dependabot[bot]
428a4d659c
🌱 Bump actions/stale from 3.0.19 to 4 ( #695 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 3.0.19 to 4.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](98ed4cb500...cdf15f641a
)
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-07-16 17:30:01 +00:00
naveen
a55d542e0d
🌱 Remove gitcache docker
...
Remove the gitcache docker image
2021-07-14 12:31:15 -05:00
naveen
219404e0b7
🌱 Removing gitcache
...
Removing gitcache
2021-07-13 01:03:21 -05:00
dependabot[bot]
18c3178a84
🌱 Bump codecov/codecov-action from 1.5.0 to 1.5.2 ( #558 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 1.5.0 to 1.5.2.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](a1ed4b322b...29386c70ef
)
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-06-28 22:19:47 -07:00
naveen
6aefe1b6ac
🌱 Fix broken e2e tests
...
* Changed the path for the frozen deps to look for within the
.github/worworkflows path
* Included license check to tools.go
* Removed the hard reference to ginkgo within the integration.yml
* The above fixes will fix the broken tests for scorecard.
Repo: github.com/ossf/scorecard
Frozen-Deps: Fail 10
go modules found: go.mod
!! frozen-deps/fetch-execute - .github/workflows/integration.yml is fetching an non-pinned dependency 'go get github.com/onsi/ginkgo/ginkgo@v1.14.2'
!! frozen-deps/fetch-execute - .github/workflows/main.yml is fetching an non-pinned dependency 'go install github.com/google/addlicense@latest'
2021-06-28 15:28:10 -05:00
Naveen
d998d56112
🌱 Fixes GitHub workflow failures ( #593 )
...
The validate and the e2e are failing because of the bug in golang
https://github.com/golang/go/issues/44129
This fix is a temporary workaround.
2021-06-20 15:48:21 -04:00
naveen
e7ea1a2b88
🌱 Fixes the broken PR Verifier
...
Reverted to the original permission.
2021-06-10 12:31:21 -04:00
naveen
28b1db9267
🌱 Fixes write permissions for ok-to-test
...
Allowed write permissions to action for commenting on the status of the
PR.
2021-06-07 12:49:11 -04:00
dependabot[bot]
b04df4e256
🌱 Bump goreleaser/goreleaser-action from 2.6.0 to 2.6.1
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](70eb4e573c...ac067437f5
)
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-31 09:14:30 -04:00
dependabot[bot]
df44a898cf
🌱 Bump goreleaser/goreleaser-action from 2.5.0 to 2.6.0
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](5e15885530...70eb4e573c
)
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-27 15:55:27 -04:00
dependabot[bot]
947a075c7c
🌱 Bump github/codeql-action ( #482 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from cb5810848de15b695cd9ef3b559dd178c43c7df3 to 1.0.0. This release includes the previously tagged commit.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](cb5810848d...bc2cbe3983
)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-26 16:10:12 +00:00
dependabot[bot]
90e1aeb7ec
🌱 Bump actions/stale from 3.0.18 to 3.0.19 ( #470 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 3.0.18 to 3.0.19.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](3b3c3f03cd...98ed4cb500
)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-18 10:47:18 -04:00
laurentsimon
6367cc44f6
pin scorecard workflow depepdencies by hash ( #456 )
2021-05-14 16:59:05 -07:00
dependabot[bot]
53262f0368
🌱 Bump codecov/codecov-action from 1 to 1.5.0
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 1 to 1.5.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v1...v1.5.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-12 10:38:27 -05:00
dependabot[bot]
33c1e903a4
🌱 Bump actions/checkout from 2 to 2.3.4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 2.3.4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v2.3.4 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-12 10:26:18 -05:00
dependabot[bot]
dd6c652db6
🌱 Bump actions/stale from 3 to 3.0.18
...
Bumps [actions/stale](https://github.com/actions/stale ) from 3 to 3.0.18.
- [Release notes](https://github.com/actions/stale/releases )
- [Commits](https://github.com/actions/stale/compare/v3...v3.0.18 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-12 09:34:55 -05:00
dependabot[bot]
775a36a393
🌱 Bump peter-evans/create-or-update-comment from 1 to 1.4.5
...
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment ) from 1 to 1.4.5.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases )
- [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v1...v1.4.5 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-12 09:30:11 -05:00
dependabot[bot]
35b62a9905
🌱 Bump peter-evans/find-comment from 1 to 1.2.0 ( #439 )
...
Bumps [peter-evans/find-comment](https://github.com/peter-evans/find-comment ) from 1 to 1.2.0.
- [Release notes](https://github.com/peter-evans/find-comment/releases )
- [Commits](https://github.com/peter-evans/find-comment/compare/v1...v1.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-12 13:29:05 +00:00
dependabot[bot]
9478fe3147
🌱 Bump goreleaser/goreleaser-action from 2 to 2.5.0 ( #441 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 2 to 2.5.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Changelog](https://github.com/goreleaser/goreleaser-action/blob/master/CHANGELOG.md )
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v2...v2.5.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-12 09:24:03 -04:00
Naveen
14dfc45fae
🌱 Move the docker containers to gcr.io ( #419 )
...
* Included a build on push to master on gcr.io
* Updated the README with the gcr.io
* Removed the docker.yaml build push
2021-05-11 14:11:06 +00:00
dependabot[bot]
c1ef0900f2
🌱 Bump google-github-actions/setup-gcloud from 94337306dda8180d967a56932ceb4ddcf01edae7 to 0.2.1 ( #425 )
...
* 🌱 Bump google-github-actions/setup-gcloud
Bumps [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud ) from 94337306dda8180d967a56932ceb4ddcf01edae7 to 0.2.1. This release includes the previously tagged commit.
- [Release notes](https://github.com/google-github-actions/setup-gcloud/releases )
- [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/master/CHANGELOG.md )
- [Commits](94337306dd...daadedc81d
)
Signed-off-by: dependabot[bot] <support@github.com>
* Update integration.yml
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Abhishek Arya <inferno@chromium.org>
2021-05-10 08:20:31 -07:00
naveen
a4768922a9
🌱 Removed the trivy scan
...
* Removed container using trivy as it is in gcr.io
2021-05-08 17:47:49 -05:00
laurentsimon
82d6c171bc
🐛 Pin workflow dependencies ( #417 )
...
* pin workflow dependencies
* comments
Co-authored-by: Abhishek Arya <inferno@chromium.org>
2021-05-07 18:35:57 -07:00
naveen
a64426e369
🌱 Remove synk
...
Removing synk as per our discussion.
2021-04-29 12:32:21 -05:00
naveen
da2e7029c7
🌱 Update golangci version to 1.39
...
* Upgrade the golangci version to 1.39
* Changed the checkout depth
https://github.com/golangci/golangci-lint/issues/1088#issuecomment-801540792
2021-04-29 08:24:41 -05:00
naveen
872e9139d8
🐛 docker build for gitcache
...
* Fixed docker build for git cache
2021-04-26 10:01:50 -05:00
dependabot[bot]
bdf86e00c8
🌱 Bump actions/github-script from v3 to v4.0.2
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from v3 to v4.0.2.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v3...a3e7071a34d7e1f219a8a4de9a5e0a34d1ee1293 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-26 08:30:49 -05:00
naveen
3d24435ba8
🌱 Fixing the docker build issue
2021-04-23 15:17:42 -04:00
Naveen
760e01fbb8
Revert " 🌱 Bump actions/github-script from v3 to v4.0.1"
...
This reverts commit 3ad35e3661
.
2021-04-23 11:53:17 -04:00
dependabot[bot]
3ad35e3661
🌱 Bump actions/github-script from v3 to v4.0.1
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from v3 to v4.0.1.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v3...85e88a66eaa831097093a3d278536947f2984d20 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-22 08:37:01 -04:00
nathannaveen
f5185e4bd6
🌱 included copyright headers.
2021-04-01 21:36:10 -05:00
naveen
8427362772
🌱 verifier to generate release notes
...
The verifier helps release notes generation.
https://github.com/kubernetes-sigs/kubebuilder-release-tools
https://github.com/kubernetes-sigs/kubebuilder-release-tools/blob/master/verify/main.go
2021-03-18 12:19:06 -04:00
naveen
88de2df279
Feat-Use synk to check cron-job security settings
...
Use synk to check for cron-job yaml for secuity misconfiguration.
2021-03-12 21:03:29 -05:00
naveen
3489c83404
Feat - Include synk check for k8s yaml
...
Synk has set of rules to validate the k8s yaml for insecure
configuration.
This action will validate the k8s yaml for insecure configuration.
2021-03-12 20:56:00 -05:00
naveen
248fda288e
Fix - docker builds for scorecard cron
...
Fixed the docker build for scorecard cron and as well as updated the
integration to test for the docker builds.
2021-03-05 13:14:33 -05:00
naveen
abb06c9dbc
feat- Reorganize the code structure
...
Reorganize the code structure for testing and maintenance.
Feat - Included http endpoint
2021-03-04 19:08:47 -05:00
Naveen
3e979657bf
Implemented docker for gitcache ( #231 )
...
* Implemented caching the git folder instead of just a branch.
Implemented logging.
Refactored code.
* Feat - Implemented docker for gitcache
2021-03-04 03:22:17 +00:00
Naveen
b4c2e4fd13
feat - migrate to go 1.16 ( #233 )
...
Upgrade to go version 1.16
2021-03-03 18:56:29 +00:00
naveen
7b192a0243
feat - Included tests for disk cache
...
Included tests for disk cache.
Cleaned up tests.
2021-02-26 15:46:21 -05:00
naveen
6f2a0f43f4
Fix - Output path for the test runs
2021-02-25 15:59:39 -05:00
naveen
a7174d8ad7
Feature - Include e2e tests for docker
...
Included e2e tests for docker.
Included .Dockerignore to ignore files.
Included Docker build in the Makefile.
2021-02-25 11:02:45 -05:00
naveen
cab29a2747
Feat- Use cloud buckets for caching
...
Use cloud buckets for httpcache.
The implementation uses https://github.com/google/go-cloud for it to be
cloud vendor agnostic.
2021-02-24 11:17:50 -05:00
Naveen
e0a02567fb
Fix - Cleanup the makefile targets ( #207 )
2021-02-21 23:35:39 +00:00
naveen
5018c5012c
Fix - GitHub bot message URL for ok-to-test
...
Fixed the incorrect URL to the ok-to-test bot message
2021-02-19 14:04:24 -05:00
dependabot[bot]
030ab1dbc5
Bump peter-evans/slash-command-dispatch from v1 to v2.1.3
...
Bumps [peter-evans/slash-command-dispatch](https://github.com/peter-evans/slash-command-dispatch ) from v1 to v2.1.3.
- [Release notes](https://github.com/peter-evans/slash-command-dispatch/releases )
- [Commits](https://github.com/peter-evans/slash-command-dispatch/compare/v1...72ab5a2e417e454aa8e89c43b28e36fe331e00a5 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-19 08:28:45 -05:00
naveen
1e93904a66
Fix - Remove the app reference for the slash token
2021-02-18 16:14:12 -05:00
naveen
9b4b8be7e0
Feature - ok-to-test in github action
2021-02-18 15:45:55 -05:00
naveen
f906f3f568
Feature - sign releases
2021-02-17 17:53:41 -05:00
naveen
ef4c8d0758
Fix - refactor the lint in the actions
2021-02-16 15:59:50 -05:00
naveen
51f017b206
Fix - ignore empty github token
2021-02-16 14:35:22 -05:00