Cutlery/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2026-05-25 08:12:31 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore: apply security best practices for CI (#7066)
Tests / test (./cmd/caddy/caddy, ~1.24.1, ubuntu-latest, 0, 1.24, linux) (push) Failing after 3m9s
Details
Tests / test (s390x on IBM Z) (push) Has been skipped
Details
Tests / goreleaser-check (push) Has been skipped
Details
Cross-Build / build (~1.24.1, 1.24, aix) (push) Successful in 1m37s
Details
Cross-Build / build (~1.24.1, 1.24, darwin) (push) Successful in 1m32s
Details
Cross-Build / build (~1.24.1, 1.24, dragonfly) (push) Successful in 1m42s
Details
Cross-Build / build (~1.24.1, 1.24, freebsd) (push) Successful in 1m47s
Details
Cross-Build / build (~1.24.1, 1.24, illumos) (push) Successful in 1m44s
Details
Cross-Build / build (~1.24.1, 1.24, linux) (push) Successful in 1m46s
Details
Cross-Build / build (~1.24.1, 1.24, netbsd) (push) Successful in 1m32s
Details
Cross-Build / build (~1.24.1, 1.24, openbsd) (push) Successful in 1m27s
Details
Cross-Build / build (~1.24.1, 1.24, solaris) (push) Successful in 1m26s
Details
Cross-Build / build (~1.24.1, 1.24, windows) (push) Successful in 1m30s
Details
Lint / lint (ubuntu-latest, linux) (push) Successful in 2m18s
Details
Lint / govulncheck (push) Successful in 1m24s
Details
Lint / dependency-review (push) Failing after 1m1s
Details
OpenSSF Scorecard supply-chain security / Scorecard analysis (push) Failing after 2s
Details
Tests / test (./cmd/caddy/caddy, ~1.24.1, macos-14, 0, 1.24, mac) (push) Has been cancelled
Details
Tests / test (./cmd/caddy/caddy.exe, ~1.24.1, windows-latest, True, 1.24, windows) (push) Has been cancelled
Details
Lint / lint (macos-14, mac) (push) Has been cancelled
Details
Lint / lint (windows-latest, windows) (push) Has been cancelled
Details

Browse Source 
* chore: apply security best practices for CI

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* remove redundant codeql job

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* run scorecard flow on PRs

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

---------

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
This commit is contained in:
Mohammed Al Sahaf
2025-06-16 23:14:09 +03:00
committed by GitHub
parent 3d0b4fac5a
commit 2f0fc62b34
8 changed files with 117 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/release_published.yml
+10 -2
View File
@@ -5,6 +5,9 @@ on:
release:
types: [published]
permissions:
contents: read
jobs:
release:
name: Release Published
@@ -20,8 +23,13 @@ jobs:
steps:
# See https://github.com/peter-evans/repository-dispatch
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
with:
egress-policy: audit
- name: Trigger event on caddyserver/dist
uses: peter-evans/repository-dispatch@v3
uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0
with:
token: ${{ secrets.REPO_DISPATCH_TOKEN }}
repository: caddyserver/dist
@@ -29,7 +37,7 @@ jobs:
client-payload: '{"tag": "${{ github.event.release.tag_name }}"}'
- name: Trigger event on caddyserver/caddy-docker
uses: peter-evans/repository-dispatch@v3
uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0
with:
token: ${{ secrets.REPO_DISPATCH_TOKEN }}
repository: caddyserver/caddy-docker