You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@camel.apache.org by Andrea Cosentino <an...@gmail.com> on 2020/12/27 17:48:50 UTC
Github action workflows troubles in all subprojects
Hello,
It looks like there is a new security policies in Apache
https://lists.apache.org/thread.html/r900f8f9a874006ed8121bdc901a0d1acccbb340882c1f94dad61a5e9%40%3Cusers.infra.apache.org%3E
We'll need to clone all the non-github, non-apache github actions, under
the apache organization.
I already created a repository for install-jdk in first place.
But I do believe we'll need a full list of all the actions used, and we'll
need to created the related repositories.
I'll start to work on a list of gh actions used, if anyone aims to help,
please do show up.
Cheers.
Andrea
Re: Github action workflows troubles in all subprojects
Posted by Andrea Cosentino <an...@gmail.com>.
By the way it seems the are enabling some of the organizations providing
actions, so we'll need to submit a list of actions we are using probably.
Il giorno dom 27 dic 2020 alle ore 22:51 Andrea Cosentino <an...@gmail.com>
ha scritto:
> I'm not sure this will be ok in terms of the new security policy. I guess
> we'll need to clone the actions anyway
>
> Il dom 27 dic 2020, 22:31 Zoran Regvart <zo...@regvart.com> ha scritto:
>
>> Hi Cameleers,
>> I've found actions/github-script[1] to be useful in this, currently
>> trying it out on the camel-website GitHub actions workflow.
>>
>> zoran
>>
>> [1] https://github.com/actions/github-script
>>
>> On Sun, Dec 27, 2020 at 6:49 PM Andrea Cosentino <an...@gmail.com>
>> wrote:
>> >
>> > Hello,
>> >
>> > It looks like there is a new security policies in Apache
>> >
>> https://lists.apache.org/thread.html/r900f8f9a874006ed8121bdc901a0d1acccbb340882c1f94dad61a5e9%40%3Cusers.infra.apache.org%3E
>> >
>> > We'll need to clone all the non-github, non-apache github actions, under
>> > the apache organization.
>> >
>> > I already created a repository for install-jdk in first place.
>> >
>> > But I do believe we'll need a full list of all the actions used, and
>> we'll
>> > need to created the related repositories.
>> >
>> > I'll start to work on a list of gh actions used, if anyone aims to help,
>> > please do show up.
>> >
>> > Cheers.
>> > Andrea
>>
>>
>>
>> --
>> Zoran Regvart
>>
>
Re: Github action workflows troubles in all subprojects
Posted by Andrea Cosentino <an...@gmail.com>.
Yes, the problem is with anything else, and we are using some of those
actions like install-jdk etc. We need to ask to whitelist them or clone
under apache.
Il lun 28 dic 2020, 10:50 Zoran Regvart <zo...@regvart.com> ha scritto:
> On Sun, Dec 27, 2020 at 10:51 PM Andrea Cosentino <an...@gmail.com>
> wrote:
> > I'm not sure this will be ok in terms of the new security policy. I guess
> > we'll need to clone the actions anyway
>
> Actions from github/ and actions/ are whitelisted, see notice at the top
> of[1]
>
> zoran
>
> [1] https://infra.apache.org/github-actions-secrets.html
> --
> Zoran Regvart
>
Re: Github action workflows troubles in all subprojects
Posted by Zoran Regvart <zo...@regvart.com>.
On Sun, Dec 27, 2020 at 10:51 PM Andrea Cosentino <an...@gmail.com> wrote:
> I'm not sure this will be ok in terms of the new security policy. I guess
> we'll need to clone the actions anyway
Actions from github/ and actions/ are whitelisted, see notice at the top of[1]
zoran
[1] https://infra.apache.org/github-actions-secrets.html
--
Zoran Regvart
Re: Github action workflows troubles in all subprojects
Posted by Andrea Cosentino <an...@gmail.com>.
I'm not sure this will be ok in terms of the new security policy. I guess
we'll need to clone the actions anyway
Il dom 27 dic 2020, 22:31 Zoran Regvart <zo...@regvart.com> ha scritto:
> Hi Cameleers,
> I've found actions/github-script[1] to be useful in this, currently
> trying it out on the camel-website GitHub actions workflow.
>
> zoran
>
> [1] https://github.com/actions/github-script
>
> On Sun, Dec 27, 2020 at 6:49 PM Andrea Cosentino <an...@gmail.com>
> wrote:
> >
> > Hello,
> >
> > It looks like there is a new security policies in Apache
> >
> https://lists.apache.org/thread.html/r900f8f9a874006ed8121bdc901a0d1acccbb340882c1f94dad61a5e9%40%3Cusers.infra.apache.org%3E
> >
> > We'll need to clone all the non-github, non-apache github actions, under
> > the apache organization.
> >
> > I already created a repository for install-jdk in first place.
> >
> > But I do believe we'll need a full list of all the actions used, and
> we'll
> > need to created the related repositories.
> >
> > I'll start to work on a list of gh actions used, if anyone aims to help,
> > please do show up.
> >
> > Cheers.
> > Andrea
>
>
>
> --
> Zoran Regvart
>
Re: Github action workflows troubles in all subprojects
Posted by Zoran Regvart <zo...@regvart.com>.
Hi Cameleers,
I've found actions/github-script[1] to be useful in this, currently
trying it out on the camel-website GitHub actions workflow.
zoran
[1] https://github.com/actions/github-script
On Sun, Dec 27, 2020 at 6:49 PM Andrea Cosentino <an...@gmail.com> wrote:
>
> Hello,
>
> It looks like there is a new security policies in Apache
> https://lists.apache.org/thread.html/r900f8f9a874006ed8121bdc901a0d1acccbb340882c1f94dad61a5e9%40%3Cusers.infra.apache.org%3E
>
> We'll need to clone all the non-github, non-apache github actions, under
> the apache organization.
>
> I already created a repository for install-jdk in first place.
>
> But I do believe we'll need a full list of all the actions used, and we'll
> need to created the related repositories.
>
> I'll start to work on a list of gh actions used, if anyone aims to help,
> please do show up.
>
> Cheers.
> Andrea
--
Zoran Regvart