Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-15 04:58:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 113
18551 commits 3247 branches 574 tags 2.2 GiB
Commit graph

6 commits

Author SHA1 Message Date
Eric
53bb51e49f
Update vulnerability dashboard to deploy from a parentless commit (#31887) 
Changes:
- Updated the `deploy-vulnerability-dashboard` workflow to deploy the
app from a parentless commit.
 2025-08-14 09:58:25 -05:00
Eric
cb67c32afc
Change Ubuntu version in Heroku deploy workflows (#22939) 
Closes: #22931

Changes:
- Updated the deploy workflows for the Fleet website and the
vulnerability dashboard to run on Ubuntu 22.04 to prevent issues we've
been seeing with the Heroku deploy action and the latest version of
Ubuntu.
 2024-10-15 16:20:12 -05:00
Luke Heath
6ebc308eb4
[StepSecurity] ci: Harden GitHub Actions (#17780) 2024-03-22 15:32:23 -05:00
StepSecurity Bot
8ae24ac4a9
[StepSecurity] ci: Harden GitHub Actions (#17767) 
## Summary

This pull request is created by
[StepSecurity](https://app.stepsecurity.io/securerepo) at the request of
@lukeheath. Please merge the Pull Request to incorporate the requested
changes. Please tag @lukeheath on your message if you have any questions
related to the PR.
## Security Fixes

### Least Privileged GitHub Actions Token Permissions

The GITHUB_TOKEN is an automatically generated secret to make
authenticated calls to the GitHub API. GitHub recommends setting minimum
token permissions for the GITHUB_TOKEN.

- [GitHub Security
Guide](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow)
- [The Open Source Security Foundation (OpenSSF) Security
Guide](https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions)
### Pinned Dependencies

GitHub Action tags and Docker tags are mutable. This poses a security
risk. GitHub's Security Hardening guide recommends pinning actions to
full length commit.

- [GitHub Security
Guide](https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions)
- [The Open Source Security Foundation (OpenSSF) Security
Guide](https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies)


## Feedback
For bug reports, feature requests, and general feedback; please email
support@stepsecurity.io. To create such PRs, please visit
https://app.stepsecurity.io/securerepo.


Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
 2024-03-21 15:56:42 -05:00
Eric
36dafbd969
Update vulnerability dashboard deploy action & update github maintainers in custom.js (#17602) 
Changes:
- Updated the deploy-vulnerability-dashboard workflow to use the correct
variables for the Heroku steps.
- Added GitHub maintainers to `website/config/custom.js` for the GitHub
workflows related to the vulnerability dashboard.
 2024-03-21 11:58:45 -05:00
Eric
b1945b2128
Add fleet-vulnerability-dashboard repo to ee/ folder (#17428) 
Closes: https://github.com/fleetdm/confidential/issues/4057

Changes:
- Added the contents of the fleet-vulnerability-dashboard repo to
ee/vulnerability-dashboard
- Added a github workflow to deploy the vulnerability dashboard on
Heroku
- Added a github workflow to test changes to the vulnerability-dashboard
- Updated the website's custom configuration to enable
auto-approvals/review requests to files in the
ee/vulnerability-dashboard folder
 2024-03-13 13:06:11 -05:00