Compare commits

...

1 Commits

Author SHA1 Message Date
gaspardmoindrot fd93303c9c [PTFE-256] 🐛 Cloudserver Trivy scan failing due to invalid zip file 2023-05-24 23:02:42 +00:00
3 changed files with 80 additions and 0 deletions

25
.github/workflows/codeql.yaml vendored Normal file
View File

@ -0,0 +1,25 @@
---
name: codeQL
on:
push:
branches: [development/*, stabilization/*, hotfix/*]
pull_request:
branches: [development/*, stabilization/*, hotfix/*]
workflow_dispatch:
jobs:
analyze:
name: Static analysis with CodeQL
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: javascript, python, ruby
- name: Build and analyze
uses: github/codeql-action/analyze@v2

View File

@ -0,0 +1,16 @@
---
name: dependency review
on:
pull_request:
branches: [development/*, stabilization/*, hotfix/*]
jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v3
- name: 'Dependency Review'
uses: actions/dependency-review-action@v3

39
.github/workflows/security.yaml vendored Normal file
View File

@ -0,0 +1,39 @@
---
name: security
on:
push:
branches: [development/*, stabilization/*, hotfix/*]
release:
types: [published]
pull_request:
branches: [development/*, stabilization/*, hotfix/*]
schedule:
- cron: '0 8 * * 1' # Monday - 8am - UTC
workflow_dispatch:
jobs:
build:
permissions:
contents: read
packages: write
uses: scality/workflows/.github/workflows/docker-build.yaml@v1
secrets:
REGISTRY_LOGIN: ${{ github.repository_owner }}
REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
with:
registry: ghcr.io
namespace: ${{ github.repository }}
name: cloudserver
context: .
tag: ${{ github.sha }}
trivy:
needs: build
name: Trivy Vulnerability Scan for Code
uses: scality/workflows/.github/workflows/trivy.yaml@v1
with:
registry: ghcr.io
namespace: ${{ github.repository }}
name: cloudserver
tag: ${{ github.sha }}