search

Clinical-Genomics / cgstats

Models and connecting to clinstatsdb
0 stars 0 forks source link

Remove Travis-CI #34

Closed barrystokman closed 1 year ago

barrystokman commented 2 years ago

see https://github.com/Clinical-Genomics/IT-issues/issues/531

We're writing to let you know that the names of the organizations your GitHub account is a member of, if any, were likely viewed as part of an attack campaign against GitHub customers. Unless you have received a separate notification from GitHub indicating otherwise, we do NOT have evidence to suggest that the attacker used your account to view other private information, such as repository names or content.

We've shared details of this campaign on our blog:

https://github.blog/2022-04-15-security-alert-stolen-oauth-user-tokens/

GitHub provides a platform that third-parties can integrate with by building various apps. These apps, and the secrets associated with >them, are in control of the third-parties that build, own, and maintain the apps. Loss of control of these secrets can result in >unauthorized parties using them to access the GitHub repositories for which they are authorized. This attack campaign did not result >from a compromise of GitHub.com, but rather relates to the compromise of these secrets held by Heroku and Travis CI.

If you have questions or need assistance regarding affected OAuth applications maintained by Heroku, please contact Heroku >Support (https://help.heroku.com/). Updates can be found on their status site: https://status.heroku.com/incidents/2413

If you have questions or need assistance regarding affected OAuth applications maintained by Travis CI, please reach out to >compliance@travis-ci.com.

Thanks, GitHub Security <Reference # GH-0200941-4895-6>

barrystokman commented 2 years ago

@karlnyr Travis CI is a hot mess anyway for this repo, so I assume removing it outright is no issue. Do you want to replace it with GitHub actions?

karlnyr commented 2 years ago

Yeah I agree with you. I assume the simplest would be to straight up copy the action from cg using coveralls. Is it possible to use the same coveralls account for two different repos?

henrikstranneheim commented 2 years ago

No, you have to log in to coveralls and connect this repo to the clinical genomics coveralls as it’s own repo. Most other stuff can be copied from other workflows