upstream/packer
1
0
Fork 0
mirror of https://github.com/hashicorp/packer.git synced 2026-06-09 00:32:09 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
18966 commits 326 branches 145 tags 173 MiB
Commit graph

23 commits

Author SHA1 Message Date
hashicorp-tsccr[bot]
ea9d02d596 Result of tsccr-helper -log-level=info gha update .github/ 2025-01-20 17:25:44 -05:00
hashicorp-tsccr[bot]
863f3b0422 Result of tsccr-helper -log-level=info gha update . 2024-07-01 12:49:51 -04:00
hashicorp-tsccr[bot]
4bd7e951b7 Result of tsccr-helper -log-level=info gha update . 2024-06-03 14:20:36 -04:00
Wilken Rivera
5e043ab3a0
Bump required actions to address Node.js 16 deprecation issue (#12958) 
* Bump required actions to address Node.js 16 deprecation issue

* Update all tsccr approved actions

```shell
tsccr-helper gha update -latest .
```
 2024-05-07 12:59:45 -04:00
Wilken Rivera
5f47c99ec4 Bump actions/checkout to address Node.js 16 deprecation issues 2024-05-07 10:39:37 -04:00
Lucas Bajolet
55decee242 .github: fix issues-opened.yml workflow 
This commit fixes a bug with the first script, as the object passed to
the REST API is not closed properly.
 2023-07-24 14:21:03 -04:00
Wilken Rivera
2401add228 Fix body attribute for github-script comment 2023-07-24 11:52:57 -04:00
Wilken Rivera
682f2e7b6c
.github/workflows: Replace untrusted GHA in repo workflows (#12530) 
The GHA action used for adding comments or labels to issues untrusted by TSCCR
have been replaced with an approved set of actions. The updated workflows use
actions/github-script for adding comments or labels to an issue.

Related to: https://github.com/hashicorp/security-tsccr/pull/608
 2023-07-21 17:37:50 -04:00
hashicorp-tsccr[bot]
0194d839b0
Result of tsccr-helper -log-level=info -pin-all-workflows . (#12507) 
Co-authored-by: hashicorp-tsccr[bot] <hashicorp-tsccr[bot]@users.noreply.github.com>
 2023-07-19 13:20:14 -04:00
Wilken Rivera
ace37e067d
Update issues-opened.yml 
Remove action to add issue to project. Board has been deprecated.
 2023-05-30 13:43:10 -04:00
hashicorp-tsccr[bot]
3ac1179841
Result of tsccr-helper -pin-all-workflows . (#12381) 
Co-authored-by: hashicorp-tsccr[bot] <hashicorp-tsccr[bot]@users.noreply.github.com>
 2023-04-27 14:55:22 -04:00
dependabot[bot]
1dd0814e64
build(deps): bump github/issue-labeler from 3.0 to 3.1 (#12328) 
Bumps [github/issue-labeler](https://github.com/github/issue-labeler) from 3.0 to 3.1.
- [Release notes](https://github.com/github/issue-labeler/releases)
- [Commits](https://github.com/github/issue-labeler/compare/v3.0...v3.1)

---
updated-dependencies:
- dependency-name: github/issue-labeler
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-29 12:44:15 -04:00
dependabot[bot]
cdc75a91c2
build(deps): bump github/issue-labeler from 2.6 to 3.0 (#12261) 
Bumps [github/issue-labeler](https://github.com/github/issue-labeler) from 2.6 to 3.0.
- [Release notes](https://github.com/github/issue-labeler/releases)
- [Commits](https://github.com/github/issue-labeler/compare/v2.6...v3.0)

---
updated-dependencies:
- dependency-name: github/issue-labeler
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-01 16:17:30 -05:00
dependabot[bot]
65bd40c750 build(deps): bump github/issue-labeler from 2.5 to 2.6 
Bumps [github/issue-labeler](https://github.com/github/issue-labeler) from 2.5 to 2.6.
- [Release notes](https://github.com/github/issue-labeler/releases)
- [Commits](https://github.com/github/issue-labeler/compare/v2.5...v2.6)

---
updated-dependencies:
- dependency-name: github/issue-labeler
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-30 16:19:12 -05:00
Wilken Rivera
cc5898022a
update action permissions (#11837) 
* chore: Set permissions for GitHub actions

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>

* Update permissions for newly added actions

* Remove deleted actions

Co-authored-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>
 2022-06-14 12:08:39 -04:00
dependabot[bot]
a2d64720d7
Bump actions-ecosystem/action-create-comment from 1.0.0 to 1.0.2 (#11830) 
Bumps [actions-ecosystem/action-create-comment](https://github.com/actions-ecosystem/action-create-comment) from 1.0.0 to 1.0.2.
- [Release notes](https://github.com/actions-ecosystem/action-create-comment/releases)
- [Commits](https://github.com/actions-ecosystem/action-create-comment/compare/v1.0.0...v1.0.2)

---
updated-dependencies:
- dependency-name: actions-ecosystem/action-create-comment
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-02 20:01:59 -04:00
dependabot[bot]
8e788a5f73
Bump actions-ecosystem/action-add-labels from 1.1.0 to 1.1.3 (#11829) 
Bumps [actions-ecosystem/action-add-labels](https://github.com/actions-ecosystem/action-add-labels) from 1.1.0 to 1.1.3.
- [Release notes](https://github.com/actions-ecosystem/action-add-labels/releases)
- [Commits](https://github.com/actions-ecosystem/action-add-labels/compare/v1.1.0...v1.1.3)

---
updated-dependencies:
- dependency-name: actions-ecosystem/action-add-labels
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-02 20:01:40 -04:00
Lucas Bajolet
08157fbdce
Add workflow to link to discuss on new question (#11825) 
* workflows: + automatic label/response on question

When a user asks a question through an issue on this repository, we
automatically add a comment, pointing to the forums, and add a label to
the issue so we can spot more easily which issues need to be acted on.

* .github: + link to packer community for questions

As extra to the github action, this commit adds an extra button to the
new issue template, leading directly to the discuss forums for Packer

* .github: add auto-stale-close issue action

As follow-up to the labelling of question type issues as needs-reply, we
add another action that will automatically mark an issue as stale if it
has not been updated for 3 weeks, and close the issue one week after
marking it as stale.

* Update .github/workflows/issues-opened.yml

Co-authored-by: Wilken Rivera <wilken@hashicorp.com>
 2022-05-31 15:47:44 -04:00
Wilken Rivera
adc130a73e
Update project GitHub actions (#11805) 
To assist in tracking newly created issues and pull-requests a new set
of actions is being added to assign inbound request to a new project
board. Where the team can view, filter, and organize in bound requests
across all Packer repos.
 2022-05-25 17:01:04 -04:00
dependabot[bot]
6d8a9fb8e2
Bump github/issue-labeler from 2.4 to 2.5 (#11782) 
Bumps [github/issue-labeler](https://github.com/github/issue-labeler) from 2.4 to 2.5.
- [Release notes](https://github.com/github/issue-labeler/releases)
- [Commits](https://github.com/github/issue-labeler/compare/v2.4...v2.5)

---
updated-dependencies:
- dependency-name: github/issue-labeler
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-05-17 20:56:56 -04:00
Wilken Rivera
202f93f6a9
Update issue-labeler action (#11699) 
The latest release of the action requires the field
enable_versioned_regex to be set. We currently don't use
versioned_regex. So this change sets the field to false.
 2022-04-12 17:57:00 -04:00
Wilken Rivera
acd67d5ba0 Bump issues-labeler to proper version 2021-11-16 11:36:19 -05:00
Wilken Rivera
0a05b834d7
remove hashibot (#11053) 
* Replace `closed_issue_locker` HashiBot action with GitHub action

Related to: #11043

* Replace  with GitHub action

* Replace  with GitHub action
 2021-05-27 12:58:58 -04:00