{"id":13527740,"url":"https://github.com/epinio/epinio","last_synced_at":"2026-04-07T20:02:06.016Z","repository":{"id":36950981,"uuid":"311485110","full_name":"epinio/epinio","owner":"epinio","description":"Opinionated platform that runs on Kubernetes, that takes you from App to URL in one step.","archived":false,"fork":false,"pushed_at":"2026-03-30T06:06:43.000Z","size":23498,"stargazers_count":585,"open_issues_count":60,"forks_count":64,"subscribers_count":22,"default_branch":"main","last_synced_at":"2026-03-30T08:26:15.198Z","etag":null,"topics":["hacktoberfest","kubernetes","paas"],"latest_commit_sha":null,"homepage":"https://epinio.io","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/epinio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-11-09T22:51:28.000Z","updated_at":"2026-03-21T15:53:57.000Z","dependencies_parsed_at":"2023-10-11T13:16:13.093Z","dependency_job_id":"1e6cbcfc-068d-4412-9299-404284424679","html_url":"https://github.com/epinio/epinio","commit_stats":null,"previous_names":["suse/carrier"],"tags_count":110,"template":false,"template_full_name":null,"purl":"pkg:github/epinio/epinio","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/epinio%2Fepinio","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/epinio%2Fepinio/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/epinio%2Fepinio/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/epinio%2Fepinio/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/epinio","download_url":"https://codeload.github.com/epinio/epinio/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/epinio%2Fepinio/sbom","scorecard":{"id":379058,"data":{"date":"2025-08-11","repo":{"name":"github.com/epinio/epinio","commit":"81f6d6ad02d997778b406836f6f2a74bfd4e5451"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6.3,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":5,"reason":"Found 1/2 approved changesets -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/add_issue_to_project.yml:1","Warn: no topLevel permission defined: .github/workflows/aks-letsencrypt.yml:1","Warn: no topLevel permission defined: .github/workflows/aks.yml:1","Warn: no topLevel permission defined: .github/workflows/cleanup-images.yml:1","Warn: no topLevel permission defined: .github/workflows/clientsync.yml:1","Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1","Warn: no topLevel permission defined: .github/workflows/container-image-sample-app.yml:1","Warn: no topLevel permission defined: .github/workflows/delete_clusters.yml:1","Warn: no topLevel permission defined: .github/workflows/eks.yml:1","Warn: no topLevel permission defined: .github/workflows/gke-letsencrypt.yml:1","Warn: no topLevel permission defined: .github/workflows/gke-upgrade.yml:1","Warn: no topLevel permission defined: .github/workflows/gke.yml:1","Warn: no topLevel permission defined: .github/workflows/golangci-lint.yml:1","Warn: no topLevel permission defined: .github/workflows/main.yml:1","Warn: no topLevel permission defined: .github/workflows/release-drafter.yml:1","Warn: no topLevel permission defined: .github/workflows/release-publish.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/release-sandbox.yml:25","Info: topLevel 'packages' permission set to 'read': .github/workflows/release-sandbox.yml:26","Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yml:22","Warn: topLevel 'packages' permission set to 'write': .github/workflows/release.yml:23","Warn: no topLevel permission defined: .github/workflows/rke-upgrade.yml:1","Warn: no topLevel permission defined: .github/workflows/rke.yml:1","Warn: no topLevel permission defined: .github/workflows/rke2-lh-ec2.yml:1","Warn: no topLevel permission defined: .github/workflows/unpacker-image.yml:1","Warn: no topLevel permission defined: .github/workflows/update-tests-description.yaml:1","Warn: no topLevel permission defined: .github/workflows/upgrade-bound.yml:1","Warn: no topLevel permission defined: .github/workflows/upgrade.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/container-image-sample-app.yml:18"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Signed-Releases","score":8,"reason":"5 out of the last 5 releases have a total of 5 signed artifacts.","details":["Info: signed release artifact: epinio_1.12.0-rc1_checksums.txt.sig: https://github.com/epinio/epinio/releases/tag/v1.12.0-rc1","Info: signed release artifact: epinio_1.11.0_checksums.txt.sig: https://github.com/epinio/epinio/releases/tag/v1.11.0","Info: signed release artifact: epinio_1.11.0-rc2_checksums.txt.sig: https://github.com/epinio/epinio/releases/tag/v1.11.0-rc2","Info: signed release artifact: epinio_1.11.0-rc1_checksums.txt.sig: https://github.com/epinio/epinio/releases/tag/v1.11.0-rc1","Info: signed release artifact: epinio_1.10.0_checksums.txt.sig: https://github.com/epinio/epinio/releases/tag/v1.10.0","Warn: release artifact v1.12.0-rc1 does not have provenance: https://api.github.com/repos/epinio/epinio/releases/229907635","Warn: release artifact v1.11.0 does not have provenance: https://api.github.com/repos/epinio/epinio/releases/132255695","Warn: release artifact v1.11.0-rc2 does not have provenance: https://api.github.com/repos/epinio/epinio/releases/131885964","Warn: release artifact v1.11.0-rc1 does not have provenance: https://api.github.com/repos/epinio/epinio/releases/129768636","Warn: release artifact v1.10.0 does not have provenance: https://api.github.com/repos/epinio/epinio/releases/122412538"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"SAST","score":9,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 29 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":1,"reason":"dependency not pinned by hash detected -- score normalized to 1","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/add_issue_to_project.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/add_issue_to_project.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/aks-letsencrypt.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks-letsencrypt.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/aks-letsencrypt.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks-letsencrypt.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/aks-letsencrypt.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks-letsencrypt.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/aks-letsencrypt.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks-letsencrypt.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/aks-letsencrypt.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks-letsencrypt.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/aks-letsencrypt.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks-letsencrypt.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/aks-letsencrypt.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks-letsencrypt.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/aks-letsencrypt.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks-letsencrypt.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/aks.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/aks.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/aks.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/aks.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/aks.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/aks.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/aks.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/aks.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/aks.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/cleanup-images.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/cleanup-images.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/cleanup-images.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/cleanup-images.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/clientsync.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/clientsync.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/clientsync.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/clientsync.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/clientsync.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/clientsync.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/clientsync.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/clientsync.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/container-image-sample-app.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/container-image-sample-app.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/container-image-sample-app.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/container-image-sample-app.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/container-image-sample-app.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/container-image-sample-app.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/delete_clusters.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/delete_clusters.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/delete_clusters.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/delete_clusters.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/delete_clusters.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/delete_clusters.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/delete_clusters.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/delete_clusters.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/delete_clusters.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/delete_clusters.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/delete_clusters.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/delete_clusters.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/eks.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/eks.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/eks.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/eks.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/eks.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/eks.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/eks.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/eks.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/eks.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/eks.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/eks.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/eks.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/eks.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/eks.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke-letsencrypt.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-letsencrypt.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke-letsencrypt.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-letsencrypt.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke-letsencrypt.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-letsencrypt.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gke-letsencrypt.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-letsencrypt.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke-letsencrypt.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-letsencrypt.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke-letsencrypt.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-letsencrypt.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gke-letsencrypt.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-letsencrypt.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gke-letsencrypt.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-letsencrypt.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gke-letsencrypt.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-letsencrypt.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke-upgrade.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke-upgrade.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke-upgrade.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-upgrade.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gke-upgrade.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke-upgrade.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke-upgrade.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-upgrade.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gke-upgrade.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-upgrade.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gke-upgrade.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-upgrade.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gke-upgrade.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-upgrade.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gke-upgrade.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gke.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gke.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gke.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gke.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gke.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/gke.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/golangci-lint.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/golangci-lint.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/golangci-lint.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/golangci-lint.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/golangci-lint.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/golangci-lint.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:239: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:245: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:255: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:261: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:293: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:318: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:324: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:334: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:340: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:372: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:582: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:588: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:598: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:604: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:638: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:663: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:669: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:679: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:685: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:719: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:734: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:763: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:766: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:769: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:778: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:787: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:796: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:176: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:182: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:215: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:397: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:403: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:413: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:419: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:451: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:475: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:481: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:491: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:497: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:529: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:558: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-drafter.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release-drafter.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-publish.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release-publish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-publish.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release-publish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-publish.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release-publish.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-publish.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release-publish.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-sandbox.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release-sandbox.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-sandbox.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release-sandbox.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-sandbox.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release-sandbox.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-sandbox.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release-sandbox.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-sandbox.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release-sandbox.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-sandbox.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release-sandbox.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-sandbox.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release-sandbox.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-sandbox.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release-sandbox.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke-upgrade.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke-upgrade.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke-upgrade.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke-upgrade.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/rke-upgrade.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke-upgrade.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke-upgrade.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke-upgrade.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/rke-upgrade.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke-upgrade.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke-upgrade.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/rke-upgrade.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke-upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/rke.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/rke.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke2-lh-ec2.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke2-lh-ec2.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke2-lh-ec2.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke2-lh-ec2.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke2-lh-ec2.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke2-lh-ec2.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/rke2-lh-ec2.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke2-lh-ec2.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke2-lh-ec2.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke2-lh-ec2.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke2-lh-ec2.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke2-lh-ec2.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rke2-lh-ec2.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke2-lh-ec2.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/rke2-lh-ec2.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/rke2-lh-ec2.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unpacker-image.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/unpacker-image.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unpacker-image.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/unpacker-image.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unpacker-image.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/unpacker-image.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unpacker-image.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/unpacker-image.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unpacker-image.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/unpacker-image.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-tests-description.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/update-tests-description.yaml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-tests-description.yaml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/update-tests-description.yaml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade-bound.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/upgrade-bound.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade-bound.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/upgrade-bound.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade-bound.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/upgrade-bound.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/upgrade-bound.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/upgrade-bound.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/upgrade.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/upgrade.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/upgrade.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/upgrade.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/epinio/epinio/upgrade.yml/main?enable=pin","Warn: containerImage not pinned by hash: images/Dockerfile:12","Warn: containerImage not pinned by hash: images/unpacker-Dockerfile:12","Warn: containerImage not pinned by hash: images/unpacker-Dockerfile:15: pin your Docker image by updating registry.suse.com/bci/bci-micro:15.7-44.5 to registry.suse.com/bci/bci-micro:15.7-44.5@sha256:dc93f967243fc60e6ebfd7e77d94e58c5a252ea89b66846b3da2af7ef245ad70","Warn: goCommand not pinned by hash: .github/workflows/golangci-lint.yml:46","Warn: downloadThenRun not pinned by hash: .github/workflows/rke2-lh-ec2.yml:120","Info:   0 out of 114 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  76 third-party GitHubAction dependencies pinned","Info:   0 out of   3 containerImage dependencies pinned","Info:  19 out of  20 goCommand dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-9h84-qmv7-982p","Warn: Project is vulnerable to: GHSA-f9f8-9pmf-xv68"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T14:57:59.651Z","repository_id":36950981,"created_at":"2025-08-18T14:57:59.651Z","updated_at":"2025-08-18T14:57:59.651Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31526666,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-07T16:28:08.000Z","status":"ssl_error","status_checked_at":"2026-04-07T16:28:06.951Z","response_time":105,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest","kubernetes","paas"],"created_at":"2024-08-01T06:01:59.258Z","updated_at":"2026-04-07T20:02:05.994Z","avatar_url":"https://github.com/epinio.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"# Epinio\n\nOpinionated platform that runs on Kubernetes to take you from Code to URL in one step.\n\n[![godoc](https://pkg.go.dev/badge/epinio/epinio)](https://pkg.go.dev/github.com/epinio/epinio/internal/api/v1)\n[![Go Report Card](https://goreportcard.com/badge/github.com/epinio/epinio)](https://goreportcard.com/report/github.com/epinio/epinio)\n[![CI](https://github.com/epinio/epinio/actions/workflows/main.yml/badge.svg)](https://github.com/epinio/epinio/actions/workflows/main.yml)\n[![golangci-lint](https://github.com/epinio/epinio/actions/workflows/golangci-lint.yml/badge.svg)](https://github.com/epinio/epinio/actions/workflows/golangci-lint.yml)\n[![AKS-CI](https://github.com/epinio/epinio/actions/workflows/aks.yml/badge.svg)](https://github.com/epinio/epinio/actions/workflows/aks.yml)\n[![EKS-CI](https://github.com/epinio/epinio/actions/workflows/eks.yml/badge.svg)](https://github.com/epinio/epinio/actions/workflows/eks.yml)\n[![GKE-CI](https://github.com/epinio/epinio/actions/workflows/gke.yml/badge.svg)](https://github.com/epinio/epinio/actions/workflows/gke.yml)\n[![RKE-CI](https://github.com/epinio/epinio/actions/workflows/rke.yml/badge.svg)](https://github.com/epinio/epinio/actions/workflows/rke.yml)\n[![RKE2-EC2-CI](https://github.com/epinio/epinio/actions/workflows/rke2-lh-ec2.yml/badge.svg)](https://github.com/epinio/epinio/actions/workflows/rke2-lh-ec2.yml)\n[![AKS-LETSENCRYPT-CI](https://github.com/epinio/epinio/actions/workflows/aks-letsencrypt.yml/badge.svg)](https://github.com/epinio/epinio/actions/workflows/aks-letsencrypt.yml)\n[![GKE-LETSENCRYPT-CI](https://github.com/epinio/epinio/actions/workflows/gke-letsencrypt.yml/badge.svg)](https://github.com/epinio/epinio/actions/workflows/gke-letsencrypt.yml)\n[![RKE-CI-UPGRADE](https://github.com/epinio/epinio/actions/workflows/rke-upgrade.yml/badge.svg)](https://github.com/epinio/epinio/actions/workflows/rke-upgrade.yml)\n\n\u003cimg src=\"./docs/epinio.png\" align=\"left\" width=\"100\" height=\"50%\"\u003e\n\n## What problem does Epinio solve?\n\nEpinio makes it easy for developers to develop their applications running in Kubernetes clusters. Easy means:\n\n- No experience with Kubernetes is needed\n- No steep learning curve\n- Quick local setup with minimal configuration\n- Deploying to production the same as deploying in development\n\n[Kubernetes](https://kubernetes.io/) is the standard for container orchestration.\nDevelopers may want to use Kubernetes for its benefits or because their Ops team has chosen it.\nIn either case, working with Kubernetes can be complex depending on the environment.\nIt has a steep learning curve and doing it right is a full-time job.\nDevelopers should spend their time working on their applications, not doing operations.\n\nEpinio adds the needed abstractions and tools to allow developers to use Kubernetes as a [PaaS](https://en.wikipedia.org/wiki/Platform_as_a_service).\n\n\n## Documentation\n\nDocumentation is available at [docs.epinio.io](https://docs.epinio.io/).\n\n### Installation\n\nRequires a Kubernetes cluster, an Ingress Controller and a Cert Manager as explained in the [installation](https://docs.epinio.io/installation/install_epinio) documentation.\nOnce this is in place, and leaving out DNS setup, an installation reduces to:\n\n```\nhelm repo add epinio https://epinio.github.io/helm-charts\nhelm repo update\n\nhelm install --namespace epinio --create-namespace epinio epinio/epinio \\\n  --set global.domain=mydomain.example.com\n```\n\n### CLI installation\n\nInstallation of the Epinio CLI is by downloading a binary from the\n[release page](https://github.com/epinio/epinio/releases), or usage of `brew`, i.e.\n\n```\nbrew install epinio\n```\n\nThere is further documentation [here](https://docs.epinio.io/installation/install_epinio_cli).\n\n### Quick Start Tutorial\n\nOur [QuickStart Tutorial](https://docs.epinio.io/tutorials/quickstart) works through how to create a namespace and push an application.\n\n### Reach Us\n\n- Slack: #epinio on [Rancher Users](https://rancher-users.slack.com/)\n- Github: [Discuss](https://github.com/epinio/epinio/discussions/new)\n\n### Contributing\n\n`Epinio` uses [Github Project](https://github.com/epinio/epinio/projects/1) for tracking issues.\n\nFind more information in the [Contribution Guide](./CONTRIBUTING.md).\n\nThe [developer documentation](./docs) explains how to build and run Epinio from a git source checkout.\n\n## Features\n\n- **Security**\n  - TLS secured API server\n  - Basic Authentication to access the API\n  - __or__ OIDC-based token\n- **Epinio Clients**\n  - Web UI\n  - Epinio CLI\n- **Apps**\n  - Push code directly without further tools or steps\n  - Basic operation of your application once pushed\n  - Cloud Native Buildpacks build and containerize your code for you\n- **Configurations**\n  - CRUD operations on your configuration. A configuration can be a database, SaaS etc. A configuration can be an external component or can be created using `epinio configuration`.\n  - Bind configurations to apps.\n\n## Example apps\n\n- Rails: https://github.com/epinio/example-rails\n- Java: https://github.com/spring-projects/spring-petclinic/\n- Paketo Buildpack example apps: https://github.com/paketo-buildpacks/samples\n\n## License\n\nCopyright (c) 2020-2023 [SUSE, LLC](https://suse.com)\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n[http://www.apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0)\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n\n## Breaking Changes \u0026 Migrations\n\n### 1.12 to 1.13\n\nEpinio 1.13 rehomes configurations for the staging workloads to a more standardized format that supports a larger variety of configs.  These are no longer configured directly on the Epinio container via ENV variables or through Viper CLI flags but rather read from an in-cluster ConfigMap at staging time.\n\nTo summarize, version 1.12 referenced the following ENV variables:\n\n```bash\nSTAGING_SERVICE_ACCOUNT_NAME\nSTAGING_RESOURCE_CPU\nSTAGING_RESOURCE_MEMORY\nSTAGING_RESOURCE_DISK\n```\n\nThese ENV variables were configured directly by the Helm Chart in the deployment's `env` section.  This is no longer the case as we push in the direction of improving configurability of these staging workloads.  These configurations are now more expansive, including resource requests vs. limits, node tolerations, affinity criteria, etc.  And as such, the ENV approach to this would become unruly as capabilities grew.  Instead, we are conforming more closely to how Kubernetes would structure these configs directly in the Job YAML.  These configurations are now read in from chart values into the stage script ConfigMaps.  The contents of this ConfigMap, as far as the Epinio Server is concerned, would resemble the following (with examples):\n\n```yaml\nserviceAccountName: \"epinio-server\"\nttlSecondsAfterFinished: 300\nresources:\n  requests:\n    cpu: \"200m\"\n    memory: \"1Gi\"\n  # limits:\n  #   cpu: \"\"\n  #   memory: \"\"\nstorage:\n  cache:\n    emptyDir: false\n    size: 1Gi\n    storageClassName: \"\"\n    volumeMode: Filesystem\n    accessModes:\n    - ReadWriteOnce\n  sourceBlobs:\n    emptyDir: true\n    # size: 1Gi\n    # storageClassName: \"\"\n    # volumeMode: Filesystem\n    # accessModes:\n    # - ReadWriteOnce\nnodeSelector: {}\n  # kubernetes.io/os: linux\naffinity: {}\n  # nodeAffinity:\n  #   requiredDuringSchedulingIgnoredDuringExecution:\n  #     nodeSelectorTerms:\n  #     - matchExpressions:\n  #       - key: kubernetes.io/os\n  #         operator: In\n  #         values:\n  #         - linux\ntolerations: []\n  # - key: \"kubernetes.io/os\"\n  #   operator: \"Equal\"\n  #   value: \"linux\"\n  #   effect: \"NoSchedule\"\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fepinio%2Fepinio","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fepinio%2Fepinio","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fepinio%2Fepinio/lists"}