Add security-insights.yml for OSSF Security Insights v2.0.0

[vinayada1]

Description

Add a security insights file describing all the radius repositories.

Type of change

• This pull request fixes a bug in Radius and has an approved issue (issue link required).
• This pull request adds or changes features of Radius and has an approved issue (issue link required).
• This pull request is a minor refactor, code cleanup, test improvement, or other maintenance task and doesn't change the functionality of Radius (issue link optional).

Fixes: #11258

Contributor checklist

Please verify that the PR meets the following requirements, where applicable:

• An overview of proposed schema changes is included in a linked GitHub issue.
  • Yes
  • Not applicable
• A design document PR is created in the design-notes repository, if new APIs are being introduced.
  • Yes
  • Not applicable
• The design document has been reviewed and approved by Radius maintainers/approvers.
  • Yes
  • Not applicable
• A PR for the samples repository is created, if existing samples are affected by the changes in this PR.
  • Yes
  • Not applicable
• A PR for the documentation repository is created, if the changes in this PR affect the documentation or any user facing updates are made.
  • Yes
  • Not applicable
• A PR for the recipes repository is created, if existing recipes are affected by the changes in this PR.
  • Yes
  • Not applicable

[Copilot]

Pull request overview

Adds an OpenSSF Security Insights v2.0.0 metadata file under .github/ to enable Security Insights tooling to discover project/repository security posture and related links.

Changes:

• Add .github/security-insights.yml describing project metadata, vulnerability reporting info, and security tooling integrations.

[github-actions]

Unit Tests

4 783 tests   4 780 ✅  7m 52s ⏱️
  330 suites      3 💤
    1 files        0 ❌

Results for commit 6206848.

♻️ This comment has been updated with latest results.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 50.99%. Comparing base (209adb7) to head (6206848).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #11259   +/-   ##
=======================================
  Coverage   50.98%   50.99%           
=======================================
  Files         679      679           
  Lines       43174    43174           
=======================================
+ Hits        22012    22015    +3     
+ Misses      19040    19037    -3     
  Partials     2122     2122           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[radius-functional-tests]

Radius functional test overview

🔍 Go to test action run

Click here to see the test run details

Name	Value
Repository	radius-project/radius
Commit ref	7c59ea7
Unique ID	func53c2e6df97
Image tag	pr-func53c2e6df97

• gotestsum 1.13.0
• KinD: v0.29.0
• Dapr: 1.14.4
• Azure KeyVault CSI driver: 1.4.2
• Azure Workload identity webhook: 1.3.0
• Bicep recipe location ghcr.io/radius-project/dev/test/testrecipes/test-bicep-recipes/<name>:pr-func53c2e6df97
• Terraform recipe location http://tf-module-server.radius-test-tf-module-server.svc.cluster.local/<name>.zip (in cluster)
• applications-rp test image location: ghcr.io/radius-project/dev/applications-rp:pr-func53c2e6df97
• dynamic-rp test image location: ghcr.io/radius-project/dev/dynamic-rp:pr-func53c2e6df97
• controller test image location: ghcr.io/radius-project/dev/controller:pr-func53c2e6df97
• ucp test image location: ghcr.io/radius-project/dev/ucpd:pr-func53c2e6df97
• deployment-engine test image location: ghcr.io/radius-project/deployment-engine:latest

Test Status

⌛ Building Radius and pushing container images for functional tests...
✅ Container images build succeeded
⌛ Publishing Bicep Recipes for functional tests...
✅ Recipe publishing succeeded
⌛ Starting ucp-cloud functional tests...
⌛ Starting corerp-cloud functional tests...
❌ Test tool installation for ucp-cloud failed. Please check the logs for more details
❌ Failed to install Radius for ucp-cloud functional test. Please check the logs for more details
❌ Test tool installation for corerp-cloud failed. Please check the logs for more details
❌ Failed to install Radius for corerp-cloud functional test. Please check the logs for more details
❌ ucp-cloud functional test failed. Please check the logs for more details
❌ corerp-cloud functional test failed. Please check the logs for more details

[DariuszPorowski]

suggestion: I think I will put Nicole instead.

[vinayada1]

I got this from the maintainers list. Nicole's name is not there. @willtsai - What's the correct contact to mention here?

[willtsai]

I think these are correct - perhaps you can add Nicole as the 5th entry?

[DariuszPorowski]

question: Is this valid working email?

[vinayada1]

I got this from: https://github.com/radius-project/radius/blob/main/SECURITY.md page. If it's not working, we should fix the docs

[willtsai]

perhaps you can use radiuscoreteam@service.microsoft.com ?

[DariuszPorowski]

suggestion: I think I will put Nicole instead.

[willtsai]

there's also this one, which is expected to grow: https://github.com/radius-project/resource-types-contrib