Add resuable workflow summaries and sources

2026-01-07 19:50:22 +01:00 · 2024-04-16 21:33:59 +02:00
parent d1a4d18fca
commit 463a7a6062
12 changed files with 80 additions and 7 deletions
--- a/ql/lib/ext/generated/reusable-workflows/cloudposse_github-action-matrix-outputs-write.model.yml
+++ b/ql/lib/ext/generated/reusable-workflows/cloudposse_github-action-matrix-outputs-write.model.yml
@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: summaryModel
+    data:
+      - ["cloudposse/github-action-matrix-outputs-write/.github/workflows/setup-test.yml", "*", "input.matrix-key", "output.result", "taint", "manual"]
--- a/ql/lib/ext/generated/reusable-workflows/element-hq_element-desktop.model.yml
+++ b/ql/lib/ext/generated/reusable-workflows/element-hq_element-desktop.model.yml
@@ -8,4 +8,9 @@ extensions:
     - ["element-hq/element-desktop/.github/workflows/build_prepare.yaml", "*", "inputs.version", "code-injection", "generated"]
     - ["element-hq/element-desktop/.github/workflows/build_macos.yaml", "*", "inputs.base-url", "code-injection", "generated"]
     - ["element-hq/element-desktop/.github/workflows/build_macos.yaml", "*", "inputs.version", "code-injection", "generated"]
-     - ["element-hq/element-desktop/.github/workflows/build_linux.yaml", "*", "inputs.version", "code-injection", "generated"]
+     - ["element-hq/element-desktop/.github/workflows/build_linux.yaml", "*", "inputs.version", "code-injection", "generated"]
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: summaryModel
+    data:
+      - ["element-hq/element-desktop/.github/workflows/build_prepare.yaml", "*", "input.deploy", "output.deploy", "taint", "manual"]
--- a/ql/lib/ext/generated/reusable-workflows/envoyproxy_envoy.model.yml
+++ b/ql/lib/ext/generated/reusable-workflows/envoyproxy_envoy.model.yml
@@ -0,0 +1,7 @@
+extensions:
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: summaryModel
+    data:
+      - ["envoyproxy/envoy/.github/workflows/_load.yml", "*", "input.run-id", "output.run-id", "taint", "manual"]
+      - ["envoyproxy/envoy/.github/workflows/_load.yml", "*", "input.check-name", "output.check-name", "taint", "manual"]
--- a/ql/lib/ext/generated/reusable-workflows/hashgraph_hedera-services.model.yml
+++ b/ql/lib/ext/generated/reusable-workflows/hashgraph_hedera-services.model.yml
@@ -0,0 +1,7 @@
+extensions:
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: summaryModel
+    data:
+      - ["hashgraph/hedera-services/.github/workflows/zxc-publish-production-image.yaml", "*", "input.version", "output.docker-image-tag", "taint", "manual"]
+      - ["hashgraph/hedera-services/.github/workflows/zxc-publish-production-image.yaml", "*", "input.version", "output.docker-image", "taint", "manual"]
--- a/ql/lib/ext/generated/reusable-workflows/hashicorp_vault.model.yml
+++ b/ql/lib/ext/generated/reusable-workflows/hashicorp_vault.model.yml
@@ -13,4 +13,10 @@ extensions:
     - ["hashicorp/vault/.github/workflows/test-go.yml", "*", "inputs.go-arch", "code-injection", "generated"]
     - ["hashicorp/vault/.github/workflows/test-go.yml", "*", "inputs.binary-tests", "code-injection", "generated"]
     - ["hashicorp/vault/.github/workflows/test-go.yml", "*", "inputs.total-runners", "code-injection", "generated"]
-     - ["hashicorp/vault/.github/workflows/test-enos-scenario-ui.yml", "*", "inputs.storage_backend", "code-injection", "generated"]
+     - ["hashicorp/vault/.github/workflows/test-enos-scenario-ui.yml", "*", "inputs.storage_backend", "code-injection", "generated"]
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: summaryModel
+    data:
+      - ["hashicorp/vault/.github/workflows/build-artifacts-ce.yml", "*", "input.vault-version-package", "output.testable-packages", "taint", "manual"]
+      - ["hashicorp/vault/.github/workflows/build-artifacts-ce.yml", "*", "input.vault-revision", "output.testable-containers", "taint", "manual"]
--- a/ql/lib/ext/generated/reusable-workflows/hitobito_hitobito.model.yml
+++ b/ql/lib/ext/generated/reusable-workflows/hitobito_hitobito.model.yml
@@ -4,4 +4,12 @@ extensions:
      extensible: sinkModel
    data:
     - ["hitobito/hitobito/.github/workflows/sbom.yml", "*", "inputs.project_name", "code-injection", "generated"]
-     - ["hitobito/hitobito/.github/workflows/sbom.yml", "*", "inputs.dependency_track_url", "code-injection", "generated"]
+     - ["hitobito/hitobito/.github/workflows/sbom.yml", "*", "inputs.dependency_track_url", "code-injection", "generated"]
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: summaryModel
+    data:
+      - ["hitobito/hitobito/.github/workflows/stage-settings.yml", "*", "input.stage", "output.release_stage", "taint", "manual"]
+      - ["hitobito/hitobito/.github/workflows/stage-settings.yml", "*", "input.repository", "output.repo_url", "taint", "manual"]
+      - ["hitobito/hitobito/.github/workflows/stage-settings.yml", "*", "input.repository", "output.repo_name", "taint", "manual"]
+      - ["hitobito/hitobito/.github/workflows/stage-settings.yml", "*", "input.repository", "output.project", "taint", "manual"]
--- a/ql/lib/ext/generated/reusable-workflows/kubeshop_botkube.model.yml
+++ b/ql/lib/ext/generated/reusable-workflows/kubeshop_botkube.model.yml
@@ -4,4 +4,9 @@ extensions:
      extensible: sinkModel
    data:
     - ["kubeshop/botkube/.github/workflows/process-chart.yml", "*", "inputs.next-version", "code-injection", "generated"]
-     - ["kubeshop/botkube/.github/workflows/process-chart.yml", "*", "inputs.release-branch", "code-injection", "generated"]
+     - ["kubeshop/botkube/.github/workflows/process-chart.yml", "*", "inputs.release-branch", "code-injection", "generated"]
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: summaryModel
+    data:
+      - ["kubeshop/botkube/.github/workflows/process-chart.yml", "*", "input.next-version", "output.new-version", "taint", "manual"]
--- a/ql/lib/ext/generated/reusable-workflows/neondatabase_neon.model.yml
+++ b/ql/lib/ext/generated/reusable-workflows/neondatabase_neon.model.yml
@@ -0,0 +1,7 @@
+extensions:
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: summaryModel
+    data:
+      - ["neondatabase/neon/.github/workflows/build-build-tools-image.yml", "*", "input.image-tag", "output.image-tag", "taint", "manual"]
+      - ["neondatabase/neon/.github/workflows/build-build-tools-image.yml", "*", "input.image-tag", "output.image", "taint", "manual"]
--- a/ql/lib/ext/generated/reusable-workflows/puppeteer_puppeteer.model.yml
+++ b/ql/lib/ext/generated/reusable-workflows/puppeteer_puppeteer.model.yml
@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: sourceModel
+    data:
+      - ["puppeteer/puppeteer/.github/workflows/changed-packages.yml", "*", "output.changes", "Changed files", "manual"]
--- a/ql/lib/ext/generated/reusable-workflows/streetsidesoftware_cspell.model.yml
+++ b/ql/lib/ext/generated/reusable-workflows/streetsidesoftware_cspell.model.yml
@@ -3,4 +3,9 @@ extensions:
      pack: githubsecuritylab/actions-all
      extensible: sinkModel
    data:
-     - ["streetsidesoftware/cspell/.github/workflows/reuseable-pr-from-artifact.yml", "*", "inputs.patch_path", "code-injection", "generated"]
+     - ["streetsidesoftware/cspell/.github/workflows/reuseable-pr-from-artifact.yml", "*", "inputs.patch_path", "code-injection", "generated"]
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: summaryModel
+    data:
+      - ["streetsidesoftware/cspell/.github/workflows/reuseable-load-integrations-repo-list.yml", "*", "input.ref", "output.ref", "taint", "manual"]
--- a/ql/lib/ext/generated/reusable-workflows/tencent_hippy.model.yml
+++ b/ql/lib/ext/generated/reusable-workflows/tencent_hippy.model.yml
@@ -6,4 +6,10 @@ extensions:
     - ["tencent/hippy/.github/workflows/reuse_get_workflow_output.yml", "*", "inputs.workflow_run", "code-injection", "generated"]
     - ["tencent/hippy/.github/workflows/reuse_classify_commits.yml", "*", "inputs.pull_request_number", "code-injection", "generated"]
     - ["tencent/hippy/.github/workflows/reuse_approve_checks_run.yml", "*", "inputs.pull_request_head_sha", "code-injection", "generated"]
-     - ["tencent/hippy/.github/workflows/reuse_approve_checks_run.yml", "*", "inputs.pull_request_number", "code-injection", "generated"]
+     - ["tencent/hippy/.github/workflows/reuse_approve_checks_run.yml", "*", "inputs.pull_request_number", "code-injection", "generated"]
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: summaryModel
+    data:
+      - ["tencent/hippy/.github/workflows/reuse_approve_checks_run.yml", "*", "input.pull_request_head_sha", "output.pull_request_head_sha", "taint", "manual"]
+      - ["tencent/hippy/.github/workflows/reuse_approve_checks_run.yml", "*", "input.pull_request_number", "output.pull_request_number", "taint", "manual"]
--- a/ql/lib/ext/generated/reusable-workflows/zitadel_zitadel.model.yml
+++ b/ql/lib/ext/generated/reusable-workflows/zitadel_zitadel.model.yml
@@ -6,4 +6,9 @@ extensions:
     - ["zitadel/zitadel/.github/workflows/release.yml", "*", "inputs.image_name", "code-injection", "generated"]
     - ["zitadel/zitadel/.github/workflows/release.yml", "*", "inputs.build_image_name", "code-injection", "generated"]
     - ["zitadel/zitadel/.github/workflows/container.yml", "*", "inputs.build_image_name", "code-injection", "generated"]
-     - ["zitadel/zitadel/.github/workflows/compile.yml", "*", "inputs.version", "code-injection", "generated"]
+     - ["zitadel/zitadel/.github/workflows/compile.yml", "*", "inputs.version", "code-injection", "generated"]
+  - addsTo:
+      pack: githubsecuritylab/actions-all
+      extensible: summaryModel
+    data:
+      - ["zitadel/zitadel/.github/workflows/container.yml", "*", "input.build_image_name", "output.build_image", "taint", "manual"]