Revision 0b1c46df9fba68701bcd2eb63e1df5d64b52ec03 authored by Tom Hadlaw on 12 June 2024, 19:48:32 UTC, committed by Tom Hadlaw on 12 June 2024, 19:48:32 UTC
Signed-off-by: Tom Hadlaw <tom.hadlaw@isovalent.com>
1 parent a1d0307
.clomonitor.yml
# CLOMonitor metadata file
exemptions:
- check: slack_presence
reason: "The Cilium slack community can be found at http://slack.cilium.io/" # Justification of this exemption
- check: dangerous_workflow
reason: >
"It is safe to run code checkout '${{ github.event.pull_request.head.sha }}'
and 'github.event.pull_request.head.ref' in .github/workflows/build-images-base.yaml
as this workflow is only permitted to be executed after an explicit approval of a
subset of committers."
- check: signed_releases
reason: >
"All Cilium release images are cryptographically signed during build by cosign.
Images are hosted in Quay. OpenSSF Scorecard check is currently limited to repositories
hosted on GitHub, and does not support other source hosting repositories."
- check: token_permissions
reason: >
"Reason to use every non-read-only token in GitHub workflows is commented in the respective workflow files."
![swh spinner](/static/img/swh-spinner.gif)
Computing file changes ...