generated from mchmarny/template-action
-
Notifications
You must be signed in to change notification settings - Fork 0
68 lines (59 loc) · 1.38 KB
/
on-push.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
name: on_push
on:
push:
branches:
- main
pull_request:
branches:
- main
permissions:
contents: read
jobs:
conf:
env:
ERR_VULNERABILITY_SEV: "CRITICAL,HIGH,MEDIUM"
GO_VERSION: "1.20.1"
runs-on: ubuntu-latest
permissions:
contents: read
outputs:
err_on_vulnerability_sev: ${{ steps.conf.outputs.err_on_vulnerability_sev }}
go_version: ${{ steps.conf.outputs.go_version }}
steps:
- name: Export Config
id: conf
run: |
echo "err_on_vulnerability_sev=${{ env.ERR_VULNERABILITY_SEV }}" >> $GITHUB_OUTPUT
echo "go_version=${{ env.GO_VERSION }}" >> $GITHUB_OUTPUT
test:
needs:
- conf
permissions:
contents: read
security-events: write
id-token: write
uses: ./.github/workflows/test.yaml
with:
go_version: ${{ needs.conf.outputs.go_version }}
scan_severity: ${{ needs.conf.outputs.err_on_vulnerability_sev }}
meter:
needs:
- test
permissions:
contents: read
id-token: write
uses: ./.github/workflows/meter.yaml
with:
metric: "push-tests"
value: 1
print:
needs:
- meter
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Print Output
run: |
echo "metric: ${{ needs.meter.outputs.metric }}"
echo "value: ${{ needs.meter.outputs.value }}"