Skip to content

Commit 7dbc837

Browse files
authored
chore(workflows): rename and update workflows (#76)
2 parents 19cce04 + ae9527e commit 7dbc837

6 files changed

Lines changed: 22 additions & 40 deletions

File tree

.github/workflows/build-components.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -20,13 +20,13 @@ concurrency:
2020
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
2121

2222
jobs:
23-
assemble:
23+
assemble-components:
2424
name: Assemble all components
2525
runs-on: ubuntu-latest
2626
timeout-minutes: 90
2727

2828
steps:
29-
- name: Checkout the repo
29+
- name: Checkout
3030
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
3131
with:
3232
fetch-depth: 1
@@ -51,11 +51,11 @@ jobs:
5151
- name: Show disk usage
5252
uses: ./.github/actions/disk-usage
5353

54-
test-junit:
55-
name: Run JUnit tests for all components
54+
quality-unit-test:
55+
name: Quality - Unit tests
5656
runs-on: ubuntu-latest
5757
timeout-minutes: 90
58-
needs: [assemble]
58+
needs: [assemble-components]
5959

6060
steps:
6161
- name: Checkout the repo

.github/workflows/pulls-auto-assign.yml renamed to .github/workflows/pr-auto-assign-reviewer.yml

Lines changed: 7 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -7,24 +7,20 @@ on:
77
pull_request_target:
88
types: [review_requested]
99

10+
permissions:
11+
contents: none
12+
1013
jobs:
11-
assign-reviewer:
14+
pr-auto-assign-reviewer:
15+
permissions:
16+
pull-requests: write
1217
runs-on: ubuntu-latest
13-
environment: botmobile
1418
steps:
15-
- name: App token generate
16-
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
17-
if: ${{ vars.BOT_CLIENT_ID }}
18-
id: app-token
19-
with:
20-
app-id: ${{ vars.BOT_CLIENT_ID }}
21-
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
22-
2319
- name: Assign reviewer to PR
2420
if: ${{ github.event.requested_reviewer }}
2521
env:
22+
GH_TOKEN: ${{ github.token }}
2623
PR_REVIEWER: ${{ github.event.requested_reviewer.login }}
2724
PR_NUMBER: ${{ github.event.pull_request.number }}
28-
GH_TOKEN: ${{ steps.app-token.outputs.token || github.token }}
2925
run: |
3026
gh pr edit $PR_NUMBER --repo $GITHUB_REPOSITORY --add-assignee "$PR_REVIEWER"

.github/workflows/quality-checks.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
name: Quality checks
1+
name: Quality - Checks
22

33
on:
44
push:
Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,16 @@
1-
name: Markdown CI
1+
name: Quality - Check Markdown
22

33
on:
44
pull_request:
55
paths:
66
- '**.md'
7-
- '.github/workflows/markdown.yml'
7+
- '.github/workflows/quality-markdown.yml'
88

99
permissions:
1010
contents: read
1111

1212
jobs:
13-
markdown_quality:
13+
quality-markdown:
1414
runs-on: ubuntu-latest
1515
steps:
1616
- name: Checkout

.github/workflows/security-codeql.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
name: Security - CodeQL Scan
1+
name: Security - CodeQL
22

33
on:
44
schedule:
@@ -9,7 +9,7 @@ permissions:
99
contents: read
1010

1111
jobs:
12-
security-codeql-scan:
12+
security-codeql:
1313
name: Security - CodeQL Scan
1414

1515
permissions:

.github/workflows/security-scorecard.yml

Lines changed: 4 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -1,21 +1,17 @@
1-
name: Security - Scorecard supply-chain security
1+
name: Security - Scorecard
2+
23
on:
3-
# For Branch-Protection check. Only the default branch is supported. See
4-
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
54
branch_protection_rule:
6-
# To guarantee Maintained check is occasionally updated. See
7-
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
85
schedule:
96
- cron: '19 22 * * 3'
107
push:
118
branches: [ "main" ]
129
workflow_dispatch:
1310

14-
permissions:
15-
contents: read
11+
permissions: read-all
1612

1713
jobs:
18-
analysis:
14+
security-scorecard:
1915
name: Scorecard analysis
2016
runs-on: ubuntu-latest
2117
permissions:
@@ -35,25 +31,15 @@ jobs:
3531
with:
3632
results_file: results.sarif
3733
results_format: sarif
38-
39-
# Public repositories:
40-
# - Publish results to OpenSSF REST API for easy access by consumers
41-
# - Allows the repository to include the Scorecard badge.
42-
# - See https://github.com/ossf/scorecard-action#publishing-results.
43-
# For private repositories:
44-
# - `publish_results` will always be set to `false`, regardless
45-
# of the value entered here.
4634
publish_results: true
4735

48-
# Upload the results as artifacts.
4936
- name: "Upload artifact"
5037
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
5138
with:
5239
name: SARIF file
5340
path: results.sarif
5441
retention-days: 5
5542

56-
# Upload the results to GitHub's code scanning dashboard.
5743
- name: "Upload to code-scanning"
5844
uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
5945
with:

0 commit comments

Comments
 (0)