Add security-insights.yml for OSSF Security Insights v2.0.0

[vinayada1]

Description

Add a security insights file describing all the radius repositories.

Type of change

• This pull request fixes a bug in Radius and has an approved issue (issue link required).
• This pull request adds or changes features of Radius and has an approved issue (issue link required).
• This pull request is a minor refactor, code cleanup, test improvement, or other maintenance task and doesn't change the functionality of Radius (issue link optional).

Fixes: #11258

Contributor checklist

Please verify that the PR meets the following requirements, where applicable:

• An overview of proposed schema changes is included in a linked GitHub issue.
  • Yes
  • Not applicable
• A design document PR is created in the design-notes repository, if new APIs are being introduced.
  • Yes
  • Not applicable
• The design document has been reviewed and approved by Radius maintainers/approvers.
  • Yes
  • Not applicable
• A PR for the samples repository is created, if existing samples are affected by the changes in this PR.
  • Yes
  • Not applicable
• A PR for the documentation repository is created, if the changes in this PR affect the documentation or any user facing updates are made.
  • Yes
  • Not applicable
• A PR for the recipes repository is created, if existing recipes are affected by the changes in this PR.
  • Yes
  • Not applicable

[Copilot]

Pull request overview

Adds an OpenSSF Security Insights v2.0.0 metadata file under .github/ to enable Security Insights tooling to discover project/repository security posture and related links.

Changes:

• Add .github/security-insights.yml describing project metadata, vulnerability reporting info, and security tooling integrations.

[github-actions]

Unit Tests

    2 files  ±0    415 suites  ±0   6m 44s ⏱️ -10s
4 881 tests ±0  4 879 ✅ ±0  2 💤 ±0  0 ❌ ±0 
5 783 runs  ±0  5 781 ✅ ±0  2 💤 ±0  0 ❌ ±0 

Results for commit 2b6cb02. ± Comparison against base commit 0a26e31.

♻️ This comment has been updated with latest results.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 51.24%. Comparing base (0a26e31) to head (2b6cb02).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #11259      +/-   ##
==========================================
+ Coverage   51.22%   51.24%   +0.01%     
==========================================
  Files         699      699              
  Lines       44062    44062              
==========================================
+ Hits        22572    22578       +6     
+ Misses      19330    19327       -3     
+ Partials     2160     2157       -3     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[DariuszPorowski]

suggestion: I think I will put Nicole instead.

[vinayada1]

I got this from the maintainers list. Nicole's name is not there. @willtsai - What's the correct contact to mention here?

[willtsai]

I think these are correct - perhaps you can add Nicole as the 5th entry?

[vinayada1]

Nicole's name is not in any list like maintainers or approvers....so best to leave out? I instead added Radius Core Team contact as the primary.

[DariuszPorowski]

suggestion: I think I will put Nicole instead.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 6 comments.

---

You can also share your feedback on Copilot code review. Take the survey.

[vinayada1]

@copilot apply changes based on this feedback

[Copilot]

@vinayada1 I've opened a new pull request, #11444, to work on those changes. Once the pull request is ready, I'll request review from you.

[radius-functional-tests]

Radius functional test overview

🔍 Go to test action run

Click here to see the test run details

Name	Value
Repository	radius-project/radius
Commit ref	4e8e6fe
Unique ID	func4ac9218f6b
Image tag	pr-func4ac9218f6b

• gotestsum 1.13.0
• KinD: v0.29.0
• Dapr: 1.14.4
• Azure KeyVault CSI driver: 1.4.2
• Azure Workload identity webhook: 1.3.0
• Bicep recipe location ghcr.io/radius-project/dev/test/testrecipes/test-bicep-recipes/<name>:pr-func4ac9218f6b
• Terraform recipe location http://tf-module-server.radius-test-tf-module-server.svc.cluster.local/<name>.zip (in cluster)
• applications-rp test image location: ghcr.io/radius-project/dev/applications-rp:pr-func4ac9218f6b
• dynamic-rp test image location: ghcr.io/radius-project/dev/dynamic-rp:pr-func4ac9218f6b
• controller test image location: ghcr.io/radius-project/dev/controller:pr-func4ac9218f6b
• ucp test image location: ghcr.io/radius-project/dev/ucpd:pr-func4ac9218f6b
• deployment-engine test image location: ghcr.io/radius-project/deployment-engine:latest

Test Status

⌛ Building Radius and pushing container images for functional tests...
✅ Container images build succeeded
⌛ Publishing Bicep Recipes for functional tests...
✅ Recipe publishing succeeded
⌛ Starting corerp-cloud functional tests...
⌛ Starting ucp-cloud functional tests...
✅ ucp-cloud functional tests succeeded
✅ corerp-cloud functional tests succeeded

[DariuszPorowski]

Make sure you sign-off you commits because DCO check will always fail.

[DariuszPorowski]

issue: false - we have 3rd party deps

[DariuszPorowski]

issue: we do not attest releases