actions/code-coverage-summary
1
0
Fork 0
mirror of https://github.com/irongut/CodeCoverageSummary.git synced 2026-05-14 06:00:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

use StepSecurity Secure Workflows for builds #49

Browse Source
This commit is contained in:
irongut
2022-07-24 21:14:28 +01:00
parent 7cdc061845
commit 8e03759e2f
2 changed files with 32 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/ci-build.yml
+11 -2
View File
@@ -6,16 +6,25 @@ on:
pull_request:
branches: [ master ]
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
name: CI Build
steps:
- name: Harden Runner
uses: step-security/harden-runner@74b568e8591fbb3115c70f3436a0c6b0909a8504
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@d171c3b028d844f2bf14e9fdec0c58114451e4bf
- name: Setup .Net
uses: actions/setup-dotnet@v1
uses: actions/setup-dotnet@608ee757cfcce72c2e91e99aca128e0cae67de87
with:
dotnet-version: 6.0.x
.github/workflows/release-build.yml
+21 -6
View File
@@ -8,18 +8,27 @@ env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
permissions:
contents: read
jobs:
build:
name: Test Build
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@74b568e8591fbb3115c70f3436a0c6b0909a8504
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@d171c3b028d844f2bf14e9fdec0c58114451e4bf
with:
fetch-depth: 0
- name: Setup .Net
uses: actions/setup-dotnet@v1
uses: actions/setup-dotnet@608ee757cfcce72c2e91e99aca128e0cae67de87
with:
dotnet-version: 6.0.x
@@ -40,11 +49,17 @@ jobs:
contents: read
packages: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@74b568e8591fbb3115c70f3436a0c6b0909a8504
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@d171c3b028d844f2bf14e9fdec0c58114451e4bf
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.repository_owner }}
@@ -52,12 +67,12 @@ jobs:
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v3
uses: docker/metadata-action@b2391d37b4157fa4aa2e118d643f417910ff3242
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Build + Push Docker image
uses: docker/build-push-action@v2
uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
with:
context: .
push: true