aboutsummaryrefslogtreecommitdiff
path: root/.github/workflows/check_cirrus_cron.yml
Commit message (Collapse)AuthorAge
* Set permissions for GitHub actionsnaveensrinivasan2022-03-30
| | | | | | | | - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
* Pin actions to a full length commit SHAnaveensrinivasan2022-03-28
| | | | | | | | | | | | | | | - Pinned actions by SHA https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions >Pin actions to a full length commit SHA >Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions Also dependabot supports upgrades based on SHA. Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
* Github-workflow: Fix YAML syntaxChris Evich2022-01-25
| | | | | | | | | | | | The `body` string value must be quoted because it contains a colon. Also fix an incorrect URL substitution reference in error-notice e-mail body text. (In my defense...testing this workflow is basically impractical without merging it) Signed-off-by: Chris Evich <cevich@redhat.com>
* Github workflow: Send e-mail on job errorChris Evich2022-01-24
| | | | | | | | | | | | | | | This job is designed to be silent when Cirrus-cron executions pass. Unless specifically instructed, the workflow itself will also remain silent if there's an error. Fix this by catching workflow errors and sending a notification e-mail containing a link to the failed run. This also requires listing the recipient addresses directly in the workflow. Otherwise (as previouslly implemented) the value would not be retrieved if/when any previous step raised an error. **Note**: Due to the way this workflow is implemented, there is no way easy way to test it other than directly on the `main` repo. branch. Signed-off-by: Chris Evich <cevich@redhat.com>
* Fix cirrus-cron failure notification GH workflowChris Evich2021-07-12
| | | | | | | The master->main rename broke this. Also update the runtime along with a comment w/ link to the actual job definitions. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Send cirrus-cron report e-mail to list.Chris Evich2021-02-08
| | | | | | | | | This mailing-list was established to allow people to sub/unsub from automated notifications. Add it to the list of destinations picked up by the Github Actions workflow `.github/workflows/check_cirrus_cron.yml`. Signed-off-by: Chris Evich <cevich@redhat.com>
* Github-Actions: Send e-mail on Cirrus cron failureChris Evich2020-11-18
This repository has a number of automaticly triggered branch-level testing enabled. However, other than remembering to go look at a specific WebUI, there is no way for anybody to notice if/when these jobs fail. This commit introduces a github-action workflow which runs periodically, checking for failed cron-triggered Cirrus-CI jobs. When it finds any, it formats a simple report for e-mail delivery. The list of destination addresses is configurable at any time by merging changes to a simple CSV file. Signed-off-by: Chris Evich <cevich@redhat.com>