Commit Graph

49 Commits (b8df1c46b7ce3b213b80805c225493eb9e1aa629)

Author SHA1 Message Date
worldcreated df5d513283
Create defender-for-devops.yml 2025-05-27 15:26:18 -04:00
Joel Ambass 6b42224f41
Add workflow file for publishing releases to immutable action package (#1919)
This workflow file publishes new action releases to the immutable action package of the same name as this repo.

This is part of the Immutable Actions project which is not yet fully released to the public. First party actions like this one are part of our initial testing of this feature.
2024-10-03 11:03:35 +02:00
Luca Comellini b684943689
Add Ref and Commit outputs (#1180)
Signed-off-by: Luca Comellini <luca.com@gmail.com>
2024-09-05 11:57:13 -04:00
dependabot[bot] 9a9194f871
Bump docker/build-push-action from 5.3.0 to 6.5.0 (#1832)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.3.0 to 6.5.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5.3.0...v6.5.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-29 16:10:36 -04:00
dependabot[bot] dd960bd3c3
Bump docker/login-action in the minor-actions-dependencies group (#1831)
Bumps the minor-actions-dependencies group with 1 update: [docker/login-action](https://github.com/docker/login-action).


Updates `docker/login-action` from 3.1.0 to 3.3.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3.1.0...v3.3.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-29 16:10:02 -04:00
John Wesley Walker III 6ccd57f4c5
Pin actions/checkout's own workflows to a known, good, stable version. (#1776)
* Pin actions/checkout's own workflows to a known, good, stable version.

* fixed failing unit test

* fix unit test
2024-06-12 13:11:03 -04:00
dependabot[bot] b80ff79f17
Bump actions/checkout from 3 to 4 (#1697)
* Bump actions/checkout from 3 to 4

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Apply suggestions from code review

* .

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Cory Miller <13227161+cory-miller@users.noreply.github.com>
2024-05-20 14:25:59 -04:00
Cory Miller 44c2b7a8a4
README: Suggest `user.email` to be `41898282+github-actions[bot]@users.noreply.github.com` (#1707)
* README: Set `user.email` to GitHub Actions Bot

* Update workflow to use proper bot GitHub Bot email

* Prefix `user.email` with `41898282+`

To match squash merge user, else showing as two different users, see: b0948d0da0

* Update README.md

---------

Co-authored-by: Pelle Wessman <pelle@kodfabrik.se>
2024-04-30 11:50:54 -04:00
dependabot[bot] 8459bc0c7e
Bump actions/upload-artifact from 2 to 4 (#1695)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 12:39:59 -04:00
dependabot[bot] 3f603f6d5e
Bump actions/setup-node from 1 to 4 (#1696)
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 1 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v1...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 12:34:46 -04:00
dependabot[bot] fd084cde18
Bump github/codeql-action from 2 to 3 (#1694)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-24 12:33:41 -04:00
John Wesley Walker III 43045ae669
Disable `extensions.worktreeConfig` when disabling `sparse-checkout` (#1692) 2024-04-23 22:07:43 +02:00
dependabot[bot] 37b082107b
Bump the minor-actions-dependencies group with 2 updates (#1693)
Bumps the minor-actions-dependencies group with 2 updates: [docker/login-action](https://github.com/docker/login-action) and [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `docker/login-action` from 3.0.0 to 3.1.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3.0.0...v3.1.0)

Updates `docker/build-push-action` from 5.1.0 to 5.3.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5.1.0...v5.3.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-actions-dependencies
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-23 13:14:23 -04:00
Cory Miller 9839dc14a0
Add dependabot config (#1688)
* Add dependabot config
* Group minor and patch updates for NPM and GH Actions
2024-04-23 13:02:51 -04:00
John Wesley Walker III 8410ad0602
Update `actions/checkout` version in `update-main-version.yml` (#1650) 2024-03-12 12:39:30 +01:00
John Wesley Walker III b32f140b0c
Warn on attempts to publish `test-ubuntu-git` from non-main branch. (#1623)
* Warn on attempts to publish test-ubuntu-git from non-main branch.
* Rename build step to clarify that Push is optional.
2024-02-22 14:38:58 +01:00
Johannes Schindelin aadec89964
Explicitly disable sparse checkout unless asked for (#1598)
When a worktree is reused by actions/checkout and the first time sparse checkout was enabled, we need to ensure that the second time it is only a sparse checkout if explicitly asked for. Otherwise, we need to disable the sparse checkout so that a full checkout is the outcome of this Action.

## Details
* If no `sparse-checkout` parameter is specified, disable it

This should allow users to reuse existing folders when running
`actions/checkout` where a previous run asked for a sparse checkout but
the current run does not ask for a sparse checkout.

This fixes https://github.com/actions/checkout/issues/1475

There are use cases in particular with non-ephemeral (self-hosted) runners where an
existing worktree (that has been initialized as a sparse checkout) is
reused in subsequent CI runs (where `actions/checkout` is run _without_
any `sparse-checkout` parameter).

In these scenarios, we need to make sure that the sparse checkout is
disabled before checking out the files.

### Also includes:

* npm run build
* ci: verify that an existing sparse checkout can be made unsparse
* Added a clarifying comment about test branches.
* `test-proxy` now uses newly-minted `test-ubuntu-git` container image from ghcr.io

---------

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Co-authored-by: John Wesley Walker III <81404201+jww3@users.noreply.github.com>
2024-02-21 13:56:19 +01:00
John Wesley Walker III df0bcddf6d
Refine workflow for generating `test-ubuntu-git` (#1617) 2024-02-21 12:46:47 +01:00
John Wesley Walker III 473055ba18
Create `test-ubuntu-git` Docker Container for Proxy Tests (#1616) 2024-02-20 17:08:08 +01:00
Finley Garton c533a0a4cf
Add support for partial checkout filters (#1396)
* added filter option & tests

* added build file

* fix test oversight

* added exit 1

* updated docs to specify override

* undo unneeded readme change

* set to undefined rather than empty string

* run git config in correct di

---------

Co-authored-by: Cory Miller <13227161+cory-miller@users.noreply.github.com>
2023-09-22 13:30:36 -04:00
Tatyana Kostromskaya 3df4ab11eb
Release 4.0.0 (#1447)
* Release 4.0.0

* Add new major version to workflow
2023-09-04 14:19:40 +02:00
Tatyana Kostromskaya 97a652b800
Update default runtime to node20 (#1436)
* .

* update workflows
2023-08-29 17:01:52 +02:00
Johannes Schindelin d106d4669b
Add support for sparse checkouts (#1369)
* Add support for sparse checkouts

* sparse-checkout: optionally turn off cone mode

While it _is_ true that cone mode is the default nowadays (mainly for
performance reasons: code mode is much faster than non-cone mode), there
_are_ legitimate use cases where non-cone mode is really useful.

Let's add a flag to optionally disable cone mode.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

* Verify minimum Git version for sparse checkout

The `git sparse-checkout` command is available only since Git version
v2.25.0. The `actions/checkout` Action actually supports older Git
versions than that; As of time of writing, the minimum version is
v2.18.0.

Instead of raising this minimum version even for users who do not
require a sparse checkout, only check for this minimum version
specifically when a sparse checkout was asked for.

Suggested-by: Tingluo Huang <tingluohuang@github.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

* Support sparse checkout/LFS better

Instead of fetching all the LFS objects present in the current revision
in a sparse checkout, whether they are needed inside the sparse cone or
not, let's instead only pull the ones that are actually needed.

To do that, let's avoid running that preemptive `git lfs fetch` call in
case of a sparse checkout.

An alternative that was considered during the development of this patch
(and ultimately rejected) was to use `git lfs pull --include <path>...`,
but it turned out to be too inflexible because it requires exact paths,
not the patterns that are available via the sparse checkout definition,
and that risks running into command-line length limitations.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

---------

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Co-authored-by: Daniel <daniel.fernandez@feverup.com>
2023-06-09 09:08:21 -04:00
Tingluo Huang cd6a9fd493
Update update-main-version.yml 2023-03-23 22:44:49 -04:00
Bassem Dghaidi 7b187184d1
Upgrade codeql actions to v2 (#1209) 2023-03-09 10:59:09 -05:00
Cory Miller 5c3ccc22eb
Replace datadog/squid with ubuntu/squid Docker image (#1002)
* test with ubuntu/squid

* Start a contributing guide

* remove link
2022-11-10 15:54:12 -05:00
Francesco Renzi 8230315d06
Add workflow to update a main version (#942)
* Add workflow to update a main version

* New line
2022-10-04 13:44:41 +01:00
Tingluo Huang 0ffe6f9c55
Add set-safe-directory input to allow customers to take control. (#770)
* Add set-safe-directory input to allow customers to take control.
2022-04-20 21:37:43 -04:00
Thomas Boop 2d1c1198e7
update test workflows to checkout v3 (#709) 2022-03-01 13:02:13 -05:00
Thomas Boop 8f9e05e482
Update to node 16 (#689)
* Update to node 16

* update setup-node version

* Update check-dist.yml

update setup node version

* update dist/index.js
2022-02-28 16:17:29 -05:00
eric sciple fd47087372
codeql should analyze lib not dist (#620) 2021-10-20 15:11:24 -05:00
eric sciple 3d677ac575
script to generate license info (#614) 2021-10-19 14:30:04 -05:00
Jeremy Epling c49af7ca1f
Create codeql-analysis.yml (#602) 2021-10-18 16:28:25 -05:00
Brian Cristante afe4af09a7
Create check-dist.yml (#566)
* Add check-dist.yml

* Don't need to mv to git diff

* Upload the whole dist/ directory as an artifact

* Update .github/workflows/check-dist.yml
2021-08-17 16:08:22 -04:00
Thomas Boop 21dc310f19
Add `Licensed` To Help Verify Prod Licenses (#326)
* Add Licensed file and workflow

* manual updates of dependencies

* Delete licenses.txt

* Ignore Generated Files in Git PR's
2020-09-10 09:24:29 -04:00
eric sciple 1433f62caa
update default branch (#305) 2020-07-14 09:23:30 -04:00
eric sciple 80602fafba
convert SSH URL to HTTPS (#179) 2020-03-10 10:45:50 -04:00
eric sciple 422dc45671
add support for submodules (#173) 2020-03-05 14:21:59 -05:00
eric sciple f219062370
more unit tests and corresponding refactoring (#174) 2020-03-02 11:33:30 -05:00
eric sciple f95f2a3856
Update test.yml 2020-01-27 10:26:27 -05:00
eric sciple f90c7b395d
follow proxy settings (#144) 2020-01-27 10:21:50 -05:00
eric sciple db41740e12
consume v2 action during build (#131) 2020-01-03 12:49:41 -05:00
eric sciple 722adc63f1
update examples to reference v2 tag (#110) 2019-12-13 00:00:48 -05:00
eric sciple 3537747199
fix ref (#109) 2019-12-12 14:44:19 -05:00
eric sciple c170eefc26
add input persist-credentials (#107) 2019-12-12 13:49:26 -05:00
eric sciple a572f640b0
fallback to REST API to download repo (#104) 2019-12-12 13:16:16 -05:00
eric sciple e347bba93b
Convert checkout to a regular action (#70) 2019-12-03 10:28:59 -05:00
Thomas Boop 50fbc622fc
Reverted Changes to Git Config and Authentication (#64)
v1.2.0 Release - Reverted changes to git just works authentication
2019-11-21 11:04:30 -05:00
Tingluo Huang 0b496e91ec Upgrade checkout to v1.1.0 to better support scripting git. (#56)
* Upgrade checkout to v1.1.0 to better support scripting git.

* add changelog

* Update README.md

* Add local testing yaml

* Add Status Badge to readme
2019-10-25 10:52:59 -04:00