30