-
Notifications
You must be signed in to change notification settings - Fork 18
146 lines (133 loc) · 3.85 KB
/
Copy pathmain.yml
File metadata and controls
146 lines (133 loc) · 3.85 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
# SPDX-License-Identifier: Apache-2.0
# Copyright 2023 Canonical Ltd.
# Copyright 2024 Intel Corporation
name: CI Pipeline
on:
pull_request:
branches:
- main
push:
branches:
- main
permissions:
contents: read
jobs:
build:
permissions:
contents: read
actions: read
security-events: write
id-token: write
attestations: write
uses: omec-project/.github/.github/workflows/build.yml@e05a6a6c35278d4b7f9f03da4474e49d869edf2f # v0.0.27
with:
branch_name: ${{ github.ref }}
build-ui:
permissions:
contents: read
actions: read
security-events: write
id-token: write
attestations: write
uses: omec-project/.github/.github/workflows/webconsole-build-ui.yml@e05a6a6c35278d4b7f9f03da4474e49d869edf2f # v0.0.27
with:
branch_name: ${{ github.ref }}
docker-build:
permissions:
contents: read
packages: write
id-token: write
attestations: write
uses: omec-project/.github/.github/workflows/docker-build.yml@e05a6a6c35278d4b7f9f03da4474e49d869edf2f # v0.0.27
with:
branch_name: ${{ github.ref }}
static-analysis:
permissions:
contents: read
security-events: write
actions: read
id-token: write
attestations: write
uses: omec-project/.github/.github/workflows/static-analysis.yml@e05a6a6c35278d4b7f9f03da4474e49d869edf2f # v0.0.27
with:
branch_name: ${{ github.ref }}
lint:
permissions:
contents: read
checks: write
id-token: write
attestations: write
uses: omec-project/.github/.github/workflows/lint.yml@e05a6a6c35278d4b7f9f03da4474e49d869edf2f # v0.0.27
with:
golangci_lint_version: 'v2.11.3'
branch_name: ${{ github.ref }}
hadolint:
permissions:
contents: read
security-events: write
id-token: write
attestations: write
uses: omec-project/.github/.github/workflows/hadolint.yml@e05a6a6c35278d4b7f9f03da4474e49d869edf2f # v0.0.27
with:
branch_name: ${{ github.ref }}
license-check:
permissions:
contents: read
id-token: write
attestations: write
uses: omec-project/.github/.github/workflows/license-check.yml@e05a6a6c35278d4b7f9f03da4474e49d869edf2f # v0.0.27
with:
branch_name: ${{ github.ref }}
fossa-scan:
permissions:
contents: read
security-events: write
id-token: write
attestations: write
uses: omec-project/.github/.github/workflows/fossa-scan.yml@e05a6a6c35278d4b7f9f03da4474e49d869edf2f # v0.0.27
with:
branch_name: ${{ github.ref }}
unit-tests:
permissions:
contents: read
checks: write
id-token: write
attestations: write
uses: omec-project/.github/.github/workflows/unit-test.yml@e05a6a6c35278d4b7f9f03da4474e49d869edf2f # v0.0.27
with:
branch_name: ${{ github.ref }}
analysis:
if: github.repository_owner == 'omec-project'
permissions:
actions: read
artifact-metadata: read
attestations: read
checks: read
code-quality: read
contents: read
deployments: read
discussions: read
id-token: write
issues: read
models: read
packages: read
pages: read
pull-requests: read
repository-projects: read
security-events: write
statuses: read
vulnerability-alerts: read
uses: omec-project/.github/.github/workflows/scorecard-analysis.yml@e05a6a6c35278d4b7f9f03da4474e49d869edf2f # v0.0.27
with:
branch_name: ${{ github.ref }}
e2e-tests:
if: github.event_name == 'pull_request'
permissions:
contents: read
pull-requests: write
checks: write
id-token: write
attestations: write
uses: omec-project/.github/.github/workflows/e2e-test.yml@e05a6a6c35278d4b7f9f03da4474e49d869edf2f # v0.0.27
with:
branch_name: ${{ github.ref }}