laurentsimon
0ca1ace1f2
✨ Check: detect downloads of scripts/binaries in docker's RUN ( #584 )
...
* commit 1
* commit 2
* commit 3
* updates
* linter
* update year
* cleanup
* linter
* fix test files
* linter
* comments
2021-06-21 18:45:15 +00:00
Naveen
3e1890fe35
✨ Binary Artifact check ( #563 )
...
* Implemented binary artifact checks
2021-06-21 15:49:31 +00:00
Azeem Shaikh
09e86518e5
Add all Google-owned repositories to cron job ( #555 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-06-08 16:55:43 -07:00
dependabot[bot]
a6d7c038af
🌱 Bump github.com/onsi/ginkgo from 1.16.2 to 1.16.4 ( #537 )
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.16.2 to 1.16.4.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.2...v1.16.4 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-06-03 23:02:05 -04:00
dependabot[bot]
b839e0426f
🌱 Bump cloud.google.com/go/pubsub from 1.10.3 to 1.11.0
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.10.3 to 1.11.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.10.3...pubsub/v1.11.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-03 12:07:47 -04:00
Azeem Shaikh
3b86d57217
Use lease extension for PubSub worker ( #533 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-06-02 17:59:42 -07:00
dependabot[bot]
c056718628
🌱 Bump github.com/onsi/gomega from 1.12.0 to 1.13.0 ( #515 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.12.0 to 1.13.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.12.0...v1.13.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-28 12:00:16 -04:00
dependabot[bot]
b7e1f155fc
🌱 Bump cloud.google.com/go/bigquery from 1.8.0 to 1.18.0 ( #483 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.8.0 to 1.18.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.8.0...spanner/v1.18.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-26 15:58:21 -04:00
dependabot[bot]
44252d64c8
🌱 Bump go.uber.org/zap from 1.16.0 to 1.17.0 ( #509 )
...
Bumps [go.uber.org/zap](https://github.com/uber-go/zap ) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/uber-go/zap/releases )
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/zap/compare/v1.16.0...v1.17.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-26 15:11:44 -04:00
dependabot[bot]
7ec85f22ed
🌱 Bump contrib.go.opencensus.io/exporter/stackdriver
...
Bumps [contrib.go.opencensus.io/exporter/stackdriver](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver ) from 0.13.4 to 0.13.6.
- [Release notes](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/releases )
- [Commits](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/compare/v0.13.4...v0.13.6 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-26 14:55:28 -04:00
dependabot[bot]
0d469a4533
🌱 Bump gocloud.dev from 0.22.0 to 0.23.0 ( #464 )
...
Bumps [gocloud.dev](https://github.com/google/go-cloud ) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/google/go-cloud/releases )
- [Commits](https://github.com/google/go-cloud/compare/v0.22.0...v0.23.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-26 13:06:23 -04:00
Azeem Shaikh
0c636b0f5f
Fix bug in GitHub token access ( #490 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-22 11:24:53 -07:00
Azeem Shaikh
4584311fc6
Add monitoring to checks ( #480 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-20 23:47:49 -07:00
Azeem Shaikh
9453765aa0
Use TRUNCATE to load data into BigQuery ( #476 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-19 23:59:40 -07:00
laurentsimon
ee3f290702
✨ Add check for Docker dependency pinning by hash ( #469 )
...
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* make keyword matches case-insensitive
* remove log
* update unit tests
* check fix
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* remove log
* check fix
* comment
* linter
* commments
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check dependencies pinning in docker files
* check docker files hash pinning
* check fix
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* make keyword matches case-insensitive
* remove log
* check fix
* comment
* commments
* comments
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* make keyword matches case-insensitive
* check fix
* check dependencies pinning in docker files
* check docker files hash pinning
* check fix
* commments
* comments
* comments
* comments
* update mod
* remove continue keyword
* linter
* linter
* linter
* comments
* cleanup
* linter
* typos
* typos
2021-05-19 09:46:39 -07:00
Abhishek Arya
5f82d2b9c0
✨ Add checks for workflow action pinning ( #466 )
...
Patch by Laurent Simon <laurentsimon@google.com>
Co-authored-by: Laurent Simon <laurentsimon@google.com>
2021-05-17 13:03:39 -07:00
Naveen
9281d1ddd9
🌱 Move tool dependencies into go.mod ( #460 )
...
Moved the tool dependencies into go.mod
2021-05-17 15:20:28 -04:00
Azeem Shaikh
ba3b5c5979
Refactor Makefile and add proto compile support. ( #458 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-15 13:58:01 -07:00
Azeem Shaikh
6437c9324f
Setup PubSub framework code. ( #428 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-14 14:32:23 -07:00
dependabot[bot]
e326db557b
🌱 Bump github.com/onsi/gomega from 1.11.0 to 1.12.0 ( #407 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.11.0...v1.12.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-09 12:05:53 -04:00
Abhishek Arya
a2d51ead20
🐛 Freeze Makefile deps ( #404 )
...
* Freeze Makefile deps
* trigger ci
* Fix build failure.
2021-05-05 09:55:59 -07:00
dependabot[bot]
9e4ecf0a44
🌱 Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.2
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.16.1 to 1.16.2.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.1...v1.16.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-05 07:12:09 -05:00
naveen
09af32a993
✨ Generate docs using go instead of python
...
* Implemented the doc generation from python to go
* Removed the need for json
* Sorted the output of the generated markdown
2021-05-02 19:46:07 -05:00
Azeem Shaikh
d3a59eacff
Move Dockerfile.gsutil to inside cron/
2021-04-27 17:21:53 -05:00
Azeem Shaikh
86a46560c8
Rename CheckResults to Checks to match BQ schema.
2021-04-26 17:45:04 -05:00
Azeem Shaikh
bd3eff1fcf
✨ Cron job uses line-delimited JSON ( #344 )
...
* ✨ Refactor to reduce code duplication
* ✨
* Move lib/ back to checker/
* Move lib/ back to checker/
* Move lib/ back to checker/
* Address PR comments.
* Addressing PR comments.
* Separate out ReposURL nito repos/
* Add TODO in gitcache module.
* Add RepoRequest/Response types.
* Avoid printing `ShouldRetry` and `Error` in output JSON.
* Fix JSON output.
* Simplify cmd package.
* Make cron/ a package instead of module.
* Fix TODO.
* Remove binary file.
* go.mod file.
* go.mod updates.
* Refactor cron to use in-memory JSON.
* Fix JSON output.
* Fix go.mod
* Address PR comments.
* Change %w -> %v.
* Address PR comments.
* Fix err.
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-04-19 12:49:51 -07:00
Azeem Shaikh
a58818d258
🌱 : Reduce code duplication for follow-up cron refactoring ( #338 )
...
* ✨ Refactor to reduce code duplication
* ✨
* Move lib/ back to checker/
* Move lib/ back to checker/
* Move lib/ back to checker/
* Address PR comments.
* Addressing PR comments.
* Avoid printing `ShouldRetry` and `Error` in output JSON.
* Fix JSON output.
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-04-10 07:26:56 -05:00
dependabot[bot]
fc0eac922a
Bump github.com/onsi/ginkgo from 1.16.0 to 1.16.1
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.16.0 to 1.16.1.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.0...v1.16.1 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-08 09:27:08 -05:00
dependabot[bot]
e0cd796b7f
Bump github.com/onsi/ginkgo from 1.15.2 to 1.16.0
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.15.2 to 1.16.0.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.15.2...v1.16.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-05 12:12:04 -05:00
dependabot[bot]
8333f1e328
Bump github.com/onsi/ginkgo from 1.15.1 to 1.15.2
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.15.1 to 1.15.2.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.15.1...v1.15.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-17 15:18:13 -04:00
naveen
6e8018cf8f
chore - Upgrade ginkgo and goomega dependencies
...
Upgrade version for ginkgo and goomega dependencies.
2021-03-10 09:08:31 -05:00
Naveen
b4c2e4fd13
feat - migrate to go 1.16 ( #233 )
...
Upgrade to go version 1.16
2021-03-03 18:56:29 +00:00
Abhishek Arya
a44dd6a758
Add pypi and ruby gems package support. ( #226 )
...
Adds some more package managers to
https://github.com/ossf/scorecard/issues/33
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-03-01 11:21:20 -05:00
naveen
cab29a2747
Feat- Use cloud buckets for caching
...
Use cloud buckets for httpcache.
The implementation uses https://github.com/google/go-cloud for it to be
cloud vendor agnostic.
2021-02-24 11:17:50 -05:00
naveen
9510d3e0d7
Fix - default disk cache size
...
The default disk cache size is 100mb. Changed the default disk cache to
10gb.
2021-02-22 18:19:56 -05:00
Naveen
db81680172
Feat-Implement httpcache middleware for GitHub API ( #203 )
...
The GitHub API supports conditional requests
https://docs.github.com/en/rest/overview/resources-in-the-rest-api#conditional-requests
https://github.com/google/go-github supports Conditional requests
https://github.com/google/go-github#conditional-requests
As we are scaling more and more projects this would add a lot of value.
Initial run fetches information using `httpcache` as a middleware,
which caches the HTTP response initially in a large disk (PVC),
probably move to Redis later as a cache instead of disk.
Subsequent `cron runs` will utilize the `httpcache` for checking content modification and
load it from the cache if it isn't modified, which reduces the hitting the
Rate Limit of the GitHub API.
2021-02-22 17:18:28 +00:00
dependabot[bot]
2c23a47857
Bump github.com/spf13/cobra from 1.1.2 to 1.1.3
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.1.2...v1.1.3 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-11 11:15:34 -05:00
dependabot[bot]
7ef0cf9c55
Bump github.com/spf13/cobra from 1.1.1 to 1.1.2 ( #154 )
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.1.1...v1.1.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-09 22:58:55 -08:00
dependabot[bot]
038e3b65c1
Bump github.com/onsi/gomega from 1.10.4 to 1.10.5
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.10.4 to 1.10.5.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.10.4...v1.10.5 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 09:18:34 -05:00
dependabot[bot]
717701bd61
Bump github.com/onsi/ginkgo from 1.14.2 to 1.15.0
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.14.2 to 1.15.0.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.14.2...v1.15.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 09:13:35 -05:00
Abhishek Arya
b278475af0
Fix CodeQL failure.
2021-01-15 13:44:52 -05:00
Abhishek Arya
5b7ddc55ab
Add e2e test.
2021-01-15 13:44:52 -05:00
Naveen
f77da7783b
feat-e2e tests for signed tags and signed releases ( #115 )
...
Implemented e2e tests using ginkgo for validating signed tags and signed
releases.
ginkgo is utilized as a standard BDD testing framework in other
projects like kubebuilder.
2021-01-01 14:36:31 -06:00
naveen
fd3a2a87b9
fix - URL with trailing slash
...
Fixes the URL with trailing slash.
Changed the URL parsing to net package implementation.
Included tests for URL parsing.
2020-12-21 15:16:32 -05:00
dlorenc
24fa4cca5e
Add support for and hookup app based authentication for higher rate limiting. ( #69 )
...
This also configures it in our nightly cron cluster.
2020-11-13 11:06:46 -06:00
dlorenc
45286f140c
Add a script to output in csv that can be run daily. ( #56 )
2020-11-10 13:25:57 -06:00
Dan Lorenc
a8e06bdefb
Update deps.
2020-11-06 15:29:27 -06:00
dlorenc
fd188f5263
Use the GraphQL API to retrieve the list of tags in signed-tags. ( #45 )
2020-11-06 15:28:26 -06:00
Dan Lorenc
9f686dc707
Rename repo/modules.
2020-10-27 14:23:48 -05:00
dlorenc
49fba38c8b
Use Cobra CLI library, reorganize a bit. ( #22 )
2020-10-18 18:49:51 -05:00