outscale
diff --git a/‎.github/codeql/extensions/codeql-pack.yml‎
Lines changed: 7 additions & 0 deletions b/‎.github/codeql/extensions/codeql-pack.yml‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎.github/codeql/extensions/models/trusted-owner.model.yml‎
Lines changed: 6 additions & 0 deletions b/‎.github/codeql/extensions/models/trusted-owner.model.yml‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎.github/local_action/start_ccm_e2e/action.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/local_action/start_ccm_e2e/action.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/build.yml‎
Lines changed: 3 additions & 15 deletions b/‎.github/workflows/build.yml‎
Lines changed: 3 additions & 15 deletions
diff --git a/‎.github/workflows/codeql.yml‎
Lines changed: 4 additions & 4 deletions b/‎.github/workflows/codeql.yml‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎.github/workflows/cred-scan.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/cred-scan.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/e2e_test.yml‎
Lines changed: 9 additions & 8 deletions b/‎.github/workflows/e2e_test.yml‎
Lines changed: 9 additions & 8 deletions
diff --git a/‎.github/workflows/github-sanity-scan.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/github-sanity-scan.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/publish-helm.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/publish-helm.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/publish.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/publish.yml‎
Lines changed: 1 addition & 1 deletion
@@ -0,0 +1,7 @@
+name: outscale/actions-extensions-model-pack
+version: 0.0.0
+library: true
+extensionTargets:
+  codeql/actions-all: '*'
+dataExtensions:
+  - models/**/*.yml
@@ -0,0 +1,6 @@
+extensions:
+  - addsTo:
+      pack: codeql/actions-all
+      extensible: trustedActionsOwnerDataModel
+    data:
+      - ["outscale"]
@@ -32,7 +32,7 @@ runs:
   using: "composite"
   steps:
     - name: ⬇️ Checkout CAPOSC
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
       with:
         repository: 'outscale/cluster-api-provider-outscale'
         path: "cluster-api-provider-outscale"
 
@@ -17,7 +17,7 @@ on:
       - "deploy/**"
       - "!tests/**"
   workflow_dispatch:
-    
+
 permissions:
   contents: read
 
@@ -26,15 +26,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: ⬇️ Checkout repository
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
     - name: 🔎 Docker Lint
       run: bash -c "make dockerlint"
     - name: 🔎 golangci-lint
-      uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9
-      with:
-        version: v2.7.1
-        args: --timeout=300s
-        only-new-issues: true
+      uses: outscale/goutils/.github/actions/lint@main
     - name: 🔎 Reuse check
       run: make lint-reuse
       shell: bash
@@ -46,11 +42,3 @@ jobs:
       run: bash -c "make check-helm-docs"
     - name: 🔎 Check manifest
       run: bash -c "make check-helm-manifest"
-    - name: 🔎 Trivy-Scan
-      id: trivyscan
-      run: make trivy-scan
-    # - name: Upload Trivy results
-    #   if: ${{ github.event_name != 'pull_request' }}
-    #   uses: github/codeql-action/upload-sarif@v4
-    #   with:
-    #     sarif_file: './.trivyscan/report.sarif'
@@ -28,18 +28,18 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4
+        uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4
         with:
           languages: ${{ matrix.language }}
           queries: +security-and-quality
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4
+        uses: github/codeql-action/autobuild@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4
+        uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4
         with:
           category: "/language:${{ matrix.language }}"
@@ -13,7 +13,7 @@ jobs:
   cred-scan:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
     - name: Scan credentials
       uses: outscale/cred-scan@main
       with:
 
@@ -17,26 +17,26 @@ on:
       - ".github/workflows/e2e_test.yml"
       - ".github/local_action/start_ccm_e2e/action.yml"
   workflow_dispatch:
-    
+
 permissions:
   contents: read
- 
+
 jobs:
   create_cluster:
     runs-on: [self-hosted, linux]
     steps:
     - name: ⬇️ Checkout
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
     - name: ⬇️ Install kubectl
-      uses: azure/setup-kubectl@776406bce94f63e41d621b960d78ee25c8b76ede # v4
+      uses: azure/setup-kubectl@829323503d1be3d00ca8346e5391ca0b07a9ab0d # v5
       with:
         version: v1.34.2
     - name: ⬇️ Install Helm
-      uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4
+      uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5
     - name: ⬇️ Install Python
-      uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6
+      uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6
     - name: ⬇️ Install Go
-      uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6
+      uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6
       with:
         go-version-file: 'go.mod'
     - name: 🔐 Set AK/SK name based on runner region
@@ -47,7 +47,8 @@ jobs:
         access_key: ${{ secrets[env.OSC_ACCESS_KEY_NAME] }}
         secret_key: ${{ secrets[env.OSC_SECRET_KEY_NAME] }}
         region: ${{ env.OSC_REGION }}
-    - name: 📦 Build and push Docker image 
+        exclude_resource_types: access_key
+    - name: 📦 Build and push Docker image
       run: |
         docker login ${{ vars.REGISTRY }} -u admin -p ${{ secrets.HARBOR_ADMIN_PASSWORD }}
         make buildx-image image-tag image-push
 
@@ -13,7 +13,7 @@ jobs:
   github-sanity-scan:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
     - name: Github sanity scanner
       uses: outscale/github-sanity-scan@main
       with:
 
@@ -13,10 +13,10 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Check the repo
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
         with:
           fetch-depth: 0
-      - uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4
+      - uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5
         with:
           version: v3.18.3
       - name: Docker login
 
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Check the repo
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
       - name: Docker login
         run: docker login -u $DOCKER_USER -p $DOCKER_PASSWORD
         env: