substratusai / kubeai

Private Open AI on Kubernetes
https://www.kubeai.org
Apache License 2.0
449 stars 38 forks source link

Improve supply chain security #49

Open alpe opened 10 months ago

alpe commented 10 months ago

I found some nice examples in https://github.com/sozercan/aikit/tree/main/.github/workflows

Not related to supply chain security but code quality

samos123 commented 10 months ago

I'm all for security improvements, but at the same need to ensure that:

I think all of your tasks make sense, except Harden Runner might make adding and updating GH workflows a bit more painful, but at the same time it does seem good to prevent malicious PRs as well.