Nick Fyson
63e7f499e9
Merge pull request #1363 from laurentsimon/patch-1
...
Scorecards: update hash for v1.0.2
2022-01-24 18:44:06 +00:00
laurentsimon
41e7dd427d
Scorecards: update hash to v1.0.2
...
We fixed a small issue and need to update the hash
2022-01-24 08:27:33 -08:00
Andrew Wiltshire
ffa80e095e
fixed grammatical error in node.js.yml ( #1358 )
2022-01-20 09:00:56 +05:30
César Román
a96d2407b5
fix(ci): pylint.yml ( #1108 )
...
ref: #636 . `pylint` command does not work
I've had success running the modified command [here](https://github.com/thecesrom/incendium/blob/project/.github/workflows/pylint.yml ).
Co-authored-by: Josh Gross <joshmgross@github.com >
2022-01-19 18:41:20 -05:00
Jason Freeberg
ba97234b60
Fix indentation error ( #1356 )
2022-01-18 17:07:26 -05:00
Nick Fyson
f2778053bd
Merge pull request #1352 from laurentsimon/feat/scorecardicon
...
✨ Update scorecards icon
2022-01-18 11:06:49 +00:00
Nick Fyson
0a84296a2a
Merge branch 'main' into feat/scorecardicon
2022-01-18 11:05:08 +00:00
André Arko
5635bf05bc
Upgrade Rails workflow to true CI ( #1353 )
...
* Upgrade Rails workflow to true CI
The existing Rails CI example only runs linters, which is not continuous
integration. This change brings the Rails example workflow up to par
with the other web framework CI flows, like Django.
This example is optimized for Rails 7, which does not include NodeJS,
webpack, or yarn by default. No Rails application code changes are
required for this flow to run the tests, and both minitest and rspec are
supported via the `test` rake task.
* add Rails icon
* use env vars, hopefully
* use the full hash for ruby/setup-ruby
* remove PORT since services cannot use it
* stop repeating identical step envs
* resolve env var declaration error
* update setup-ruby to the SHA of v1.92
* use setup-ruby SHA for lint job too
Co-authored-by: Bishal Prasad <bishal-pdmsft@github.com >
2022-01-18 02:04:33 +05:30
Bishal Prasad
11778e9eb0
Add check for GITHUB_TOKEN permissions ( #1354 )
2022-01-17 13:17:29 +05:30
Beth G
f31e3a9c9d
Add Datadog Synthetics GitHub action to starter workflows ( #1342 )
2022-01-15 11:41:46 +05:30
laurentsimon
94100d1d4a
bump
2022-01-14 23:32:21 +00:00
laurentsimon
b224dd8449
update icon
2022-01-14 23:32:21 +00:00
Manuel
588f02dade
Switch java distribution from 'adopt' to 'temurin' ( #1065 )
...
adopt is rebranded into temurin
see https://blog.adoptopenjdk.net/2021/03/transition-to-eclipse-an-update/
2022-01-14 18:05:31 -05:00
Nick Fyson
e873c3ca45
Merge pull request #1345 from laurentsimon/feat/scorecard-release
...
Scorecards: Updates for release
2022-01-14 12:15:31 +00:00
laurentsimon
1b10c28ff4
rem tabs and update comment
2022-01-14 03:00:11 +00:00
laurentsimon
aa643dfa0c
bump hash
2022-01-13 22:29:39 +00:00
laurentsimon
b0f310cefc
update token name
2022-01-10 23:52:58 +00:00
laurentsimon
00e08539ca
prepare release
2022-01-10 23:19:46 +00:00
Nick Fyson
51e7c8e1e6
Merge pull request #1302 from laurentsimon/feat/scorecard
...
Add scorecards config
2022-01-04 19:16:50 +00:00
laurentsimon
d0dba5262b
use v0.0.1
2022-01-04 18:26:32 +00:00
laurentsimon
b73f59a3e8
add icon
2022-01-04 18:26:32 +00:00
laurentsimon
40772919fb
updates
2022-01-04 18:26:32 +00:00
laurentsimon
7c57e8a703
updates
2022-01-04 18:26:32 +00:00
laurentsimon
07be376c3a
updates
2022-01-04 18:26:32 +00:00
laurentsimon
48edda6aca
reduce text
2022-01-04 18:26:32 +00:00
laurentsimon
f38127b062
update text
2022-01-04 18:26:32 +00:00
laurentsimon
9e49744dc2
url
2022-01-04 18:26:32 +00:00
laurentsimon
a894da71d1
pin actions
2022-01-04 18:26:32 +00:00
laurentsimon
a00db4437c
comments
2022-01-04 18:26:32 +00:00
laurentsimon
0e50194de8
use hash
2022-01-04 18:26:32 +00:00
laurentsimon
794e910e12
add scorecards config
2022-01-04 18:26:32 +00:00
Ana Armas Romero
f9d17c0062
Merge pull request #1332 from DhavalPatelPersistent/main
...
Update checkmarx.yml attributes : "uses","project","teams","scanners","params".
2021-12-30 04:17:00 -08:00
DhavalPatelPersistent
97020d0adc
Update checkmarx.yml
...
Point to SHA instead for master
2021-12-30 16:39:28 +05:30
DhavalPatelPersistent
0b45ddae0d
Update / Add "uses","project","teams","scanners","params" attributes.
2021-12-24 15:55:11 +05:30
Nick Fyson
5104ac4274
Merge pull request #1324 from adangel/update-pmd
...
Update pmd to v1.1.0
2021-12-20 15:16:34 +00:00
Andreas Dangel
615c63babc
Update pmd to v1.1.0
...
Use pmd/pmd-github-action@6d98898be0 which is v1.1.0
Use temurin as java distribution
2021-12-20 11:50:23 +01:00
Anurag Chauhan
619bd129a7
Merge pull request #1314 from actions/partner_templates
...
Merge partner templates to main branch
2021-12-17 22:11:22 +05:30
Anurag Chauhan
7eb13f680a
Merge branch 'main' of https://github.com/actions/starter-workflows into partner_templates
2021-12-16 10:55:26 +00:00
Anurag Chauhan
73a17a51b5
deleting azure.yml
2021-12-16 10:55:17 +00:00
Matt Moore
00db25fc1e
Enable keyless signing for private repos. ( #1295 )
...
Now that cosign 1.4 is out, we can perform keyless signing without panicking on private images (and without `--force` uploading to Rekor).
Signed-off-by: Matt Moore <mattmoor@chainguard.dev >
2021-12-13 15:17:02 -05:00
Anurag Chauhan
5bd8eb4344
Merge branch 'main' of https://github.com/actions/starter-workflows into partner_templates
2021-12-09 11:32:59 +00:00
Anurag Chauhan
9c27271e2f
Merge pull request #1298 from actions/anuragc617/fix_az_order
...
Renaming azure template to fix the order
2021-12-08 12:48:11 +05:30
Anurag Chauhan
17c64f97fe
resolving comments
2021-12-08 05:01:06 +00:00
Anurag Chauhan
c059d06679
renaming azure template to fix the order
2021-12-07 14:16:20 +00:00
Ana Armas Romero
432e3e3e74
Merge pull request #1278 from actions/veracode_workflow
...
Add veracode workflow
2021-12-07 11:52:25 +01:00
Ana Armas Romero
75ecfa0bae
Merge branch 'main' into veracode_workflow
2021-12-07 11:50:58 +01:00
anaarmas
1c56988c5d
remove unnecessary uses of the upload-artifact action and improve input file name
2021-12-07 11:35:26 +01:00
Matt Moore
60d206d090
Have the starter docker-publish action sign digests. ( #1255 )
...
* Have the starter `docker-publish` action sign digests.
This change installs `sigstore/cosign` using the `cosign-installer` action,
and uses sigstore's "keyless" signing process to sign the resulting image
digest using the action's identity token (see: `id-token: write`).
Signed-off-by: Matt Moore <mattomata@gmail.com >
* Fully qualify the digest, add setup-buildx-action as workaround
* Drop --force, add public repo check
* Use built-in 'private' bit
2021-12-06 22:35:19 +05:30
Nick Fyson
d67515a20c
Merge pull request #1200 from abirismyname/adding-pmd-workflow
...
Adding pmd
2021-12-03 18:42:12 +00:00
Abir Majumdar
4e6641ed74
Updating pmd logo
2021-12-03 13:19:43 -05:00