summaryrefslogtreecommitdiff
path: root/.github/workflows/pr-title.yml
Commit message (Collapse)AuthorAge
* Set permissions for GitHub actionsnaveensrinivasan2022-03-30
| | | | | | | | - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
* Pin actions to a full length commit SHAnaveensrinivasan2022-03-28
| | | | | | | | | | | | | | | - Pinned actions by SHA https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions >Pin actions to a full length commit SHA >Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions Also dependabot supports upgrades based on SHA. Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
* Yet another iteration on PR title pluginEd Santiago2020-10-26
| | | | | | | | | PR #8147 made things worse: it's not valid YAML. This at least is valid YAML. I have no idea if it yields the desired result, and we won't even know until it gets merged, but at least it won't cause fatal syntax errors. Signed-off-by: Ed Santiago <santiago@redhat.com>
* pr update action: fix errors on master branchValentin Rothberg2020-10-26
| | | | | | | | | | | | The action fails on the master branch as the regex does not match. The error in this scenario is unfortunate and not of much value as we do not want to change PR titles on the master branch. To fix it, entirely disable the action on the master branch which in restrospective may be a better approach as we do not fire off the action. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* add GitHub action to add non-main branch to PR titleValentin Rothberg2020-10-25
Add a GitHub action to add the name of the target branch as prefix to the title of a pull request. It is easy to miss the target of a given pull request which has already caused issues of commits going into non-main branches without intention. We have already used this action on the `v2.0.5-rhel` branch with limited success. Fortunately, the upstream implemented our feature request to support adding the _target_ branch name (rather than the source) to the PR title, which is what we need. Any non-main branch from this commit forward will now be clearly marked. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>