Open rbarkerSL opened 4 months ago
@rbarkerSL @andrewb1269hg In the build.yml
and main.yml
workflows there are multiple places with a hard-coded key.
The non-administrative checks are done. @andrewb1269hg assigning over to you.
@rbarkerSL @andrewb1269hg In the
build.yml
andmain.yml
workflows there are multiple places with a hard-coded key.
We will need to add the keys as secrets and then open up a freshdesk ticket for regenerating the keys with the appropriate repository owners.
Contents
Administrative Audit Criteria
Check Actions State
Check if Actions should be disabled
If actions have not been run in the previous 6 months they should be disabled:
Repository Settings Checks
App Integrations
If actions are enabled:
Security Checks
npx playwright install deps
is used to install OS dependencies instead ofaptitude
Custom Properties
last-ci-review-by-team
is setlast-ci-review-date
is set (Use format:YYYY-MM-DD
)Non-Administrative Audit Criteria
Dependabot
Workflow checks
Self Hosted Runners
runs-on
stanzaCODEOWNERS
.github/CODEOWNERS
is valid and up-to-dateOther
Repository Settings
Acceptance Criteria