build(audits): Split security audit out of build workflow (#22)

There are currently unfixable issues with `chrono 0.4.19` in security audits... Until these are fixable they are just showing up as build failures Splitting this into it's own workflow is probably the correct thing long term anyways
jakeswenson · Dec 11, 2021 · d2f403b · d2f403b
1 parent 346d780
commit d2f403b
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 4 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -21,10 +21,6 @@ jobs:
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           args: --all-features
-      - name: Security audit
-        uses: actions-rs/audit-check@v1
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
   build:
     runs-on: ubuntu-latest
     steps:

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -0,0 +1,18 @@
+name: Security Audits
+
+on:
+  schedule:
+    # Every Saturday at 1PM UTC (6AM PST)
+    chron: "0 13 * * 6"
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  security-audit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Security audit
+        uses: actions-rs/audit-check@v1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}