✨ GitLab: enable more checks in cron (ossf#3097)

* Enable checks * Binary-Artifacts * Code-Review * License * Vulnerabilities Signed-off-by: Raghav Kaul <raghavkaul@google.com> * Enable more checks * CII Best Practices * Fuzzing * Maintained * Packaging * Pinned-Dependencies * Signed-Releases Signed-off-by: Raghav Kaul <raghavkaul@google.com> * update repo name Signed-off-by: Raghav Kaul <raghavkaul@google.com> --------- Signed-off-by: Raghav Kaul <raghavkaul@google.com> Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
kgangerlm · Nov 13, 2023 · 5ea5567 · 5ea5567
1 parent 6babe04
commit 5ea5567
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 18 deletions.
diff --git a/cron/internal/data/gitlab-projects-selected.csv b/cron/internal/data/gitlab-projects-selected.csv
@@ -4,7 +4,7 @@ https://gitlab.com/gitlab-org/gitlab,
 https://gitlab.com/CalcProgrammer1/OpenRGB,
 https://gitlab.com/gitlab-org/gitlab-runner,
 https://gitlab.com/fdroid/fdroidclient,
-https://gitlab.com/bramw/baserow,
+https://gitlab.com/baserow/baserow,
 https://gitlab.com/AuroraOSS/AuroraStore,
 https://gitlab.com/graphviz/graphviz,
 https://gitlab.com/pgjones/quart,

diff --git a/cron/internal/worker/main.go b/cron/internal/worker/main.go
@@ -56,25 +56,25 @@ var (
 	// TODO, should probably be its own config/env var, as the checks we want to run
 	// per-platform will differ based on API cost/efficiency/implementation.
 	gitlabDisabledChecks = []string{
-		"Binary-Artifacts",
+		// "Binary-Artifacts",
 		"Branch-Protection",
-		"CII-Best-Practices",
-		"CI-Tests",
-		"Code-Review",
-		"Contributors",
-		"Dangerous-Workflow",
-		"Dependency-Update-Tool",
-		"Fuzzing",
-		"License",
-		"Maintained",
-		"Packaging",
-		"Pinned-Dependencies",
-		"SAST",
+		// "CII-Best-Practices",
+		"CI-Tests", // globally disabled
+		// "Code-Review",
+		"Contributors",           // globally disabled
+		"Dangerous-Workflow",     // not supported on gitlab
+		"Dependency-Update-Tool", // globally disabled, not supported on gitlab
+		// "Fuzzing",
+		// "License",
+		// "Maintained",
+		// "Packaging",
+		// "Pinned-Dependencies",
+		"SAST", // not supported on gitlab
 		// "Security-Policy",
-		"Signed-Releases",
-		"Token-Permissions",
-		"Vulnerabilities",
-		"Webhooks",
+		// "Signed-Releases",
+		"Token-Permissions", /// not supported on gitlab
+		// "Vulnerabilities",
+		"Webhooks", // globally disabled
 	}
 )