mapk0yのブックマーク - はてなブックマーク

Security hardening your deployments - GitHub Docs

Use OpenID Connect within your workflows to authenticate with your cloud provider.

mapk0y 2021/10/28

GitHub

リンク

About Enterprise Managed Users - GitHub Enterprise Cloud Docs

About Enterprise Managed Users With Enterprise Managed Users, you manage the lifecycle and authentication of your users on GitHub.com from an external identity management system, or IdP. You can provide access to GitHub Enterprise Cloud to people who have existing identities and group membership on your IdP. Your IdP provisions new user accounts with access to your enterprise on GitHub.com. You co

mapk0y 2021/10/19

GitHub

リンク

Reusing workflows - GitHub Docs

Overview Rather than copying and pasting from one workflow to another, you can make workflows reusa ble. You and anyone with access to the reusa ble workflow can then call the reusa ble workflow from another workflow. Reusing workflows avoids duplication. This makes workflows easier to maintain and allows you to create new workflows more quickly by building on the work of others, just as you do with

mapk0y 2021/10/05

GitHub Actions

リンク

Automating Dependabot with GitHub Actions - GitHub Docs

About Dependabot and GitHub Actions Dependabot creates pull requests to keep your dependencies up to date, and you can use GitHub Actions to perform automated tasks when these pull requests are created. For example, fetch additional artifacts, add labels, run tests, or otherwise modifying the pull request. Responding to events Dependabot is able to trigger GitHub Actions workflows on its pull requ

mapk0y 2021/09/09

設定がちょっと面倒くさい

GitHub

リンク

Security hardening for GitHub Actions - GitHub Docs

Overview This guide explains how to configure security hardening for certain GitHub Actions features. If the GitHub Actions concepts are unfamiliar, see "Understanding GitHub Actions." Using secrets Sensitive values should never be stored as plaintext in workflow files, but rather as secrets. Secrets can be configured at the organization, repository, or environment level, and allow you to store se

mapk0y 2021/08/13

あとで読む

リンク

Configuration options for the dependabot.yml file - GitHub Docs

About the dependabot.yml file The Dependabot configuration file, dependabot.yml, uses YAML syntax. If you're new to YAML and want to learn more, see "Learn YAML in five minutes." You must store this file in the .github directory of your repository in the default branch. When you add or update the dependabot.yml file, this triggers an immediate check for version updates. For more information and an