-
Notifications
You must be signed in to change notification settings - Fork 8
62 lines (48 loc) · 1.73 KB
/
test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
name: CI
on: push
jobs:
nvd-scan:
uses: yetanalytics/workflow-nvd/.github/workflows/nvd-scan.yml@v1
with:
nvd-clojure-version: '3.2.0'
# onyx dep is outdated and abandoned so don't bother scanning
classpath-command: 'clojure -Spath -A:cli:server'
nvd-config-filename: '.nvd/config.json'
test:
runs-on: ubuntu-latest
strategy:
matrix:
target: [test-unit, test-unit-onyx, test-cli]
steps:
- name: Checkout Repository
uses: actions/checkout@v3
- name: Setup CI environment
uses: yetanalytics/actions/setup-env@v0.0.4
- name: Log into DockerHub
if: ${{ matrix.target == 'test-unit' }}
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Run Makefile Target ${{ matrix.target }}
run: make ${{ matrix.target }}
validate-template:
runs-on: ubuntu-latest
# These permissions are needed by configure-aws-credentials in order
# to interact with GitHub's OIDC Token endpoint.
permissions:
id-token: write # required to use OIDC authentication
contents: read # required to checkout the code from the repo
steps:
- name: Checkout Repository
uses: actions/checkout@v3
- name: Setup CI environment
uses: yetanalytics/actions/setup-env@v0.0.4
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1-node16
with:
role-to-assume: ${{ secrets.CF_VALIDATE_TEMPLATE_ROLE_ARN }}
role-duration-seconds: 900 # 15 min; minimal duration possible
aws-region: us-east-1
- name: Run Makefile Target validate-template
run: make validate-template