ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-11-08 22:55:27 +03:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity
297 Commits 37 Branches 42 Tags 440 MiB
f5185e4bd6
Commit Graph

297 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
nathannaveen
f5185e4bd6 🌱 included copyright headers. 2021-04-01 21:36:10 -05:00
naveen
6d9463bf60 🌱 Upgrade golang docker container 
Golang docker container upgrade.
 2021-04-01 19:43:30 -05:00
Chris McGehee
7432e5e6f9 using make targets in docker builds 2021-03-30 14:12:24 -04:00
dependabot[bot]
8ef259d250 Bump github.com/go-git/go-git/v5 from 5.2.0 to 5.3.0 in /gitcache 
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.2.0 to 5.3.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.2.0...v5.3.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-30 13:04:31 -04:00
naveen
2f62126a3e 🐛 Fix docker buildx syntax 
The docker build syntax was in incorrect location which was causing the
builds to fail.

https://github.com/docker/buildx/issues/348#issuecomment-709155842
 2021-03-29 23:59:21 -04:00
Naveen
3e4432ceea Update PULL_REQUEST_TEMPLATE.md 2021-03-24 17:11:02 -04:00
Naveen
0e5b8e63f2 Eating your own dog food 
Eating your own dog food
 2021-03-22 18:00:20 -04:00
naveen
775a83a2f7 🌱 update dependabot for cron and scripts 
The cron and scripts are based on go.mod. The dependabot settings are
updated to watch those folders.
 2021-03-22 11:50:01 -04:00
naveen
7622cea5a6 🌱 updated the makefile to include scripts and cron 
Updated the makefile to include scripts and cron.
 2021-03-22 11:42:18 -04:00
naveen
688dc5e6c7 Refactor cron job 
* Refactored cron job from shell script to go.
* Included metadata to the projects.txt for envoy
* Included checks for duplicate item in projects.txt
* Sorted the projects.txt so that it is easier for someone to look for a
project
 2021-03-21 22:31:07 -04:00
naveen
52e742cce9 📖 Instructions on PR process 
* Included instructions in the PR process.
 2021-03-21 11:11:30 -04:00
naveen
ba42e1ab7b 🌱 Changed cron to run everyday 
With the latest fix for roundrobin token usage, the cron can run
everyday.
 2021-03-19 11:50:26 -04:00
Asra Ali
7a2675532a add envoy deps statically 
Signed-off-by: Asra Ali <asraa@google.com>
 2021-03-19 10:07:33 -04:00
Naveen
1a81741624
🌱Remove branch protection check from cron (#290) 
The branch protection check needs an admin access to the repository. All
of the checks from cron would fail and uses another call to the API.

This will reduce usage of the API.
 2021-03-19 07:27:09 -04:00
naveen
8427362772 🌱 verifier to generate release notes 
The verifier helps release notes generation.
https://github.com/kubernetes-sigs/kubebuilder-release-tools

https://github.com/kubernetes-sigs/kubebuilder-release-tools/blob/master/verify/main.go
 2021-03-18 12:19:06 -04:00
naveen
5b9991e3c4 chore - remove debug log for roundtripper 
Remove the debug log for the roundtripper which is flooding.
 2021-03-18 10:49:13 -04:00
Naveen
7ff09db2ed
Fix-Using Roundrobin tokens across multiple calls (#284) 
The GitHub tokens are picked from a list for each call using Roundrobin approach.
 2021-03-17 21:41:29 +00:00
dependabot[bot]
8333f1e328 Bump github.com/onsi/ginkgo from 1.15.1 to 1.15.2 
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.15.1 to 1.15.2.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v1.15.1...v1.15.2)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-17 15:18:13 -04:00
dependabot[bot]
5b4723b13e Bump github.com/onsi/ginkgo from 1.15.1 to 1.15.2 in /gitcache 
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.15.1 to 1.15.2.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v1.15.1...v1.15.2)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-17 08:59:32 -04:00
naveen
c62e667f7c Docs - Included instructions for deploying cron 
Included instructions for deployment of the k8s cron job for the daily
score.
 2021-03-16 10:15:14 -04:00
naveen
27ec7fff8d Docs - Updated the docs for cron 
Included a section within the CONTRIBUTING.md about the dailyscore and
cron job.
 2021-03-15 12:38:58 -04:00
Naveen
4b4d0f0a01
Fix - out of memory error for large repository (#276) 
The httpcache client caches everything in memory and if the repository
is large then the process gets evicted with oom.

Changed the implementation to use the standard http client to fetch the
tarball.
 2021-03-14 21:50:17 -04:00
NirmalaY12
6a224d1693 Update projects.txt 
Scan on github.com/mwiede/jsch
 2021-03-14 21:37:18 -04:00
naveen
88de2df279 Feat-Use synk to check cron-job security settings 
Use synk to check for cron-job yaml for secuity misconfiguration.
 2021-03-12 21:03:29 -05:00
naveen
3489c83404 Feat - Include synk check for k8s yaml 
Synk has set of rules to validate the k8s yaml for insecure
configuration.

This action will validate the k8s yaml for insecure configuration.
 2021-03-12 20:56:00 -05:00
naveen
3d6b080241 Doc - Included gitcache documentation 
Included documentation for gitcache.
 2021-03-12 19:24:29 -05:00
naveen
0eaa4ff3d0 Fix - Made the results.json wellformed from cron 
Fixed the results.json to be wellformed from the cron job.

Changed the docker image from gsutil to cloudsdk:slim to `sed` binary
which is being used with the cron.sh
 2021-03-11 21:58:54 -05:00
naveen
b8768a0eb3 Fix - Set resource limits for the cron pod 2021-03-11 12:03:14 -05:00
Naveen
cccf74cb60
Fix - yaml string quotes. (#266) 
The `yaml` string was missing quotes.
 2021-03-11 16:06:46 +00:00
naveen
2978ae550a Fix - signed-tags e2e tests. 
The signed tags e2e tests were failing because apache/airflow pushed
tags without signing.

Changed from apache/airflow to bitcoin/bitcoin.
 2021-03-11 10:59:03 -05:00
naveen
cb94f06642 Fix - cron included caching settings 
Included caching settings for the cron job.
 2021-03-10 12:33:14 -05:00
Naveen
b79b001e4e
Fix - failed cron job docker (#259) 
The cron job was failing with the .dockerignore.

Also update the cronjob to pull the latest projects.txt from the GitHub.
 2021-03-10 16:01:47 +00:00
naveen
6e8018cf8f chore - Upgrade ginkgo and goomega dependencies 
Upgrade version for ginkgo and goomega dependencies.
 2021-03-10 09:08:31 -05:00
Naveen
210cf4a31e
Feat - More validation tests for gitcache (#257) 
Implemented validation tests for gitcache.
 2021-03-08 19:12:13 +00:00
dependabot[bot]
b766fff506 Bump github.com/onsi/ginkgo from 1.15.0 to 1.15.1 in /gitcache 
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.15.0 to 1.15.1.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v1.15.0...v1.15.1)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-08 08:56:19 -05:00
dependabot[bot]
303118fe54 Bump github.com/onsi/gomega from 1.10.5 to 1.11.0 in /gitcache 
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.10.5 to 1.11.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.10.5...v1.11.0)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-08 07:58:55 -05:00
naveen
2e2820cfba Secured pod and included readiness and liveness 
* Included security context to runas Nonroot
* Turned off privilege escalation
* Implemented readOnly RootFilesystem
* Implemented readiness and livenessprobe
 2021-03-07 18:47:17 -05:00
naveen
64ac973acf feat - k8s deployment 2021-03-06 19:24:13 -05:00
naveen
93761ebaa1 Feat- Parmeterize cache folder in gitcache 
The cache temp folder was hardcoded to using the current working
directory.

With this it will be using the directory that is configured in
"TEMP_DIR".

The TEMP_DIR would be an emptydir in k8s.

Included tests for basic e2e tests.
 2021-03-05 23:05:13 -05:00
naveen
248fda288e Fix - docker builds for scorecard cron 
Fixed the docker build for scorecard cron and as well as updated the
integration to test for the docker builds.
 2021-03-05 13:14:33 -05:00
dependabot[bot]
cef322b809 Bump github.com/onsi/gomega from 1.10.1 to 1.10.5 in /gitcache 
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.10.1 to 1.10.5.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.10.1...v1.10.5)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-03-05 08:47:05 -05:00
naveen
018043f4cf Feat - e2e tests for gitcache buckets 
Implemented e2e tests for buckets.
 2021-03-05 08:08:47 -05:00
naveen
90d3fa7e70 Fix - Change log.fatal to error 
Fix the repo parsing from log.fatal to error. This was causing the
process to terminate.
 2021-03-04 20:06:46 -05:00
naveen
abb06c9dbc feat- Reorganize the code structure 
Reorganize the code structure for testing and maintenance.

Feat - Included http endpoint
 2021-03-04 19:08:47 -05:00
Naveen
c5528dba94
Update issue templates (#235) 2021-03-04 03:30:32 +00:00
Naveen
3e979657bf
Implemented docker for gitcache (#231) 
* Implemented caching the git folder instead of just a branch.
Implemented logging.
Refactored code.

* Feat - Implemented docker for gitcache
 2021-03-04 03:22:17 +00:00
Naveen
b4c2e4fd13
feat - migrate to go 1.16 (#233) 
Upgrade to go version 1.16
 2021-03-03 18:56:29 +00:00
Naveen
f0ff62d9eb
Feat - Included dependabot for gitcache (#232) 2021-03-02 16:51:04 -08:00
Naveen
c55c380e9b
Updated README (#230) 
* Updated README

Updated README to reflect the changes that are implemented.

* Update README.md
 2021-03-02 21:16:37 +00:00
Naveen
b1f037172a
gitcache - Scaling the scorecard scans (#227) 
* Feature - implemented gitcache to scale scorecard

* Create README.md

* Update README.md

* Feature - implemented gitcache to scale scorecard
 2021-03-02 02:00:01 +00:00