Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 github-actions[bot]
|
d3ce76e457 |
@@ -1,20 +0,0 @@
|
|||||||
name: Promotion Gate
|
|
||||||
|
|
||||||
# Calls the shared promotion gate workflow.
|
|
||||||
# dev PRs: no gate (engineer self-merges).
|
|
||||||
# uat PRs: QA approval required.
|
|
||||||
# main PRs: UAT approval required (uat→main promotions).
|
|
||||||
|
|
||||||
on:
|
|
||||||
pull_request_review:
|
|
||||||
types: [submitted, dismissed]
|
|
||||||
pull_request:
|
|
||||||
branches: [uat, main]
|
|
||||||
types: [opened, reopened, synchronize]
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
promotion-gate:
|
|
||||||
uses: privilegedescalation/.github/.github/workflows/dual-approval-check.yaml@main
|
|
||||||
secrets: inherit
|
|
||||||
with:
|
|
||||||
pr_number: ${{ github.event.pull_request.number }}
|
|
||||||
+3
-3
@@ -1,4 +1,4 @@
|
|||||||
version: "0.1.2"
|
version: "0.1.3"
|
||||||
name: headlamp-argocd
|
name: headlamp-argocd
|
||||||
displayName: ArgoCD Headlamp Plugin
|
displayName: ArgoCD Headlamp Plugin
|
||||||
createdAt: "2026-04-21T00:00:00Z"
|
createdAt: "2026-04-21T00:00:00Z"
|
||||||
@@ -26,8 +26,8 @@ maintainers:
|
|||||||
provider:
|
provider:
|
||||||
name: privilegedescalation
|
name: privilegedescalation
|
||||||
annotations:
|
annotations:
|
||||||
headlamp/plugin/archive-url: "https://github.com/privilegedescalation/headlamp-argocd-plugin/releases/download/v0.1.2/privilegedescalation-headlamp-argocd-plugin-0.1.2.tar.gz"
|
headlamp/plugin/archive-url: "https://github.com/privilegedescalation/headlamp-argocd-plugin/releases/download/v0.1.3/privilegedescalation-headlamp-argocd-plugin-0.1.3.tar.gz"
|
||||||
headlamp/plugin/archive-checksum: sha256:e71f84913eed1fd7e2d074912e3bfa668c4b1fefcbb069731a4e4277a998ca28
|
headlamp/plugin/archive-checksum: sha256:cf96084b79a76b341b5f08d4e17ccf77b5de20f4178061ddc5b5e8dfa81d2743
|
||||||
headlamp/plugin/version-compat: ">=0.26"
|
headlamp/plugin/version-compat: ">=0.26"
|
||||||
headlamp/plugin/distro-compat: "in-cluster"
|
headlamp/plugin/distro-compat: "in-cluster"
|
||||||
changes:
|
changes:
|
||||||
|
|||||||
@@ -1,20 +0,0 @@
|
|||||||
{
|
|
||||||
// Allowlist for inherited dev-dependency CVEs from @kinvolk/headlamp-plugin
|
|
||||||
// CTO decision (PRI-854): these high-severity vulns are dev/build-time only,
|
|
||||||
// trace to @kinvolk/headlamp-plugin transitive deps (Picomatch, Vite, lodash),
|
|
||||||
// and do NOT ship in production plugin artifacts.
|
|
||||||
"allowlist": [
|
|
||||||
{
|
|
||||||
"id": "GHSA-hhpm-516h-p3p6",
|
|
||||||
"reason": "Picomatch ReDoS: devDependency only, does not ship in production plugin bundle"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "GHSA-36xf-7xpp-53w5",
|
|
||||||
"reason": "Vite arbitrary file read: devDependency only, does not ship in production plugin bundle"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"id": "GHSA-jf8v-p3pp-93qh",
|
|
||||||
"reason": "lodash code injection via _.template: devDependency only, does not ship in production plugin bundle"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
+1
-1
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "@privilegedescalation/headlamp-argocd-plugin",
|
"name": "@privilegedescalation/headlamp-argocd-plugin",
|
||||||
"version": "0.1.2",
|
"version": "0.1.3",
|
||||||
"description": "Headlamp plugin for ArgoCD visibility — monitors ArgoCD Applications, Rollouts, and health status",
|
"description": "Headlamp plugin for ArgoCD visibility — monitors ArgoCD Applications, Rollouts, and health status",
|
||||||
"repository": {
|
"repository": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
|
|||||||
Reference in New Issue
Block a user