Merge pull request #46 from entur/docs/update-examples

docs: cleaned up docs for v2
entur · Oct 15, 2024 · 778ee1e · 778ee1e
2 parents d20d722 + a533441
commit 778ee1e
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 8 deletions.
diff --git a/.github/workflows/code-scan.yml b/.github/workflows/code-scan.yml
@@ -143,7 +143,7 @@ jobs:
  category: 'scan-results'
 
  get-repository-languages:
- if: github.event_name == 'pull_request' || (github.event_name == 'push' && needs.upload-scan-reports-from-matching-pr.outputs.skip_job_and_continue_scan == 'True')
+ if: needs.upload-scan-reports-from-matching-pr.outputs.skip_job_and_continue_scan == 'True'
  runs-on: ubuntu-latest
  needs: upload-scan-reports-from-matching-pr
  outputs: 

diff --git a/README-code-scan.md b/README-code-scan.md
@@ -41,13 +41,15 @@ on:
  push:
  branches:
  - main
+ paths-ignore:
+ - '**/README.md'
  schedule:
  - cron: "0 3 * * MON"
  
 jobs:
  code-scan:
  name: Code Scan
- uses: entur/gha-security/.github/workflows/code-scan.yml@v1
+ uses: entur/gha-security/.github/workflows/code-scan.yml@v2
  secrets: inherit
 ```
 
@@ -73,7 +75,7 @@ name: "CodeQL"
 jobs:
  code-scan:
  name: Code Scan
- uses: entur/gha-security/.github/workflows/code-scan.yml@v1
+ uses: entur/gha-security/.github/workflows/code-scan.yml@v2
  secrets: inherit
  with:
  use_setup_gradle: true
@@ -145,7 +147,7 @@ The OPTIONAL `allowlist` field MUST be a list of vulnerabilities that you want t
 #### Example
 
 ```yaml
-apiVersion: entur.io/v1alpha1
+apiVersion: entur.io/securitytools/v1
 kind: CodeScanConfig
 metadata:
  id: myprojectconfig

diff --git a/README-docker-scan.md b/README-docker-scan.md
@@ -8,7 +8,7 @@ Add the following step to your workflow configuration:
 jobs:
  docker-scan:
  name: Docker Scan
- uses: entur/gha-security/.github/workflows/docker-scan.yml@v1
+ uses: entur/gha-security/.github/workflows/docker-scan.yml@v2
  with:
  image_artifact: # The name of the image artifact to scan
 
@@ -29,7 +29,7 @@ Go to the _Actions_ tab in your repository, click on _New workflow_ and select t
 
 ## Golden Path
 
-- Docker image must be built before being scanned, preferably using reusable workflow `entur/gha-docker/.github/workflows/build.yml@v1`.
+- Docker image must be built before being scanned, preferably using reusable workflow `entur/gha-docker/.github/workflows/build.yml@v2`.
 
 ### Example
 
@@ -53,6 +53,8 @@ on:
  pull_request:
  branches:
  - "main"
+ ignore-paths:
+ - '**\README.md'
 
 jobs:
  docker-lint:
@@ -104,7 +106,7 @@ You can find documentation on how to create a fine-grained access token [here](h
 jobs:
  docker-scan:
  needs: docker-build
- uses: entur/gha-security/.github/workflows/docker-scan.yml@v1
+ uses: entur/gha-security/.github/workflows/docker-scan.yml@v2
  with:
  image_artifact: ${{ needs.docker-build.outputs.image_artifact }}
  secrets:
@@ -154,7 +156,7 @@ The OPTIONAL `allowlist` field MUST be a list of vulnerabilities that you want t
 #### Example
 
 ```yaml
-apiVersion: entur.io/v1alpha1
+apiVersion: entur.io/securitytools/v1
 kind: DockerScanConfig
 metadata:
  id: myprojectconfig