Skip to content

Fix/schedule for kics #351

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 5, 2024
Merged

Fix/schedule for kics #351

merged 3 commits into from
Nov 5, 2024

Conversation

@widhalmt
Copy link
Member

@widhalmt widhalmt commented Nov 5, 2024

Introduce 2 new incidents that will trigger a KICS (security scan) run:

This will fix the fact that KICS only runs on Pull Requests but does not work as code scanning utility the way GitHub means it.

@widhalmt widhalmt added the bug Something isn't working label Nov 5, 2024
@widhalmt widhalmt self-assigned this Nov 5, 2024
@widhalmt
Copy link
Member Author

widhalmt commented Nov 5, 2024

Looking at the tests that ran I see KICS two times. Once for the push and once for the pull request. What do you think how should we get rid of one of the tests? Just use push?

@tbauriedel tbauriedel enabled auto-merge November 5, 2024 12:30
@tbauriedel tbauriedel disabled auto-merge November 5, 2024 12:31
@tbauriedel
Copy link
Contributor

tbauriedel commented Nov 5, 2024
edited
Loading

I would not add it to push.
Since we enforce users to create a PR, it should be enough to run that job on PRs and cron-based for main.

As you can see in this PR, the action is triggered twice. One for push and one for PR.

tbauriedel
tbauriedel suggested changes Nov 5, 2024
View reviewed changes
@widhalmt widhalmt added this pull request to the merge queue Nov 5, 2024
Merged via the queue into main with commit 3c7a91b Nov 5, 2024
10 checks passed
@widhalmt widhalmt deleted the fix/schedule-for-kics branch November 5, 2024 15:27
ivareri pushed a commit to ivareri/ansible-collection-elasticstack that referenced this pull request Jun 17, 2025
@widhalmt
Fix/schedule for kics (NETWAYS#351)
b3c0302 
Introduce 2 new incidents that will trigger a KICS (security scan) run:

* Weekly scheduled by cron
* On every `push`. We can rework that later. But it should be the
fastest way of getting results into
https://github.com/NETWAYS/ansible-collection-elasticstack/security
right now. Which will help with assigning tasks.

This will fix the fact that KICS only runs on Pull Requests but does not
work as code scanning utility the way GitHub means it.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@afeefghannam89 afeefghannam89 Awaiting requested review from afeefghannam89

1 more reviewer

@tbauriedel tbauriedel tbauriedel approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@widhalmt widhalmt

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@widhalmt @tbauriedel