diff --git a/.github/workflows/build-page.yml b/.github/workflows/build-page.yml
index f81a767..7c733cc 100644
--- a/.github/workflows/build-page.yml
+++ b/.github/workflows/build-page.yml
@@ -31,14 +31,14 @@ jobs:
run: git clone https://gitlab.eclipse.org/eclipsefdn/security/otterdog.git
- name: Checkout EclipseFdn/otterdog-configs
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+ uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
with:
repository: EclipseFdn/otterdog-configs
path: otterdog-configs
# checkout the HEAD ref
- name: Checkout HEAD
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+ uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
with:
path: ${{ github.repository_owner }}
@@ -76,7 +76,7 @@ jobs:
working-directory: otterdog-configs
- name: Upload generated site content
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3
+ uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
with:
name: generated-site
path: |
@@ -88,7 +88,7 @@ jobs:
runs-on: ubuntu-latest
needs: generate-markdown
steps:
- - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
+ - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v3
- name: Download generated site content
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3
with:
@@ -108,7 +108,7 @@ jobs:
- name: Setup Pages
uses: actions/configure-pages@f156874f8191504dae5b037505266ed5dda6c382 # v3
- name: Upload artifact
- uses: actions/upload-pages-artifact@84bb4cd4b733d5c320c9c9cfbc354937524f4d64 # v1
+ uses: actions/upload-pages-artifact@a753861a5debcf57bf8b404356158c8e1e33150c # v1
deploy:
environment:
@@ -119,4 +119,4 @@ jobs:
steps:
- name: Deploy to GitHub Pages
id: deployment
- uses: actions/deploy-pages@12ab2b16cf43a7a061fe99da74b6f8f11fb77f5b # pin@v2
+ uses: actions/deploy-pages@9dbe3824824f8a1377b8e298bafde1a50ede43e5 # pin@v2
diff --git a/.github/workflows/show-config.yml b/.github/workflows/show-config.yml
deleted file mode 100644
index 948d9b3..0000000
--- a/.github/workflows/show-config.yml
+++ /dev/null
@@ -1,69 +0,0 @@
-name: Show Otterdog Configuration
-
-on:
- workflow_dispatch:
- push:
- branches:
- - 'main'
- paths:
- - 'otterdog/*.jsonnet'
- - 'otterdog/*.json'
-
-permissions:
- contents: read
-
-jobs:
- show:
- # do not run the workflow in the template repo itself
- if: ${{ !contains (github.repository, '/.eclipsefdn-template') }}
- runs-on: ubuntu-latest
- steps:
- - name: Checkout OtterDog
- run: git clone https://gitlab.eclipse.org/eclipsefdn/security/otterdog.git
-
- - name: Checkout EclipseFdn/otterdog-configs
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- with:
- repository: EclipseFdn/otterdog-configs
- path: otterdog-configs
-
- # checkout the HEAD ref
- - name: Checkout HEAD
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- with:
- path: ${{ github.repository_owner }}
-
- - name: Install jsonnet-bundler
- run: |
- go install -a github.com/jsonnet-bundler/jsonnet-bundler/cmd/jb@v0.5.1
- echo $(go env GOPATH)/bin >> $GITHUB_PATH
-
- - name: Install poetry
- run: pipx install poetry
-
- - name: Setup Python
- uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4.7.0
- with:
- python-version: '3.10'
- cache: 'poetry'
-
- - name: Install dependencies with poetry
- run: |
- poetry install --only=main
- working-directory: otterdog
-
- - name: Copy configuration from HEAD ref
- run: |
- mkdir -p orgs/${{ github.repository_owner }}
- cp -r ../${{ github.repository_owner }}/otterdog/* orgs/${{ github.repository_owner }}
- working-directory: otterdog-configs
-
- - name: Show complete Otterdog Configuration
- run: ../otterdog/otterdog.sh show ${{ github.repository_owner }} -c otterdog.json | tee "$GITHUB_WORKSPACE/config.txt"
- working-directory: otterdog-configs
-
- - name: Upload config.txt
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
- with:
- name: Otterdog config
- path: config.txt
diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
index b7fb3b9..2a1cccc 100644
--- a/.github/workflows/validate.yml
+++ b/.github/workflows/validate.yml
@@ -19,7 +19,7 @@ jobs:
run: git clone https://gitlab.eclipse.org/eclipsefdn/security/otterdog.git
- name: Checkout EclipseFdn/otterdog-configs
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+ uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
with:
repository: EclipseFdn/otterdog-configs
path: otterdog-configs
@@ -29,14 +29,14 @@ jobs:
# however, this validation workflow produces a diff between the changes in the PR with the base ref, thus
# doing this is acceptable, see https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
- name: Checkout HEAD ref of the PR
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+ uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
with:
ref: ${{ github.event.pull_request.head.sha }}
path: ${{ github.repository_owner }}
# checkout the base ref of the PR
- name: Checkout BASE ref of the PR (target branch)
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+ uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
with:
ref: ${{ github.base_ref }}
path: ${{ github.repository_owner }}-base
@@ -85,7 +85,7 @@ jobs:
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6.4.1
with:
script: |
- const commentText = 'Diff for ' + context.payload.pull_request.head.sha + ':';
+ const commentText = 'Diff for ' + process.env.GITHUB_SHA + ':';
const fs = require('fs');
const diff = fs.readFileSync(process.env.GITHUB_WORKSPACE + '/diff.txt').toString().trimEnd();
@@ -96,7 +96,7 @@ jobs:
fs.writeFileSync(process.env.GITHUB_WORKSPACE + '/comment.txt', body);
- name: Attach comment to PR
- uses: marocchino/sticky-pull-request-comment@f61b6cf21ef2fcc468f4345cdfcc9bda741d2343 # v2.6.2
+ uses: marocchino/sticky-pull-request-comment@efaaab3fd41a9c3de579aba759d2552635e590fd # v2.8.0
with:
hide_and_recreate: true
hide_classify: "OUTDATED"
diff --git a/docs/overrides/main.html b/docs/overrides/main.html
new file mode 100644
index 0000000..7c254cb
--- /dev/null
+++ b/docs/overrides/main.html
@@ -0,0 +1,11 @@
+{% extends "base.html" %}
+
+{% block site_meta %}
+ {{ super() }}
+
+
+
+
+
+
+{% endblock %}
diff --git a/otterdog/eclipse-uprotocol.jsonnet b/otterdog/eclipse-uprotocol.jsonnet
index 69c89e2..fa4ff03 100644
--- a/otterdog/eclipse-uprotocol.jsonnet
+++ b/otterdog/eclipse-uprotocol.jsonnet
@@ -6,15 +6,15 @@ orgs.newOrg('eclipse-uprotocol') {
dependabot_security_updates_enabled_for_new_repositories: false,
description: "",
members_can_change_project_visibility: false,
- members_can_change_repo_visibility: true,
- members_can_create_teams: false,
- members_can_delete_repositories: true,
name: "Eclipse uProtocol",
packages_containers_internal: false,
packages_containers_public: false,
readers_can_create_discussions: true,
two_factor_requirement: false,
web_commit_signoff_required: false,
+ workflows+: {
+ actions_can_approve_pull_request_reviews: false,
+ },
},
_repositories+:: [
orgs.newRepo('.github') {
@@ -46,12 +46,6 @@ orgs.newOrg('eclipse-uprotocol') {
secret_scanning_push_protection: "disabled",
web_commit_signoff_required: false,
},
- orgs.newRepo('uprotocol-spec') {
- allow_update_branch: false,
- description: "uProtocol Specifications",
- secret_scanning_push_protection: "disabled",
- web_commit_signoff_required: false,
- },
orgs.newRepo('uprotocol-sdk-rust') {
allow_update_branch: false,
description: "uProtocol Rust SDK",
@@ -76,5 +70,11 @@ orgs.newOrg('eclipse-uprotocol') {
secret_scanning_push_protection: "disabled",
web_commit_signoff_required: false,
},
+ orgs.newRepo('uprotocol-spec') {
+ allow_update_branch: false,
+ description: "uProtocol Specifications",
+ secret_scanning_push_protection: "disabled",
+ web_commit_signoff_required: false,
+ },
],
}