mirror of
https://github.com/ossf/scorecard.git
synced 2024-09-17 11:57:12 +03:00
Docs - Updated the docs for cron
Included a section within the CONTRIBUTING.md about the dailyscore and cron job.
This commit is contained in:
parent
4b4d0f0a01
commit
27ec7fff8d
@ -5,6 +5,24 @@ This document describes the contribution guidelines for the project.
|
||||
|
||||
**Note:** Before you start contributing, you must read and abide by our **[Code of Conduct](./CODE_OF_CONDUCT.md)**.
|
||||
|
||||
|
||||
<!-- vim-markdown-toc GFM -->
|
||||
|
||||
* [Contributing code](#contributing-code)
|
||||
* [Getting started](#getting-started)
|
||||
* [Environment Setup](#environment-setup)
|
||||
* [Contributing steps](#contributing-steps)
|
||||
* [How to build scorecard locally](#how-to-build-scorecard-locally)
|
||||
* [What to do before submitting a pull request](#what-to-do-before-submitting-a-pull-request)
|
||||
* [Permission for GitHub personal access tokens](#permission-for-github-personal-access-tokens)
|
||||
* [Where the CI Tests are configured](#where-the-ci-tests-are-configured)
|
||||
* [dailyscore-cronjob](#dailyscore-cronjob)
|
||||
* [Deploying the cron job](#deploying-the-cron-job)
|
||||
* [How do I add additional GitHub repositories to be scanned by scorecard dailyscore?](#how-do-i-add-additional-github-repositories-to-be-scanned-by-scorecard-dailyscore)
|
||||
* [Adding New Checks](#adding-new-checks)
|
||||
|
||||
<!-- vim-markdown-toc -->
|
||||
|
||||
## Contributing code
|
||||
|
||||
### Getting started
|
||||
@ -64,6 +82,27 @@ The personal access token need the following scopes:
|
||||
|
||||
1. See the [action files](.github/workflows) to check its tests, and the scripts used on it.
|
||||
|
||||
## dailyscore-cronjob
|
||||
|
||||
scorecard scans https://github.com/ossf/scorecard/blob/main/cron/projects.txt repositories in GCP k8s and publishes the results in GCS bucket `ossf-scorecards`.
|
||||
|
||||
The `cron` definition ./scorecard/cron/cron.sh and the `k8s` for the `cron` is in ./scorecard/k8s/cron.yaml
|
||||
|
||||
The logs for the cron are available at https://console.cloud.google.com/kubernetes/cronjob/us-central1-c/openssf/default/daily-score/logs?project=openssf
|
||||
|
||||
### Deploying the cron job
|
||||
|
||||
The cronjob can be deployed into k8s by running the ./scorecard/k8s/cron.yaml
|
||||
|
||||
Any updates to the ./scorecard/cron/cron.sh will be deployed by the docker container ./scorecard/Dockerfile.gsutil
|
||||
|
||||
|
||||
## How do I add additional GitHub repositories to be scanned by scorecard dailyscore?
|
||||
|
||||
Scorecard maintains the list of repositories in a file https://github.com/ossf/scorecard/blob/main/cron/projects.txt
|
||||
|
||||
Submit a PR for this file and scorecard would start scanning in subsequent runs.
|
||||
|
||||
## Adding New Checks
|
||||
|
||||
Each check is currently just a function of type `CheckFn`.
|
||||
|
@ -55,8 +55,7 @@ gs://ossf-scorecards/11-11-2020.json
|
||||
...
|
||||
```
|
||||
|
||||
The latest results are also always available at
|
||||
`https://storage.googleapis.com/ossf-scorecards/latest.json`.
|
||||
The latest results are also always available at https://storage.googleapis.com/ossf-scorecards/latest.json
|
||||
|
||||
The list of projects that are checked each night is available in the
|
||||
[`cron/projects.txt`](https://github.com/ossf/scorecard/blob/main/cron/projects.txt)
|
||||
|
Loading…
Reference in New Issue
Block a user