search

eclipse-tractusx / .eclipsefdn

Repository to host configurations related to the Eclipse Foundation.
https://eclipse-tractusx.github.io/.eclipsefdn/
1 stars 15 forks source link

Enable secret scanning for all repos #26

Closed ghost closed 11 months ago

ghost commented 12 months ago

We (security team at EF: https://www.eclipse.org/security/team/) would like to enable secret scanning for all of the repos of eclipse projects hosted on GitHub. For that purpose we suggest changes to the configuration that the project leads can review.

github-actions[bot] commented 12 months ago
Diff for a71efef852047e1f780858a2586aebd80fd2b28e: ```diff Printing local diff for configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Actions are indicated with the following symbols: + create ! modify ! forced update - delete Organization eclipse-tractusx[id=eclipse-tractusx] there have been 39 validation infos, enable verbose output with '-v' to to display them. ! repository[name=".github"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="SSI-agent-lib"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="app-dashboard"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="bpdm"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="charts"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="daps-helm-chart"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="daps-registration-service"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="data-exchange-test-service"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="demand-capacity-mgmt"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="digital-product-pass"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="e2e-testing"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse-tractusx.github.io"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="item-relationship-service"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="knowledge-agents"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="knowledge-agents-edc"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-identity-wallet"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-identity-wallets-archived"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-service-orchestrator"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-simple-data-exchanger"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-simple-data-exchanger-backend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-simple-data-exchanger-frontend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="online-simulation-kit"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-assets"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-backend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-cd"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-frontend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-frontend-registration"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-iam"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-shared-components"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="puris"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sd-factory"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sig-infra"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sig-release"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sig-security"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-bpn-discovery"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-digital-twin-registry"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-discovery-finder"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-semantic-hub"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-semantic-models"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="ssi-docu"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="testdata-provider"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="traceability-foss"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="traceability-foss-backend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="tractus-x-release"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="tractusx-edc"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="tractusx-quality-checks"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="vas-country-risk"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="vas-country-risk-backend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } Plan: 0 to add, 48 to change, 0 to delete. ``` ```diff Showing diff to a canonical version of the configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Organization eclipse-tractusx[id=eclipse-tractusx] --- original +++ canonical @@ -399,11 +399,13 @@ web_commit_signoff_required: false } orgs.newRepo('puris-backend') { + allow_update_branch: false archived: true description: "puris-backend" web_commit_signoff_required: false } orgs.newRepo('puris-frontend') { + allow_update_branch: false archived: true description: "puris-frontend" web_commit_signoff_required: false ```
github-actions[bot] commented 11 months ago
Diff for 28e5317b5caac2fe9d31850eacc83f45ca0e1c1a: ```diff Printing local diff for configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Actions are indicated with the following symbols: + create ! modify ! forced update - delete Organization eclipse-tractusx[id=eclipse-tractusx] there have been 39 validation infos, enable verbose output with '-v' to to display them. ! repository[name=".github"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="SSI-agent-lib"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="app-dashboard"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="bpdm"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="charts"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="daps-helm-chart"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="daps-registration-service"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="data-exchange-test-service"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="demand-capacity-mgmt"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="digital-product-pass"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="e2e-testing"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse-tractusx.github.io"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="item-relationship-service"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="knowledge-agents"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="knowledge-agents-edc"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-identity-wallet"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-identity-wallets-archived"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-service-orchestrator"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-simple-data-exchanger"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-simple-data-exchanger-backend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-simple-data-exchanger-frontend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="online-simulation-kit"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-assets"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-backend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-cd"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-frontend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-frontend-registration"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-iam"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-shared-components"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="puris"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sd-factory"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sig-infra"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sig-release"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sig-security"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-bpn-discovery"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-digital-twin-registry"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-discovery-finder"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-semantic-hub"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-semantic-models"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="ssi-docu"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="testdata-provider"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="traceability-foss"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="traceability-foss-backend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="tractus-x-release"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="tractusx-edc"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="tractusx-quality-checks"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="vas-country-risk"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="vas-country-risk-backend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } Plan: 0 to add, 48 to change, 0 to delete. ``` ```diff Showing diff to a canonical version of the configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Organization eclipse-tractusx[id=eclipse-tractusx] --- original +++ canonical @@ -404,11 +404,13 @@ web_commit_signoff_required: false } orgs.newRepo('puris-backend') { + allow_update_branch: false archived: true description: "puris-backend" web_commit_signoff_required: false } orgs.newRepo('puris-frontend') { + allow_update_branch: false archived: true description: "puris-frontend" web_commit_signoff_required: false ```
github-actions[bot] commented 11 months ago
Diff for 990b030019a96464515a8a7bbe5564125df364f7: ```diff Printing local diff for configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Actions are indicated with the following symbols: + create ! modify ! forced update - delete Organization eclipse-tractusx[id=eclipse-tractusx] there have been 39 validation infos, enable verbose output with '-v' to to display them. ! repository[name=".github"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="SSI-agent-lib"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="app-dashboard"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="bpdm"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="charts"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="daps-helm-chart"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="daps-registration-service"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="data-exchange-test-service"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="demand-capacity-mgmt"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="digital-product-pass"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="e2e-testing"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse-tractusx.github.io"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="item-relationship-service"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="knowledge-agents"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="knowledge-agents-aas-bridge"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="knowledge-agents-edc"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-identity-wallet"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-identity-wallets-archived"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-service-orchestrator"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-simple-data-exchanger"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-simple-data-exchanger-backend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="managed-simple-data-exchanger-frontend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="online-simulation-kit"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-assets"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-backend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-cd"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-frontend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-frontend-registration"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-iam"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="portal-shared-components"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="puris"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sd-factory"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sig-infra"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sig-release"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sig-security"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-bpn-discovery"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-digital-twin-registry"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-discovery-finder"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-semantic-hub"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="sldt-semantic-models"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="ssi-docu"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="testdata-provider"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="traceability-foss"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="traceability-foss-backend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="tractus-x-release"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="tractusx-edc"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="tractusx-quality-checks"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="vas-country-risk"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="vas-country-risk-backend"] { ! secret_scanning_push_protection = "disabled" -> "enabled" ! } Plan: 0 to add, 49 to change, 0 to delete. ``` ```diff Showing diff to a canonical version of the configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Organization eclipse-tractusx[id=eclipse-tractusx] --- original +++ canonical @@ -403,11 +403,13 @@ web_commit_signoff_required: false } orgs.newRepo('puris-backend') { + allow_update_branch: false archived: true description: "puris-backend" web_commit_signoff_required: false } orgs.newRepo('puris-frontend') { + allow_update_branch: false archived: true description: "puris-frontend" web_commit_signoff_required: false ```
netomi commented 11 months ago

changes have been applied.