Skip to content

Workflow CI/CD rework #328

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
Sep 3, 2025
Merged

Workflow CI/CD rework #328

merged 8 commits into from
Sep 3, 2025

Conversation

dheerajoruganty
Copy link
Contributor

Amazon Bedrock AgentCore Samples Pull Request

Important

  1. We strictly follow a issue-first approach, please first open an issue relating to this Pull Request.
  2. Once this Pull Request is ready for review please attach review ready label to it. Only PRs with review ready will be reviewed.

Concise description of the PR

Updated workflows to include 2 step process and an automated security scanning monthly and on every merge.

Changes to ..., because ...

User experience

Please share what the user experience looks like before and after this change

Checklist

If your change doesn't seem to apply, please leave them unchecked.

  • I have reviewed the contributing guidelines
  • Add your name to CONTRIBUTORS.md
  • Have you checked to ensure there aren't other open Pull Requests for the same update/change?
  • Are you uploading a dataset?
  • Have you documented Introduction, Architecture Diagram, Prerequisites, Usage, Sample Prompts, and Clean Up steps in your example README?
  • I agree to resolve any issues created for this example in the future.
  • I have performed a self-review of this change
  • Changes have been tested
  • Changes are documented

Acknowledgment

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of the project license.

dheerajoruganty and others added 8 commits August 26, 2025 22:20
@dheerajoruganty
Add Ash, Dependabot, Lint check workflows for Pull Requests
0acb5f4
@dheerajoruganty
Fix ASH workflow: Use pip install and direct ash command
e0c8a04 
Based on official ASH documentation, the correct approach is:
1. Install ASH using pip (not uv tool)
2. Run ash command directly (not via uv tool run)

This follows the GitHub Actions example from the ASH documentation.
@dheerajoruganty
Fix ASH workflow: Install scanner dependencies manually
ea63ccb 
- Install bandit, semgrep, detect-secrets, checkov via pip
- This ensures scanners run instead of being SKIPPED due to missing uv
@dheerajoruganty
Update ASH security scan workflow with container mode and improved co…
67350fb 
…mment management
@dheerajoruganty
Configure ASH container to show all security findings instead of limi…
9fcb400 
…ting to 20
@dheerajoruganty
Merge branch 'awslabs:main' into main
f93e6bc
@dheerajoruganty
Modify workflows to comment on runs
d8012ba
@dheerajoruganty
Remove unused .ash.yaml configuration file
2f25444 
The ASH workflows create their own inline configurations and do not use this root config file
@EashanKaushik EashanKaushik merged commit c757b7f into awslabs:main Sep 3, 2025
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@EashanKaushik EashanKaushik EashanKaushik approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dheerajoruganty @EashanKaushik