Wykres commitów

25 Commity (36297f93e73844d376be735ada4853e1cd4241ab)

Autor SHA1 Wiadomość Data
Roland Dobai 558392b998 Merge branch 'feature/vulnerability_scan' into 'master'
feat: use esp-idf-sbom-action for vulnerability scan

Closes IDF-8805 and IDF-5187

See merge request espressif/esp-idf!27688
2023-12-11 21:57:05 +08:00
Frantisek Hrbata 5ec411679b feat: use esp-idf-sbom-action for vulnerability scan
This adds a github action, which performs continuous vulnerability
scanning using the esp-idf-sbom-action github action. The test
is scheduled everyday at midnight and it's also possible to start
it as dispatched workflow. This scans all possible manifest files
in repository. The references for scanning are defined in github's
VULNERABILITY_SCAN_REFS variable and a json list. For example
['master', 'release/v5.2', 'release/v5.1', 'release/v5.0', 'release/v4.4']

Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
2023-12-07 10:03:54 +01:00
Tomas Sebestik 2ad861964e
ci(danger-github): replace local Danger code by org action 2023-12-05 12:56:58 +01:00
Laukik Hase 6fc878f857
fix(ci): Use latest stable actions/checkout@v3 instead of v2 for GitHub Actions 2023-10-30 13:43:10 +05:30
Tomas Sebestik b1a2997831 fix: GitHub action PR pre-commit check 2023-10-05 07:20:20 +02:00
Tomas Sebestik 5295b51fcd ci(danger-github): Fix github-action-bot permissions for posting Danger output 2023-08-24 14:15:11 +02:00
Roland Dobai 686265298d ci(github): Update Python to 3.8 for pre-commit checks
Fixes issue "ERROR: Package 'conventional-precommit-linter' requires a
different Python: 3.7.17 not in '>=3.8'" of all Pull Requests.

Python 3.7 support will be dropped soon in the upcoming ESP-IDF v5.2
version.
2023-07-12 08:14:21 +02:00
Tomas Sebestik 7add582eb7 ci(danger): add dangerjs for GitHub
Add GitHub workflow for running dangerjs on pull requests.
Add GitHub layout for DangerJS.
2023-05-29 08:23:04 +02:00
nathannaveen 8290ee4296 chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
2022-07-03 00:58:46 +00:00
Ivan Grokhotkov 212cbc3fb6
tools/docker: add README.md file to be displayed on Docker Hub
Closes https://github.com/espressif/esp-idf/issues/7933
2022-05-26 03:44:13 +02:00
Ivan Grokhotkov 6dc52d4425
ci: build and push Docker images in Github actions, add arm64 platform
Replaces the previously used Docker Hub autobuild infrastructure.
This allows for more flexible configuration of the build process,
at the expense of some extra maintenance of CI workflow files
required.
2022-05-26 03:44:13 +02:00
Laukik Hase 9857049521
gh_actions: Don't use outdated actions/checkout@master 2022-03-05 12:23:31 +05:30
Ivan Grokhotkov d8f56d4042
github: fix pre-commit failure for PRs from forks 2022-03-01 20:07:35 +01:00
Ivan Grokhotkov df38abf19c
github: verify pre-commit checks for PRs in Github Actions 2022-02-21 20:32:28 +03:00
Roland Dobai d3aa071dcb CI: Fix Python linter on Github
Closes https://github.com/espressif/esp-idf/pull/8366
2022-02-09 16:38:12 +01:00
Ivan Grokhotkov 7177b4fa95 ci: limit github-jira sync actions to a single concurrent run
to prevent race conditions when two workflows related to the same new
issue are triggered within a short interval.
2022-01-07 12:51:51 +01:00
Laukik Hase eb766a25e0 gh_actions: Sync approved PRs to internal codebase
- Changed trigger from pull_request_review to pull_request_target [labeled]
2021-11-22 12:56:42 +08:00
Laukik Hase 995b398165 gh_action: Sync approved Github PRs to Gitlab
- Checks for forbidden files modification (.gitlab/.github) and PR approver access level
- Approver decides the approach for PR merging (Rebase or direct Merge)
2021-10-26 12:46:42 +08:00
Ivan Grokhotkov 036aae0a2c github: remove lint jobs for unsupported python versions 2021-09-01 19:39:17 +02:00
Angus Gratton 83ccca7a19 ci: Use GitHub Actions to generate recursive source code zips for releases
We do this for all ESP-IDF releases, this step automates it.

Uses action added in https://github.com/espressif/github-actions/pull/10
2021-04-16 09:58:49 +10:00
morris d003f96a9d gh_action: fix python lint 2020-05-20 10:50:10 +08:00
morris e51bd6deaf gh-action:fix python lint 2020-01-01 12:56:33 +08:00
suda-morris 938069de75 gh_action: add cron job to sync remaining PRs 2019-10-29 13:10:00 +08:00
suda-morris 58577db086 gh_action: fix error on new pull request
1. Disable the broken pull request sync temporarily
2. move python lint from travis to github action
2019-09-17 21:59:31 +08:00
suda-morris b64551718c gh_action: converted main.workflow to Actions V2 yml files 2019-08-12 19:45:48 +08:00