step-security/harden-runner
1
0
Fork 0
mirror of synced 2026-06-05 16:08:19 +00:00
Code Issues Projects Releases Packages Wiki Activity

adding a workflow for reviewing code changes using stepsecurity code reviewer

Browse source
This commit is contained in:
Ashish Kurmi 2023-04-29 20:22:55 -07:00
commit 23525abe20
1 changed files with 23 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

23
.github/workflows/code-review.yml vendored Normal file
View file

@ -0,0 +1,23 @@
name: Code Review
on:
pull_request:
branches:
- main
- int
jobs:
code-review:
name: int tests
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@6b3083af2869dc3314a0257a42f4af696cc79ba3
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: Code Review
uses: docker://ghcr.io/step-security/code-reviewer/int:latest # docker pull ghcr.io/step-security/code-reviewer/int:latest
env:
PAT: ${{ secrets.GITHUB_TOKEN }}