Enable trivy and dependabot on 1.0 branch (#3046)
Signed-off-by: strailov <Stanislav.Trailov@bosch.io>
This commit is contained in:
committed by
GitHub
parent
111658a548
commit
976106c75f
17
.github/dependabot.yml
vendored
17
.github/dependabot.yml
vendored
@@ -20,3 +20,20 @@ updates:
|
|||||||
# Check daily
|
# Check daily
|
||||||
schedule:
|
schedule:
|
||||||
interval: "daily"
|
interval: "daily"
|
||||||
|
|
||||||
|
# 1.0 release branch
|
||||||
|
- package-ecosystem: "maven"
|
||||||
|
directory: "/"
|
||||||
|
target-branch: "1.0"
|
||||||
|
schedule:
|
||||||
|
interval: "daily"
|
||||||
|
- package-ecosystem: "docker"
|
||||||
|
directory: "/docker"
|
||||||
|
target-branch: "1.0"
|
||||||
|
schedule:
|
||||||
|
interval: "daily"
|
||||||
|
- package-ecosystem: "github-actions"
|
||||||
|
directory: "/"
|
||||||
|
target-branch: "1.0"
|
||||||
|
schedule:
|
||||||
|
interval: "daily"
|
||||||
4
.github/workflows/codeql.yaml
vendored
4
.github/workflows/codeql.yaml
vendored
@@ -2,9 +2,9 @@ name: "CodeQL Advanced"
|
|||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches: [ "master" ]
|
branches: [ "master", "1.0" ]
|
||||||
pull_request:
|
pull_request:
|
||||||
branches: [ "master" ]
|
branches: [ "master", "1.0" ]
|
||||||
schedule:
|
schedule:
|
||||||
- cron: '15 18 * * 3'
|
- cron: '15 18 * * 3'
|
||||||
|
|
||||||
|
|||||||
8
.github/workflows/vulnerability-scan.yaml
vendored
8
.github/workflows/vulnerability-scan.yaml
vendored
@@ -15,10 +15,14 @@ jobs:
|
|||||||
trivy-scan:
|
trivy-scan:
|
||||||
# only on original eclipse-hawkbit/hawkbit repo or when manually triggered
|
# only on original eclipse-hawkbit/hawkbit repo or when manually triggered
|
||||||
if: github.repository == 'eclipse-hawkbit/hawkbit' || github.event_name == 'workflow_dispatch'
|
if: github.repository == 'eclipse-hawkbit/hawkbit' || github.event_name == 'workflow_dispatch'
|
||||||
|
strategy:
|
||||||
|
matrix:
|
||||||
|
branch: [master, "1.0"]
|
||||||
uses: ./.github/workflows/reusable_workflow_trivy-scan.yaml
|
uses: ./.github/workflows/reusable_workflow_trivy-scan.yaml
|
||||||
permissions:
|
permissions:
|
||||||
contents: read
|
contents: read
|
||||||
security-events: write
|
security-events: write
|
||||||
|
# Enable Upload for both branches
|
||||||
with:
|
with:
|
||||||
ref: ${{ github.ref }}
|
ref: ${{ matrix.branch }}
|
||||||
upload: ${{ github.ref == 'refs/heads/master' }}
|
upload: true
|
||||||
Reference in New Issue
Block a user