all: children: zuul_unreachable: hosts: {} hosts: ubuntu-noble: ansible_connection: ssh ansible_host: 199.204.45.229 ansible_port: 22 ansible_python_interpreter: auto ansible_user: zuul nodepool: az: nova cloud: public external_id: 94877304-6dff-4f49-837b-7114b58395ad host_id: fe6a549c934f5f67345b1bd07db2b4711c0ee4717d98054273574436 interface_ip: 199.204.45.229 label: ubuntu-noble node_properties: {} private_ipv4: 199.204.45.229 private_ipv6: null provider: yul1 public_ipv4: 199.204.45.229 public_ipv6: 2604:e100:1:0:f816:3eff:feed:fa46 region: ca-ymq-1 slot: null zuul_node: az: nova cloud: public external_id: 94877304-6dff-4f49-837b-7114b58395ad host_id: fe6a549c934f5f67345b1bd07db2b4711c0ee4717d98054273574436 interface_ip: 199.204.45.229 label: ubuntu-noble node_properties: {} private_ipv4: 199.204.45.229 private_ipv6: null provider: yul1 public_ipv4: 199.204.45.229 public_ipv6: 2604:e100:1:0:f816:3eff:feed:fa46 region: ca-ymq-1 slot: null uuid: null vars: zuul: _inheritance_path: - '' - '' - '' ansible_version: '9' attempts: 1 branch: main build: b4a3fc97d8c54030b24a2756439f5e85 build_refs: - branch: main change: '93' change_message: '[StepSecurity] Apply security best practices ## Summary This pull request has been generated by [StepSecurity](https://app.stepsecurity.io/github/vexxhost/actions/dashboard) as part of your enterprise subscription to ensure compliance with recommended security best practices. Please review and merge the pull request to apply these security enhancements. ## Security Fixes ### Harden Runner Harden-Runner is an open-source security agent for the GitHub-hosted runner to prevent software supply chain attacks. It prevents exfiltration of credentials, detects tampering of source code during build, and enables running jobs without sudo access. - [GitHub Security Guide](https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions) - [The Open Source Security Foundation (OpenSSF) Security Guide](https://github.com/ossf/scorecard/blob/main/docs/checks.md#dangerous-workflow) ## Feedback For bug reports, feature requests, and general feedback; please create an issue in [step-security/secure-repo](https://github.com/step-security/secure-repo) or contact us via [our website](https://www.stepsecurity.io/). ' change_url: https://github.com/vexxhost/ansible-collection-ceph/pull/93 commit_id: 1914c4bfab377e345a3bd4dad961f08a8bd76fda patchset: 1914c4bfab377e345a3bd4dad961f08a8bd76fda project: canonical_hostname: github.com canonical_name: github.com/vexxhost/ansible-collection-ceph name: vexxhost/ansible-collection-ceph short_name: ansible-collection-ceph src_dir: src/github.com/vexxhost/ansible-collection-ceph src_dir: src/github.com/vexxhost/ansible-collection-ceph topic: null buildset: b317d8b4898e453a85a64ca446c76273 buildset_refs: - branch: main change: '93' change_message: '[StepSecurity] Apply security best practices ## Summary This pull request has been generated by [StepSecurity](https://app.stepsecurity.io/github/vexxhost/actions/dashboard) as part of your enterprise subscription to ensure compliance with recommended security best practices. Please review and merge the pull request to apply these security enhancements. ## Security Fixes ### Harden Runner Harden-Runner is an open-source security agent for the GitHub-hosted runner to prevent software supply chain attacks. It prevents exfiltration of credentials, detects tampering of source code during build, and enables running jobs without sudo access. - [GitHub Security Guide](https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions) - [The Open Source Security Foundation (OpenSSF) Security Guide](https://github.com/ossf/scorecard/blob/main/docs/checks.md#dangerous-workflow) ## Feedback For bug reports, feature requests, and general feedback; please create an issue in [step-security/secure-repo](https://github.com/step-security/secure-repo) or contact us via [our website](https://www.stepsecurity.io/). ' change_url: https://github.com/vexxhost/ansible-collection-ceph/pull/93 commit_id: 1914c4bfab377e345a3bd4dad961f08a8bd76fda patchset: 1914c4bfab377e345a3bd4dad961f08a8bd76fda project: canonical_hostname: github.com canonical_name: github.com/vexxhost/ansible-collection-ceph name: vexxhost/ansible-collection-ceph short_name: ansible-collection-ceph src_dir: src/github.com/vexxhost/ansible-collection-ceph src_dir: src/github.com/vexxhost/ansible-collection-ceph topic: null change: '93' change_message: '[StepSecurity] Apply security best practices ## Summary This pull request has been generated by [StepSecurity](https://app.stepsecurity.io/github/vexxhost/actions/dashboard) as part of your enterprise subscription to ensure compliance with recommended security best practices. Please review and merge the pull request to apply these security enhancements. ## Security Fixes ### Harden Runner Harden-Runner is an open-source security agent for the GitHub-hosted runner to prevent software supply chain attacks. It prevents exfiltration of credentials, detects tampering of source code during build, and enables running jobs without sudo access. - [GitHub Security Guide](https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions) - [The Open Source Security Foundation (OpenSSF) Security Guide](https://github.com/ossf/scorecard/blob/main/docs/checks.md#dangerous-workflow) ## Feedback For bug reports, feature requests, and general feedback; please create an issue in [step-security/secure-repo](https://github.com/step-security/secure-repo) or contact us via [our website](https://www.stepsecurity.io/). ' change_url: https://github.com/vexxhost/ansible-collection-ceph/pull/93 child_jobs: [] commit_id: 1914c4bfab377e345a3bd4dad961f08a8bd76fda event_id: 6c11fb90-18ae-11f1-8dd1-418c053b88bb executor: hostname: 0a8996d2b663 inventory_file: /var/lib/zuul/builds/b4a3fc97d8c54030b24a2756439f5e85/ansible/inventory.yaml log_root: /var/lib/zuul/builds/b4a3fc97d8c54030b24a2756439f5e85/work/logs result_data_file: /var/lib/zuul/builds/b4a3fc97d8c54030b24a2756439f5e85/work/results.json src_root: /var/lib/zuul/builds/b4a3fc97d8c54030b24a2756439f5e85/work/src work_root: /var/lib/zuul/builds/b4a3fc97d8c54030b24a2756439f5e85/work include_vars: [] items: - branch: main change: '93' change_message: '[StepSecurity] Apply security best practices ## Summary This pull request has been generated by [StepSecurity](https://app.stepsecurity.io/github/vexxhost/actions/dashboard) as part of your enterprise subscription to ensure compliance with recommended security best practices. Please review and merge the pull request to apply these security enhancements. ## Security Fixes ### Harden Runner Harden-Runner is an open-source security agent for the GitHub-hosted runner to prevent software supply chain attacks. It prevents exfiltration of credentials, detects tampering of source code during build, and enables running jobs without sudo access. - [GitHub Security Guide](https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions) - [The Open Source Security Foundation (OpenSSF) Security Guide](https://github.com/ossf/scorecard/blob/main/docs/checks.md#dangerous-workflow) ## Feedback For bug reports, feature requests, and general feedback; please create an issue in [step-security/secure-repo](https://github.com/step-security/secure-repo) or contact us via [our website](https://www.stepsecurity.io/). ' change_url: https://github.com/vexxhost/ansible-collection-ceph/pull/93 commit_id: 1914c4bfab377e345a3bd4dad961f08a8bd76fda patchset: 1914c4bfab377e345a3bd4dad961f08a8bd76fda project: canonical_hostname: github.com canonical_name: github.com/vexxhost/ansible-collection-ceph name: vexxhost/ansible-collection-ceph short_name: ansible-collection-ceph src_dir: src/github.com/vexxhost/ansible-collection-ceph topic: null job: ansible-test jobtags: [] max_attempts: 3 message: W1N0ZXBTZWN1cml0eV0gQXBwbHkgc2VjdXJpdHkgYmVzdCBwcmFjdGljZXMKCiMjIFN1bW1hcnkKClRoaXMgcHVsbCByZXF1ZXN0IGhhcyBiZWVuIGdlbmVyYXRlZCBieSBbU3RlcFNlY3VyaXR5XShodHRwczovL2FwcC5zdGVwc2VjdXJpdHkuaW8vZ2l0aHViL3ZleHhob3N0L2FjdGlvbnMvZGFzaGJvYXJkKSBhcyBwYXJ0IG9mIHlvdXIgZW50ZXJwcmlzZSBzdWJzY3JpcHRpb24gdG8gZW5zdXJlIGNvbXBsaWFuY2Ugd2l0aCByZWNvbW1lbmRlZCBzZWN1cml0eSBiZXN0IHByYWN0aWNlcy4gUGxlYXNlIHJldmlldyBhbmQgbWVyZ2UgdGhlIHB1bGwgcmVxdWVzdCB0byBhcHBseSB0aGVzZSBzZWN1cml0eSBlbmhhbmNlbWVudHMuCgojIyBTZWN1cml0eSBGaXhlcwoKIyMjIEhhcmRlbiBSdW5uZXIKCkhhcmRlbi1SdW5uZXIgaXMgYW4gb3Blbi1zb3VyY2Ugc2VjdXJpdHkgYWdlbnQgZm9yIHRoZSBHaXRIdWItaG9zdGVkIHJ1bm5lciB0byBwcmV2ZW50IHNvZnR3YXJlIHN1cHBseSBjaGFpbiBhdHRhY2tzLiBJdCBwcmV2ZW50cyBleGZpbHRyYXRpb24gb2YgY3JlZGVudGlhbHMsIGRldGVjdHMgdGFtcGVyaW5nIG9mIHNvdXJjZSBjb2RlIGR1cmluZyBidWlsZCwgYW5kIGVuYWJsZXMgcnVubmluZyBqb2JzIHdpdGhvdXQgc3VkbyBhY2Nlc3MuCgotIFtHaXRIdWIgU2VjdXJpdHkgR3VpZGVdKGh0dHBzOi8vZG9jcy5naXRodWIuY29tL2VuL2FjdGlvbnMvc2VjdXJpdHktZm9yLWdpdGh1Yi1hY3Rpb25zL3NlY3VyaXR5LWd1aWRlcy9zZWN1cml0eS1oYXJkZW5pbmctZm9yLWdpdGh1Yi1hY3Rpb25zKQotIFtUaGUgT3BlbiBTb3VyY2UgU2VjdXJpdHkgRm91bmRhdGlvbiAoT3BlblNTRikgU2VjdXJpdHkgR3VpZGVdKGh0dHBzOi8vZ2l0aHViLmNvbS9vc3NmL3Njb3JlY2FyZC9ibG9iL21haW4vZG9jcy9jaGVja3MubWQjZGFuZ2Vyb3VzLXdvcmtmbG93KQoKCiMjIEZlZWRiYWNrCkZvciBidWcgcmVwb3J0cywgZmVhdHVyZSByZXF1ZXN0cywgYW5kIGdlbmVyYWwgZmVlZGJhY2s7IHBsZWFzZSBjcmVhdGUgYW4gaXNzdWUgaW4gW3N0ZXAtc2VjdXJpdHkvc2VjdXJlLXJlcG9dKGh0dHBzOi8vZ2l0aHViLmNvbS9zdGVwLXNlY3VyaXR5L3NlY3VyZS1yZXBvKSBvciBjb250YWN0IHVzIHZpYSBbb3VyIHdlYnNpdGVdKGh0dHBzOi8vd3d3LnN0ZXBzZWN1cml0eS5pby8pLgoKCg== patchset: 1914c4bfab377e345a3bd4dad961f08a8bd76fda pipeline: check playbook_context: playbook_projects: trusted/project_0/github.com/vexxhost/zuul-config: canonical_name: github.com/vexxhost/zuul-config checkout: main commit: 9052b5a7781b3346e4cffd452a54448cbff54d8b trusted/project_1/opendev.org/zuul/zuul-jobs: canonical_name: opendev.org/zuul/zuul-jobs checkout: master commit: 571c0efa3491d12ecb8fc1169c510716d55c0fc2 trusted/project_2/github.com/vexxhost/zuul-jobs: canonical_name: github.com/vexxhost/zuul-jobs checkout: main commit: a6e68243e02ef030ce5e75f8b67630880c475f33 untrusted/project_0/github.com/vexxhost/zuul-jobs: canonical_name: github.com/vexxhost/zuul-jobs checkout: main commit: a6e68243e02ef030ce5e75f8b67630880c475f33 untrusted/project_1/github.com/vexxhost/zuul-config: canonical_name: github.com/vexxhost/zuul-config checkout: main commit: 9052b5a7781b3346e4cffd452a54448cbff54d8b untrusted/project_2/opendev.org/zuul/zuul-jobs: canonical_name: opendev.org/zuul/zuul-jobs checkout: master commit: 571c0efa3491d12ecb8fc1169c510716d55c0fc2 playbooks: - path: untrusted/project_0/github.com/vexxhost/zuul-jobs/playbooks/ansible-test/run.yaml roles: - checkout: master checkout_description: project default branch link_name: ansible/playbook_0/role_1/zuul-jobs link_target: untrusted/project_2/opendev.org/zuul/zuul-jobs role_path: ansible/playbook_0/role_1/zuul-jobs/roles - checkout: main checkout_description: playbook branch link_name: ansible/playbook_0/role_2/zuul-jobs link_target: untrusted/project_0/github.com/vexxhost/zuul-jobs role_path: ansible/playbook_0/role_2/zuul-jobs/roles post_playbooks: - path: trusted/project_0/github.com/vexxhost/zuul-config/playbooks/base/post.yaml roles: - checkout: master checkout_description: project default branch link_name: ansible/post_playbook_0/role_1/zuul-jobs link_target: trusted/project_1/opendev.org/zuul/zuul-jobs role_path: ansible/post_playbook_0/role_1/zuul-jobs/roles - checkout: main checkout_description: zuul branch link_name: ansible/post_playbook_0/role_2/zuul-jobs link_target: trusted/project_2/github.com/vexxhost/zuul-jobs role_path: ansible/post_playbook_0/role_2/zuul-jobs/roles - path: trusted/project_0/github.com/vexxhost/zuul-config/playbooks/base/post-logs.yaml roles: - checkout: master checkout_description: project default branch link_name: ansible/post_playbook_1/role_1/zuul-jobs link_target: trusted/project_1/opendev.org/zuul/zuul-jobs role_path: ansible/post_playbook_1/role_1/zuul-jobs/roles - checkout: main checkout_description: zuul branch link_name: ansible/post_playbook_1/role_2/zuul-jobs link_target: trusted/project_2/github.com/vexxhost/zuul-jobs role_path: ansible/post_playbook_1/role_2/zuul-jobs/roles pre_playbooks: - path: trusted/project_0/github.com/vexxhost/zuul-config/playbooks/base/pre.yaml roles: - checkout: master checkout_description: project default branch link_name: ansible/pre_playbook_0/role_1/zuul-jobs link_target: trusted/project_1/opendev.org/zuul/zuul-jobs role_path: ansible/pre_playbook_0/role_1/zuul-jobs/roles - checkout: main checkout_description: zuul branch link_name: ansible/pre_playbook_0/role_2/zuul-jobs link_target: trusted/project_2/github.com/vexxhost/zuul-jobs role_path: ansible/pre_playbook_0/role_2/zuul-jobs/roles - path: untrusted/project_0/github.com/vexxhost/zuul-jobs/playbooks/ansible-test/pre.yaml roles: - checkout: master checkout_description: project default branch link_name: ansible/pre_playbook_1/role_1/zuul-jobs link_target: untrusted/project_2/opendev.org/zuul/zuul-jobs role_path: ansible/pre_playbook_1/role_1/zuul-jobs/roles - checkout: main checkout_description: playbook branch link_name: ansible/pre_playbook_1/role_2/zuul-jobs link_target: untrusted/project_0/github.com/vexxhost/zuul-jobs role_path: ansible/pre_playbook_1/role_2/zuul-jobs/roles post_review: false post_timeout: null pre_timeout: null project: canonical_hostname: github.com canonical_name: github.com/vexxhost/ansible-collection-ceph name: vexxhost/ansible-collection-ceph short_name: ansible-collection-ceph src_dir: src/github.com/vexxhost/ansible-collection-ceph projects: github.com/vexxhost/ansible-collection-ceph: canonical_hostname: github.com canonical_name: github.com/vexxhost/ansible-collection-ceph checkout: main checkout_description: zuul branch commit: f7e5f1acf920e91820a0fdd075f6fb2e32fef34d name: vexxhost/ansible-collection-ceph required: false short_name: ansible-collection-ceph src_dir: src/github.com/vexxhost/ansible-collection-ceph ref: refs/pull/93/head resources: {} tenant: oss timeout: 1800 topic: null voting: true