shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-06 14:38:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,434 Commits 1,149 Branches 344 Tags
1a774ab7ce99063a2e01beb94de3fcbccaf84dbe
Commit Graph

110 Commits

Author SHA1 Message Date
Jon Ayers bcd68ee249 fix: fix build in security workflow (#15209) 
- Fixes an issue where building the Docker image failed due to moving
the directory hosting the Dockerfile
- Removed the Palo Alto scanning since our subscription there is set to
expire. Trivy is still running though.
 2024-10-24 01:21:18 +01:00
dependabot[bot] b67a850659 ci: bump the github-actions group with 4 updates (#15158) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-23 12:40:46 +05:00
Muhammad Atif Ali 8e254cbb07 chore: integrate step-security/harden-runner in workflows (#15099) 
Redoing #15097
Part of #14879
 2024-10-16 11:23:00 -07:00
dependabot[bot] 5317c500c8 ci: bump aquasecurity/trivy-action from 0.25.0 to 0.27.0 in the github-actions group (#15061) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-15 23:28:04 +05:00
Muhammad Atif Ali 57a65c15bf chore: use commit sha for GitHub actions (#15019) 
Use specific commit SHAs for GitHub actions across various workflows to
enhance reliability and reproducibility. This change ensures that
actions run against a known version, reducing the risk of unexpected
issues due to updates in the third-party action repositories.

This contributes to improving the score in #14879
 2024-10-14 08:49:55 -07:00
dependabot[bot] 71d31713c5 ci: bump the github-actions group across 1 directory with 2 updates (#15016) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Muhammad Atif Ali <atif@coder.com>
 2024-10-08 09:04:43 +05:00
dependabot[bot] aaf295badf ci: bump the github-actions group with 2 updates (#13890) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-15 15:56:12 +03:00
Muhammad Atif Ali 136900268e ci: migrate to depot.dev runners (#13467) 2024-06-25 09:36:33 +03:00
dependabot[bot] 7cb8bfb133 ci: bump the github-actions group with 2 updates (#13645) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-24 15:52:05 +03:00
dependabot[bot] 363dbad3a3 ci: bump the github-actions group with 2 updates (#13521) 
Bumps the github-actions group with 2 updates: [crate-ci/typos](https://github.com/crate-ci/typos) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).


Updates `crate-ci/typos` from 1.21.0 to 1.22.3
- [Release notes](https://github.com/crate-ci/typos/releases)
- [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/typos/compare/v1.21.0...v1.22.3)

Updates `aquasecurity/trivy-action` from 0.21.0 to 0.22.0
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/fd25fed6972e341ff0007ddb61f77e88103953c2...595be6a0f6560a0a8fc419ddf630567fc623531d)

---
updated-dependencies:
- dependency-name: crate-ci/typos
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-11 01:06:40 +03:00
dependabot[bot] a1d3b82dd1 ci: bump aquasecurity/trivy-action from 0.20.0 to 0.21.0 in the github-actions group (#13376) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-27 19:57:36 +03:00
dependabot[bot] 8c9560ddb8 ci: bump the github-actions group with 2 updates (#13238) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-10 17:38:07 +00:00
dependabot[bot] b7f5456e35 ci: bump the github-actions group with 1 update (#12828) 
Bumps the github-actions group with 1 update: [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).


Updates `aquasecurity/trivy-action` from 0.18.0 to 0.19.0
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/062f2592684a31eb3aa050cc61e7ca1451cecd3d...d710430a6722f083d3b36b8339ff66b32f22ee55)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-01 13:01:09 -05:00
dependabot[bot] aa3ab209f3 ci: bump the github-actions group with 3 updates (#12622) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-17 13:27:15 +00:00
Dean Sheather 842799847a chore: fix trivy scanning (#12421) 2024-03-05 19:04:16 -06:00
dependabot[bot] 9560d9a68b ci: bump the github-actions group with 2 updates (#12091) 
Bumps the github-actions group with 2 updates: [crate-ci/typos](https://github.com/crate-ci/typos) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).


Updates `crate-ci/typos` from 1.18.0 to 1.18.2
- [Release notes](https://github.com/crate-ci/typos/releases)
- [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/typos/compare/v1.18.0...v1.18.2)

Updates `aquasecurity/trivy-action` from 0.16.1 to 0.17.0
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca...84384bd6e777ef152729993b8145ea352e9dd3ef)

---
updated-dependencies:
- dependency-name: crate-ci/typos
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-13 17:52:12 +03:00
dependabot[bot] f3efa0803b ci: bump the github-actions group with 3 updates (#11447) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-05 14:11:09 +00:00
Steven Masley dd05a6b13a chore: mockgen archived, moved to new location (#11415) 
* chore: mockgen archived, moved to new location
 2024-01-04 18:35:56 -06:00
dependabot[bot] 28a0242c27 ci: bump the github-actions group with 4 updates (#11256) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-18 13:30:18 +00:00
dependabot[bot] 6823194683 ci: bump the github-actions group with 7 updates (#11123) 
Bumps the github-actions group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [crate-ci/typos](https://github.com/crate-ci/typos) | `1.16.23` | `1.16.24` |
| [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) | `1` | `2` |
| [google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials) | `1` | `2` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `2` | `3` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `4` | `5` |
| [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.14.0` | `0.16.0` |
| [actions/stale](https://github.com/actions/stale) | `8.0.0` | `9.0.0` |


Updates `crate-ci/typos` from 1.16.23 to 1.16.24
- [Release notes](https://github.com/crate-ci/typos/releases)
- [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/typos/compare/v1.16.23...v1.16.24)

Updates `google-github-actions/setup-gcloud` from 1 to 2
- [Release notes](https://github.com/google-github-actions/setup-gcloud/releases)
- [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google-github-actions/setup-gcloud/compare/v1...v2)

Updates `google-github-actions/get-gke-credentials` from 1 to 2
- [Release notes](https://github.com/google-github-actions/get-gke-credentials/releases)
- [Changelog](https://github.com/google-github-actions/get-gke-credentials/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google-github-actions/get-gke-credentials/compare/v1...v2)

Updates `docker/setup-buildx-action` from 2 to 3
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3)

Updates `docker/build-push-action` from 4 to 5
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v4...v5)

Updates `aquasecurity/trivy-action` from 0.14.0 to 0.16.0
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/2b6a709cf9c4025c5438138008beaddbb02086f0...91713af97dc80187565512baba96e4364e983601)

Updates `actions/stale` from 8.0.0 to 9.0.0
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/v8.0.0...v9.0.0)

---
updated-dependencies:
- dependency-name: crate-ci/typos
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: google-github-actions/setup-gcloud
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: google-github-actions/get-gke-credentials
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-11 23:21:07 +10:00
dependabot[bot] 3f4791c9de ci: bump the github-actions group with 4 updates (#10649) 
Bumps the github-actions group with 4 updates: [crate-ci/typos](https://github.com/crate-ci/typos), [actions/github-script](https://github.com/actions/github-script), [DeterminateSystems/nix-installer-action](https://github.com/determinatesystems/nix-installer-action) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).


Updates `crate-ci/typos` from 1.16.22 to 1.16.23
- [Release notes](https://github.com/crate-ci/typos/releases)
- [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/typos/compare/v1.16.22...v1.16.23)

Updates `actions/github-script` from 5 to 6
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v5...v6)

Updates `DeterminateSystems/nix-installer-action` from 6 to 7
- [Release notes](https://github.com/determinatesystems/nix-installer-action/releases)
- [Commits](https://github.com/determinatesystems/nix-installer-action/compare/v6...v7)

Updates `aquasecurity/trivy-action` from 0.13.1 to 0.14.0
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/f78e9ecf42a1271402d4f484518b9313235990e1...2b6a709cf9c4025c5438138008beaddbb02086f0)

---
updated-dependencies:
- dependency-name: crate-ci/typos
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: DeterminateSystems/nix-installer-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-13 22:53:19 +03:00
dependabot[bot] e976f50415 ci: bump the github-actions group with 2 updates (#10537) 
Bumps the github-actions group with 2 updates: [crate-ci/typos](https://github.com/crate-ci/typos) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).


Updates `crate-ci/typos` from 1.16.21 to 1.16.22
- [Release notes](https://github.com/crate-ci/typos/releases)
- [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/typos/compare/v1.16.21...v1.16.22)

Updates `aquasecurity/trivy-action` from 0.13.0 to 0.13.1
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/b77b85c0254bba6789e787844f0585cde1e56320...f78e9ecf42a1271402d4f484518b9313235990e1)

---
updated-dependencies:
- dependency-name: crate-ci/typos
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-06 11:20:25 -06:00
dependabot[bot] 6b7858c516 ci: bump the github-actions group with 2 updates (#10420) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-30 11:25:37 +00:00
dependabot[bot] 2c19995712 ci: bump the github-actions group with 2 updates (#9620) 
Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [crate-ci/typos](https://github.com/crate-ci/typos).


Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

Updates `crate-ci/typos` from 1.16.10 to 1.16.11
- [Release notes](https://github.com/crate-ci/typos/releases)
- [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/typos/compare/v1.16.10...v1.16.11)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: crate-ci/typos
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-12 10:22:22 +03:00
dependabot[bot] c31292abe8 ci: bump the github-actions group with 2 updates (#9509) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-04 16:29:56 +03:00
Muhammad Atif Ali 31b7de6a3e chore: upgrade go to 1.20.7 (#8923) 
* chore: upgrade go to 1.20.7

* remove unused env
 2023-08-08 09:20:36 +03:00
Colin Adler 502c7680a2 chore: fix release and security pipelines (#8891) 2023-08-03 18:40:47 -05:00
Colin Adler ed82b864d0 chore: reenable prisma image scan (#8810) 2023-07-31 10:12:24 -05:00
Muhammad Atif Ali 87f07b9f2f ci: reduce duplication (#8692) 
* ci: reduce duplication

* typo
 2023-07-24 10:51:43 +00:00
Muhammad Atif Ali ce114a7f9f chore: upgrade sqlc to 1.19.1 (#8511) 2023-07-15 09:07:19 +03:00
Muhammad Atif Ali be1013899f chore: use names for all GitHub actions steps and use sqlc setup action (#8495) 2023-07-13 22:46:18 +03:00
Muhammad Atif Ali 765fd29336 chore: upgrade go version to 1.20.6 (#8457) 2023-07-12 17:27:17 +03:00
Colin Adler ccea595b39 chore: temporarily skip prisma scan (#8355) 2023-07-07 00:48:29 +00:00
Colin Adler 7703bb77a7 ci: update sqlc version in security scan (#8135) 2023-06-21 13:53:41 -05:00
Colin Adler 15cba05dfc ci: scan images with sysdig (#8037) 2023-06-20 22:58:17 +00:00
Colin Adler ac605bad3d ci: scan images with prisma (#7988) 2023-06-12 23:11:45 +00:00
dependabot[bot] 0d71314ae1 chore: Bump aquasecurity/trivy-action from 0.10.0 to 0.11.2 (#7967) 
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.10.0 to 0.11.2.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/e5f43133f6e8736992c9f3c1b3296e24b37e17f2...41f05d9ecffa2ed3f1580af306000f734b733e54)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-12 21:22:10 +03:00
Colin Adler 003120882f chore: update Go to 1.20.5 (#7877) 2023-06-06 14:05:09 -05:00
Ammar Bandukwala 9810339fd6 ci: use Buildjet and faster Windows runners (#7751) 2023-06-01 00:06:37 -05:00
Marcin Tojek 4eb0baa849 chore: update protoc-gen-go (#7708) 2023-05-30 10:24:34 +02:00
Colin Adler 0c074742a5 fix(ci): manually select Go version (#7654) 2023-05-24 07:47:44 +00:00
Colin Adler f72d8e95a4 fix(ci): add mockgen to trivy scan (#7655) 2023-05-23 17:09:16 -04:00
Colin Adler 75b0643623 chore: enable dependabot for coder base image (#7550) 2023-05-16 19:09:45 +00:00
dependabot[bot] 0bf00d6122 chore: bump aquasecurity/trivy-action from 0.9.2 to 0.10.0 (#7333) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-01 11:15:09 -05:00
Dean Sheather c18ed6197c chore: fix trivy ci workflow (#7023) 2023-04-05 21:36:04 +00:00
dependabot[bot] d2bfa2b9a0 chore: bump aquasecurity/trivy-action from 0.9.1 to 0.9.2 (#6945) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-02 23:37:06 -05:00
dependabot[bot] 5200591264 chore: bump actions/setup-go from 3 to 4 (#6946) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-01 16:34:58 -05:00
Dean Sheather 66a6b590a1 feat: add template max_ttl (#6114) 
Co-authored-by: Bruno Quaresma <bruno@coder.com>
 2023-03-07 14:14:58 +00:00
Kyle Carberry 034641dc77 chore: migrate security checks to run on a cron (#6477) 
They were taking a long time and seemed to be reducing concurrency
for our other CI actions.
 2023-03-06 21:46:40 -06:00
dependabot[bot] 570b7f95d2 chore: bump aquasecurity/trivy-action from 0.8.0 to 0.9.1 (#6385) 
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.8.0 to 0.9.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/9ab158e8597f3b310480b9a69402b419bc03dbd5...8bd2f9fbda2109502356ff8a6a89da55b1ead252)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-01 15:19:13 -06:00