-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[NET-2420] security: add security scans on protected branches #433
Conversation
Enable proactive triage by scanning PRs and merges to protected branches. Add exceptions to test and local tooling submodules to improve signal in security scans and simplify triage. Also add docs and align config to `consul-k8s` (no functional changes) for easier maintenance. See hashicorp/consul#19978 for similar change in that repo, adapted here.
032f59a
to
add57af
Compare
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
1 similar comment
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
#TODO: replace w/ HASHIBOT_PRODSEC_GITHUB_TOKEN once provisioned | ||
token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not blocking, but would align w/ the token used in core.
Changes proposed in this PR
See hashicorp/consul#19978 for similar changes in those repos, adapted here.