d8dfun/virtual-kubelet
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
977 Commits 13 Branches 49 Tags
704b01eac6bdf0472b9c93173e4cb64bd6e53e94
Commit Graph

11 Commits

Author SHA1 Message Date
Brian Goff
d66366ba96 codeql: Add explicit permissions 
Codeql requires write access to security-events, but our default action
token (rightly) only has read permissions.
This adds the explicit request for write access.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2022-10-10 17:29:32 +00:00
dependabot[bot]
db7f53c1ca Bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-12 17:33:34 +00:00
Brian Goff
7ee822ec6d Fix typo in job name 2022-08-31 21:02:12 +00:00
Brian Goff
6198b02423 Only run codeql on pushes to master, not pr's 
These are extremely slow and probably very expensive for someone.
We don't need these running on PR's which have constant pushes, rebases,
etc.

The activity on the repo is slow enough we can fix-up things after
codeql runs on master.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2022-08-31 19:56:04 +00:00
dependabot[bot]
de4fe42586 Bump github/codeql-action from 1 to 2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-31 19:42:26 +00:00
dependabot[bot]
00d8340a64 Bump actions/setup-go from 2 to 3 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-31 19:36:55 +00:00
Brian Goff
aa94284712 dependabot: update github actions 
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2022-08-31 19:35:43 +00:00
Brian Goff
44d0df547d Merge branch 'master' into feature/dependabot 2022-08-31 11:30:14 -07:00
Brian Goff
433e0bbd20 Add github actions 
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2022-08-31 00:58:51 +00:00
Sienna Lloyd
2b7e4c9dc6 added basic dependabot integration. 
Signed-off-by: Sienna Lloyd <sienna.lloyd@hey.com>
 2022-06-23 11:30:16 -06:00
Chris Aniszczyk
8affa1c42a Add CodeQL Security Scanning 
Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>
Signed-off-by: Sargun Dhillon <sargun@sargun.me>
 2020-12-14 20:13:40 -08:00