search

eclipse-edc / .eclipsefdn

Repository to host configurations related to the Eclipse Foundation.
https://eclipse-edc.github.io/.eclipsefdn/
0 stars 3 forks source link

Enable secret scanning for all repos #4

Closed ghost closed 1 year ago

ghost commented 1 year ago

What this PR changes/adds

We (security team at EF: https://www.eclipse.org/security/team/) would like to enable secret scanning for all of the repos of eclipse projects hosted on GitHub. For that purpose we suggest changes to the configuration that the project leads can review.

Why it does that

GitHub scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally.

Further notes

If you require additional information about GitHub Secret scanning before reviewing this pull request, please refer to the following GitHub document: Link to GitHub Document About secret scanning.

Feel free to reach out if you have any questions.

Thank you,

github-actions[bot] commented 1 year ago
Diff for 6c52aba17b0602571d5d2ad41a6f1e0015a6d96c: ```diff Printing local diff for configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Actions are indicated with the following symbols: + create ! modify ! forced update - delete Organization eclipse-edc[id=eclipse-edc] there have been 58 validation infos, enable verbose output with '-v' to to display them. ! repository[name=".github"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="Collateral"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="Connector"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="DataDashboard"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="FederatedCatalog"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="GradlePlugins"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="IDS-CodeGeneration"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="IDS-Serializer"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="IdentityHub"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="JenkinsPipelines"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="MinimumViableDataspace"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="Publications"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="RegistrationService"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="Release"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="Runtime-Metamodel"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="Samples"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="Technology-Aws"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="Technology-Azure"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="Technology-Gcp"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="Template-Basic"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="TrustFrameworkAdoption"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="docs"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="json-ld-context"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } Plan: 0 to add, 46 to change, 0 to delete. ``` ```diff Showing diff to a canonical version of the configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Organization eclipse-edc[id=eclipse-edc] ```
netomi commented 1 year ago

changes have been applied.