mirror of
https://github.com/ivuorinen/actions.git
synced 2026-03-06 00:55:11 +00:00
Compare commits
3 Commits
v2026.03.0
...
renovate/r
| Author | SHA1 | Date | |
|---|---|---|---|
|
672a529873 | ||
|
ae4ad9ec80 | ||
|
|
455267f892 |
8
.github/workflows/action-security.yml
vendored
8
.github/workflows/action-security.yml
vendored
@@ -17,10 +17,7 @@ concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
cancel-in-progress: true
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
actions: read
|
||||
pull-requests: read
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
analyze:
|
||||
@@ -29,6 +26,9 @@ jobs:
|
||||
timeout-minutes: 30
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
actions: read
|
||||
pull-requests: read
|
||||
security-events: write
|
||||
statuses: write
|
||||
issues: write
|
||||
|
||||
7
.github/workflows/build-testing-image.yml
vendored
7
.github/workflows/build-testing-image.yml
vendored
@@ -23,15 +23,16 @@ on:
|
||||
default: 'latest'
|
||||
type: string
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
build-and-push:
|
||||
name: Build and Push Testing Image
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 20
|
||||
permissions:
|
||||
contents: read
|
||||
packages: write
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
|
||||
7
.github/workflows/codeql-new.yml
vendored
7
.github/workflows/codeql-new.yml
vendored
@@ -13,17 +13,16 @@ on:
|
||||
- cron: '30 1 * * 0' # Run at 1:30 AM UTC every Sunday
|
||||
merge_group:
|
||||
|
||||
permissions:
|
||||
actions: read
|
||||
contents: read
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
analyze:
|
||||
name: Analyze (${{ matrix.language }})
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
security-events: write
|
||||
actions: read
|
||||
contents: read
|
||||
security-events: write
|
||||
|
||||
strategy:
|
||||
fail-fast: false
|
||||
|
||||
5
.github/workflows/dependency-review.yml
vendored
5
.github/workflows/dependency-review.yml
vendored
@@ -4,12 +4,13 @@ name: 'Dependency Review'
|
||||
on:
|
||||
- pull_request
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
dependency-review:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
steps:
|
||||
- name: 'Checkout Repository'
|
||||
uses: actions/checkout@71cf2267d89c5cb81562390fa70a37fa40b1305e # v6-beta
|
||||
|
||||
3
.github/workflows/issue-stats.yml
vendored
3
.github/workflows/issue-stats.yml
vendored
@@ -5,8 +5,7 @@ on:
|
||||
schedule:
|
||||
- cron: '3 2 1 * *'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
build:
|
||||
|
||||
2
.github/workflows/new-release.yml
vendored
2
.github/workflows/new-release.yml
vendored
@@ -6,7 +6,7 @@ on:
|
||||
schedule:
|
||||
- cron: '0 21 * * *' # 00:00 at Europe/Helsinki
|
||||
|
||||
permissions: read-all
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
new-daily-release:
|
||||
|
||||
4
.github/workflows/pr-lint.yml
vendored
4
.github/workflows/pr-lint.yml
vendored
@@ -37,9 +37,7 @@ concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
cancel-in-progress: true
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
packages: read # Required for private dependencies
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
megalinter:
|
||||
|
||||
3
.github/workflows/release.yml
vendored
3
.github/workflows/release.yml
vendored
@@ -7,8 +7,7 @@ on:
|
||||
tags:
|
||||
- 'v*'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
release:
|
||||
|
||||
11
.github/workflows/security-suite.yml
vendored
11
.github/workflows/security-suite.yml
vendored
@@ -18,11 +18,7 @@ on:
|
||||
- '**/*.yaml'
|
||||
- '.github/workflows/**'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: write
|
||||
issues: write
|
||||
actions: read
|
||||
permissions: {}
|
||||
|
||||
concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
|
||||
@@ -32,6 +28,11 @@ jobs:
|
||||
security-analysis:
|
||||
name: Security Analysis
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: write
|
||||
issues: write
|
||||
actions: read
|
||||
|
||||
steps:
|
||||
- name: Checkout PR
|
||||
|
||||
5
.github/workflows/stale.yml
vendored
5
.github/workflows/stale.yml
vendored
@@ -8,10 +8,7 @@ on:
|
||||
workflow_call:
|
||||
workflow_dispatch:
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
packages: read
|
||||
statuses: read
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
stale:
|
||||
|
||||
3
.github/workflows/sync-labels.yml
vendored
3
.github/workflows/sync-labels.yml
vendored
@@ -22,7 +22,7 @@ concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.ref }}
|
||||
cancel-in-progress: true
|
||||
|
||||
permissions: read-all
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
labels:
|
||||
@@ -31,6 +31,7 @@ jobs:
|
||||
timeout-minutes: 10
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
issues: write
|
||||
|
||||
steps:
|
||||
|
||||
9
.github/workflows/version-maintenance.yml
vendored
9
.github/workflows/version-maintenance.yml
vendored
@@ -12,15 +12,16 @@ on:
|
||||
required: false
|
||||
type: string
|
||||
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
issues: write
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
check-and-update:
|
||||
name: Check Version References
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
issues: write
|
||||
|
||||
steps:
|
||||
- name: Checkout Repository
|
||||
|
||||
@@ -84,7 +84,7 @@ repos:
|
||||
args: ['-shellcheck=']
|
||||
|
||||
- repo: https://github.com/bridgecrewio/checkov.git
|
||||
rev: '3.2.506'
|
||||
rev: '3.2.507'
|
||||
hooks:
|
||||
- id: checkov
|
||||
args:
|
||||
|
||||
@@ -99,7 +99,7 @@ runs:
|
||||
|
||||
- name: Run actionlint
|
||||
if: steps.check-configs.outputs.run_actionlint == 'true'
|
||||
uses: raven-actions/actionlint@e01d1ea33dd6a5ed517d95b4c0c357560ac6f518 # v2.1.1
|
||||
uses: raven-actions/actionlint@205b530c5d9fa8f44ae9ed59f341a0db994aa6f8 # v2.1.2
|
||||
with:
|
||||
cache: true
|
||||
fail-on-error: true
|
||||
|
||||
Reference in New Issue
Block a user