Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Run OpenSSF Scorecard in pipeline #2888

Merged
merged 1 commit into from
Oct 26, 2023
Merged

Run OpenSSF Scorecard in pipeline #2888

merged 1 commit into from
Oct 26, 2023

Conversation

maxgio92
Copy link
Member

What type of PR is this?

/kind feature

Any specific area of the project related to this PR?

/area CI

What this PR does / why we need it:

To improve the Falco's supply chain security and monitor it through common and standardized metrics.

Open Source Security Foundation Scorecard [1] is an automated tool that assesses a number of important checks associated with software security and assigns each check a score of 0-10.

Also, the OSSF Scorecard is one of the metrics monitored by the CNCF CLO Monitor [2].

  1. https://github.com/ossf/scorecard
  2. https://github.com/cncf/clomonitor

Which issue(s) this PR fixes:

Fixes #2887

Special notes for your reviewer:

NA

Does this PR introduce a user-facing change?:

NONE

@maxgio92
ci(.github): add ossf scorecard pipeline
6efc0a3 
Open Source Security Foundation Scorecard [1] is an automated tool
that assesses a number of important checks associated with
software security and assigns each check a score of 0-10.

Also, the OSSF Scorecard is one of the metrics monitored by
the CNCF CLO Monitor [2].

1. https://github.com/ossf/scorecard
2. https://github.com/cncf/clomonitor

Signed-off-by: Massimiliano Giovagnoli <[email protected]>
@poiana poiana added the size/M label Oct 24, 2023
@incertum
Copy link
Contributor

Supportive 🎉 ! @LucaGuerra could we get a review from you, thank you!

@LucaGuerra
Copy link
Contributor

Thanks @maxgio92 ! This is what we're going to see: https://clomonitor.io/projects/cncf/falco as you can see some of those checks are failing but should not because we fulfill the corresponding requirements, we can get our score up relatively easily :)

incertum
incertum approved these changes Oct 26, 2023
View reviewed changes
Copy link
Contributor

@incertum incertum left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@poiana
Copy link
Contributor

poiana commented Oct 26, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: incertum, LucaGuerra, maxgio92

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [LucaGuerra,incertum]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@incertum incertum added this to the 0.37.0 milestone Oct 26, 2023
@poiana poiana merged commit 1609ee8 into falcosecurity:master Oct 26, 2023
18 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@LucaGuerra LucaGuerra LucaGuerra approved these changes

@incertum incertum incertum approved these changes

@Kaizhe Kaizhe Awaiting requested review from Kaizhe

Assignees

@incertum incertum

@LucaGuerra LucaGuerra

Labels
approved area/ci dco-signoff: yes kind/feature lgtm release-note-none size/M
Projects
Falco Roadmap
Archived in project
Milestone
0.37.0
Development

Successfully merging this pull request may close these issues.

Add OpenSSF Scorecard scanner in pipeline
4 participants
@maxgio92 @incertum @LucaGuerra @poiana