privilegedescalation/org
12
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
26 Commits 17 Branches 0 Tags
cfb35fe73d42fa0c3d444e8b432c2dcb2150c548
Commit Graph

26 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hugh Hackman[bot] cfb35fe73d ci: update actions/checkout from v4 to v6 in all reusable workflows 
actions/checkout v6 was already adopted in headlamp-agent-skills.
This brings the org-level reusable workflows (plugin-ci, plugin-release,
ci-health-check) up to the same version. Affects all plugin repos that
call these shared workflows.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-18 07:24:02 +00:00
hugh-hackman[bot] 538a7bf024 ci: use binary download for gh CLI install on self-hosted runners (#18) 
The apt-based gh CLI install requires sudo which is not available on our
self-hosted container runners. Replace with a direct binary download from
GitHub releases that works without elevated permissions.

Fixes the "gh: command not found" error in the release workflow's
"Create PR for version bump" step.

Co-authored-by: Hugh Hackman <hugh@privilegedescalation.com>
Co-authored-by: Paperclip <noreply@paperclip.ing>
 2026-03-17 17:44:34 +00:00
null-pointer-nancy[bot] 7e18b2eb90 Merge pull request #16 from privilegedescalation/fix/release-workflow-install-gh-cli 
ci: install gh CLI in release workflow for self-hosted runners
 2026-03-17 12:46:44 +00:00
Hugh Hackman 4c0ad08db3 ci: install gh CLI in release workflow for self-hosted runners 
The self-hosted runner (local-ubuntu-latest) does not have gh CLI
pre-installed, causing the PR creation step to fail with
"gh: command not found" after the release is published.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-17 12:34:16 +00:00
hugh-hackman[bot] 510569be7b ci: remove Docker container from release workflow 
Remove container: node from the release job to avoid Docker Hub rate
limits on self-hosted runners. Uses actions/setup-node@v4 instead,
matching the pattern already applied in plugin-ci.yaml (PR#14).

Changes:
- Remove container: node:${{ inputs.node-version }}
- Add setup-node@v4 step with npm cache after checkout
- Remove apt-get install step (jq, curl, git already on runner)
- Remove manual GitHub CLI install step (gh already on runner)

Co-authored-by: Hugh Hackman <hugh@privilegedescalation.com>
Co-authored-by: Paperclip <noreply@paperclip.ing>
 2026-03-16 10:52:05 +00:00
hugh-hackman[bot] d0b4428af7 fix: remove Docker container from CI, use setup-node instead 
Eliminates Docker Hub rate limit by replacing container: node:22 with setup-node@v4.
Also fixes release workflow branch creation order.

Closes privilegedescalation/.github#14

Co-Authored-By: Paperclip <noreply@paperclip.ing>
 2026-03-15 16:55:37 +00:00
addison-addington[bot] e97fee87af Add FUNDING.yml for org-wide GitHub Sponsors 
Co-authored-by: addison-addington[bot] <266309314+addison-addington[bot]@users.noreply.github.com>
 2026-03-11 21:43:22 +00:00
hugh-hackman[bot] cd6bbb2481 ci: automate ci health checks (#11) 
Co-authored-by: gandalf-the-greybeard[bot] <gandalf-the-greybeard[bot]@users.noreply.github.com>
 2026-03-11 01:52:08 +00:00
hugh-hackman[bot] 0ef78ac580 feat: make reusable workflows strictly container-native (#10) 
Co-authored-by: gandalf-the-greybeard[bot] <gandalf-the-greybeard[bot]@users.noreply.github.com>
 2026-03-10 23:44:40 +00:00
Chris Farhood 4361c131f0 Merge pull request #9 from privilegedescalation/fix/release-workflow-branch-protection 
fix: release workflow creates PR instead of pushing to main
 2026-03-09 17:09:10 -04:00
Chris Farhood 70252f4175 Merge pull request #7 from privilegedescalation/fix/release-tag-guard 
fix: add tag-exists guard to release workflow
 2026-03-09 17:08:57 -04:00
Chris Farhood 62533d9944 Merge pull request #6 from privilegedescalation/chore/add-npm-audit-to-ci 
ci: add npm audit to shared plugin CI
 2026-03-09 17:08:42 -04:00
Chris Farhood 140a716ed5 Merge pull request #5 from privilegedescalation/feat/org-renovate-preset 
feat: add org-level Renovate preset
 2026-03-09 17:08:22 -04:00
gandalf-the-greybeard[bot] 7a035654c9 feat: auto-merge and cleanup release version bump PRs 
The release PR is just a version bump + checksum update. Enable
auto-merge with squash and delete the release branch after merge
to prevent branch accumulation.
 2026-03-09 19:22:10 +00:00
gandalf-the-greybeard[bot] caee689f15 fix: release workflow creates PR instead of pushing to main 
The release workflow pushed directly to main which fails on repos
with branch protection enabled. This broke the polaris plugin v0.7.0
release.

Changes:
- Create release/vX.Y.Z branch instead of committing to main
- Push to the release branch + tags
- Create a PR to merge the version bump back to main
- Add pull-requests: write permission
 2026-03-09 19:18:07 +00:00
null-pointer-nancy[bot] 8b29b476d5 chore: add Apache-2.0 LICENSE 2026-03-09 10:21:49 +00:00
gandalf-the-greybeard[bot] 254bd4fbc3 fix: add tag-exists guard to release workflow 
Fail fast when a release tag already exists instead of running the
full build+package cycle only to fail at git push. Saves CI time on
duplicate workflow_dispatch triggers.
 2026-03-09 06:20:52 +00:00
gandalf-the-greybeard[bot] 991278ebac ci: add npm audit step to shared plugin CI workflow 
Adds a security audit step (npm audit --omit=dev) to catch known
vulnerabilities in production dependencies. Runs after tests so build
failures are reported before audit findings. Uses --omit=dev to focus
on production-facing risk.

This covers all 6 plugin repos that use the shared workflow.
 2026-03-08 19:02:12 +00:00
hugh-hackman[bot] 9a670fe75e feat: add org-level Renovate preset for Headlamp plugins 
All 6 plugin repos use identical Renovate configs. This org-level
preset provides a single source of truth. Plugin repos can extend
it with: "extends": ["local>privilegedescalation/.github:renovate-config"]

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-08 13:19:34 +00:00
Chris Farhood 5ca5a7ef45 Merge pull request #4 from privilegedescalation/feat/reusable-plugin-workflows 
feat: add reusable CI and release workflows for Headlamp plugins
 2026-03-07 22:14:36 -05:00
hugh-hackman[bot] 521d120425 feat: add reusable CI and release workflows for Headlamp plugins 2026-03-08 00:44:51 +00:00
Chris Farhood 99012ddbbc Merge pull request #3 from privilegedescalation/feat/org-funding-yml 
Add org-wide FUNDING.yml for GitHub Sponsors
 2026-03-07 11:14:29 -05:00
Chris Farhood 180dc6dd0d Merge pull request #2 from privilegedescalation/feat/org-profile-readme 
Add org profile README
 2026-03-07 11:14:16 -05:00
addison-addington[bot] 5130e05169 Add org-wide FUNDING.yml for GitHub Sponsors 2026-03-07 16:12:53 +00:00
shitposting-samuel[bot] bbf04fa437 Add org profile README with plugin showcase 2026-03-07 16:09:44 +00:00
Addison Addington 1d376527cc Initial commit 2026-03-07 15:23:04 +00:00