Marco Ferrari
9d7268fb99
feat: add support for checkov to lint iac files ( #4925 )
...
- Add support to run Checkov against infrastructure as code descriptors
that are in a given (configurable) directory. Defaults to lint the
whole workspace.
- Establish a baseline for our own codebase so we don't have to fix
issues right away with this change.
2023-12-22 13:22:15 +01:00
dependabot[bot]
fc0bde088f
Bump actions/stale from 8 to 9 ( #4980 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v8...v9 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zack Koppert <zkoppert@github.com>
2023-12-11 18:39:51 +00:00
dependabot[bot]
cebb6675c7
Bump actions/github-script from 6 to 7 ( #4879 )
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zack Koppert <zkoppert@github.com>
2023-11-22 17:16:57 +00:00
dependabot[bot]
1b430e0513
Bump actions/stale from 7 to 8
...
Bumps [actions/stale](https://github.com/actions/stale ) from 7 to 8.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v7...v8 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-10 15:20:13 -04:00
dependabot[bot]
ec6bde51de
Bump actions/stale from 6 to 7
...
Bumps [actions/stale](https://github.com/actions/stale ) from 6 to 7.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-03 17:43:50 -05:00
dependabot[bot]
1cd4955a84
Bump actions/stale from 5 to 6 ( #3349 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 5 to 6.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-26 20:01:01 +02:00
nathannaveen
4471e9f322
Set permissions for GitHub actions ( #2752 )
...
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
2022-04-11 14:52:49 -05:00
dependabot[bot]
e1fbcef13d
Bump actions/stale from 4 to 5 ( #2760 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 4 to 5.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-11 12:56:39 -05:00
dependabot[bot]
720ba1244f
Bump actions/github-script from 5 to 6 ( #2465 )
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 5 to 6.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-14 15:20:29 -06:00
Marco Ferrari
f214851fec
Remove unused stale bot configuration and point to the right label ( #2201 )
...
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2021-12-08 08:20:10 -06:00
Masaya Suzuki
60ccdfca87
Add CI timeout ( #2127 )
2021-11-15 10:25:36 -06:00
Barry Pollard
a020e37e75
Fix github scripts to v5 ( #2032 )
2021-10-04 13:17:02 -05:00
dependabot[bot]
5d5dba0d99
Bump actions/github-script from 4.1 to 5 ( #1996 )
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 4.1 to 5.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v4.1...v5 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-27 09:31:48 -05:00
Barry Pollard
5fc05f9bb1
Correct Mark Not Stale job take 2 ( #1966 )
2021-09-17 09:53:15 -05:00
Barry Pollard
1930e2f9a9
Correct expressions in GitHub Actions workflows ( #1952 )
...
* Correct expressions in stale workflow
* Fix other workflows
* Fix typos
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2021-09-14 08:32:24 -05:00
dependabot[bot]
ae84560dfd
Bump actions/github-script from 4.0.2 to 4.1 ( #1875 )
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 4.0.2 to 4.1.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v4.0.2...v4.1 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-24 11:17:51 -05:00
dependabot[bot]
fa3fc56113
Bump actions/stale from 3.0.19 to 4 ( #1779 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 3.0.19 to 4.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v3.0.19...v4 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-19 09:30:14 -05:00
Lukas Gravley
ab24b82199
Adding actionlint ( #1775 )
...
* Adding action lint
* adding tests
* adding tests
* Update Dockerfile
Co-authored-by: Masaya Suzuki <15100604+massongit@users.noreply.github.com>
* cleanup name
* fix test
* typo
* fix file name
* fix our own errors
* more cleanup
* angry
* make it happy
* stop double jobs
Co-authored-by: Masaya Suzuki <15100604+massongit@users.noreply.github.com>
2021-07-19 09:28:49 -05:00
dependabot[bot]
cb03b59555
Bump actions/stale from 3.0.18 to 3.0.19 ( #1570 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 3.0.18 to 3.0.19.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](https://github.com/actions/stale/compare/v3.0.18...v3.0.19 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-25 15:38:42 -05:00
dependabot[bot]
8ca2e86c18
Update actions/github-script requirement to v4.0.2 ( #1472 )
...
Updates the requirements on [actions/github-script](https://github.com/actions/github-script ) to permit the latest version.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](a3e7071a34
)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-30 15:13:45 -05:00
dependabot[bot]
d6df54fff9
Bump actions/stale from v3.0.17 to v3.0.18 ( #1321 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from v3.0.17 to v3.0.18.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](https://github.com/actions/stale/compare/v3.0.17...3b3c3f03cd4d8e2b61e179ef744a0d20efbe90b4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-08 14:47:12 -06:00
dependabot[bot]
8354b3f49b
Bump actions/stale from v3.0.16 to v3.0.17 ( #1234 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from v3.0.16 to v3.0.17.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](https://github.com/actions/stale/compare/v3.0.16...996798eb71ef485dc4c7b4d3285842d714040c4a )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-18 23:52:29 -08:00
dependabot[bot]
2e8c31622a
Bump actions/stale from v3.0.15 to v3.0.16 ( #1189 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from v3.0.15 to v3.0.16.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](https://github.com/actions/stale/compare/v3.0.15...9d6f46564a515a9ea11e7762ab3957ee58ca50da )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2021-02-17 12:17:42 -06:00
dependabot[bot]
b50d9ee298
Bump actions/stale from v3.0.14 to v3.0.15 ( #1159 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from v3.0.14 to v3.0.15.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](https://github.com/actions/stale/compare/v3.0.14...86561461b92875de77a8b2d2e75f004c826e8f45 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2021-01-25 09:29:09 -06:00
dependabot[bot]
0246dc5215
Bump actions/stale from v3.0.13 to v3.0.14 ( #1025 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from v3.0.13 to v3.0.14.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](https://github.com/actions/stale/compare/v3.0.13...87c2b794b9b47a9bec68ae03c01aeb572ffebdb1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
2020-11-23 09:06:53 -06:00
dependabot[bot]
8c4f89ee26
Bump actions/stale from v3.0.12 to v3.0.13
...
Bumps [actions/stale](https://github.com/actions/stale ) from v3.0.12 to v3.0.13.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](https://github.com/actions/stale/compare/v3.0.12...af4072615903a8b031f986d25b1ae3bf45ec44d4 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-11-03 05:45:43 +00:00
dependabot[bot]
76eac0a124
Bump actions/stale from v3.0.11 to v3.0.12
...
Bumps [actions/stale](https://github.com/actions/stale ) from v3.0.11 to v3.0.12.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](https://github.com/actions/stale/compare/v3.0.11...44f9eae0adddf72dbf3eedfacc999f70afcec1a8 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-10-12 06:18:42 +00:00
dependabot[bot]
420a7c4b09
Bump actions/stale from v3.0.10 to v3.0.11
...
Bumps [actions/stale](https://github.com/actions/stale ) from v3.0.10 to v3.0.11.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](https://github.com/actions/stale/compare/v3.0.10...1849651e2aa1b1d6d2cba4c90c719f4b6c929a28 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-09-14 05:43:25 +00:00
dependabot[bot]
7017c233c9
Bump actions/github-script from v2 to v3
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from v2 to v3.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v2...626af12fe9a53dc2972b48385e7fe7dec79145c9 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-08-24 05:47:32 +00:00
dependabot[bot]
02cec94759
Bump actions/stale from v3.0.9 to v3.0.10
...
Bumps [actions/stale](https://github.com/actions/stale ) from v3.0.9 to v3.0.10.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](https://github.com/actions/stale/compare/v3.0.9...e976731ae824d9e0165ade8f9e2e8f1743b2fc09 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-08-12 05:30:00 +00:00
dependabot[bot]
a8802c1fa6
Bump actions/stale from v3.0.8 to v3.0.9
...
Bumps [actions/stale](https://github.com/actions/stale ) from v3.0.8 to v3.0.9.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](https://github.com/actions/stale/compare/v3.0.8...1e5e734da7bd7ea04daf52d9f1c6540e83867b73 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-07-27 05:43:15 +00:00
Zack Koppert
21979ad0fb
Correct exempt label syntax
...
This should correct [these](https://github.com/github/super-linter/runs/867395200?check_suite_focus=true#step:2:1 ) warnings
2020-07-14 16:43:06 -07:00
dependabot[bot]
3df1fdb06d
Bump actions/stale from v3.0.7 to v3.0.8
...
Bumps [actions/stale](https://github.com/actions/stale ) from v3.0.7 to v3.0.8.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](https://github.com/actions/stale/compare/v3.0.7...32507178a3f24205bb0f785ecfafa063bd591660 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-07-14 06:13:40 +00:00
dependabot[bot]
223f280be6
Bump actions/github-script from v2.3.1 to v2
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from v2.3.1 to v2.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v2.3.1...6e5ee1dc1cb3740e5e5e76ad668e3f526edbfe45 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-07-06 13:12:46 +00:00
Eric Nemchik
56609617a9
Use full version numbers for GHA
...
Dependabot will update these automatically
2020-07-02 20:16:27 -05:00
Lucas Gravley
b3d7992c5a
making pretty
2020-07-02 12:46:30 -05:00
Thomas Hughes
6ac941f981
Create stale.yml
2020-07-02 12:30:44 -05:00