mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-11-18 04:10:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,289 Commits 24 Branches 38 Tags 141 MiB
d250be4c39
Commit Graph

4 Commits

Author SHA1 Message Date
StepSecurity Bot
56d08e1b4d ci: Harden GitHub Actions 
Update GitHub actions to use full length commit ids for
third-party actions to reduce security risk in case of vulnerabilities.

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
Co-authored-by: Nikhil-Ladha <nikhilladha1999@gmail.com>
 2024-09-19 11:00:39 +00:00
Niels de Vos
cde5048dd2 ci: pass the correct account token for Snyk jobs 
The secret in the project settings has a typo and is called `SYNK_TOKEN`
instead of `SNYK_TOKEN`. Changing the name of the secret does not seem
to be trivial; it needs to be deleted and re-created, which requires
obtaining a new token, somehow. Adopting the name with the typo in the
GitHub Workflow is easier.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
 2024-08-27 09:58:24 +00:00
dependabot[bot]
4c97bbb2e4 rebase: bump github/codeql-action from 2 to 3 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-19 08:29:02 +00:00
Madhu Rajanna
63f48874ad ci: add snyk for container image 
adding a github action to do security
scanning for the cephcsi container image

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
 2023-11-16 10:23:13 +00:00