Skip to content
Back to pull request #1284

feat: Add kubernetes.azure.com/scalesetpriority to WellKnownLabels #3281

Sign in to view logs

feat: Add kubernetes.azure.com/scalesetpriority to WellKnownLabels

feat: Add kubernetes.azure.com/scalesetpriority to WellKnownLabels #3281

Workflow file for this run

.github/workflows/codeql-analysis.yml at 05e1bca
name: "CodeQL"
on:
push:
branches:
- 'main'
- 'release-v*'
pull_request:
schedule:
- cron: '0 12 * * *'
permissions:
contents: read
jobs:
analyze-go:
name: Analyze Go
if: github.repository == 'Azure/karpenter-provider-azure'
runs-on: ubuntu-latest
permissions:
actions: read # github/codeql-action/init@v4
contents: read
security-events: write # github/codeql-action/init@v4
steps:
- name: Harden Runner
uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
with:
disable-telemetry: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
dc.services.visualstudio.com:443
github.com:443
login.microsoftonline.com:443
objects.githubusercontent.com:443
release-assets.githubusercontent.com:443
proxy.golang.org:443
golang.org:443
raw.githubusercontent.com:443
storage.googleapis.com:443
sum.golang.org:443
go.dev:443
dl.google.com:443
uploads.github.com:443
vuln.go.dev:443
aquasecurity.github.io:443
mirror.gcr.io:443
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: ./.github/actions/install-deps
- run: make vulncheck
- uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
with:
languages: go
- uses: github/codeql-action/autobuild@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
- uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
# Javascript is added here for evaluating Github Action vulnerabilities
# https://github.blog/2023-08-09-four-tips-to-keep-your-github-actions-workflows-secure/#2-enable-code-scanning-for-workflows
analyze-github-actions:
name: Analyze Github Actions
if: github.repository == 'Azure/karpenter-provider-azure'
runs-on: ubuntu-latest
permissions:
actions: read # github/codeql-action/init@v4
security-events: write # github/codeql-action/init@v4
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
with:
languages: actions
- uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6