search

hashicorp / consul

Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.
https://www.consul.io
Other
28.27k stars 4.42k forks source link

ci: update the security-scanner gha token #21748

Closed dduzgun-security closed 1 week ago

dduzgun-security commented 1 week ago

Description

Using the org level secret instead of the repository one.

Testing & Reproduction steps

If the security scan passes, we are good.

Links

PR Checklist

dduzgun-security commented 1 week ago

@zalimeni & @sarahalsmiller does this require a manual backport? Couldn't see one being generated, maybe related to https://github.com/hashicorp/consul/actions/runs/10905529788/job/30264590705?

zalimeni commented 1 week ago

@zalimeni & @sarahalsmiller does this require a manual backport? Couldn't see one being generated, maybe related to https://github.com/hashicorp/consul/actions/runs/10905529788/job/30264590705?

I think the comma added in https://github.com/hashicorp/consul/pull/21746/files#diff-a410ff1255fde1d45c73961d3a2de8e44698bdb4254a064a5aa3f6340d3f96e6R11 is causing strict HCL validation to fail in BPA, so affecting all backports. Opened a fix PR

zalimeni commented 1 week ago

Re-added label to kick off backport @dduzgun-security