Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-05 14:28:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 143
21643 commits 3169 branches 570 tags 2.4 GiB
Commit graph

14 commits

Author SHA1 Message Date
Ian Littman
18256bdf0e
Add missing step-security hardening action, bump to current version (#38470) 
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Upgraded security protections across build and deployment workflows
for enhanced runner environment hardening.
* Strengthened CI/CD infrastructure security measures throughout
automated processes.
  * No direct user-facing changes.

<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
 2026-01-19 15:10:48 -06:00
Lucas Manuel Rodriguez
6e097988d5
Update ubuntu-20.04 to ubuntu-22.04 on CI actions due to deprecation (#26466) 
> We will soon start the deprecation process for Ubuntu 20.04. While the
image is being deprecated, you may experience longer queue times during
peak usage hours. Deprecation will begin on 2025-02-01 and the image
will be fully unsupported by 2025-04-01.

From https://github.com/actions/runner-images/issues/11101.

![Screenshot 2025-02-19 at 4 39
10 PM](https://github.com/user-attachments/assets/803e8ed3-31b0-4221-9d29-446a0d305567)
 2025-02-21 13:11:50 -03:00
Luke Heath
6ebc308eb4
[StepSecurity] ci: Harden GitHub Actions (#17780) 2024-03-22 15:32:23 -05:00
Luke Heath
204f082fe5
Pin all workflow actions versions by commit (#13462) 2023-08-31 12:09:21 -05:00
Michal Nicpon
56f3cb62ef
add concurrency to ci (#8271) 
* add concurrency to ci

* add readme for workflows
 2022-10-24 14:01:00 -06:00
Michal Nicpon
9056b22874
set default shell in workflows (#8108) 
* wait for mysql in workflows
 2022-10-07 09:43:56 -06:00
dependabot[bot]
200ddfaaff
Bump actions/checkout from 2 to 3.0.2 (#7301) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.0.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...2541b1294d2704b0964813337f33b291d3f8596b)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-31 07:44:22 -03:00
Guillaume Ross
e6c6b7e840
Added explicit read permissions + tweaked permissions (#4843) 
* Added explicit read permissions + tweaked permissions

As a part of #4698 - this should fix the remaining warnings we get from the OSSF scorecard in relation to github workflows. They now all have explicit read permissions with more granular permissions granted in jobs.

* Update tfsec.yml

New workflow that I had not fixed in this PR.
 2022-03-28 16:20:31 -04:00
Guillaume Ross
62d3b9145f
4620 pin action dependencies (#4622) 
* Update build-binaries.yaml

Pin action versions + add read only token to build-binaries.yaml

* Update codeql-analysis.yml

Pin dependencies with hash for codeql-analysis.yml

* Update deploy-fleet-website.yml

Pin dependencies in deploy-fleet-website.yml

* Update docs.yml

Pin dependencies for docs.yml

* Update fleet-and-orbit.yml

Pinning dependencies for fleet-and-orbit.yml

* Update generate-osqueryd-app-tar-gz.yml

Pin dependencies for generate-osqueryd-app-tar-gz.yml

* Pin dependencies in goreleaser workflows

Pinned dependencies in the 3 goreleaser workflows

* Update integration.yml

Pinned dependencies with hash

* Update pr-helm.yaml

Pinned dependencies with hash

* Update push-osquery-perf-to-ecr.yml

Pinned dependencies with a hash

* Update release-helm.yaml

Pinned one dependency with a hash

* Update semgrep-analysis.yml

Pinned dependencies with hashes

* Update test-go.yaml

Pinned dependencies with hash

* Update test-packaging.yml

Pinned dependencies with hashes

* Update test-website.yml

Pinned dependencies with hashes

* Update test.yml

Pinned dependencies with hashes
 2022-03-16 15:42:28 -04:00
James Alseth
1da89ea987
Publish Helm chart (#475) 
This adds a GH Action to publish the updated Helm chart with each new release. It can also be triggered manually if needed.

Fixes #345
 2021-03-17 11:09:01 -07:00
Zach Wasserman
de0b3324b1
Add AWS Lambda as logging plugin (#347) 
This plugin invokes the provided function with each log line as the
payload.

Closes #342
 2021-02-24 10:02:26 -08:00
Zach Wasserman
d624e099fb
Deprecate environment variable prefix (#301) 
- Support both `FLEET_` and `KOLIDE_` prefixes.
- Add logging about deprecated `KOLIDE_` prefix.
- Update documentation and sample configs.
 2021-02-11 15:36:58 -08:00
Zach Wasserman
7822003b64
Fix Helm CI workflow (#258) 
- Add version for kubeval-action
- Comment out pathType due to lack of support in older k8s versions
 2021-02-01 17:42:44 -08:00
James Alseth
3d328db000
Add Helm chart (#250) 
Providing a Helm chart makes it easier for users to deploy to Kubernetes.

I think this is good to go, and I've tested deploying to Kind and GKE using the GKE ingress, sql proxy, and managed certificate, but I haven't tested anything AWS related.
 2021-02-01 15:46:01 -08:00