laurentsimon
0e50194de8
use hash
2022-01-04 18:26:32 +00:00
laurentsimon
794e910e12
add scorecards config
2022-01-04 18:26:32 +00:00
Ana Armas Romero
f9d17c0062
Merge pull request #1332 from DhavalPatelPersistent/main
...
Update checkmarx.yml attributes : "uses","project","teams","scanners","params".
2021-12-30 04:17:00 -08:00
DhavalPatelPersistent
97020d0adc
Update checkmarx.yml
...
Point to SHA instead for master
2021-12-30 16:39:28 +05:30
DhavalPatelPersistent
0b45ddae0d
Update / Add "uses","project","teams","scanners","params" attributes.
2021-12-24 15:55:11 +05:30
Nick Fyson
5104ac4274
Merge pull request #1324 from adangel/update-pmd
...
Update pmd to v1.1.0
2021-12-20 15:16:34 +00:00
Andreas Dangel
615c63babc
Update pmd to v1.1.0
...
Use pmd/pmd-github-action@6d98898be0 which is v1.1.0
Use temurin as java distribution
2021-12-20 11:50:23 +01:00
Anurag Chauhan
619bd129a7
Merge pull request #1314 from actions/partner_templates
...
Merge partner templates to main branch
2021-12-17 22:11:22 +05:30
Anurag Chauhan
7eb13f680a
Merge branch 'main' of https://github.com/actions/starter-workflows into partner_templates
2021-12-16 10:55:26 +00:00
Anurag Chauhan
73a17a51b5
deleting azure.yml
2021-12-16 10:55:17 +00:00
Matt Moore
00db25fc1e
Enable keyless signing for private repos. ( #1295 )
...
Now that cosign 1.4 is out, we can perform keyless signing without panicking on private images (and without `--force` uploading to Rekor).
Signed-off-by: Matt Moore <mattmoor@chainguard.dev >
2021-12-13 15:17:02 -05:00
Anurag Chauhan
5bd8eb4344
Merge branch 'main' of https://github.com/actions/starter-workflows into partner_templates
2021-12-09 11:32:59 +00:00
Anurag Chauhan
9c27271e2f
Merge pull request #1298 from actions/anuragc617/fix_az_order
...
Renaming azure template to fix the order
2021-12-08 12:48:11 +05:30
Anurag Chauhan
17c64f97fe
resolving comments
2021-12-08 05:01:06 +00:00
Anurag Chauhan
c059d06679
renaming azure template to fix the order
2021-12-07 14:16:20 +00:00
Ana Armas Romero
432e3e3e74
Merge pull request #1278 from actions/veracode_workflow
...
Add veracode workflow
2021-12-07 11:52:25 +01:00
Ana Armas Romero
75ecfa0bae
Merge branch 'main' into veracode_workflow
2021-12-07 11:50:58 +01:00
anaarmas
1c56988c5d
remove unnecessary uses of the upload-artifact action and improve input file name
2021-12-07 11:35:26 +01:00
Matt Moore
60d206d090
Have the starter docker-publish action sign digests. ( #1255 )
...
* Have the starter `docker-publish` action sign digests.
This change installs `sigstore/cosign` using the `cosign-installer` action,
and uses sigstore's "keyless" signing process to sign the resulting image
digest using the action's identity token (see: `id-token: write`).
Signed-off-by: Matt Moore <mattomata@gmail.com >
* Fully qualify the digest, add setup-buildx-action as workaround
* Drop --force, add public repo check
* Use built-in 'private' bit
2021-12-06 22:35:19 +05:30
Nick Fyson
d67515a20c
Merge pull request #1200 from abirismyname/adding-pmd-workflow
...
Adding pmd
2021-12-03 18:42:12 +00:00
Abir Majumdar
4e6641ed74
Updating pmd logo
2021-12-03 13:19:43 -05:00
Nick Fyson
f46fcd0e80
Merge branch 'main' into adding-pmd-workflow
2021-12-03 16:13:55 +00:00
Abir Majumdar
649bca8dab
Updating logo and adding sha to workflow
2021-12-03 10:33:18 -05:00
Daz DeBoer
f7b1f1515d
Use gradle-build-action in starter workflows ( #1237 )
...
The `gradle-build-action` provides enhanced execution and caching functionality for Gradle.
This change updates starter workflows to use `v2.0.0` of `gradle-build-action`.
Improvements over invoking Gradle directly include:
- Easier to run the workflow with a particular Gradle version
- More sophisticated and more efficient caching of Gradle User Home between invocations
- Detailed reporting of cache usage and cache configuration options
- Automatic capture of Build Scan links
Co-authored-by: Josh Gross <joshmgross@github.com >
2021-12-02 17:22:55 -05:00
Abir Majumdar
2863ef2206
Merge branch 'main' into adding-pmd-workflow
2021-12-02 08:46:08 -05:00
Marcel Wagner
9920cac8e9
Update text flow for cmake comment ( #1054 )
2021-12-02 09:21:29 +05:30
Jason Freeberg
a48ef3a643
Update azure-webapps-node.yml ( #1282 )
2021-12-01 20:52:36 -05:00
Abir Majumdar
435b265ae0
Removing dupe
2021-12-01 17:02:40 -05:00
Abir Majumdar
3fd42f21fc
Merge branch 'main' into adding-pmd-workflow
2021-12-01 16:05:16 -05:00
Abir Majumdar
d2bba6f2d9
Adding icon
2021-12-01 16:03:49 -05:00
Abir Majumdar
ce771c75d8
Referencing new official PMD github action
2021-12-01 15:50:22 -05:00
Myles Borins
4238ac653e
chore: split npm publish into 2 workflows ( #1281 )
...
Currently we suggest that folks dual publish to both npm + gpr.
There are a large number of edge cases related to doing this and IMHO it is
not the best practice. Let's make two separate workflows.
2021-12-01 14:38:35 -05:00
Nick Fyson
7ebee84fa6
Merge pull request #1262 from apisec-inc/master
...
Added starter workflow to help get started with APIsec-Scan code-scanning Action
2021-12-01 12:45:02 +00:00
Anurag Chauhan
a8de83bc48
Merge pull request #1268 from actions/update_azure_py_webapp_cache
...
Updating azure partner templates to use commitId for 3rd party actions and setup actions cache.
2021-12-01 15:19:00 +05:30
abdul-hai-apisec
e99eb117c5
Merge remote-tracking branch 'origin/master'
2021-12-01 13:44:28 +05:30
abdul-hai-apisec
3f39a5a76b
Removed the unwanted space in actions file.
...
Updated the logo to have only the shield portion.
2021-12-01 13:27:02 +05:30
anaarmas
b629998430
replace unnecessary actions with shell commands
2021-11-30 09:56:40 +01:00
abdul-hai-apisec
fa053f9bf1
Merge branch 'main' into master
2021-11-30 12:24:56 +05:30
anaarmas
1a37cd5345
add veracode workflow
2021-11-29 11:49:33 +01:00
Anurag Chauhan
3258466b26
Adding commit sha for 3rd party actions
2021-11-29 08:51:54 +00:00
Nick Fyson
a85155b04a
Merge pull request #1266 from actions/detekt_workflow
...
Add Detekt workflow template
2021-11-25 10:15:32 +00:00
Nick Fyson
e1db44513b
Merge branch 'main' into detekt_workflow
2021-11-25 10:07:09 +00:00
Anurag Chauhan
b4ee598043
use setup cache option instead of action
2021-11-25 10:03:14 +00:00
Anurag Chauhan
cb87b05b73
Merge pull request #1162 from JasonFreeberg/partner_templates
...
Add partner templates for Azure Web Apps
2021-11-25 12:03:45 +05:30
Jason Freeberg
1a67e08a9e
Update azure-webapps-container.yml
2021-11-24 15:58:25 -08:00
Jason Freeberg
278aa7a82e
Add dependency caching for .NET, Node, PHP, and Python workflows
2021-11-24 14:26:16 -08:00
Jason Freeberg
8fd6550c33
Revert overwrite from upstream pull
2021-11-24 14:20:00 -08:00
Jason Freeberg
b9fd04a8cf
Merge remote-tracking branch 'upstream/partner_templates' into partner_templates
2021-11-24 12:13:19 -08:00
Anurag Chauhan
2d4fbbba8f
Merge pull request #1259 from FrodoTheTrue/update-google-deployment-2
...
Update google deployment starter workflow (partner_templates)
2021-11-24 15:47:21 +05:30
Anurag Chauhan
12aae3647b
Merge branch 'partner_templates' into update-google-deployment-2
2021-11-24 13:38:23 +05:30