Commit Graph

11 Commits

Author SHA1 Message Date
Liu Shilong
1bb57057ea [action] Keep 'request for xxx branch' label when finished auto-cherry-pick. (#13107)
Why I did it
To keep 'Request for xxx branch' label when finished auto-cherry-pick.

How I did it
Change logic in post cherry pick action.

How to verify it
2023-01-06 02:36:57 +08:00
mssonicbld
19aaa0961f
[action] Use pull_request_target trigger instead to avoid codeQL check approval (#12509) (#12527) 2022-10-28 00:39:45 +08:00
Liu Shilong
8a72000909 [action] Use github code scan instead of LGTM. (#12402)
* [action] Add code scan for python
2022-10-25 20:43:52 +00:00
mssonicbld
96c48faeef
[actions] Add auto cherry-pick actions to release branch (#11496) (#12335)
* [actions] Add github actions to auto cherry-pick prs to release branches

* Add README, fix workflow

Co-authored-by: Liu Shilong <shilongliu@microsoft.com>
2022-10-10 17:19:37 +08:00
Mai Bui
ce3cffa81b [actions] Support Semgrep by Github Actions (#12249)
Signed-off-by: maipbui <maibui@microsoft.com>
#### Why I did it
[Semgrep](https://github.com/returntocorp/semgrep) is a static analysis tool to find security vulnerabilities.
When opening a PR or commtting to PR, Semgrep performs a diff-aware scanning, which scans changed files in PRs.
When merging PR, Semgrep performs a full scan on master branch and report all findings.
Ref: - [Supported Language](https://semgrep.dev/docs/supported-languages/#language-maturity) - [Semgrep Rules](https://registry.semgrep.dev/rule)
#### How I did it
Integrate Semgrep into this repository by committing a job configuration file
#### How to verify it
PR: https://github.com/maipbui/sonic-buildimage/pull/2
Master branch full scan findings: [Master branch findings results](https://github.com/maipbui/sonic-buildimage/actions/runs/3160181876/jobs/5144332404)
PR https://github.com/maipbui/sonic-buildimage/pull/2 scan findings: [Pull request findings results](https://github.com/maipbui/sonic-buildimage/actions/runs/3160193505/jobs/5144357859)
2022-10-03 19:01:11 +00:00
Liu Shilong
834f6d7195
[actions] Remove approve step in label action. (#11968) (#12014)
Why I did it
Approve step needs special permission settings.
We already added permission setting to enable bypass merging PR.
So, approve step is not necessary.
2022-09-08 17:23:31 +08:00
Liu Shilong
9aadc2a9c1 [actions] Add github context env in label action. (#11926) 2022-09-02 15:38:53 +00:00
Liu Shilong
d46d69f3d6
[actions] Update github actions label and automerge. (#11736) (#11910)
1. Add auto approve step when adding label to version upgrading PR.
2. Use mssonicbld TOKEN to merge version upgrading PR instead of 'github actions'
2022-08-31 16:32:08 +08:00
xumia
faab7d5991
[Build]: Support reproducible build for release branches (#9426)
[Build]: Support reproducible build for release branches #9426
2021-12-23 16:16:55 +08:00
xumia
57cc2081cd
Fix workflow permission issue when running in merge branch (#7417)
Fix the labeler workflow permission issue when merging from fork repo.
It impacts the labeler workflow to support auto-merge for package versions upgrade on 202012 branch. The current workaround is to add the label "automerge" on the PR sent by mssonicbld, then the automerge workflow will merge the PR.
2021-04-25 10:02:58 +08:00
xumia
12ab9af4fb
[ci] Support to merge SONiC package versions change pr automatically (#7065)
Support to merge the SONiC package versions upgrade pull request automatically.

#### How I did it
Add the automerge tag in the pull request.
1. Sent by the author mssonicbld
2. Only contains changes in files/build/**/*
3. Only for the specified branch 202012

Merge the pull request.
1. Sent by the author mssonicbld
2. The Azure Pipelines checker complete and successful
3. The pull request contains label automerge
2021-04-11 21:17:28 -07:00