Skip to content

Commit ec24f21

Browse files
Merge branch 'main' into pr-1404-3
2 parents 49146c7 + b7f3352 commit ec24f21

File tree

86 files changed

+244
-150
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

86 files changed

+244
-150
lines changed

.cspell.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@ words:
3838
- gemfile
3939
- Gitter
4040
- gruf
41+
- hibachrach
4142
- HTTPX
4243
- httpx
4344
- instrumenter

.github/actions/test_gem/action.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -84,7 +84,7 @@ runs:
8484
# ...but not for appraisals, sadly.
8585
- name: Install Ruby ${{ inputs.ruby }} with dependencies
8686
if: "${{ steps.setup.outputs.appraisals == 'false' }}"
87-
uses: ruby/setup-ruby@v1.221.0
87+
uses: ruby/setup-ruby@v1.229.0
8888
with:
8989
ruby-version: "${{ inputs.ruby }}"
9090
working-directory: "${{ steps.setup.outputs.gem_dir }}"
@@ -95,7 +95,7 @@ runs:
9595
# If we're using appraisals, do it all manually.
9696
- name: Install Ruby ${{ inputs.ruby }} without dependencies
9797
if: "${{ steps.setup.outputs.appraisals == 'true' }}"
98-
uses: ruby/setup-ruby@v1.221.0
98+
uses: ruby/setup-ruby@v1.229.0
9999
with:
100100
ruby-version: "${{ inputs.ruby }}"
101101
bundler: "latest"

.github/workflows/fossa.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ jobs:
1515
steps:
1616
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
1717

18-
- uses: fossas/fossa-action@93a52ecf7c3ac7eb40f5de77fd69b1a19524de94 # v1.5.0
18+
- uses: fossas/fossa-action@c0a7d013f84c8ee5e910593186598625513cc1e4 # v1.6.0
1919
with:
2020
api-key: ${{secrets.FOSSA_API_KEY}}
2121
team: OpenTelemetry

.github/workflows/installation-tests.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ jobs:
2525
- uses: actions/checkout@v4
2626
# ATTENTION: Dependabot does not know how to update shared actions file.
2727
# If you see it update setup-ruby here also update it as part of actions/test_gem/action.yml
28-
- uses: ruby/setup-ruby@v1.221.0
28+
- uses: ruby/setup-ruby@v1.229.0
2929
with:
3030
ruby-version: ${{ matrix.ruby-version }}
3131
- name: "Install Latest Gem Versions on ${{ matrix.ruby-version }}"
Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
name: OSSF Scorecard
2+
3+
on:
4+
push:
5+
branches:
6+
- main
7+
schedule:
8+
- cron: "18 23 * * 6" # once a week
9+
workflow_dispatch:
10+
11+
permissions: read-all
12+
13+
jobs:
14+
analysis:
15+
if: ${{ github.repository == 'open-telemetry/opentelemetry-ruby-contrib' }}
16+
runs-on: ubuntu-latest
17+
permissions:
18+
# Needed for Code scanning upload
19+
security-events: write
20+
# Needed for GitHub OIDC token if publish_results is true
21+
id-token: write
22+
steps:
23+
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
24+
with:
25+
persist-credentials: false
26+
27+
- uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
28+
with:
29+
results_file: results.sarif
30+
results_format: sarif
31+
publish_results: true
32+
33+
# Upload the results as artifacts (optional). Commenting out will disable
34+
# uploads of run results in SARIF format to the repository Actions tab.
35+
# https://docs.github.com/en/actions/advanced-guides/storing-workflow-data-as-artifacts
36+
- name: "Upload artifact"
37+
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
38+
with:
39+
name: SARIF file
40+
path: results.sarif
41+
retention-days: 5
42+
43+
# Upload the results to GitHub's code scanning dashboard (optional).
44+
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
45+
- name: "Upload to code-scanning"
46+
uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
47+
with:
48+
sarif_file: results.sarif

.github/workflows/release-hook-on-closed.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ jobs:
1212
runs-on: ubuntu-latest
1313
steps:
1414
- name: Install Ruby ${{ env.ruby_version }}
15-
uses: ruby/setup-ruby@v1.221.0
15+
uses: ruby/setup-ruby@v1.229.0
1616
with:
1717
ruby-version: ${{ env.ruby_version }}
1818
- name: Checkout repo

.github/workflows/release-hook-on-push.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ jobs:
1313
runs-on: ubuntu-latest
1414
steps:
1515
- name: Install Ruby ${{ env.ruby_version }}
16-
uses: ruby/setup-ruby@v1.221.0
16+
uses: ruby/setup-ruby@v1.229.0
1717
with:
1818
ruby-version: ${{ env.ruby_version }}
1919
- name: Checkout repo

.github/workflows/release-perform.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ jobs:
2222
runs-on: ubuntu-latest
2323
steps:
2424
- name: Install Ruby ${{ env.ruby_version }}
25-
uses: ruby/setup-ruby@v1.221.0
25+
uses: ruby/setup-ruby@v1.229.0
2626
with:
2727
ruby-version: ${{ env.ruby_version }}
2828
- name: Checkout repo

.github/workflows/release-please.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ jobs:
1717
name: Process Release
1818
runs-on: ubuntu-latest
1919
steps:
20-
- uses: googleapis/release-please-action@v4.1.4
20+
- uses: googleapis/release-please-action@v4.2.0
2121
id: prepare
2222
# with:
2323
# token: ${{ secrets.OPENTELEMETRYBOT_GITHUB_TOKEN }}
@@ -50,7 +50,7 @@ jobs:
5050
chmod 0600 $HOME/.gem/credentials
5151
printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
5252
53-
- uses: ruby/setup-ruby@v1.221.0
53+
- uses: ruby/setup-ruby@v1.229.0
5454
with:
5555
ruby-version: "3.1"
5656
bundler: latest

.github/workflows/release-request-weekly.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ jobs:
1212
runs-on: ubuntu-latest
1313
steps:
1414
- name: Install Ruby ${{ env.ruby_version }}
15-
uses: ruby/setup-ruby@v1.221.0
15+
uses: ruby/setup-ruby@v1.229.0
1616
with:
1717
ruby-version: ${{ env.ruby_version }}
1818
- name: Checkout repo

0 commit comments

Comments
 (0)