From cbc5ef68726a5cc05731de4baf669c9cf5383fb0 Mon Sep 17 00:00:00 2001 From: Jon Ayers Date: Wed, 23 Oct 2024 23:33:20 +0000 Subject: [PATCH 1/2] fix: security workflow --- .github/workflows/security.yaml | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml index b06157722a159..1a6b00e7ae61b 100644 --- a/.github/workflows/security.yaml +++ b/.github/workflows/security.yaml @@ -9,7 +9,7 @@ on: workflow_dispatch: # Uncomment when testing. - # pull_request: + pull_request: schedule: # Run every 6 hours Monday-Friday! @@ -96,7 +96,7 @@ jobs: # version in the comments will differ. This is also defined in # ci.yaml. set -x - cd dogfood + cd dogfood/contents DOCKER_BUILDKIT=1 docker build . --target proto -t protoc protoc_path=/usr/local/bin/protoc docker run --rm --entrypoint cat protoc /tmp/bin/protoc > $protoc_path @@ -144,16 +144,6 @@ jobs: path: trivy-results.sarif retention-days: 7 - # Prisma cloud scan runs last because it fails the entire job if it - # detects vulnerabilities. :| - - name: Run Prisma Cloud image scan - uses: PaloAltoNetworks/prisma-cloud-scan@124b48d8325c23f58a35da0f1b4d9a6b54301d05 # v1.6.7 - with: - pcc_console_url: ${{ secrets.PRISMA_CLOUD_URL }} - pcc_user: ${{ secrets.PRISMA_CLOUD_ACCESS_KEY }} - pcc_pass: ${{ secrets.PRISMA_CLOUD_SECRET_KEY }} - image_name: ${{ steps.build.outputs.image }} - - name: Send Slack notification on failure if: ${{ failure() }} run: | From 46e3d5bf0e3585c9e63cafe49adf7ee7af0d5130 Mon Sep 17 00:00:00 2001 From: Jon Ayers Date: Thu, 24 Oct 2024 00:05:01 +0000 Subject: [PATCH 2/2] remove testing --- .github/workflows/security.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml index 1a6b00e7ae61b..5ae6de7b2fe7d 100644 --- a/.github/workflows/security.yaml +++ b/.github/workflows/security.yaml @@ -9,7 +9,7 @@ on: workflow_dispatch: # Uncomment when testing. - pull_request: + # pull_request: schedule: # Run every 6 hours Monday-Friday!