dependabot[bot]
904e5072d6
build(deps): bump github/codeql-action from 2.3.3 to 2.3.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.3 to 2.3.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](29b1f65c5e...0225834cc5
2023-05-29 06:13:22 +00:00
Jintao Zhang
b0b922cd71
ci: Introduce yamllint for actions workflow files
...
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
2023-05-26 16:34:23 +08:00
dependabot[bot]
d10cabd3f9
build(deps): bump github/codeql-action from 2.3.2 to 2.3.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f3feb00acb...29b1f65c5e
2023-05-04 23:47:44 +00:00
dependabot[bot]
4c4bd63fa1
build(deps): bump github/codeql-action from 2.3.0 to 2.3.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.0 to 2.3.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b2c19fb9a2...f3feb00acb
2023-05-01 18:03:06 +00:00
dependabot[bot]
a2426712cc
build(deps): bump github/codeql-action from 2.2.12 to 2.3.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.12 to 2.3.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7df0ce3489...b2c19fb9a2
2023-04-24 18:01:36 +00:00
Benjamin Wang
a9c1c217a2
Merge pull request #15736 from etcd-io/dependabot/github_actions/github/codeql-action-2.2.12
...
build(deps): bump github/codeql-action from 2.2.11 to 2.2.12
2023-04-18 05:11:44 +08:00
dependabot[bot]
64c9a5c70a
build(deps): bump github/codeql-action from 2.2.11 to 2.2.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.11 to 2.2.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d186a2a36c...7df0ce3489
2023-04-17 18:01:44 +00:00
dependabot[bot]
b1e14c7d0a
build(deps): bump actions/checkout from 3.5.0 to 3.5.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8f4b7f8486...8e5e7e5ab8
2023-04-17 18:01:42 +00:00
dependabot[bot]
ce089755e1
build(deps): bump github/codeql-action from 2.2.10 to 2.2.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.10 to 2.2.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8c8d71dde4...d186a2a36c
2023-04-08 06:58:00 +00:00
dependabot[bot]
4ea5c08abc
build(deps): bump github/codeql-action from 2.2.9 to 2.2.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.9 to 2.2.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](04df1262e6...8c8d71dde4
2023-04-07 13:06:23 +08:00
dependabot[bot]
f9b08e5fdc
build(deps): bump github/codeql-action from 2.2.8 to 2.2.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.8 to 2.2.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](67a35a0858...04df1262e6
2023-03-27 18:02:38 +00:00
dependabot[bot]
5f6dab4149
build(deps): bump actions/checkout from 3.4.0 to 3.5.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](24cb908017...8f4b7f8486
2023-03-24 10:36:27 +00:00
dependabot[bot]
2d491356ec
build(deps): bump github/codeql-action from 2.2.7 to 2.2.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.7 to 2.2.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](168b99b3c2...67a35a0858
2023-03-22 22:28:33 +00:00
Benjamin Wang
9d8292256b
Merge pull request #15534 from etcd-io/dependabot/github_actions/actions/checkout-3.4.0
...
build(deps): bump actions/checkout from 3.3.0 to 3.4.0
2023-03-21 08:32:24 +08:00
dependabot[bot]
586d053d84
build(deps): bump github/codeql-action from 2.2.6 to 2.2.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.6 to 2.2.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](16964e90ba...168b99b3c2
2023-03-20 18:06:24 +00:00
dependabot[bot]
dd6fa9fd10
build(deps): bump actions/checkout from 3.3.0 to 3.4.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ac59398561...24cb908017
2023-03-20 18:06:19 +00:00
dependabot[bot]
97a080ba1e
build(deps): bump github/codeql-action from 2.2.5 to 2.2.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.5 to 2.2.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](32dc499307...16964e90ba
2023-03-13 18:05:12 +00:00
dependabot[bot]
0c52e5e133
build(deps): bump github/codeql-action from 2.2.4 to 2.2.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](17573ee1cc...32dc499307
2023-02-24 23:21:07 +00:00
dependabot[bot]
50532c9fb5
build(deps): bump github/codeql-action from 2.2.1 to 2.2.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.1 to 2.2.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3ebbd71c74...17573ee1cc
2023-02-13 20:35:03 +08:00
dependabot[bot]
d0a481be84
build(deps): bump github/codeql-action from 2.1.39 to 2.2.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.39 to 2.2.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a34ca99b46...3ebbd71c74
2023-01-31 05:28:21 +08:00
dependabot[bot]
ee566c492b
build(deps): bump github/codeql-action from 2.1.38 to 2.1.39
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.38 to 2.1.39.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](515828d974...a34ca99b46
2023-01-20 18:35:49 +08:00
Benjamin Wang
1659f8980f
dependency: bump github/codeql-action from 2.1.37 to 2.1.38
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-01-17 06:46:31 +08:00
dependabot[bot]
9f93448500
build(deps): bump actions/checkout from 3.2.0 to 3.3.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](755da8c3cf...ac59398561
2023-01-09 17:12:51 +00:00
dependabot[bot]
ef02c159f2
build(deps): bump github/codeql-action from 2.1.36 to 2.1.37
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.36 to 2.1.37.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.1.36...959cbb7472c4d4ad70cdfe6f4976053fe48ab394 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-19 17:09:20 +00:00
dependabot[bot]
ffd26d6a0a
build(deps): bump actions/checkout from 2.5.0 to 3.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2.5.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2.5.0...755da8c3cf115ac066823e79a1e1788f8940201b )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-13 03:36:57 +00:00
Benjamin Wang
bf5c094f3c
secure the github workflow
...
https://app.stepsecurity.io/secureworkflow/etcd-io/etcd/tests.yaml/main?enable=pin
1. Copy the existing yaml file and paste into the textbox,
2. Click "SECURE WORKFLOW"
3. Copy the manifest from the textbox and paste into etcd repo.
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-12 16:23:13 +08:00
Joyce Brum
4bcf401b7f
Squashed commit of the following:
...
commit 9a3bf2c0ed6e63c718789679745fdaa24a2c2ba9
Author: Joyce Brum <joycebrum@google.com>
Date: Tue Dec 6 17:59:42 2022 +0000
fix: write permissions
Signed-off-by: Joyce Brum <joycebrum@google.com>
commit 7716f3c00cd7cfe4debbbf97662b1cee7277ba00
Author: Joyce Brum <joycebrum@google.com>
Date: Tue Dec 6 17:04:19 2022 +0000
fix: typo on coverage workflow
Signed-off-by: Joyce Brum <joycebrum@google.com>
commit cb5165401392f1a2de3683ec33ffe97dc0f1fe9f
Author: Joyce Brum <joycebrum@google.com>
Date: Tue Dec 6 16:57:50 2022 +0000
feat: test coverage workflow with write permissions
Signed-off-by: Joyce Brum <joycebrum@google.com>
commit 235627f257d52139c9c73c2ca15c9ef7250cea2f
Author: Joyce Brum <joycebrum@google.com>
Date: Tue Dec 6 16:44:21 2022 +0000
fix: measure test read all and workflow dispatch
Signed-off-by: Joyce Brum <joycebrum@google.com>
commit 81b1581f19945ba5ddd7fa74661910a457af7515
Author: Joyce Brum <joycebrum@google.com>
Date: Tue Dec 6 14:50:12 2022 +0000
feat: change from content read to read all
Signed-off-by: Joyce Brum <joycebrum@google.com>
commit 95bd39f615924a9c0186e6d3e1ad6c205c7db428
Author: Joyce Brum <joycebrum@google.com>
Date: Tue Dec 6 14:45:45 2022 +0000
fix: add permission to write on e2e.yaml
Signed-off-by: Joyce Brum <joycebrum@google.com>
commit f86661da253af3908cde9f5f71311fbca6b26c81
Author: Joyce Brum <joycebrum@google.com>
Date: Mon Dec 5 17:04:44 2022 +0000
feat: use read-only by default
Signed-off-by: Joyce Brum <joycebrum@google.com>
Signed-off-by: Joyce Brum <joycebrum@google.com>
2022-12-06 18:03:50 +00:00
Thomas Jungblut
89bfa4b95c
Update CodeQL to v2
...
CodeQL@v1 is going to be deprecated in three weeks. This PR updates the
branches to track only the currently maintained release branches and
moves the actions to its v2 version.
Signed-off-by: Thomas Jungblut <tjungblu@redhat.com>
2022-11-15 13:30:44 +01:00
Marek Siarkowicz
96840277d0
github: Add necessery permissions for CodeQL
2022-05-05 10:07:02 +02:00
Sahdev Zala
f8eeecc359
Revert CodeQL permission
...
Reverting per the latest discussion in the issue 13588 to
test if we can remove the write permission.
2022-01-21 16:45:08 -05:00
Marek Siarkowicz
0ab7c7842e
Add required permissions for CodeQL
2022-01-21 14:21:10 +01:00
Gyuho Lee
b6562a24b6
.github: rename "master" branch references to "main"
...
Signed-off-by: Gyuho Lee <leegyuho@amazon.com>
2021-05-12 10:41:24 -07:00
Chris Aniszczyk
c0d44ec4b7
Add CodeQL Security Scanning
...
Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>
2020-12-02 10:37:09 -08:00
