{"id":36658500,"url":"https://github.com/tinyci/ci-agents","last_synced_at":"2026-01-12T10:25:04.684Z","repository":{"id":50102337,"uuid":"181145641","full_name":"tinyci/ci-agents","owner":"tinyci","description":"tinyCI microservice and tools collection","archived":false,"fork":false,"pushed_at":"2023-05-05T02:30:39.000Z","size":8844,"stargazers_count":1,"open_issues_count":10,"forks_count":2,"subscribers_count":4,"default_branch":"main","last_synced_at":"2023-08-09T16:29:18.121Z","etag":null,"topics":["continuous-integration","golang","grpc","parallel","swagger","test"],"latest_commit_sha":null,"homepage":"https://tinyci.org","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tinyci.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-04-13T08:56:35.000Z","updated_at":"2021-06-04T04:19:27.000Z","dependencies_parsed_at":"2022-09-16T14:43:38.405Z","dependency_job_id":null,"html_url":"https://github.com/tinyci/ci-agents","commit_stats":null,"previous_names":[],"tags_count":11,"template":null,"template_full_name":null,"purl":"pkg:github/tinyci/ci-agents","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tinyci%2Fci-agents","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tinyci%2Fci-agents/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tinyci%2Fci-agents/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tinyci%2Fci-agents/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tinyci","download_url":"https://codeload.github.com/tinyci/ci-agents/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tinyci%2Fci-agents/sbom","scorecard":{"id":887494,"data":{"date":"2025-08-11","repo":{"name":"github.com/tinyci/ci-agents","commit":"0e7828c1089e92b3593892e22af3bfc253d4de67"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.6,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/11 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":1,"reason":"dependency not pinned by hash detected -- score normalized to 1","details":["Warn: containerImage not pinned by hash: dockerfiles/Dockerfile:2: pin your Docker image by updating ubuntu:20.04 to ubuntu:20.04@sha256:8feb4d8ca5354def3d8fce243717141ce31e2c428701f6682bd2fafe15388214","Warn: containerImage not pinned by hash: dockerfiles/Dockerfile.release:2: pin your Docker image by updating ubuntu:latest to ubuntu:latest@sha256:7c06e91f61fa88c08cc74f7e1b7c69ae24910d745357e0dfe1d2c0322aaf20f9","Warn: goCommand not pinned by hash: dockerfiles/Dockerfile:40","Warn: goCommand not pinned by hash: dockerfiles/Dockerfile:41","Warn: goCommand not pinned by hash: dockerfiles/Dockerfile:42","Warn: goCommand not pinned by hash: dockerfiles/Dockerfile:43","Warn: goCommand not pinned by hash: dockerfiles/Dockerfile:44","Warn: goCommand not pinned by hash: dockerfiles/Dockerfile:47","Warn: goCommand not pinned by hash: dockerfiles/Dockerfile:48","Info:   2 out of   9 goCommand dependencies pinned","Info:   0 out of   2 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"28 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2025-3533 / GHSA-wq9g-9vfc-cfq9","Warn: Project is vulnerable to: GO-2021-0052 / GHSA-h395-qcrw-5vmq","Warn: Project is vulnerable to: GHSA-3vp4-m3rf-835h","Warn: Project is vulnerable to: GO-2023-1737 / GHSA-2c4m-59x9-fr2g","Warn: Project is vulnerable to: GO-2022-1031 / GHSA-crxj-hrmp-4rwf","Warn: Project is vulnerable to: GO-2022-0968 / GHSA-gwc9-m7rh-j2ww","Warn: Project is vulnerable to: GO-2021-0356 / GHSA-8c26-wmh5-6g9v","Warn: Project is vulnerable to: GO-2024-2961","Warn: Project is vulnerable to: GO-2023-2402 / GHSA-45x7-px36-x8w8","Warn: Project is vulnerable to: GO-2024-3321 / GHSA-v778-237x-gjrc","Warn: Project is vulnerable to: GO-2025-3487 / GHSA-hcg3-q754-cr77","Warn: Project is vulnerable to: GO-2022-0236 / GHSA-h86h-8ppg-mxmh","Warn: Project is vulnerable to: GO-2021-0238 / GHSA-83g2-8m93-v3w7","Warn: Project is vulnerable to: GO-2022-0288","Warn: Project is vulnerable to: GO-2022-0969 / GHSA-69cg-p879-7622","Warn: Project is vulnerable to: GO-2022-1144 / GHSA-xrjj-mj9h-534m","Warn: Project is vulnerable to: GO-2023-1571 / GHSA-vvpx-j8f3-3w6h","Warn: Project is vulnerable to: GO-2023-1988 / GHSA-2wrh-6pvc-2jm9","Warn: Project is vulnerable to: GO-2023-2102 / GHSA-4374-p667-p6c8","Warn: Project is vulnerable to: GO-2023-2153 / GHSA-m425-mq94-257g / GHSA-qppj-fm5r-hxr3","Warn: Project is vulnerable to: GO-2024-2687 / GHSA-4v7x-pqxf-cx7m","Warn: Project is vulnerable to: GO-2024-3333","Warn: Project is vulnerable to: GO-2025-3503 / GHSA-qxp5-gwg8-xv66","Warn: Project is vulnerable to: GO-2025-3595 / GHSA-vvgc-356p-c3xw","Warn: Project is vulnerable to: GO-2025-3488 / GHSA-6v2p-p543-phr9","Warn: Project is vulnerable to: GO-2022-0493 / GHSA-p782-xgp4-8hr8","Warn: Project is vulnerable to: GO-2024-2611 / GHSA-8r3f-844c-mc37","Warn: Project is vulnerable to: GO-2022-0603 / GHSA-hp87-p4gw-j4gq"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-24T10:32:36.087Z","repository_id":50102337,"created_at":"2025-08-24T10:32:36.087Z","updated_at":"2025-08-24T10:32:36.087Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28338267,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-12T06:09:07.588Z","status":"ssl_error","status_checked_at":"2026-01-12T06:05:18.301Z","response_time":98,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["continuous-integration","golang","grpc","parallel","swagger","test"],"created_at":"2026-01-12T10:25:03.840Z","updated_at":"2026-01-12T10:25:04.679Z","avatar_url":"https://github.com/tinyci.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# tinyCI's Agents\n\nThis repository contains most of tinyci's microservices as well as its\ncommand-line client, `tinycli`.\n\nTo get a tinyCI release, head over to\nhttps://github.com/tinyci/tinyci/releases. The rest of this page is largely\nabout developer setup. Check out our [docs](http://tinyci.org) if you're\ninterested in using or testing out tinyCI.\n\n## Developer Setup\n\nFollow these instructions carefully. We will soon have something a little more\nstreamlined.\n\nIt is easiest to work with this project through the [Golang\nToolchain](https://golang.org). Get it before following these instructions.\n\n```\n$ export GOPATH=$HOME\n$ go get -d github.com/tinyci/ci-agents\n$ go get -d github.com/tinyci/ci-ui\n$ cd ~/src/github.com/tinyci/ci-ui \u0026\u0026 make test-debug\n$ cd ~/src/github.com/tinyci/ci-agents\n$ cp .config/services.yaml.example .config/services.yaml\n\u003cedit services to taste\u003e\n$ make demo\n```\n\nYou will need `docker` and `docker-compose` installed.\n\nThen hit port 3000 of that host on your browser. If you have configured OAuth,\nyou will be presented with a confirmation screen. If you are running in no auth\nmode, you will be teleported to the UI directly.\n\n### Jaeger Tracing mode\n\n`make demo` starts a jaeger container. Please note that `enable_tracing` must\nbe set in the services config for this to be effective.\n\n### Configuring it\n\nTo start, it's easiest to configure one task at the root with multiple runs.\nLater on, you will want to isolate directories with additional `task.yml` files\nso subsections of your code can be tested independently of each other.\n\nPut this in a file named `task.yml` at the root:\n\n```yaml\n---\nmountpoint: '/build' # this is where your source will be mounted in the image\nruns:\n  testbuild: # name of the run\n    command: ['do', 'build'] # customize this to taste\n    image: 'ubuntu:18.04' # example! Use any image you'd like.\n  test: # name of the run\n    command: ['do', 'test'] # customize this to taste\n    image: 'ubuntu:18.04' # example! Use any image you'd like.\n```\n\nAs well as creating an empty `tinyci.yml` -- this file typically contains\nglobal overrides and is always read from the master branch. For now,\ncustomizing it is not necessary.\n\nTo add your repository to tinyCI, click the hamburger menu at the top left of\nthe UI, then select the `Add` tab and find your repository. Check the box; the\nhook will be set up automatically in a secured fashion.\n\n\u003cimg src=\"readme-images/add.png\" /\u003e\n\nAfter that, you can submit code through the Manual Submission dialog or any\npush or pull request will also trigger a CI run. Enjoy!\n\nPlease note that actually running your code requires that you launch a runner\n(ideally on a separate server) which is covered in our [documentation](https://tinyci.org).\n\n## License\n\nMozilla Public License 2.0: https://www.mozilla.org/en-US/MPL/2.0/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftinyci%2Fci-agents","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftinyci%2Fci-agents","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftinyci%2Fci-agents/lists"}