chore: added write permission to github job #216
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Main Branch | ||
on: | ||
push: | ||
branches: | ||
- main | ||
- v[0-9]+.x | ||
tags: | ||
- v[0-9]+.[0-9]+.[0-9]+ | ||
jobs: | ||
install: | ||
name: Install | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- name: Cache node_modules | ||
id: cacheModules | ||
uses: actions/cache@v3 | ||
with: | ||
path: ~/.npm # this is cache where npm installs from before going out to the network | ||
key: ${{ runner.os }}-node-${{ hashFiles('**/package.json') }} | ||
- name: Install dependencies | ||
if: steps.cacheModules.outputs.cache-hit != 'true' | ||
run: npm install | ||
checks: | ||
name: Check | ||
needs: [install] | ||
uses: ./.github/workflows/checks.yml | ||
# The security job can't run on pull requests opened from forks because | ||
# Github doesn't pass down the SNYK_TOKEN environment variable. | ||
security: | ||
name: Check Security | ||
needs: [install] | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- uses: actions/cache@v3 | ||
with: | ||
path: ~/.npm # this is cache where npm installs from before going out to the network | ||
key: ${{ runner.os }}-node-${{ hashFiles('**/package.json') }} | ||
- run: npm install --prefer-offline | ||
- run: make secure | ||
env: | ||
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | ||
release: | ||
Check failure on line 49 in .github/workflows/ci.yml GitHub Actions / Main BranchInvalid workflow file
Check failure on line 49 in .github/workflows/ci.yml GitHub Actions / Main BranchInvalid workflow file
|
||
name: Release | ||
if: startsWith(github.event.ref, 'refs/tags/') | ||
needs: [checks, security] | ||
uses: ./.github/workflows/release.yml |