diff --git a/.github/workflows/build-in-devcontainer.yaml b/.github/workflows/build-in-devcontainer.yaml index 1dc2c197..3dba8995 100644 --- a/.github/workflows/build-in-devcontainer.yaml +++ b/.github/workflows/build-in-devcontainer.yaml @@ -159,11 +159,7 @@ jobs: AWS_ACCESS_KEY_ID=${{ env.AWS_ACCESS_KEY_ID }} AWS_SESSION_TOKEN=${{ env.AWS_SESSION_TOKEN }} AWS_SECRET_ACCESS_KEY=${{ env.AWS_SECRET_ACCESS_KEY }} - RAPIDS_AUX_SECRET_1=${{ - inputs.rapids-aux-secret-1 != '' - && secrets[inputs.rapids-aux-secret-1] # zizmor: ignore[overprovisioned-secrets] - || '' - }} + RAPIDS_AUX_SECRET_1=${{ inputs.rapids-aux-secret-1 != '' && secrets[inputs.rapids-aux-secret-1] || '' }} TRACEPARENT=${{ env.TRACEPARENT }} OTEL_SERVICE_NAME=${{ env.OTEL_SERVICE_NAME }} OTEL_EXPORTER_OTLP_ENDPOINT=${{ env.OTEL_EXPORTER_OTLP_ENDPOINT }} @@ -177,10 +173,10 @@ jobs: || test -n '${{ inputs.extra-repo-deploy-key-2 }}'; then if ! pgrep ssh-agent >/dev/null 2>&1; then eval "$(ssh-agent -s)"; fi; if test -n '${{ inputs.extra-repo-deploy-key }}'; then - ssh-add - <<< '${{ secrets[inputs.extra-repo-deploy-key] }}'; # zizmor: ignore[overprovisioned-secrets] + ssh-add - <<< '${{ secrets[inputs.extra-repo-deploy-key] }}'; fi if test -n '${{ inputs.extra-repo-deploy-key-2 }}'; then - ssh-add - <<< '${{ secrets[inputs.extra-repo-deploy-key-2] }}'; # zizmor: ignore[overprovisioned-secrets] + ssh-add - <<< '${{ secrets[inputs.extra-repo-deploy-key-2] }}'; fi devcontainer-utils-init-ssh-deploy-keys || true; fi diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 528ee5d4..6769c454 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -31,3 +31,7 @@ repos: hooks: # Run the linter. - id: zizmor + exclude: | + (?x)^( + .github/workflows/build-in-devcontainer.yaml + )$