@@ -17,17 +17,43 @@ permissions:
1717
1818jobs :
1919 rl-scanner :
20- uses : ./.github/workflows/rl-secure.yml
21- with :
22- node-version : ' 22'
23- artifact-name : ' react-native-auth0.tgz'
24- secrets :
25- RLSECURE_LICENSE : ${{ secrets.RLSECURE_LICENSE }}
26- RLSECURE_SITE_KEY : ${{ secrets.RLSECURE_SITE_KEY }}
27- SIGNAL_HANDLER_TOKEN : ${{ secrets.SIGNAL_HANDLER_TOKEN }}
28- PRODSEC_TOOLS_USER : ${{ secrets.PRODSEC_TOOLS_USER }}
29- PRODSEC_TOOLS_TOKEN : ${{ secrets.PRODSEC_TOOLS_TOKEN }}
30- PRODSEC_TOOLS_ARN : ${{ secrets.PRODSEC_TOOLS_ARN }}
20+ if : github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged && startsWith(github.event.pull_request.head.ref, 'release/'))
21+ runs-on : ubuntu-latest
22+ steps :
23+ - uses : actions/checkout@v6
24+ with :
25+ fetch-depth : 0
26+
27+ - name : Setup
28+ uses : ./.github/actions/setup
29+
30+ - name : Build package
31+ run : yarn build
32+
33+ - name : Create tgz build artifact
34+ run : |
35+ tar -czvf react-native-auth0.tgz *
36+
37+ name : Get version
38+ id : get_version
39+ run : |
40+ version=$(head -1 .version)
41+ echo "version=$version" >> $GITHUB_OUTPUT
42+
43+ name : Run RL Scanner
44+ uses : auth0/devsecops-tooling/.github/actions/rl-scan@main
45+ with :
46+ artifact-name : " react-native-auth0"
47+ artifact-path : " ${{ github.workspace }}/react-native-auth0.tgz"
48+ version : ${{ steps.get_version.outputs.version }}
49+ RLSECURE_LICENSE : ${{ secrets.RLSECURE_LICENSE }}
50+ RLSECURE_SITE_KEY : ${{ secrets.RLSECURE_SITE_KEY }}
51+ SIGNAL_HANDLER_TOKEN : ${{ secrets.SIGNAL_HANDLER_TOKEN }}
52+ SIGNAL_HANDLER_DOMAIN : ${{ secrets.SIGNAL_HANDLER_DOMAIN }}
53+ PRODSEC_TOOLS_ARN : ${{ secrets.PRODSEC_TOOLS_ARN }}
54+ PRODSEC_TOOLS_USER : ${{ secrets.PRODSEC_TOOLS_USER }}
55+ PRODSEC_TOOLS_TOKEN : ${{ secrets.PRODSEC_TOOLS_TOKEN }}
56+ PRODSEC_PYTHON_TOOLS_REPO : ${{ secrets.PRODSEC_PYTHON_TOOLS_REPO }}
3157
3258 release :
3359 uses : ./.github/workflows/npm-release.yml
0 commit comments