Skip to content

🌱 move security-insights.yml to .github/ and use upstream validator#930

Merged
metal3-io-bot merged 1 commit intometal3-io:mainfrom
Nordix:tuomo/amend-security-insights
Mar 4, 2026
Merged

🌱 move security-insights.yml to .github/ and use upstream validator#930
metal3-io-bot merged 1 commit intometal3-io:mainfrom
Nordix:tuomo/amend-security-insights

Conversation

@tuminoid
Copy link
Copy Markdown
Member

@tuminoid tuminoid commented Mar 2, 2026

  • Rename SECURITY_INSIGHTS.yml to .github/security-insights.yml to follow OSSF convention
  • Update self-referencing URLs in the file to match new path
  • Replace self-rolled CUE validation with revanite-io/security-insights-action, which auto-detects the schema version from the file (just rolled out but endorsed by ossf)
  • Bump actions/checkout from v4.3.1 to v6.0.2

This makes the repo root less congested as well as insights moves to .github and is "hidden".

@tuminoid
move security-insights.yml to .github/ and use upstream validator
0995135 
- Rename SECURITY_INSIGHTS.yml to .github/security-insights.yml
  to follow OSSF convention
- Update self-referencing URLs in the file to match new path
- Replace self-rolled CUE validation with
  revanite-io/security-insights-action, which auto-detects
  the schema version from the file
- Bump actions/checkout from v4.3.1 to v6.0.2

Signed-off-by: Tuomo Tanskanen <tuomo.tanskanen@est.tech>
@metal3-io-bot metal3-io-bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Mar 2, 2026
@tuminoid
Copy link
Copy Markdown
Member Author

tuminoid commented Mar 2, 2026

/override metal3-centos-e2e-integration-test-main
/override metal3-ubuntu-e2e-integration-test-main

@metal3-io-bot
Copy link
Copy Markdown
Contributor

metal3-io-bot commented Mar 2, 2026

@tuminoid: Overrode contexts on behalf of tuminoid: metal3-centos-e2e-integration-test-main, metal3-ubuntu-e2e-integration-test-main

Details

In response to this:

/override metal3-centos-e2e-integration-test-main
/override metal3-ubuntu-e2e-integration-test-main

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

lentzi90
lentzi90 reviewed Mar 3, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@lentzi90 lentzi90 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@metal3-io-bot metal3-io-bot added the lgtm Indicates that a PR is ready to be merged. label Mar 3, 2026
Rozzii
Rozzii reviewed Mar 4, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@Rozzii Rozzii left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@metal3-io-bot
Copy link
Copy Markdown
Contributor

metal3-io-bot commented Mar 4, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Rozzii

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@metal3-io-bot metal3-io-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 4, 2026
@metal3-io-bot metal3-io-bot merged commit 7494384 into metal3-io:main Mar 4, 2026
16 checks passed
@metal3-io-bot metal3-io-bot deleted the tuomo/amend-security-insights branch March 4, 2026 06:36
@metal3-io-bot metal3-io-bot added this to the ironic-image - v35.0 milestone Mar 4, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Rozzii Rozzii Rozzii left review comments

@zaneb zaneb Awaiting requested review from zaneb

+1 more reviewer

@lentzi90 lentzi90 lentzi90 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.

Projects

None yet

Milestone

ironic-image - v35.0

Development

Successfully merging this pull request may close these issues.

4 participants

@tuminoid @metal3-io-bot @lentzi90 @Rozzii