daniel-beck
commented
1 year ago Infra side of this tracked in https://github.com/jenkins-infra/helpdesk/issues/3789
Closed daniel-beck closed 7 months ago
daniel-beck
commented
1 year ago Infra side of this tracked in https://github.com/jenkins-infra/helpdesk/issues/3789
daniel-beck
commented
1 year ago daniel-beck
commented
1 year ago Packs are public. New instructions in https://github.com/jenkins-infra/jenkins-codeql/pull/34 are tested and work.
Next (and IMO last) step: Merge instructions (and release 0.0.2). Consider announcement to the dev list.
daniel-beck
commented
7 months ago 0.0.2 has been published to https://github.com/jenkins-infra/jenkins-codeql/pkgs/container/jenkins-codeql
https://github.com/jenkins-infra/jenkins-security-scan has been changed to now download the versioned packages so we're using the model ourselves.
See https://github.blog/2022-04-19-sharing-security-expertise-through-codeql-packs-part-i/
Could probably also end up replacing the https://github.com/jenkins-infra/jenkins-security-scan workflow with a more standard https://github.com/github/codeql-action based workflow, customized to use the Jenkins pack.