diff --git a/.github/actions/spelling/excludes.txt b/.github/actions/spelling/excludes.txt index 85fe237..c013ab5 100644 --- a/.github/actions/spelling/excludes.txt +++ b/.github/actions/spelling/excludes.txt @@ -46,4 +46,5 @@ ignore$ \.webp$ \.woff2?$ \.zip$ -^\.github/ +^\.github/actions/spelling/ +^\Q.github/workflows/spelling.yml\E$ diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt index a6c0ee5..dcc9cf2 100644 --- a/.github/actions/spelling/expect.txt +++ b/.github/actions/spelling/expect.txt @@ -1,3 +1,12 @@ buildx -myapp +buildx +cla codeql +dfd +healthz +myapp +nginx +notsigned +prcomment +readyz +softprops diff --git a/.github/actions/spelling/line_forbidden.patterns b/.github/actions/spelling/line_forbidden.patterns index 6fe8574..d52a2b6 100644 --- a/.github/actions/spelling/line_forbidden.patterns +++ b/.github/actions/spelling/line_forbidden.patterns @@ -1,4 +1,4 @@ -# Detect common combinations of valid words that are in fact invalid. +# Detect common combinations of valid words that are in fact invalid. # Useful for brand capitalizations # @@ -9,6 +9,10 @@ \sthe Mondoo Platform\b \sMondoo platform\b +# s.b. Compliance Hub +\scompliance hub\b +\sCompliance hubplatform\b + # # Industry Terms # @@ -44,6 +48,17 @@ # Product Names # +# s.b. Jira +\bJIRA\b + +# s.b. MariaDB +\bMaria DB\b +\bmariaDB\b +# \bmariaDb\b causes failures in MQL queries + +# s.b. PostgreSQL +\bPostgreSql\b + # s.b. Firefox \bFireFox\b @@ -87,6 +102,7 @@ # s.b. Red Hat \bRedHat\b +\bRedhat\b # s.b. AlmaLinux \bAlma Linux\b @@ -159,6 +175,10 @@ \bVcenter\b \bVCenter\b +# s.b. vSphere +\bVsphere\b +\bVSphere\b + # s.b. ESXi \bEsxi\b @@ -370,10 +390,9 @@ \bCloudBuild\b \bCloud build\b -# disabled for now in this repo due to false positives # s.b. Cloud Run -# \bCloudRun\b -# \bCloud run\b +\bCloudRun\b +\bCloud run\b # # Azure Products @@ -381,7 +400,7 @@ # s.b. Key Vault \bKey vault\b -# \bKeyVault\b # disabled for now in this repo due to false positives +\bKeyVault\b # s.b. Ampere \bampere\b @@ -418,6 +437,8 @@ # s.b. Cosmos DB \bCosmosDB\b +\bCosmoDB\b +\bCosmo DB\b # s.b. SignalR Service \bSignalR service\b diff --git a/.github/actions/spelling/patterns.txt b/.github/actions/spelling/patterns.txt index 3c3a1d4..0f6ce24 100644 --- a/.github/actions/spelling/patterns.txt +++ b/.github/actions/spelling/patterns.txt @@ -66,3 +66,4 @@ uid:\s.*$ aws_session_token\s+\=(\s+)?.+ aws_access_key_id\s+\=(\s+)?.+ aws_secret_access_key\s+\=(\s+)?.+ + diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 5ace460..567aeae 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,6 +1,7 @@ +--- version: 2 updates: - - package-ecosystem: "github-actions" - directory: "/" + - package-ecosystem: github-actions + directory: / schedule: - interval: "weekly" + interval: weekly diff --git a/.github/workflows/spell-check.yaml b/.github/workflows/spell-check.yaml index ff89278..44a9aae 100644 --- a/.github/workflows/spell-check.yaml +++ b/.github/workflows/spell-check.yaml @@ -23,12 +23,12 @@ jobs: steps: - name: check-spelling id: spelling - uses: check-spelling/check-spelling@v0.0.21 + uses: check-spelling/check-spelling@v0.0.22 with: suppress_push_for_open_pull_request: 1 checkout: true post_comment: 0 - dictionary_source_prefixes: '{"mondoo": "https://raw.githubusercontent.com/mondoohq/spellcheck-dictionary/main/", "cspell": "https://raw.githubusercontent.com/check-spelling/cspell-dicts/v20220816/dictionaries/"}' + dictionary_source_prefixes: '{"mondoo": "https://raw.githubusercontent.com/mondoohq/spellcheck-dictionary/main/", "cspell": "https://raw.githubusercontent.com/check-spelling/cspell-dicts/v20230509/dictionaries/"}' extra_dictionaries: cspell:aws/aws.txt cspell:filetypes/filetypes.txt cspell:software-terms/src/software-terms.txt @@ -46,7 +46,7 @@ jobs: if: (success() || failure()) && needs.spelling.outputs.followup steps: - name: comment - uses: check-spelling/check-spelling@v0.0.21 + uses: check-spelling/check-spelling@v0.0.22 with: checkout: true task: ${{ needs.spelling.outputs.followup }} diff --git a/README.md b/README.md index 3513768..fbae0a2 100644 --- a/README.md +++ b/README.md @@ -23,18 +23,18 @@ To create a service account on Mondoo Platform: 1. Log in to [Mondoo Platform](https://console.mondoo.com) 2. Select the Space you want to integrate with your repository. -3. Click on **Settings** and then **Service Accounts**. -4. Click **ADD ACCOUNT**. -5. Select the **Base64-encoded** checkbox, and then click on the **GENERATE NEW CREDENTIALS** button. +3. Select **Settings** and then **Service Accounts**. +4. Select **ADD ACCOUNT**. +5. Select the **Base64-encoded** checkbox, and then select the **GENERATE NEW CREDENTIALS** button. 6. Copy the base64 encoded credentials and then move on to the next section. ### Add new GitHub Actions Secrets -1. Click on **Settings** in your GitHub repository. -2. Under the **Security** section click on **Actions**. -3. Click **New repository secret**. +1. Select **Settings** in your GitHub repository. +2. Under the **Security** section select **Actions**. +3. Select **New repository secret**. 4. Name the secret `MONDOO_SERVICE_ACCOUNT` and paste the base64 encoded credentials from the previous section into the value input. -5. Click **Add secret**. +5. Select **Add secret**. ## Examples Workflows diff --git a/github-org/action.yaml b/github-org/action.yaml index 0a7b989..3131a8a 100644 --- a/github-org/action.yaml +++ b/github-org/action.yaml @@ -1,5 +1,5 @@ -name: "Mondoo Github Organization Action" -description: "Scan Github organizations for misconfigurations with Mondoo" +name: "Mondoo GitHub Organization Action" +description: "Scan GitHub organizations for misconfigurations with Mondoo" branding: icon: "shield" color: "purple" diff --git a/github-repo/action.yaml b/github-repo/action.yaml index e5903cd..b14b8d6 100644 --- a/github-repo/action.yaml +++ b/github-repo/action.yaml @@ -1,5 +1,5 @@ -name: "Mondoo Github Repository Action" -description: "Scan Github repository for misconfigurations with Mondoo" +name: "Mondoo GitHub Repository Action" +description: "Scan GitHub repository for misconfigurations with Mondoo" branding: icon: "shield" color: "purple"