greentic-deployer 0.5.21

Greentic deployer runtime for plan construction and deployment-pack dispatch
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

name: Codex Security Fix
on:
  schedule:
    # 04:21 UTC — staggered to avoid hot-spots.
    - cron: "14 3 * * *"
  workflow_dispatch:
    inputs:
      branch:
        description: "Branch to scan and patch (only for manual run)"
        required: false
        default: ""
      max_alerts:
        description: "Maximum open alerts per source to include"
        required: true
        default: "20"
permissions:
  contents: write
  pull-requests: write
  security-events: read

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  security-fix:
    # Do not run on fork PRs to avoid passing untrusted refs into privileged remediation workflows.
    if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
    uses: greenticai/.github/.github/workflows/codex-security-fix.yml@main
    with:
      branch: ${{ github.event.inputs.branch || '' }}
      max_alerts: ${{ github.event.inputs.max_alerts || '20' }}
    secrets: inherit