alice: threats: cicd: github: workflow: runs on: Check if self-hosted and building branches

[pdxjohnny]

• References
  • 2022-11-21 @pdxjohnny Engineering Logs: Alice Engineering Comms 🪬 #1406
  • Let's avoid building pull requests on self hosted runners istio#15
  • pdxjohnny/istio@ea844d2
  • Disable building pull requests on self hosted runner istio#16
• Last Friday pushed alice: threats: vulns: serve: nvdstyle: Fix serving of v2 style CVEs - 9f0a41a
  • We can now start serving threats!
• TODO
  • alice threats cicd (-keys https://github.com/intel/dffml)
    • GitHub Actions workflow analysis overlays
      • Look for runs-on: and anything not GitHub hosted, then
        check on: triggers to ensure pull requests aren't being run.
    • Output to JSON source (so long as we derive from RunRecordSet we'll be done with this)\
    • Have NVDStyle server take source as input/config so that we can point it at the discovered vulns
• Future
  • alice please log todos -source static=json dynamic=nvdstyle
    • Implement source for reading from NVDSytle API (op source for single function prototype?)
    • Enable creation of TODOs by overlaying operations which take the feature data as inputs (use dfpreprocess?)