Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-22 16:39:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 121
11747 commits 3323 branches 575 tags 2.3 GiB
Commit graph

7 commits

Author SHA1 Message Date
Luke Heath
6ebc308eb4
[StepSecurity] ci: Harden GitHub Actions (#17780) 2024-03-22 15:32:23 -05:00
Luke Heath
204f082fe5
Pin all workflow actions versions by commit (#13462) 2023-08-31 12:09:21 -05:00
KanchiMoe
257336c8b0
Upversion github actions in tfvalidate.yml (#12005) 
This fixes the deprecation warnings that appear at the bottom of
https://github.com/fleetdm/fleet/actions/runs/5083875257
 2023-05-28 22:54:46 -04:00
StepSecurity Bot
2154c13865
Pin actions to commit SHA (#10204) 
## Summary

This pull request is created by [Secure
Repo](https://app.stepsecurity.io/securerepo) at the request of @zwass.
Please merge the Pull Request to incorporate the requested changes.
Please tag @zwass on your message if you have any questions related to
the PR. You can also engage with the
[StepSecurity](https://github.com/step-security) team by tagging
@step-security-bot.

## Security Fixes

### Pinned Dependencies

GitHub Action tags and Docker tags are mutable. This poses a security
risk. GitHub's Security Hardening guide recommends pinning actions to
full length commit.

- [GitHub Security
Guide](https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions)
- [The Open Source Security Foundation (OpenSSF) Security
Guide](https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies)


## Feedback
For bug reports, feature requests, and general feedback; please create
an issue in
[step-security/secure-repo](https://github.com/step-security/secure-repo).
To create such PRs, please visit https://app.stepsecurity.io/securerepo.


Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
 2023-02-28 17:55:38 -08:00
Michal Nicpon
56f3cb62ef
add concurrency to ci (#8271) 
* add concurrency to ci

* add readme for workflows
 2022-10-24 14:01:00 -06:00
Michal Nicpon
9056b22874
set default shell in workflows (#8108) 
* wait for mysql in workflows
 2022-10-07 09:43:56 -06:00
Martin Angers
7356378d0f
Update hashicorp/aws provider version for loadtesting and add CI validation (#7937) 
* Update hashicorp/aws provider version for loadtesting and add CI validation

* Update name of the new workflow
 2022-09-28 09:38:56 -05:00