Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Runner Labels and GHA Hardening #419

Merged
merged 1 commit into from
Sep 26, 2024
Merged

Update Runner Labels and GHA Hardening #419

merged 1 commit into from
Sep 26, 2024

Conversation

tylertitsworth
Copy link
Contributor

Description

Title

Related Issue

n/a

Changes Made

  • Update Harden Runner based on stepsecurity dashboard
  • Update runner labels based on runtime + demand
  • The code follows the project's coding standards.
  • No Intel Internal IP is present within the changes.
  • The documentation has been updated to reflect any changes in functionality.

Validation

Check GHA Statuses

  • I have tested any changes in container groups locally with test_runner.py with all existing tests passing, and I have added new tests where applicable.

@tylertitsworth tylertitsworth self-assigned this Sep 26, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 26, 2024
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/step-security/harden-runner 91182cccc01eb5e619899d80e4e971d6181294a7 🟢 8.7
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
CI-Tests🟢 1011 out of 11 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Code-Review🟢 10all changesets reviewed
Contributors🟢 6project has 2 contributing companies or organizations -- score normalized to 6
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 7dependency not pinned by hash detected -- score normalized to 7
SAST🟢 9SAST tool detected but not run on all commits
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Vulnerabilities🟢 91 existing vulnerabilities detected

Scanned Manifest Files

.github/workflows/apptainer-ci.yaml
.github/workflows/security-report.yaml

@tylertitsworth tylertitsworth force-pushed the tylertitsworth/optimize-actions branch from 598b37a to 390e5be Compare September 26, 2024 22:21
optimize and update labels
045fa31 
Signed-off-by: tylertitsworth <tyler.titsworth@intel.com>
@tylertitsworth tylertitsworth force-pushed the tylertitsworth/optimize-actions branch from 390e5be to 045fa31 Compare September 26, 2024 22:23
@tylertitsworth tylertitsworth merged commit 7bc90d1 into main Sep 26, 2024
15 of 28 checks passed
@tylertitsworth tylertitsworth deleted the tylertitsworth/optimize-actions branch September 26, 2024 22:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jitendra42 jitendra42 jitendra42 approved these changes

@sharvil10 sharvil10 Awaiting requested review from sharvil10 sharvil10 is a code owner

@sramakintel sramakintel Awaiting requested review from sramakintel sramakintel is a code owner

@ma-pineda ma-pineda Awaiting requested review from ma-pineda

@jafraustro jafraustro Awaiting requested review from jafraustro

Assignees

@tylertitsworth tylertitsworth

Labels
Review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tylertitsworth @jitendra42