From 8da6f2ecd89a1729c984ab1c55521556b53d8257 Mon Sep 17 00:00:00 2001 From: Steve Winton Date: Tue, 9 Feb 2021 16:13:45 -0600 Subject: [PATCH] Add new issue template for Code Scanning partners --- .../ISSUE_TEMPLATE/code-scanning-partner.md | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/code-scanning-partner.md diff --git a/.github/ISSUE_TEMPLATE/code-scanning-partner.md b/.github/ISSUE_TEMPLATE/code-scanning-partner.md new file mode 100644 index 0000000..562a70b --- /dev/null +++ b/.github/ISSUE_TEMPLATE/code-scanning-partner.md @@ -0,0 +1,30 @@ +--- +name: Code Scanning onboarding +about: Captures all the information and tasks required to onboard a 3rd party project into Code Scanning +title: 'Code Scanning Partner: ' +labels: 'code scanning' +assignees: '' + +--- + +:wave: Thanks for your interest in integrating with Code Scanning! To ensure a swift onboarding of your integration, please provide the following `Requested information` and complete the `Action items` below: + +## Requested information +- [ ] Name of your integration: +- [ ] Name of your product / company: +- [ ] Description of your integration: +- [ ] Languages supported by your integration: +- [ ] [For integrations leveraging GitHub Actions] PR for your proposed workflow: +- [ ] URL to an SVG logo representing your integration / product / company: + +## Action items +- [ ] Apply to join the GitHub Technology Partner Program: [partner.github.com/apply](https://partner.github.com/apply?partnershipType=Technology+Partner) +- [ ] Develop your integration, by _either_ [following this guide for GitHub Actions](https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/uploading-a-sarif-file-to-github#uploading-a-code-scanning-analysis-with-github-actions), or [integrating directly with the REST API](https://docs.github.com/en/rest/reference/code-scanning#upload-a-sarif-file) +- [ ] [For integrations leveraging GitHub Actions] Submit a PR in this repo for your proposed starter workflow. The workflow should: + - [ ] Live in [the `code-scanning` directory](https://github.com/actions/starter-workflows/tree/main/code-scanning) + - [ ] Have a filename that is in accordance with your product / service / business name, in [_kebab-cased_ format](https://en.wikipedia.org/wiki/Kebab_case), with a `.yml` file extension + - [ ] Include comments describing the workflow’s behavior ([example](https://github.com/actions/starter-workflows/blob/c59b62dee0eae1f9f368b7011cf05c2fc42cf084/code-scanning/codeql.yml#L1-L11)) + - [ ] Trigger on push, pull_request, and schedule events ([example](https://github.com/actions/starter-workflows/blob/c59b62dee0eae1f9f368b7011cf05c2fc42cf084/code-scanning/codeql.yml#L14-L21)) + - [ ] Reference your GitHub Action using a 40-char commit SHA (e.g. `uses: github/codeql-action@a3a8231e64d3db0e7da0f3b56b9521dcccdfe412`) +- [ ] Update the `Requested information` above, ensuring all details are correct +- [ ] When ready, please ping `@actions/advanced-security-code-scanning` in a comment below, for a review :bow: