Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create devcontainer.json #2415

Open
wants to merge 1,206 commits into
base: updae_azure_python_cache
Choose a base branch
from
Open

Create devcontainer.json #2415

wants to merge 1,206 commits into from

Conversation

Bgcvbb
Copy link

@Bgcvbb Bgcvbb commented May 30, 2024
edited
Loading

Pre-requisites

  • Prior to submitting a new workflow, please apply to join the GitHub Technology Partner Program: partner.github.com/apply.

Please note that at this time we are only accepting new starter workflows for Code Scanning. Updates to existing starter workflows are fine.

Tasks

For all workflows, the workflow:

  • Should be contained in a .yml file with the language or platform as its filename, in lower, kebab-cased format (for example, docker-image.yml). Special characters should be removed or replaced with words as appropriate (for example, "dotnet" instead of ".NET").
  • Should use sentence case for the names of workflows and steps (for example, "Run tests").
  • Should be named only by the name of the language or platform (for example, "Go", not "Go CI" or "Go Build").
  • Should include comments in the workflow for any parts that are not obvious or could use clarification.
  • Should specify least privileged permissions for GITHUB_TOKEN so that the workflow runs successfully.

For CI workflows, the workflow:

  • Should be preserved under the ci directory.
  • Should include a matching ci/properties/*.properties.json file (for example, ci/properties/docker-publish.properties.json).
  • Should run on push to branches: [ $default-branch ] and pull_request to branches: [ $default-branch ].
  • Packaging workflows should run on release with types: [ created ].
  • Publishing workflows should have a filename that is the name of the language or platform, in lower case, followed by "-publish" (for example, docker-publish.yml).

For Code Scanning workflows, the workflow:

  • Should be preserved under the code-scanning directory.
  • Should include a matching code-scanning/properties/*.properties.json file (for example, code-scanning/properties/codeql.properties.json), with properties set as follows:
    • name: Name of the Code Scanning integration.
    • creator: Name of the organization/user producing the Code Scanning integration.
    • description: Short description of the Code Scanning integration.
    • categories: Array of languages supported by the Code Scanning integration.
    • iconName: Name of the SVG logo representing the Code Scanning integration. This SVG logo must be present in the icons directory.
  • Should run on push to branches: [ $default-branch, $protected-branches ] and pull_request to branches: [ $default-branch ]. We also recommend a schedule trigger of cron: $cron-weekly (for example, codeql.yml).

Some general notes:

  • This workflow must only use actions that are produced by GitHub, in the actions organization, or
  • This workflow must only use actions that are produced by the language or ecosystem that the workflow supports. These actions must be published to the GitHub Marketplace. We require that these actions be referenced using the full 40 character hash of the action's commit instead of a tag. Additionally, workflows must include the following comment at the top of the workflow file: 
    # This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
  • Automation and CI workflows should not send data to any 3rd party service except for the purposes of installing dependencies.
  • Automation and CI workflows cannot be dependent on a paid service or product.

simon-engledew and others added 30 commits December 13, 2022 10:30
@simon-engledew
Fix code-scanning filtering for relative paths
89d867e
@simon-engledew
Merge pull request actions#1858 from actions/simon-engledew/folder-fix
dcac13e 
Fix code-scanning filtering for relative paths
@Phantsure
Merge branch 'main' into patch-1
af17d71
@SOOS-JAlvarez
Merge branch 'main' into soos-dast-update
babc52e
@SOOS-JAlvarez
linter
1006a37
@Phantsure
Merge pull request actions#1853 from SOOS-JAlvarez/soos-dast-update
970ed25 
Update SOOS DAST Action Version
@Phantsure
Update lint.yaml
a2fbfc4
@Phantsure
Merge branch 'main' into patch-1
c363441
@Phantsure
Merge pull request actions#1851 from coadaflorin/patch-1
ee36d0c 
Add explanation on which value to use to scan Kotlin and TypeScript
@Phantsure
Update lint.yaml
ef331a6
@Phantsure
Merge branch 'main' into phantsure/lint-fix
09f1d3b
@Phantsure
Merge pull request actions#1844 from actions/phantsure/lint-fix
9877123 
Fix whitespace lint
@chrisgavin
Add Kotlin to CodeQL supported languages.
95cee2a
@jmooring
Fix and improve Hugo starter action
50c4e6f 
Closes actions#1854
@chrisgavin
Merge pull request actions#1863 from actions/codeql-kotlin-support
68aed0e 
Add Kotlin to CodeQL supported languages.
@yoannchaudet
Merge branch 'main' into fix/hugo-download-url
79f135d
@yoannchaudet
Merge pull request actions#1855 from jmooring/fix/hugo-download-url
5276b30 
Fix and improve Hugo starter action
@Phantsure
Merge branch 'main' into main
0a33ad9
@Phantsure
Merge pull request actions#1780 from patelchandni/main
4de66f3 
Starter Workflows for Azure Function App
@SamMorrowDrums
Fix pre-commit lints (actions#1877)
d248c34
@mattxwang
Update all pinned versions of ruby/setup-ruby to latest (actions#1869)
65ce1d1
@dependabot
Bump actions/stale from 6 to 7
2d6e0ed 
Bumps [actions/stale](https://github.com/actions/stale) from 6 to 7.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](actions/stale@v6...v7)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@Phantsure
Merge pull request actions#1881 from actions/dependabot/github_action…
df35718 
…s/actions/stale-7

Bump actions/stale from 6 to 7
@Phantsure
Add quotes to python version (actions#1878)
28a47a7
@mihaimaruseac @Phantsure
Update SLSA generators to v1.4.0 (actions#1884)
f95dae1 
Since GitHub's deprecation of `set-ouput`, the SLSA reusable workflows
needed to change. This PR updates them to the latest version.

Fixes slsa-framework/slsa-github-generator#1302

Signed-off-by: Mihai Maruseac <[email protected]>

Signed-off-by: Mihai Maruseac <[email protected]>
Co-authored-by: Sampark Sharma <[email protected]>
@gabibguti @Phantsure
Update 'Scorecards' occurrences to 'Scorecard' (actions#1889)
9f245d9 
* Update Scorecard naming occurences

Signed-off-by: Gabriela Gutierrez <[email protected]>

* Update Scorecard icon naming

Signed-off-by: Gabriela Gutierrez <[email protected]>

* Update Scorecard workflow naming

Signed-off-by: Gabriela Gutierrez <[email protected]>

Signed-off-by: Gabriela Gutierrez <[email protected]>
Co-authored-by: Sampark Sharma <[email protected]>
@aegilops @Phantsure
Added Bandit starter workflow and properties file (actions#1859)
a3c3cf2 
* Added Bandit starter workflow and properties file. Python security scanner, Action by a Hubber, wraps free tool

* Set icon name to one in the icons folder

* Switched to Bandit's own SVG icon

* Added workflow disclaimer

* Fixed author name

Co-authored-by: Sampark Sharma <[email protected]>
@JamesMGreene
Update all Pages starter workflows to use actions/configure-pages@v3
9151316
@bishal-pdMSFT
Try to fix lint error (actions#1914)
96f31da
@Phantsure
Merge branch 'main' into pages/config-v3
17dc1d5
ctcampbell and others added 26 commits January 29, 2024 10:09
@ctcampbell
Add perms for comment-summary-in-pr
e67682c
@jonjanego
Update CODEOWNERS
1d205de 
adding dependency graph team as an additional codeowner for the /code-scanning/ directory
@jonjanego
Update CODEOWNERS
7a5fb79
@cdb
Merge pull request actions#2287 from actions/jonjanego-patch-1
170651f 
Update CODEOWNERS
@JamesMGreene
Update all Pages workflows to actions/cache@v4 for node20 compliance
fc7f47d
@JamesMGreene
Merge pull request actions#2288 from actions/pages-cache-v4
196126a 
Update all Pages workflows to `actions/cache@v4` for `node20` compliance
@jonjanego
Merge branch 'main' into patch-1
c969459
@jonjanego
Update dependency-review.yml
cea0111 
removing extra whitespace
@jonjanego
Merge pull request actions#2242 from ctcampbell/patch-1
0753b8d 
Update dependency-review.yml actions/checkout version, add common with: options, and add comments for dependency submission
@bigdaz
Update for gradle/[email protected] release
2d30c1b 
- Bump version hashes to use `v3.0.0` of Gradle action
- Bump to Node20-compatible versions of `actions/checkout` and `actions/setup-java`
- Replace uses of `gradle/gradle-build-action` with `gradle/actions/setup-gradle`
- Split "Setup Gradle" step out of "Run Gradle" steps
- Add separate Job using `gradle/actions/dependency-submission` (flagged as optional)
- Bump to setup JDK 17
@bigdaz
Improve documentation in starter workflow
b0b8840 
- Remove "optional" flag from dependency-submission
- Add example of running without Gradle wrapper
- Link to action docs
@bigdaz
Remove trailing whitespace
51848d8
@bigdaz
Fix typo
6c78198
@jonjanego
Merge pull request actions#2290 from bigdaz/main
aecd7f3 
Update for `gradle/[email protected]` release
@SOOS-GSteen
soos-dast-scan.yml update (actions#2240)
6e4aae9 
* Update soos-dast-scan.yml

* use major version syntax

* code review

* lint

* Update soos-dast-scan.yml
@jonjanego
Changing default behavior to include comment summary in PR
ba9d378 
also gave the workflow the appropriate permissions required, pull-requests: write
@jonjanego @felickz
Update code-scanning/dependency-review.yml
8aab15d 
begone, whitespace

Co-authored-by: Chad Bentz <[email protected]>
@sampart
Code Scanning shouldn't own dependency-review.yml
c4f5db6
@jonjanego
Merge pull request actions#2297 from actions/jonjanego-patch-1
da7a61e 
Changing default behavior to include comment summary in PR
@sampart
Merge branch 'main' into dependency-review-ownership
813dc76
@sampart
Merge pull request actions#2299 from actions/dependency-review-ownership
2b5d980 
Code Scanning shouldn't own `dependency-review.yml`
@bigdaz
Update for gradle/[email protected] release
d303234 
- Bump version hashes to use `gradle/actions/[email protected]`
- Bump version hash to use `gradle/actions/[email protected]`
@jonjanego
Merge pull request actions#2305 from bigdaz/main
be55258 
Update for `gradle/[email protected]` release
@felickz
tfsec latest v0.1.4 (actions#2318)
0327789
@timheuer @alexisabril
Updating dotnet CI starter workflows (actions#2333)
3fb9f82 
* Update dotnet.yml

Updating versions

* Update dotnet-desktop.yml

Bumping versions

* Update ci/dotnet-desktop.yml

Co-authored-by: Alexis Abril <[email protected]>

---------

Co-authored-by: Alexis Abril <[email protected]>
@Bgcvbb
Create devcontainer.json
931ae89
@Bgcvbb Bgcvbb requested review from a team as code owners May 30, 2024 21:57
@Bgcvbb Bgcvbb changed the base branch from main to updae_azure_python_cache May 31, 2024 21:06
@Bgcvbb Bgcvbb requested a review from a team as a code owner May 31, 2024 21:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet