[INFO] Why your repo is bugging you about a SECURITY_CONTACTS file
773 views
Skip to first unread message
Stephen Augustus
Dec 8, 2021, 9:32:54 PM12/8/21
to Kubernetes developer/contributor discussion
Hey Kubernetes Community!
Recently, a CI job that was not working for a while started working again, which is good and bad!
The job in question, secping, uses a tool by the same name to:
(secping expects the default branch of your repo to be named "master")
Last night, I updated my fork of the tool and did some updates to fix that: https://github.com/justaugustus/secping/pull/1
I then ran the updated tool across Kubernetes repos to close the issues that had been created (which is why you may have seen a canned message from me on affected repos).
The PR to fix the Prowjob is here.
Unfortunately, there was an issue with one of the blocking presubmits in k/test-infra, so this PR did not merge in time to save you from more GitHub comments/new issues.
I'll run the tool again shortly to tidy up and a link to this email will be in the close comment.
To read more about "why SECURITY_CONTACTS", see here.
Thanks for your patience (and sorry for the unexpected noise)!
Stephen
Recently, a CI job that was not working for a while started working again, which is good and bad!
The job in question, secping, uses a tool by the same name to:
- scan Kubernetes Community repos
- determine whether or not the repo has a SECURITY_CONTACTS file
(secping expects the default branch of your repo to be named "master")
Last night, I updated my fork of the tool and did some updates to fix that: https://github.com/justaugustus/secping/pull/1
I then ran the updated tool across Kubernetes repos to close the issues that had been created (which is why you may have seen a canned message from me on affected repos).
The PR to fix the Prowjob is here.
Unfortunately, there was an issue with one of the blocking presubmits in k/test-infra, so this PR did not merge in time to save you from more GitHub comments/new issues.
I'll run the tool again shortly to tidy up and a link to this email will be in the close comment.
To read more about "why SECURITY_CONTACTS", see here.
If you notice any issues with secping (that are not addressed by this PR), please feel free to file them here.
Shout-out to @jessfraz for authoring secping and the test-infra crew for resolving the merging-blocking issues today.
Thanks for your patience (and sorry for the unexpected noise)!
Stephen
Stephen Augustus
Dec 8, 2021, 10:17:34 PM12/8/21
to Kubernetes developer/contributor discussion
I've sent a bunch of issue /closes.
-- Stephen
Reply all
Reply to author
Forward
This conversation is locked
You cannot reply and perform actions on locked conversations.
0 new messages