-
The check on the [headlamp OpenSSF scorecard](https://scorecard.dev/viewer/?uri=github.com/headlamp-k8s/headlamp) identifies a number of dependencies where we don't pin the version hash.
![image](h…
-
An example workflow to execute the docker image would be helpful to provide, something like:
```
# This is a basic workflow to help you get started with Actions
name: Prune Code Artifact Reposi…
-
**Merge branch 'Rock-Candy-Tea:main' into main #**
Run pip install -r requirements.txt
Collecting aiofiles==0.8.0 (from -r requirements.txt (line 1))
Downloading aiofiles-0.8.0-py3-none-any.whl.m…
-
# Summary
Closely related to #9769 and #11953
Can see our scores for OpenSSF Scorecard from the badge link here: https://api.securityscorecards.dev/projects/github.com/argoproj/argo-workflows
…
-
### Prerequisites
- [X] I have written a descriptive issue title.
- [X] I have searched all issues/PRs to ensure it has not already been reported or fixed.
- [X] I have verified that I am using t…
-
### Describe the bug
Just like #953, OIDC seems to break down when the IAM role contains "GitHub." The runner couldn't assume the role of "github-action-deploy-to-staging" or "test-github-cicd," bu…
-
```mermaid
graph LR
subgraph workflow
githubAction --> j0a
subgraph job0
j0a(Step0)
j0b(Step1)
j0c(Step2)
j0d(Step3)
end
subgraph job1
…
-
Hello Team ,
I am new to Bomber Tool. I have extracted the SBOM from Github UI . And trying to scanning it through the tool.
It gives me the below Result though my json files has the packages
…
-
### Subject of the issue
AWS has deprecated CodeCommit for new customers since June 2023. Running org-formation init-pipeline would normally create a codecommit repository, but will now fail for new …
-
# 概要
github actionsを利用してリリース作業を自動化
# 目的
現状のリリース作業は
- git tag付け作業が手動で実行
この手動になっている部分をgithubactionを利用することで自動化したい
# 提案内容
手動になっている部分をgithubactionを利用することで自動化したい
# タスク
- [ ] githubactions workflo…