You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
-`cfn-guard-cdk` - validates `cdk.out` against cfn-guard rulesets and writes outputs to `.cfn_guard_out/`
177
181
-`cfn-guard-terraform` - validates `terraform_plans` against cfn-guard rulesets and writes outputs to `.cfn_guard_out/`
178
182
-`actionlint` - runs actionlint against GitHub Actions
179
-
-`secret-scan` - runs git-secrets (including scanning history) against the repository
183
+
-`secret-scan` - runs git-secrets or gitleaks (including scanning history) against the repository
180
184
-`guard-<ENVIRONMENT_VARIABLE>` - checks if an environment variable is set and errors if it is not
181
185
-`zizmor` - runs [zizmor](https://github.com/zizmorcore/zizmor) in the local directory to check github workflows and actions
182
186
-`syft-generate-sbom` - uses syft to generate an sbom in cyclonedx-json format. This *does not* include dev dependencies. Outputs file to .sbom/sbom.cdx.json.
@@ -369,7 +373,7 @@ CONTAINER_NAME=base \
369
373
370
374
# Cleaning up unused container images
371
375
372
-
There is a script to delete unused container images. This runs on every merge to main and deletes pull request images, and on a weekly schedule it deletes images created by CI.
376
+
There is a script to delete unused container images on github. This runs on every merge to main and deletes pull request images, and on a weekly schedule it deletes images created by CI.
373
377
You can run it manually using the following. Using the `dry-run` flag just shows what would be deleted
0 commit comments