Roland Dobai
558392b998
Merge branch 'feature/vulnerability_scan' into 'master'
...
feat: use esp-idf-sbom-action for vulnerability scan
Closes IDF-8805 and IDF-5187
See merge request espressif/esp-idf!27688
2023-12-11 21:57:05 +08:00
Frantisek Hrbata
5ec411679b
feat: use esp-idf-sbom-action for vulnerability scan
...
This adds a github action, which performs continuous vulnerability
scanning using the esp-idf-sbom-action github action. The test
is scheduled everyday at midnight and it's also possible to start
it as dispatched workflow. This scans all possible manifest files
in repository. The references for scanning are defined in github's
VULNERABILITY_SCAN_REFS variable and a json list. For example
['master', 'release/v5.2', 'release/v5.1', 'release/v5.0', 'release/v4.4']
Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
2023-12-07 10:03:54 +01:00
Tomas Sebestik
2ad861964e
ci(danger-github): replace local Danger code by org action
2023-12-05 12:56:58 +01:00
Laukik Hase
6fc878f857
fix(ci): Use latest stable actions/checkout@v3 instead of v2 for GitHub Actions
2023-10-30 13:43:10 +05:30
Tomas Sebestik
b1a2997831
fix: GitHub action PR pre-commit check
2023-10-05 07:20:20 +02:00
Tomas Sebestik
5295b51fcd
ci(danger-github): Fix github-action-bot permissions for posting Danger output
2023-08-24 14:15:11 +02:00
Roland Dobai
686265298d
ci(github): Update Python to 3.8 for pre-commit checks
...
Fixes issue "ERROR: Package 'conventional-precommit-linter' requires a
different Python: 3.7.17 not in '>=3.8'" of all Pull Requests.
Python 3.7 support will be dropped soon in the upcoming ESP-IDF v5.2
version.
2023-07-12 08:14:21 +02:00
Tomas Sebestik
7add582eb7
ci(danger): add dangerjs for GitHub
...
Add GitHub workflow for running dangerjs on pull requests.
Add GitHub layout for DangerJS.
2023-05-29 08:23:04 +02:00
nathannaveen
8290ee4296
chore: Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
2022-07-03 00:58:46 +00:00
Ivan Grokhotkov
212cbc3fb6
tools/docker: add README.md file to be displayed on Docker Hub
...
Closes https://github.com/espressif/esp-idf/issues/7933
2022-05-26 03:44:13 +02:00
Ivan Grokhotkov
6dc52d4425
ci: build and push Docker images in Github actions, add arm64 platform
...
Replaces the previously used Docker Hub autobuild infrastructure.
This allows for more flexible configuration of the build process,
at the expense of some extra maintenance of CI workflow files
required.
2022-05-26 03:44:13 +02:00
Laukik Hase
9857049521
gh_actions: Don't use outdated actions/checkout@master
2022-03-05 12:23:31 +05:30
Ivan Grokhotkov
d8f56d4042
github: fix pre-commit failure for PRs from forks
2022-03-01 20:07:35 +01:00
Ivan Grokhotkov
df38abf19c
github: verify pre-commit checks for PRs in Github Actions
2022-02-21 20:32:28 +03:00
Roland Dobai
d3aa071dcb
CI: Fix Python linter on Github
...
Closes https://github.com/espressif/esp-idf/pull/8366
2022-02-09 16:38:12 +01:00
Ivan Grokhotkov
7177b4fa95
ci: limit github-jira sync actions to a single concurrent run
...
to prevent race conditions when two workflows related to the same new
issue are triggered within a short interval.
2022-01-07 12:51:51 +01:00
Laukik Hase
eb766a25e0
gh_actions: Sync approved PRs to internal codebase
...
- Changed trigger from pull_request_review to pull_request_target [labeled]
2021-11-22 12:56:42 +08:00
Laukik Hase
995b398165
gh_action: Sync approved Github PRs to Gitlab
...
- Checks for forbidden files modification (.gitlab/.github) and PR approver access level
- Approver decides the approach for PR merging (Rebase or direct Merge)
2021-10-26 12:46:42 +08:00
Ivan Grokhotkov
036aae0a2c
github: remove lint jobs for unsupported python versions
2021-09-01 19:39:17 +02:00
Angus Gratton
83ccca7a19
ci: Use GitHub Actions to generate recursive source code zips for releases
...
We do this for all ESP-IDF releases, this step automates it.
Uses action added in https://github.com/espressif/github-actions/pull/10
2021-04-16 09:58:49 +10:00
morris
d003f96a9d
gh_action: fix python lint
2020-05-20 10:50:10 +08:00
morris
e51bd6deaf
gh-action:fix python lint
2020-01-01 12:56:33 +08:00
suda-morris
938069de75
gh_action: add cron job to sync remaining PRs
2019-10-29 13:10:00 +08:00
suda-morris
58577db086
gh_action: fix error on new pull request
...
1. Disable the broken pull request sync temporarily
2. move python lint from travis to github action
2019-09-17 21:59:31 +08:00
suda-morris
b64551718c
gh_action: converted main.workflow to Actions V2 yml files
2019-08-12 19:45:48 +08:00