Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 github-actions[bot]
|
d3ce76e457 |
@@ -1,20 +0,0 @@
|
|||||||
name: Promotion Gate
|
|
||||||
|
|
||||||
# Calls the shared promotion gate workflow.
|
|
||||||
# dev PRs: no gate (engineer self-merges).
|
|
||||||
# uat PRs: QA approval required.
|
|
||||||
# main PRs: UAT approval required (uat→main promotions).
|
|
||||||
|
|
||||||
on:
|
|
||||||
pull_request_review:
|
|
||||||
types: [submitted, dismissed]
|
|
||||||
pull_request:
|
|
||||||
branches: [uat, main]
|
|
||||||
types: [opened, reopened, synchronize]
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
promotion-gate:
|
|
||||||
uses: privilegedescalation/.github/.github/workflows/dual-approval-check.yaml@main
|
|
||||||
secrets: inherit
|
|
||||||
with:
|
|
||||||
pr_number: ${{ github.event.pull_request.number }}
|
|
||||||
+2
-2
@@ -31,5 +31,5 @@ annotations:
|
|||||||
headlamp/plugin/version-compat: ">=0.26"
|
headlamp/plugin/version-compat: ">=0.26"
|
||||||
headlamp/plugin/distro-compat: "in-cluster"
|
headlamp/plugin/distro-compat: "in-cluster"
|
||||||
changes:
|
changes:
|
||||||
- kind: fixed
|
- kind: added
|
||||||
description: "Fix archive URL to point to GitHub v0.1.3 release and bump version"
|
description: "Initial v0.1.0 release"
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
# Artifact Hub repository metadata
|
# Artifact Hub repository metadata
|
||||||
# https://artifacthub.io/docs/topics/repositories/#repository-metadata-file
|
# https://artifacthub.io/docs/topics/repositories/#repository-metadata-file
|
||||||
repositoryID: "3648e8a8-54f7-474c-9977-00ec3b4ea1e1"
|
repositoryID: ""
|
||||||
owners:
|
owners:
|
||||||
- name: privilegedescalation
|
- name: privilegedescalation
|
||||||
email: chris@farhood.org
|
email: chris@farhood.org
|
||||||
|
|||||||
@@ -1,20 +0,0 @@
|
|||||||
{
|
|
||||||
// Allowlist for inherited dev-dependency CVEs from @kinvolk/headlamp-plugin
|
|
||||||
// CTO decision (PRI-854): these high-severity vulns are dev/build-time only,
|
|
||||||
// trace to @kinvolk/headlamp-plugin transitive deps (Picomatch, Vite, lodash),
|
|
||||||
// and do NOT ship in production plugin artifacts.
|
|
||||||
"allowlist": [
|
|
||||||
{
|
|
||||||
"id": "GHSA-hhpm-516h-p3p6",
|
|
||||||
"reason": "Picomatch ReDoS: devDependency only, does not ship in production plugin bundle"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "GHSA-36xf-7xpp-53w5",
|
|
||||||
"reason": "Vite arbitrary file read: devDependency only, does not ship in production plugin bundle"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "GHSA-jf8v-p3pp-93qh",
|
|
||||||
"reason": "lodash code injection via _.template: devDependency only, does not ship in production plugin bundle"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
+1
-1
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "@privilegedescalation/headlamp-argocd-plugin",
|
"name": "@privilegedescalation/headlamp-argocd-plugin",
|
||||||
"version": "0.1.2",
|
"version": "0.1.3",
|
||||||
"description": "Headlamp plugin for ArgoCD visibility — monitors ArgoCD Applications, Rollouts, and health status",
|
"description": "Headlamp plugin for ArgoCD visibility — monitors ArgoCD Applications, Rollouts, and health status",
|
||||||
"repository": {
|
"repository": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
|
|||||||
Reference in New Issue
Block a user