Skip to content

chore: sync security config files#1211

Merged
dbasunag merged 5 commits intomainfrom
security/sync-configs
Mar 13, 2026
Merged

chore: sync security config files#1211
dbasunag merged 5 commits intomainfrom
security/sync-configs

Conversation

@security-config-sync
Copy link
Copy Markdown
Contributor

@security-config-sync security-config-sync bot commented Mar 12, 2026

Summary

This PR syncs security scanning configuration files from the central security-config repository, managed by the @opendatahub-io/odh-platform-security team.

Files

File Status
semgrep.yaml Updated
.gitleaks.toml Updated

What does this mean for your team?

  • No action required from reviewers beyond merging this PR
  • These files are protected by an org-level push ruleset — they cannot be modified directly in this repo
  • Future updates will be synced automatically via PRs from the security-config repo
  • CodeRabbit and Semgrep will use these configs when reviewing PRs on this repo

For questions or customization requests, open an issue on opendatahub-io/security-config.

@security-config-sync security-config-sync bot requested a review from a team as a code owner March 12, 2026 10:39
mwaykole
mwaykole previously approved these changes Mar 12, 2026
View reviewed changes
@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 12, 2026

The following are automatically added/executed:

  • PR size label.
  • Run pre-commit
  • Run tox
  • Add PR author as the PR assignee
  • Build image based on the PR

Available user actions:

  • To mark a PR as WIP, add /wip in a comment. To remove it from the PR comment /wip cancel to the PR.
  • To block merging of a PR, add /hold in a comment. To un-block merging of PR comment /hold cancel.
  • To mark a PR as approved, add /lgtm in a comment. To remove, add /lgtm cancel.
    lgtm label removed on each new commit push.
  • To mark PR as verified comment /verified to the PR, to un-verify comment /verified cancel to the PR.
    verified label removed on each new commit push.
  • To Cherry-pick a merged PR /cherry-pick <target_branch_name> to the PR. If <target_branch_name> is valid,
    and the current PR is merged, a cherry-picked PR would be created and linked to the current PR.
  • To build and push image to quay, add /build-push-pr-image in a comment. This would create an image with tag
    pr-<pr_number> to quay repository. This image tag, however would be deleted on PR merge or close action.
Supported labels

{'/hold', '/cherry-pick', '/wip', '/lgtm', '/verified', '/build-push-pr-image'}

@dbasunag dbasunag enabled auto-merge (squash) March 13, 2026 16:51
@dbasunag
Copy link
Copy Markdown
Collaborator

dbasunag commented Mar 13, 2026

/lgtm

@dbasunag dbasunag merged commit 5517962 into main Mar 13, 2026
8 checks passed
@dbasunag dbasunag deleted the security/sync-configs branch March 13, 2026 20:15
@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 13, 2026

Status of building tag latest: success.
Status of pushing tag latest to image registry: success.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dbasunag dbasunag dbasunag approved these changes

@rhods-ci-bot rhods-ci-bot rhods-ci-bot approved these changes

@mwaykole mwaykole mwaykole left review comments

Assignees

@security-config-sync security-config-sync[bot]

Labels

lgtm-by-dbasunag lgtm-by-rhods-ci-bot size/l

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dbasunag @mwaykole @rhods-ci-bot