opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-08-06 19:44:14 +08:00
Code Issues Packages Projects Releases Wiki Activity
25,683 Commits 54 Branches 249 Tags
Commit Graph

6 Commits

Author SHA1 Message Date
Paul Holzinger
a93b63c4ad remove .github/workflows/pr-title.yml 
This is not used and AFAICT has not trigger any actions for a very long
time I guess:
https://github.com/containers/podman/actions/workflows/pr-title.yml

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
 2025-06-17 18:43:24 +02:00
naveensrinivasan
9cacc18c95 Set permissions for GitHub actions 
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
 2022-03-30 20:36:23 +00:00
naveensrinivasan
1821eb3837 Pin actions to a full length commit SHA 
- Pinned actions by SHA https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

>Pin actions to a full length commit SHA

>Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions

Also dependabot supports upgrades based on SHA.

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
 2022-03-28 19:00:16 +00:00
Ed Santiago
e187423d2a Yet another iteration on PR title plugin 
PR #8147 made things worse: it's not valid YAML. This at
least is valid YAML. I have no idea if it yields the
desired result, and we won't even know until it gets
merged, but at least it won't cause fatal syntax errors.

Signed-off-by: Ed Santiago <santiago@redhat.com>
 2020-10-26 13:44:59 -06:00
Valentin Rothberg
153531d435 pr update action: fix errors on master branch 
The action fails on the master branch as the regex does not match.
The error in this scenario is unfortunate and not of much value as
we do not want to change PR titles on the master branch.

To fix it, entirely disable the action on the master branch which
in restrospective may be a better approach as we do not fire off the
action.

Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2020-10-26 13:09:20 +01:00
Valentin Rothberg
b26a1085cd add GitHub action to add non-main branch to PR title 
Add a GitHub action to add the name of the target branch as prefix to
the title of a pull request.  It is easy to miss the target of a given
pull request which has already caused issues of commits going into
non-main branches without intention.

We have already used this action on the `v2.0.5-rhel` branch with
limited success.  Fortunately, the upstream implemented our feature
request to support adding the _target_ branch name (rather than the
source) to the PR title, which is what we need.

Any non-main branch from this commit forward will now be clearly marked.

Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
 2020-10-25 11:34:37 +01:00