Revision 39db9aa50ef0ec87db617aaa2c4df833f09b33e1 authored by Tom Hadlaw on 04 January 2024, 05:29:19 UTC, committed by Tom Hadlaw on 04 January 2024, 05:29:35 UTC
Signed-off-by: Tom Hadlaw <tom.hadlaw@isovalent.com>
1 parent 1d1449d
.clomonitor.yml
# CLOMonitor metadata file
exemptions:
- check: slack_presence
reason: "The Cilium slack community can be found at http://slack.cilium.io/" # Justification of this exemption
- check: dangerous_workflow
reason: >
"It is safe to run code checkout '${{ github.event.pull_request.head.sha }}'
and 'github.event.pull_request.head.ref' in .github/workflows/build-images-base.yaml
as this workflow is only permitted to be executed after an explicit approval of a
subset of committers."
- check: signed_releases
reason: >
"All Cilium release images are cryptographically signed during build by cosign.
Images are hosted in Quay. OpenSSF Scorecard check is currently limited to repositories
hosted on GitHub, and does not support other source hosting repositories."
- check: token_permissions
reason: >
"Reason to use every non-read-only token in GitHub workflows is commented in the respective workflow files."
![swh spinner](/static/img/swh-spinner.gif)
Computing file changes ...