step-security/harden-runner
1
0
Fork 0
mirror of synced 2026-06-05 19:25:14 +00:00
Code Issues Projects Releases Packages Wiki Activity
harden-runner/.github/workflows/test.yml
dependabot[bot] 3498091f2b
 Bump step-security/harden-runner from 2.6.1 to 2.7.0 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.6.1 to 2.7.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](eb238b55ef...63c24ba6bd)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-31 23:16:23 +00:00

46 lines
1.3 KiB
YAML
Raw Blame History

name: Test
on:
pull_request:
branches:
- main
push:
branches:
- main # to update code coverage
permissions: # added using https://github.com/step-security/secure-workflows
contents: read
concurrency:
group: ${{ github.workflow }}
jobs:
test:
permissions:
checks: write
pull-requests: write
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
disable-sudo: true
egress-policy: audit
allowed-endpoints: >
api.github.com:443
codecov.io:443
github.com:443
registry.npmjs.org:443
storage.googleapis.com:443
uploader.codecov.io:443
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Install Dependencies
run: npm ci
- name: Run coverage
run: npm test -- --coverage
- uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
- name: Publish Test Results
uses: step-security/publish-unit-test-result-action@v1
if: always()
with:
files: |
reports/*.xml
Reference in a new issue View git blame Copy permalink