Skip to content

chore: add OpenSSF baseline scanner GitHub action #10054

Merged
mnencia merged 2 commits intomainfrom
dev/add_osps_assessment
Feb 25, 2026
Merged

chore: add OpenSSF baseline scanner GitHub action #10054
mnencia merged 2 commits intomainfrom
dev/add_osps_assessment

Conversation

@sxd
Copy link
Member

@sxd sxd commented Feb 24, 2026
edited by gbartolini
Loading

Integrate the OpenSSF Baseline Scanner GitHub Action into our pipeline to ensure the workflow returns zero failures.

Closes #10060

@sxd sxd requested review from a team, NiccoloFei, jsilvela and litaocdl as code owners February 24, 2026 19:25
@cnpg-bot cnpg-bot added backport-requested ◀️ This pull request should be backported to all supported releases release-1.25 release-1.27 release-1.28 labels Feb 24, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Feb 24, 2026

❗ By default, the pull request is configured to backport to all release branches.

  • To stop backporting this pr, remove the label: backport-requested ◀️ or add the label 'do not backport'
  • To stop backporting this pr to a certain release branch, remove the specific branch label: release-x.y

@dosubot dosubot bot added size:M This PR changes 30-99 lines, ignoring generated files. chore Intangible work to reduce technical debt github_actions Pull requests that update GitHub Actions code labels Feb 24, 2026
@sxd sxd added the no-issue label Feb 24, 2026
@sxd
Copy link
Member Author

sxd commented Feb 24, 2026

/ok-to-merge adding new workflow for security assessment

@cnpg-bot cnpg-bot added the ok to merge 👌 This PR can be merged label Feb 24, 2026
@gbartolini gbartolini changed the title chore: add OSPS Security Assessment chore: add OpenSSF baseline scanner GitHub action Feb 25, 2026
@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Feb 25, 2026
@sxd @mnencia
chore: add OSPS Security Assessment
00eb062 
Signed-off-by: Jonathan Gonzalez V. <[email protected]>
@mnencia mnencia force-pushed the dev/add_osps_assessment branch from c2e9f75 to 00eb062 Compare February 25, 2026 20:38
@mnencia
chore: pin actions to commit SHAs in OSPS workflow
7eb3139 
Pin all GitHub Actions to full commit SHAs and bump to
versions consistent with the rest of the repository. Fix
indentation of the with block for consistency.

Signed-off-by: Marco Nenciarini <[email protected]>
@mnencia mnencia merged commit 85bdcde into main Feb 25, 2026
16 of 19 checks passed
@mnencia mnencia deleted the dev/add_osps_assessment branch February 25, 2026 20:58
cnpg-bot pushed a commit that referenced this pull request Feb 25, 2026
@sxd @mnencia
chore: add OpenSSF baseline scanner GitHub action (#10054)
6c512d4 
Integrate the OpenSSF Baseline Scanner GitHub Action into our pipeline
to ensure the workflow returns zero failures.

Closes #10060

Signed-off-by: Jonathan Gonzalez V. <[email protected]>
Signed-off-by: Marco Nenciarini <[email protected]>
Co-authored-by: Marco Nenciarini <[email protected]>
(cherry picked from commit 85bdcde)
cnpg-bot pushed a commit that referenced this pull request Feb 25, 2026
@sxd @mnencia
chore: add OpenSSF baseline scanner GitHub action (#10054)
7169d42 
Integrate the OpenSSF Baseline Scanner GitHub Action into our pipeline
to ensure the workflow returns zero failures.

Closes #10060

Signed-off-by: Jonathan Gonzalez V. <[email protected]>
Signed-off-by: Marco Nenciarini <[email protected]>
Co-authored-by: Marco Nenciarini <[email protected]>
(cherry picked from commit 85bdcde)
cnpg-bot pushed a commit that referenced this pull request Feb 25, 2026
@sxd @mnencia
chore: add OpenSSF baseline scanner GitHub action (#10054)
4f2b144 
Integrate the OpenSSF Baseline Scanner GitHub Action into our pipeline
to ensure the workflow returns zero failures.

Closes #10060

Signed-off-by: Jonathan Gonzalez V. <[email protected]>
Signed-off-by: Marco Nenciarini <[email protected]>
Co-authored-by: Marco Nenciarini <[email protected]>
(cherry picked from commit 85bdcde)
@sxd sxd mentioned this pull request Feb 26, 2026
Closed
4 tasks
@gbartolini gbartolini mentioned this pull request Mar 6, 2026
Closed
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mnencia mnencia mnencia approved these changes

@gbartolini gbartolini gbartolini approved these changes

@jsilvela jsilvela Awaiting requested review from jsilvela jsilvela is a code owner

@NiccoloFei NiccoloFei Awaiting requested review from NiccoloFei NiccoloFei is a code owner

@litaocdl litaocdl Awaiting requested review from litaocdl litaocdl is a code owner

Assignees

No one assigned

Labels

backport-requested ◀️ This pull request should be backported to all supported releases chore Intangible work to reduce technical debt github_actions Pull requests that update GitHub Actions code lgtm This PR has been approved by a maintainer no-issue ok to merge 👌 This PR can be merged release-1.25 release-1.27 release-1.28 size:M This PR changes 30-99 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Security Slam 26] Achievement 4 - Mechanizer Badge (Automated Evaluation)

4 participants

@sxd @mnencia @gbartolini @cnpg-bot