Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Code scanning (part two) #2442

Merged
merged 2 commits into from
Feb 22, 2022
Merged

Code scanning (part two) #2442

merged 2 commits into from
Feb 22, 2022

Conversation

justaugustus
Copy link
Member

What type of PR is this?

/kind cleanup
/area release-eng/security

What this PR does / why we need it:

Follow-up to #2441:

  • .github/workflows: Pin by SHA and add step-security hardener
  • codeql: Default action to read-all permissions

Signed-off-by: Stephen Augustus [email protected]

/assign @puerco @cpanato @saschagrunert
cc: @kubernetes/release-engineering

Which issue(s) this PR fixes:

Special notes for your reviewer:

Does this PR introduce a user-facing change?

NONE

@k8s-ci-robot k8s-ci-robot added the release-note-none Denotes a PR that doesn't merit a release note. label Feb 21, 2022
@k8s-ci-robot k8s-ci-robot added the kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. label Feb 21, 2022
@k8s-ci-robot k8s-ci-robot added area/release-eng/security Issues or PRs related to release engineering security cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. needs-priority size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Feb 21, 2022
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: justaugustus

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added area/release-eng Issues or PRs related to the Release Engineering subproject sig/release Categorizes an issue or PR as relevant to SIG Release. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Feb 21, 2022
@puerco
Copy link
Member

puerco commented Feb 21, 2022

Thanks! I'm curious to see what the egress policy catches...
/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 21, 2022
@justaugustus
Copy link
Member Author

/retest-required

@puerco
Copy link
Member

puerco commented Feb 22, 2022

/test pull-release-integration-test

@k8s-ci-robot k8s-ci-robot merged commit 24d1885 into kubernetes:master Feb 22, 2022
@k8s-ci-robot k8s-ci-robot added this to the v1.24 milestone Feb 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mkorbi mkorbi Awaiting requested review from mkorbi

@onlydole onlydole Awaiting requested review from onlydole

Assignees

@saschagrunert saschagrunert

@puerco puerco

@cpanato cpanato

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/release-eng/security Issues or PRs related to release engineering security area/release-eng Issues or PRs related to the Release Engineering subproject cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-priority release-note-none Denotes a PR that doesn't merit a release note. sig/release Categorizes an issue or PR as relevant to SIG Release. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
v1.24
Development

Successfully merging this pull request may close these issues.
5 participants
@justaugustus @k8s-ci-robot @puerco @saschagrunert @cpanato