From 89830d3a0f5af12f7c5deb3f87a387e7f2f941fc Mon Sep 17 00:00:00 2001 From: Thomas Leplus Date: Fri, 10 May 2024 09:25:10 -0600 Subject: [PATCH] Update workflow triggers --- .github/workflows/osv-scanner.yml | 9 +++++---- .github/workflows/scorecards.yml | 16 ++-------------- .github/workflows/update-prs.yml | 2 ++ 3 files changed, 9 insertions(+), 18 deletions(-) diff --git a/.github/workflows/osv-scanner.yml b/.github/workflows/osv-scanner.yml index f44158e..fab7f32 100644 --- a/.github/workflows/osv-scanner.yml +++ b/.github/workflows/osv-scanner.yml @@ -15,10 +15,11 @@ name: OSV-Scanner on: pull_request: branches: [ "main" ] - schedule: - - cron: '0 0 * * 0' push: branches: [ "main" ] + schedule: + - cron: '0 0 * * 0' + workflow_dispatch: permissions: # Require writing security events to upload SARIF file to security tab @@ -29,7 +30,7 @@ permissions: jobs: scan-scheduled: if: ${{ github.event_name == 'push' || github.event_name == 'schedule' }} - uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@1f1242919d8a60496dd1874b24b62b2370ed4c78" # v1.7.1 + uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@75532bf0bf75464b047d80414dbce04449498365" # v1.7.3 with: # Example of specifying custom arguments scan-args: |- @@ -38,7 +39,7 @@ jobs: ./ scan-pr: if: ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }} - uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@1f1242919d8a60496dd1874b24b62b2370ed4c78" # v1.7.1 + uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@75532bf0bf75464b047d80414dbce04449498365" # v1.7.3 with: # Example of specifying custom arguments scan-args: |- diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 91275c0..890cbda 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -1,24 +1,12 @@ --- -# Copyright 2016-present Thomas Leplus -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - name: Scorecards supply-chain security on: push: branches: - main - 'releases/**' + schedule: + - cron: '0 0 * * 0' workflow_dispatch: permissions: read-all diff --git a/.github/workflows/update-prs.yml b/.github/workflows/update-prs.yml index 936de19..669baae 100644 --- a/.github/workflows/update-prs.yml +++ b/.github/workflows/update-prs.yml @@ -3,6 +3,8 @@ name: Update PRs on: push: + schedule: + - cron: '0 0 * * 0' workflow_dispatch: permissions: