Skip to content

🐛 move license check to lint workflow #642

🐛 move license check to lint workflow

🐛 move license check to lint workflow #642

Workflow file for this run

name: Run Test (forks & dependabot)
on:
pull_request_target:
types: [opened, synchronize, reopened, labeled]
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
permissions:
contents: read
issues: read # needed for the "labeled" event?
pull-requests: read # needed for the "labeled" event?
jobs:
# Makes it easier to see what was the input for this workflow in case we need to debug.
debug-event:
runs-on: ubuntu-latest
steps:
- name: Print workflow actor
run: echo "${{ toJSON(github.actor) }}"
- name: Print workflow event
run: jq '.' $GITHUB_EVENT_PATH
check-label:
name: Check label
runs-on: ubuntu-latest
# sender.login is needed for runs re-triggered from GitHub UI
if: |
(github.event.pull_request.user.login == 'dependabot[bot]' && contains(github.event.pull_request.labels.*.name, 'ok to test'))
|| (github.event.pull_request.head.repo.fork && contains(github.event.pull_request.labels.*.name, 'ok to test'))
permissions:
issues: write
pull-requests: write
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: remove labels
run: |
gh pr edit ${{ github.event.pull_request.number }} --remove-label "ok to test"
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
unit-tests:
needs: [check-label]
if: needs.check-label.result == 'success'
uses: ./.github/workflows/unit-tests.yaml
name: Unit tests
security-tests:
name: Security tests
needs: [unit-tests]
if: needs.unit-tests.result == 'success'
uses: ./.github/workflows/security-tests.yaml
secrets: inherit
integration-tests:
name: Integration tests
needs: [unit-tests]
if: needs.unit-tests.result == 'success'
uses: ./.github/workflows/integration-tests.yaml
with:
cnspecImageTag: ""
secrets: inherit