This repository is meant to hold the setup for requesting actions to be used internally in paritytech
organization
security-check
Issue labeled security scan
is triggered. It will fork requested GHA to the paritytech-actions-sandbox
org and execute several automated checks, enables dependabot-alertsload-dependabot-alerts
. GitHub needs some time to create report after alerts enabled at step 4. Link to its findings will be posted to the issuefinal-signoff
tag applied and GHA will get forked to the main paritytech
organization and becomes available for use.Currently we run the following checks:
For configuration of the workflows in this repository, we use the following secrets:
Name | Example value | Description |
---|---|---|
ACTIONS_STEP_DEBUG | true | Get additional debugging logs in Actions |
GH_TOKEN | ghp_***** | GitHub Token with enough access to fork the repos into a specific org |
These are the secrets that it uses: | Name | Example value | Description |
---|---|---|---|
PROJECT_ACCOUNT | paritytech-actions | Account name under which the project is linked to | |
PROJECT_NUMBER | 1 | The number of the project | |
PROJECT_TOKEN | ghp_***** | A token with access to add issues to the project |