{"id":19887953,"url":"https://github.com/grbnb/random-workflow-cron","last_synced_at":"2026-03-03T00:40:06.648Z","repository":{"id":171084797,"uuid":"627253675","full_name":"grbnb/random-workflow-cron","owner":"grbnb","description":"Generate a random cron expression based on the current time and specified number of intervals","archived":false,"fork":false,"pushed_at":"2025-05-29T01:51:18.000Z","size":113,"stargazers_count":5,"open_issues_count":0,"forks_count":3,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-02-21T04:04:38.104Z","etag":null,"topics":["actions","cron","github-actions","random","workflows"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/grbnb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-04-13T05:02:35.000Z","updated_at":"2025-11-04T08:07:54.000Z","dependencies_parsed_at":null,"dependency_job_id":"02ae972d-dafd-48ce-a1fb-f9e47620a9f0","html_url":"https://github.com/grbnb/random-workflow-cron","commit_stats":null,"previous_names":["grbnb/random-workflow-cron"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/grbnb/random-workflow-cron","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grbnb%2Frandom-workflow-cron","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grbnb%2Frandom-workflow-cron/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grbnb%2Frandom-workflow-cron/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grbnb%2Frandom-workflow-cron/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/grbnb","download_url":"https://codeload.github.com/grbnb/random-workflow-cron/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grbnb%2Frandom-workflow-cron/sbom","scorecard":{"id":444218,"data":{"date":"2025-08-11","repo":{"name":"github.com/grbnb/random-workflow-cron","commit":"7761f392c78a2e9fae8daee4d1d3931e6782bc72"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.7,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/5 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Info: Possibly incomplete results: error parsing shell code: not a valid arithmetic operator: ${: cron.sh:0","Warn: third-party GitHubAction not pinned by hash: .github/workflows/cron-test.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/grbnb/random-workflow-cron/cron-test.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/grbnb/random-workflow-cron/test.yml/main?enable=pin","Info:   0 out of   1 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'contents' permission set to 'write': .github/workflows/test.yml:18","Warn: no topLevel permission defined: .github/workflows/cron-test.yml:1","Warn: no topLevel permission defined: .github/workflows/test.yml:1"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":3,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Warn: branch 'main' does not require approvers","Warn: codeowners review is not required on branch 'main'","Warn: no status checks found to merge onto branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-19T06:17:29.813Z","repository_id":171084797,"created_at":"2025-08-19T06:17:29.813Z","updated_at":"2025-08-19T06:17:29.813Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30027654,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-03T00:31:48.536Z","status":"ssl_error","status_checked_at":"2026-03-03T00:30:56.176Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["actions","cron","github-actions","random","workflows"],"created_at":"2024-11-12T18:05:31.518Z","updated_at":"2026-03-03T00:40:06.626Z","avatar_url":"https://github.com/grbnb.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GitHub Action for workflow cron\n\n[README](README.md) | [中文文档](README_zh.md)\n\nThe GitHub Actions for pushing to GitHub repository workflows cron changes authorizing using GitHub token.\n\nWith ease:\n\n- Used for GitHub actions workflow with irregular scheduling and running\n- Automatically generate random cron expressions, only for `hour` and `minute` random generation\n\n## Usage\n\n### Example Workflow file\n\nRandomly modify the `cron` expression under the `schedule` in the current branch workflow file (modify oneself), and keep the historical commit message of files except for workflow files:\n\n```yaml\nname: 'random-cron'\n\non:\n  schedule:\n    - cron: '0 0 */17 * *'\n  workflow_dispatch:\n\njobs:\n  build:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Random Cron\n        uses: grbnb/random-workflow-cron@v2\n        with:\n          github_token: ${{ secrets.PAT }}\n          keep_history: true\n```\n\nRandomly modify the `cron` under the `schedule` in the `dev` workflow file `ci. yml` of other branches in the current warehouse (modifying other files): [Not recommended], and keep the historical commit message of files except for workflow files:\n\n```yaml\nname: 'random-cron'\n\non:\n  schedule:\n    - cron: '0 0 */17 * *'\n  workflow_dispatch:\n\njobs:\n  build:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Random Cron\n        uses: grbnb/random-workflow-cron@v2\n        with:\n          workflow_name: \".github/workflows/ci.yml\"\n          github_token: ${{ secrets.PAT }}\n          ref_branch: dev\n          keep_history: true\n```\n\nSet the random hour range to `1-21` [UTC+8 time zone], running only 7 times a day every 15 days, but not immediately pushing and commit to the repository. This means that there are push operations in the steps after the workflow file, avoiding multiple push operations!!!\n\n```yml\nname: 'random-cron'\n\non:\n  schedule:\n    - cron: '0 0 */17 * *'\n  workflow_dispatch:\n\njobs:\n  build:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Checkout\n        uses: actions/checkout@v4\n        with:\n          token: ${{ secrets.PAT }}\n          fetch-depth: 2\n      \n      - name: Random Cron\n        uses: grbnb/random-workflow-cron@v1\n        with:\n          push_switch: false\n          time_zone: \"UTC+8\"\n          hour_start: 1\n          hour_end: 21\n          interval_count: 7\n          cron_dmw: \"*/15 * *\"\n```\n\n### Inputs\n\n| name   | value | default | description |\n|--------| ----- | ------- |-------------|\n| workflow_name | string | `${{ github.workflow_ref }}` | The modified workflow file name path \u003cbr /\u003e defaults to the current workflow path \u003cbr /\u003e e.g. `.github/workflow/cron.yml` |\n| push_switch | boolean | true | The modified workflow_file push or not at once |\n| github_token | string  | `${{ github.token }}` | The GitHub PAT key with at least `repo` and `workflow` permissions\u003cbr /\u003e [Personal Access Token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token). |\n| repository | string | `${{ github.repository }}` | Repository name. \u003cbr /\u003e The default is the current github repository \u003cbr /\u003e If you want to push to other repository, \u003cbr /\u003e you should make a [personal access token](https://github.com/settings/tokens) \u003cbr /\u003e and use it as the `github_token` input. |\n| ref_branch | string | `${{ github.ref_name }}` | The modified workflow_file push to destination branch |\n| keep_history | boolean | false | Keep except workflow_file history commit message outside of the file |\n| author | string | `github-actions[bot] \u003cgithub-actions[bot]@users.noreply.github.com\u003e` | Author name and email address as `Display Name \u003cjoe@foo.bar\u003e` (defaults to the GitHub Actions bot user) |\n| time_zone | string | `UTC+0` | The time zone of the user's region, with a range of `UTC±12`, automatically rounded down e.g. UTC+3.5 =\u003e UTC+3 |\n| hour_start | number | 0 | Define the intervals start hour |\n| hour_end | number | 23 | Define the intervals end hour |\n| interval_count | number | 2 | Number of intervals to divide the day into, the number of runs per day |\n| cron_dmw | string | `\"* * *\"` | Custom `Cron` DayofMonth Month DayofWeek |\n\n## Troubleshooting\n\n```log\n ! [remote rejected] dev -\u003e dev (refusing to allow a GitHub App to create or update workflow `.github/workflows/xxxx.yml` without `workflows` permission)\nerror: failed to push some refs to 'https://github.com/xxx/xxxx.git'\nError: Process completed with exit code 1.\n```\n\nDue to the involvement of modifying and pushing workflow files, the default `GITHUB_TOKEN` doesn't have corresponding permissions. Please be sure to `settings` -\u003e `Secrets and variables` -\u003e `New repository secret` add a personal private key  \n```\nname: PAT\nsecret: ghp_XXXXXXXXXX\n```\nIf not, the creation method is as follows:\n\n- Click on the icon on the right[![PAT](https://github.githubassets.com/favicons/favicon.png)](https://github.com/settings/tokens/new) ，Set token key\n- Fill in a name in the `Note` section -\u003e Select an expiration date at `Expiration` -\u003e Check the `Select scopes` in order`repo`、`workflow`、`write:packages`和`delete:packages` -\u003e Click on the bottom `Generate token`\n\n![Personal Access Token](https://github.com/grbnb/random-workflow-cron/blob/img/img/PAT.png)\n\n```log\nremote: Permission to xxx/xxxxx.git denied to github-actions[bot].\nfatal: unable to access 'https://github.com/xxx/xxxxx.git/': The requested URL returned error: 403\nError: Invalid exit code: 128\n```\n\nAdd GitHub API `token` key to your workflow yml file at `uses: actions/checkout@v3` in step\n```yml\n- name: Checkout\n  uses: actions/checkout@v4\n  with:\n    token: ${{ secrets.PAT }}\n    fetch-depth: 2\n```\n\nThen add the generated PAT key to the repository's `Actions secrets and variables`\n\n## License\n\nThe Dockerfile and associated scripts and documentation in this project are released under the [MIT License](LICENSE).\n\n## No affiliation with GitHub Inc.\n\nGitHub are registered trademarks of GitHub, Inc. GitHub name used in this project are for identification purposes only. The project is not associated in any way with GitHub Inc. and is not an official solution of GitHub Inc. It was made available in order to facilitate the use of the site GitHub.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgrbnb%2Frandom-workflow-cron","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgrbnb%2Frandom-workflow-cron","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgrbnb%2Frandom-workflow-cron/lists"}