Commit Graph

38 Commits

Author SHA1 Message Date
Roland Dobai
558392b998 Merge branch 'feature/vulnerability_scan' into 'master'
feat: use esp-idf-sbom-action for vulnerability scan

Closes IDF-8805 and IDF-5187

See merge request espressif/esp-idf!27688
2023-12-11 21:57:05 +08:00
Frantisek Hrbata
5ec411679b feat: use esp-idf-sbom-action for vulnerability scan
This adds a github action, which performs continuous vulnerability
scanning using the esp-idf-sbom-action github action. The test
is scheduled everyday at midnight and it's also possible to start
it as dispatched workflow. This scans all possible manifest files
in repository. The references for scanning are defined in github's
VULNERABILITY_SCAN_REFS variable and a json list. For example
['master', 'release/v5.2', 'release/v5.1', 'release/v5.0', 'release/v4.4']

Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
2023-12-07 10:03:54 +01:00
Tomas Sebestik
2ad861964e
ci(danger-github): replace local Danger code by org action 2023-12-05 12:56:58 +01:00
Laukik Hase
6fc878f857
fix(ci): Use latest stable actions/checkout@v3 instead of v2 for GitHub Actions 2023-10-30 13:43:10 +05:30
Tomas Sebestik
b1a2997831 fix: GitHub action PR pre-commit check 2023-10-05 07:20:20 +02:00
Michael (XIAO Xufeng)
5a9a9620d5 Merge branch 'ci/github_template_chip_revision' into 'master'
change(github): add chip revision into templates

See merge request espressif/esp-idf!25528
2023-09-20 07:58:18 +08:00
Xiao Xufeng
c31f445754 change(github): add chip revision into templates 2023-09-12 10:16:28 +08:00
Tomas Sebestik
5295b51fcd ci(danger-github): Fix github-action-bot permissions for posting Danger output 2023-08-24 14:15:11 +02:00
Tomas Sebestik
b5a9dd156b Merge branch 'ci/update_dependabot_ignorelist' into 'master'
ci(dependabot): Update dependabot ignorelist, Danger GitHub modules

Closes IDFGH-10528

See merge request espressif/esp-idf!24511
2023-07-13 18:41:28 +08:00
Roland Dobai
686265298d ci(github): Update Python to 3.8 for pre-commit checks
Fixes issue "ERROR: Package 'conventional-precommit-linter' requires a
different Python: 3.7.17 not in '>=3.8'" of all Pull Requests.

Python 3.7 support will be dropped soon in the upcoming ESP-IDF v5.2
version.
2023-07-12 08:14:21 +02:00
Tomas Sebestik
1e9847c433 ci(dependabot): Update dependabot ignorelist, Danger GitHub modules 2023-06-30 07:08:31 +02:00
Tomas Sebestik
7add582eb7 ci(danger): add dangerjs for GitHub
Add GitHub workflow for running dangerjs on pull requests.
Add GitHub layout for DangerJS.
2023-05-29 08:23:04 +02:00
Tomas Sebestik
8249d01ede ci(github): add dependabot config
- add dependabot config file
- ignore DangerJS dependecies from dependabot
2023-05-16 08:04:43 +02:00
Ivan Grokhotkov
dbb64db552 Merge branch 'contrib/github_pr_9273' into 'master'
chore: Set permissions for GitHub actions

Closes IDFGH-7733

See merge request espressif/esp-idf!20098
2022-09-12 17:46:14 +08:00
Tomas Borcin
b2a3cc5066 Add issue forms 2022-08-20 01:17:29 +08:00
nathannaveen
8290ee4296 chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
2022-07-03 00:58:46 +00:00
Ivan Grokhotkov
212cbc3fb6
tools/docker: add README.md file to be displayed on Docker Hub
Closes https://github.com/espressif/esp-idf/issues/7933
2022-05-26 03:44:13 +02:00
Ivan Grokhotkov
6dc52d4425
ci: build and push Docker images in Github actions, add arm64 platform
Replaces the previously used Docker Hub autobuild infrastructure.
This allows for more flexible configuration of the build process,
at the expense of some extra maintenance of CI workflow files
required.
2022-05-26 03:44:13 +02:00
Laukik Hase
9857049521
gh_actions: Don't use outdated actions/checkout@master 2022-03-05 12:23:31 +05:30
Ivan Grokhotkov
d8f56d4042
github: fix pre-commit failure for PRs from forks 2022-03-01 20:07:35 +01:00
Ivan Grokhotkov
df38abf19c
github: verify pre-commit checks for PRs in Github Actions 2022-02-21 20:32:28 +03:00
Roland Dobai
d3aa071dcb CI: Fix Python linter on Github
Closes https://github.com/espressif/esp-idf/pull/8366
2022-02-09 16:38:12 +01:00
Ivan Grokhotkov
7177b4fa95 ci: limit github-jira sync actions to a single concurrent run
to prevent race conditions when two workflows related to the same new
issue are triggered within a short interval.
2022-01-07 12:51:51 +01:00
Laukik Hase
eb766a25e0 gh_actions: Sync approved PRs to internal codebase
- Changed trigger from pull_request_review to pull_request_target [labeled]
2021-11-22 12:56:42 +08:00
Laukik Hase
995b398165 gh_action: Sync approved Github PRs to Gitlab
- Checks for forbidden files modification (.gitlab/.github) and PR approver access level
- Approver decides the approach for PR merging (Rebase or direct Merge)
2021-10-26 12:46:42 +08:00
Roland Dobai
b928852426 Fix broken link in the Github issue template
Closes https://github.com/espressif/esp-idf/issues/7609
2021-09-30 11:02:08 +02:00
Ivan Grokhotkov
036aae0a2c github: remove lint jobs for unsupported python versions 2021-09-01 19:39:17 +02:00
Angus Gratton
83ccca7a19 ci: Use GitHub Actions to generate recursive source code zips for releases
We do this for all ESP-IDF releases, this step automates it.

Uses action added in https://github.com/espressif/github-actions/pull/10
2021-04-16 09:58:49 +10:00
Angus Gratton
66fb5a29bb Whitespace: Automated whitespace fixes (large commit)
Apply the pre-commit hook whitespace fixes to all files in the repo.

(Line endings, blank lines at end of file, trailing whitespace)
2020-11-11 07:36:35 +00:00
morris
d003f96a9d gh_action: fix python lint 2020-05-20 10:50:10 +08:00
morris
28bfc93419 gh: remove default label on new issues 2020-01-09 17:07:34 +08:00
morris
e51bd6deaf gh-action:fix python lint 2020-01-01 12:56:33 +08:00
Angus Gratton
7e72e12e4c github: Update to new issue templates
- Add a separate template for feature requests
- Add links to Programming Guide, Documentation pages, forum in config.yml
2019-12-20 15:20:13 +11:00
suda-morris
938069de75 gh_action: add cron job to sync remaining PRs 2019-10-29 13:10:00 +08:00
suda-morris
58577db086 gh_action: fix error on new pull request
1. Disable the broken pull request sync temporarily
2. move python lint from travis to github action
2019-09-17 21:59:31 +08:00
suda-morris
b64551718c gh_action: converted main.workflow to Actions V2 yml files 2019-08-12 19:45:48 +08:00
Angus Gratton
d0739861e8 github: Sync PRs to JIRA as well
Currently the GitHub sync half-syncs these (as it will create a JIRA issue as soon as the first
comment is made on the PR).
2019-03-14 14:29:46 +11:00
Angus Gratton
d0e3564603 github: Add workflow file to sync issues to JIRA 2019-03-08 18:39:30 +11:00