forked from brave/workflows
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
workflows: security-action migration
- Loading branch information
Showing
6 changed files
with
99 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
# action that runs monthly and add maintainer as a custom property | ||
# to all repositories in this organization | ||
name: Add Maintainer as Custom Property to Repositories | ||
on: | ||
schedule: | ||
- cron: '0 0 27 * *' | ||
workflow_dispatch: | ||
jobs: | ||
run: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: brave/security-action/actions/add-maintainer-custom-property@main | ||
with: | ||
ignore_maintainers: brave-builds,brave-browser-releases,brave-support-admin | ||
debug: false | ||
github_token: ${{ secrets.CUSTOM_PROPERTY_MANAGER_GITHUB_TOKEN }} | ||
slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
name: Check New Repos | ||
on: | ||
schedule: | ||
# nightly (0th hour 0th minute of every day) | ||
- cron: '0 0 * * *' | ||
workflow_dispatch: | ||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: check new repos | ||
uses: brave/security-action/actions/check-new-repos@main | ||
with: | ||
github_token: ${{ secrets.ORG_READ_GITHUB_TOKEN }} | ||
slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} | ||
debug: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
name: Weekly Dependabot Auto Dismiss | ||
on: | ||
schedule: | ||
# Run at 24:00 UTC every Monday | ||
- cron: "0 0 * * 1" | ||
workflow_dispatch: | ||
jobs: | ||
run: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: dependabot auto dismiss | ||
uses: brave/security-action/actions/dependabot-auto-dismiss@main | ||
with: | ||
github_token: ${{ secrets.DEPENDABOT_AUTO_DISMISS_GITHUB_TOKEN }} | ||
slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} | ||
debug: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
name: Weekly Dependabot Nudge | ||
on: | ||
schedule: | ||
# Run at 9am UTC every Monday | ||
- cron: "0 9 * * 1" | ||
workflow_dispatch: | ||
jobs: | ||
run: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: dependabot nudge | ||
uses: brave/security-action/actions/dependabot-nudge@main | ||
with: | ||
github_token: ${{ secrets.DEPENDABOT_NUDGE_GITHUB_TOKEN }} | ||
slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} | ||
gh_to_slack_user_map: ${{ secrets.GH_TO_SLACK_USER_MAP }} | ||
debug: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
name: Older Than 2 Years Informer | ||
on: | ||
schedule: | ||
# Every month, first day of the month | ||
- cron: '0 0 1 * *' | ||
workflow_dispatch: | ||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: older than 2 years informer | ||
uses: brave/security-action/actions/older-than-2y@main | ||
with: | ||
github_token: ${{ secrets.ORG_READ_GITHUB_TOKEN }} | ||
slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} | ||
debug: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
# action that runs monthly and check if all repositories in the organization are following the renovate central configuration | ||
# to all repositories in this organization | ||
name: Renovate Sanity Check | ||
on: | ||
schedule: | ||
- cron: '0 0 15 * *' | ||
workflow_dispatch: | ||
jobs: | ||
run: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Renovate Sanity Check | ||
uses: brave/security-action/actions/renovate-sanity-check@main | ||
with: | ||
github_token: ${{ secrets.CUSTOM_PROPERTY_MANAGER_GITHUB_TOKEN }} | ||
slack_token: ${{ secrets.HOTSPOTS_SLACK_TOKEN }} | ||
debug: false |