Commit Graph

26 Commits

Author SHA1 Message Date
Dirk e5efdd6cb4 Hotfix reenabling write permissions
see #2158
2022-04-25 10:17:05 +02:00
naveensrinivasan 2d03d82fd9
Set permissions for GitHub actions
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-15 21:17:06 -05:00
Dirk db932c2bdc prevent CI from running in doc dir s/docs/doc/ 2022-04-01 14:14:59 +02:00
dependabot[bot] 9ae22434a0
Bump docker/build-push-action from 2.9.0 to 2.10.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.9.0 to 2.10.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.9.0...v2.10.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-15 00:27:58 +00:00
Dirk Wetter 22ec6de58c
Merge pull request #2112 from drwetter/dependabot/github_actions/actions/checkout-3
Bump actions/checkout from 2 to 3
2022-03-02 08:25:12 +01:00
dependabot[bot] c75e789229
Bump docker/login-action from 1.13.0 to 1.14.1
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.13.0 to 1.14.1.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.13.0...v1.14.1)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-02 00:34:27 +00:00
dependabot[bot] 85f67f93e9
Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-02 00:34:23 +00:00
dependabot[bot] edc279f017
Bump docker/login-action from 1.12.0 to 1.13.0
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.12.0 to 1.13.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.12.0...v1.13.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-18 00:50:50 +00:00
dependabot[bot] df5dae79d4
Bump docker/build-push-action from 2.8.0 to 2.9.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.8.0 to 2.9.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.8.0...v2.9.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-02 00:30:46 +00:00
dependabot[bot] 48c9c2f480
Bump docker/build-push-action from 2.7.0 to 2.8.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.7.0...v2.8.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-01-19 00:34:18 +00:00
dependabot[bot] c041e27ecf
Bump docker/login-action from 1.10.0 to 1.12.0
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.10.0 to 1.12.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v1.10.0...v1.12.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-21 00:24:46 +00:00
Dirk Wetter fbe04164d3 Also run GHA for PRs
(don't know whether this works.)
2021-12-11 19:40:29 +01:00
Dimitri Papadopoulos fcb282e3c3
Typos found by codespell
Run codespell in CI
2021-09-14 13:33:39 +02:00
a1346054 b1f5c6c9af Trim excess whitespace 2021-09-04 13:28:30 +00:00
dependabot[bot] c39edaaa1d
Bump docker/build-push-action from 2.6.1 to 2.7.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.6.1 to 2.7.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v2.6.1...v2.7.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-08-30 01:03:28 +00:00
Jauder Ho c7a9b74e16
Update docker-3.1dev.yml 2021-08-09 11:58:03 +00:00
Jauder Ho e58ceb7b10 Removed docker-3.0.yml from 3.1dev branch 2021-08-09 11:18:20 +00:00
Jauder Ho 4dc984df2e Revert ref test 2021-08-09 11:14:07 +00:00
Jauder Ho ca271c5d8b Test out GITHUB_REF 2021-08-09 11:09:11 +00:00
Jauder Ho b1aeeb47e0 Testing context 2021-08-09 10:36:17 +00:00
Jauder Ho 4df60052af Use GH Action to build new container images upon push 2021-08-09 10:21:10 +00:00
Dirk 2af7860a3c Remove mac osx
... apt is probably not the right thing ;-)
2021-06-19 11:17:52 +02:00
Dirk 247d08882e GHA: Fix push + PR
see https://github.community/t/how-to-factor-paths-in-common-for-push-and-pull-request/115967/2

TL;DR:  There is no way to specify the common paths for two events
2021-06-19 11:12:00 +02:00
Dirk 5cd97ddcb9 Correct YAML error in GHA + add macOS
- yamllint to the rescue. Still shows an error though:
  4:3       error    syntax error: expected <block end>, but found '<block mapping start>' (syntax)

- added macos, see https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners
2021-06-19 10:45:08 +02:00
Dirk b8a9b9c6db Github actions modifications
- define deny list of files when modified not to run GHA
- specRitfy OS to be ubuntu-20.04 (is there a debian at all?)
- only use perl 5.26

While researching I stumbled over mac.osx as an OS one can specify. If anybody
knows whether this is really macosx (license?) please let me know. That
would be a great addition for CI. (Couldn't find BSD yet...)

See #1920
2021-06-19 09:20:48 +02:00
Mikel Olasagasti Uranga ebcd3105c8 Add GitHub Actions testing 2021-06-06 21:06:58 +02:00