Adoptium request for Allstar Github App installation
Summary
Please install the OSSF Allstar GitHub App for the Adoptium GitHub org.
Description
Adoptium wish to use the Open Source Security Foundation Allstar tool to specify and enforce security policies our GitHub organization. This requires installing the OSSF Allstar GitHub App.
The Allstar app follows configuration, which we specify in the Adoptium .github
repository.
The configuration is written (by us) to follow a repository opt-in policy, so we request that the App is installed for "All Repositories" under Repository Access, even if we don't plan to use Allstar on all our repositories at this point.
Any issues that are flagged that require GitHub configuration will be raised back to EF Infra for actioning (until OtterDog arrives!)
Priority
-
Urgent -
High -
Medium -
Low
Impact
We won't have a monitor checking out sec dev position on GitHub.