Commit Graph

549 Commits

Author SHA1 Message Date
Jacob Wallraff aa685e127e Merge branch 'main' into bump-frogbot 2024-07-31 16:58:12 -07:00
Jacob Wallraff e1c2a477dd Merge branch 'main' into bump-actions-upload-sarif 2024-07-30 10:41:29 -07:00
Jacob Wallraff 1e293eebe5 Merge branch 'main' into bump-actions-setup-node 2024-07-30 10:38:56 -07:00
Jacob Wallraff 7be9afd1d3 Merge branch 'main' into bump-actions-setup-java 2024-07-30 10:37:42 -07:00
Jacob Wallraff a256a78ce8 Merge branch 'main' into bump-actions-setup-dotnet 2024-07-30 10:35:14 -07:00
Jacob Wallraff fe6ffc79e3 Merge branch 'main' into bump-actions-setup-dotnet 2024-07-30 10:21:02 -07:00
Jacob Wallraff 47f69d786f Revert "Artifacts: Update all workflows to use Artifacts V4" 2024-07-30 10:17:07 -07:00
Josh Soref 570cd926cd Switch github upload sarif to tag
GitHub owed actions are allowed to use tags instead of SHAs

Co-authored-by: Jacob Wallraff <thyeggman@github.com>
2024-07-29 14:37:50 -04:00
Jacob Wallraff 04bebdd039 Merge branch 'main' into bump-actions-setup-node 2024-07-29 10:04:36 -07:00
Jacob Wallraff bb5f99bd4f Merge branch 'main' into bump-actions-setup-java 2024-07-29 10:03:02 -07:00
Jacob Wallraff 309e783fdd Merge branch 'main' into bump-actions-setup-dotnet 2024-07-29 10:02:03 -07:00
Jacob Wallraff 9be7944e1d Merge branch 'main' into bump-actions-load-artifact 2024-07-29 10:01:18 -07:00
Josh Soref 763a1a60f8 Upload-Sarif: Update all workflows to use Upload-Sarif V3 2024-07-25 09:43:06 -04:00
yahavi eb0381de25 Update to 2.21.2 2024-06-28 15:56:30 +03:00
Yahav Itschak a2d9dce826 Merge branch 'main' into bump-frogbot 2024-06-28 15:54:25 +03:00
alankuo-aws 647cac4f34 Update policy validator starter workflows (#2433)
* Update policy validator starter workflows

* Fix reference policy argument
2024-06-17 15:32:21 -05:00
Antoine Vinot 9f1db53454 Update sonarcloud.yml after latest release of the action (#2405)
Co-authored-by: Alexis Abril <alexisabril@github.com>
2024-06-03 13:58:42 -05:00
yahavi de925c96d9 Frogbot: Update to 2.21.0 2024-06-01 18:58:42 +03:00
Marco Gario 899b09ba54 Merge branch 'main' into patch-5 2024-05-13 11:29:02 +02:00
Dylan 6702f0d2e3 Fortify Starter Workflow to use new Fortify AST Action (#2245)
* Update Fortify logo

* Update fortify workflow

Update positioning, Github action versions, Java version and add in Debricked packaging support

* Update fortify.properties.json

Update languages and creator

* Update fortify.yml

Update triggers based on latest starter workflow guidelines

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/properties/fortify.properties.json

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update code-scanning/fortify.yml

Co-authored-by: James M. Greene <JamesMGreene@github.com>

* Update fortify.yml

* Update fortify.properties.json

* Update fortify.yml

Update starter workflow to use new unified Fortify AST Action

* Update fortify.yml

* Update fortify.yml

* Update fortify.yml

Refine workflow comments

* Update fortify.yml

Bump checkout action version

* Update fortify.yml

* Update fortify.yml

* Update fortify.yml

One final clean up

* Update fortify.properties.json

* Update fortify.yml

* Update fortify.yml

* Update fortify.properties.json

Update with support for Bicep and Solidity

* Update fortify.properties.json

Uppercase "Solidity" for consistency

* Change v1 to commit hash

---------

Co-authored-by: James M. Greene <JamesMGreene@github.com>
Co-authored-by: Ruud Senden <8635138+rsenden@users.noreply.github.com>
2024-05-06 13:57:14 +00:00
Chad Bentz b30fbdf5f2 Specify bash shell so that it doesn't fail if switching to 'windows` 2024-05-02 10:59:15 -04:00
Josh Soref 1830845916 Setup-Node: Update all workflows to use Setup-Node V4
* Switch default node version to 20
* Update version set to 18.x, 20.x, 22.x

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2024-04-25 17:42:55 -04:00
Josh Soref d51dfabea2 Artifacts: Update all workflows to use Artifacts V4
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2024-04-25 16:11:16 -04:00
Josh Soref 545832af8b Setup-Dotnet: Update all workflows to Setup-Dotnet V4 2024-04-25 14:27:37 -04:00
Josh Soref 37d6de723e Setup-Java: Update all workflows to use Setup-Java V4
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2024-04-25 14:15:25 -04:00
Dan Rigby 8ff5c7e7bb Merge branch 'main' into bump-actions 2024-04-25 12:51:52 -04:00
mponaws ac9c407320 Add starter-workflows for Policy Validator (#2375)
* Add starter-workflows for Policy Validator

* Add starter-workflows for Policy Validator

* Add starter-workflows for Policy Validator, removed references to GitHub secrets & S3 to keep it simple
2024-04-18 14:39:17 -05:00
Marco Gario a3194f5b47 Update CodeQL workflow to use packages:read permission.
Co-authored-by: Anders Starcke Henriksen <starcke@github.com>
2024-04-11 09:42:21 +02:00
Rex P ca5bcdc693 Add OSV-Scanner code scanning workflow (#2350)
* Add OSV-Scanner code scanning workflow

* Update code-scanning/osv-scanner.yml

Co-authored-by: Alexis Abril <alexisabril@github.com>

---------

Co-authored-by: Alexis Abril <alexisabril@github.com>
2024-04-09 22:21:33 -05:00
Josh Soref cd4b67d0b4 Checkout: Update all workflows to use Checkout V4 2024-04-05 15:29:37 -04:00
Issy Long 31a3e00dab codeql: Clarify that hosted larger runners only exist on GHEC
- Part of https://github.com/github/code-scanning/issues/13748.
2024-04-03 10:23:11 +01:00
SOOS-GSteen efd31e5f0f update soos dash action commit hash / sarif action version / logo (#2317)
* Update soos-dast-scan.yml

* Update soos-dast-scan.yml

* Update soos.svg

* Update code-scanning/soos-dast-scan.yml

Co-authored-by: Alexis Abril <alexisabril@github.com>

---------

Co-authored-by: Alexis Abril <alexisabril@github.com>
2024-04-01 15:11:05 -05:00
Spencer Schrock 4620c76b38 update Scorecard Action hashes and version comments (#2348)
* update action hashes and version comments

ossf/scorecard-action v2.1.2 is old and doesnt work after a Sigstore
change. https://blog.sigstore.dev/tuf-root-update/

Signed-off-by: Spencer Schrock <sschrock@google.com>

* downgrade actions/upload-artifact to node20 version of v3

dependabot will suggest upgrade to v4.3.1 for repos that can upgrade.
note: v3.pre.node20 is how dependabot refers to the pinned hash, so
use that so it can upgrade the comment

Signed-off-by: Spencer Schrock <sschrock@google.com>

* upgrade github/codeql-action/upload-sarif to v3.24.9

Signed-off-by: Spencer Schrock <sschrock@google.com>

---------

Signed-off-by: Spencer Schrock <sschrock@google.com>
Co-authored-by: Alexis Abril <alexisabril@github.com>
2024-03-27 13:25:03 -07:00
Andreas Deininger 831e9cb8e4 Bump workflow actions of various starter files (#2210) 2024-03-27 10:51:41 -07:00
Marco Gario fdbad9c74f Update codeql.yml
links to docs
2024-03-26 13:45:32 +01:00
Marco Gario 97c6254b5e Merge branch 'main' into update_codeql_template 2024-03-26 13:35:12 +01:00
Marco Gario aad9272438 Update codeql.yml
Limit matrix information in the job name to language by default
2024-03-26 13:18:17 +01:00
Chad Bentz 03277899f0 tfsec latest v0.1.4 (#2318) 2024-03-06 15:46:46 -06:00
Marco Gario 4a8c4e08b0 Update code-scanning/codeql.yml
Co-authored-by: Henry Mercer <henrymercer@github.com>
2024-02-19 15:57:02 +01:00
Marco Gario 8a973982d1 Update code-scanning/codeql.yml
Co-authored-by: Henry Mercer <henrymercer@github.com>
2024-02-19 15:54:06 +01:00
Marco Gario 05e4581159 Update codeql.yml with new build-mode 2024-02-15 09:01:39 +01:00
Jon Janego 8aab15dd49 Update code-scanning/dependency-review.yml
begone, whitespace

Co-authored-by: Chad Bentz <1760475+felickz@users.noreply.github.com>
2024-02-07 09:06:01 -06:00
Jon Janego ba9d3788e4 Changing default behavior to include comment summary in PR
also gave the workflow the appropriate permissions required, pull-requests: write
2024-02-06 12:55:25 -06:00
SOOS-GSteen 6e4aae97ef soos-dast-scan.yml update (#2240)
* Update soos-dast-scan.yml

* use major version syntax

* code review

* lint

* Update soos-dast-scan.yml
2024-02-06 10:44:04 -06:00
Jon Janego cea0111003 Update dependency-review.yml
removing extra whitespace
2024-01-29 14:38:17 -06:00
Chris Campbell e67682c31c Add perms for comment-summary-in-pr 2024-01-29 10:09:37 +00:00
Chris Campbell a6ab3d3f95 Update dependency-review.yml 2024-01-29 09:05:18 +00:00
Chris Campbell f9970771a8 Update dependency-review-action to v4 2024-01-29 08:47:36 +00:00
Chris Campbell 0d8fa6f490 Add $protected-branches to pull_request target 2024-01-26 09:03:10 +00:00
Chris Campbell 0239269003 Update to match standards in actions/starter-workflows/.../pull_request_template.md 2024-01-26 09:03:10 +00:00