mirror of
https://github.com/edera-dev/sprout.git
synced 2025-12-19 13:50:16 +00:00
repair github actions warnings and errors
This commit is contained in:
4
.github/dependabot.yaml
vendored
4
.github/dependabot.yaml
vendored
@@ -4,6 +4,8 @@ updates:
|
|||||||
directory: /
|
directory: /
|
||||||
schedule:
|
schedule:
|
||||||
interval: weekly
|
interval: weekly
|
||||||
|
cooldown:
|
||||||
|
default-days: 7
|
||||||
groups:
|
groups:
|
||||||
actions-updates:
|
actions-updates:
|
||||||
dependency-type: production
|
dependency-type: production
|
||||||
@@ -15,6 +17,8 @@ updates:
|
|||||||
directory: /
|
directory: /
|
||||||
schedule:
|
schedule:
|
||||||
interval: weekly
|
interval: weekly
|
||||||
|
cooldown:
|
||||||
|
default-days: 7
|
||||||
groups:
|
groups:
|
||||||
cargo-updates:
|
cargo-updates:
|
||||||
dependency-type: production
|
dependency-type: production
|
||||||
|
|||||||
7
.github/workflows/ci-actions.yaml
vendored
7
.github/workflows/ci-actions.yaml
vendored
@@ -14,8 +14,11 @@ jobs:
|
|||||||
name: zizmor
|
name: zizmor
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
permissions:
|
permissions:
|
||||||
|
# write is needed to upload security events to GitHub code scanning.
|
||||||
security-events: write
|
security-events: write
|
||||||
|
# we only need to read the contents of the repository.
|
||||||
contents: read
|
contents: read
|
||||||
|
# we only need to read the action metadata.
|
||||||
actions: read
|
actions: read
|
||||||
steps:
|
steps:
|
||||||
- name: harden runner
|
- name: harden runner
|
||||||
@@ -34,10 +37,10 @@ jobs:
|
|||||||
- name: zizmor
|
- name: zizmor
|
||||||
run: uvx zizmor --pedantic --format sarif . > results.sarif
|
run: uvx zizmor --pedantic --format sarif . > results.sarif
|
||||||
env:
|
env:
|
||||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
GH_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
|
||||||
|
|
||||||
- name: upload
|
- name: upload
|
||||||
uses: github/codeql-action/upload-sarif@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v4
|
uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v4
|
||||||
with:
|
with:
|
||||||
sarif_file: results.sarif
|
sarif_file: results.sarif
|
||||||
category: zizmor
|
category: zizmor
|
||||||
|
|||||||
1
.github/workflows/ci-code.yaml
vendored
1
.github/workflows/ci-code.yaml
vendored
@@ -9,6 +9,7 @@ on:
|
|||||||
- main
|
- main
|
||||||
|
|
||||||
permissions:
|
permissions:
|
||||||
|
# we only need to read the contents of the repository.
|
||||||
contents: read
|
contents: read
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
|
|||||||
4
.github/workflows/release-assets.yaml
vendored
4
.github/workflows/release-assets.yaml
vendored
@@ -12,6 +12,7 @@ jobs:
|
|||||||
assets:
|
assets:
|
||||||
name: assets
|
name: assets
|
||||||
permissions:
|
permissions:
|
||||||
|
# write is needed to upload release artifacts.
|
||||||
contents: write
|
contents: write
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
@@ -34,7 +35,8 @@ jobs:
|
|||||||
run: ./hack/assemble.sh
|
run: ./hack/assemble.sh
|
||||||
|
|
||||||
- name: 'upload release artifacts'
|
- name: 'upload release artifacts'
|
||||||
run: ./hack/ci/upload-release-assets.sh "${{ github.event.release.tag_name }}"
|
run: ./hack/ci/upload-release-assets.sh
|
||||||
env:
|
env:
|
||||||
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
|
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
|
||||||
|
RELEASE_TAG: "${{ github.event.release.tag_name }}"
|
||||||
if: ${{ github.event_name == 'release' }}
|
if: ${{ github.event_name == 'release' }}
|
||||||
|
|||||||
@@ -12,8 +12,9 @@ retry() {
|
|||||||
"${@}"
|
"${@}"
|
||||||
}
|
}
|
||||||
|
|
||||||
TAG="${1}"
|
if [ -z "${RELEASE_TAG}" ]; then
|
||||||
shift
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
cd target/assemble
|
cd target/assemble
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user