-
Notifications
You must be signed in to change notification settings - Fork 38
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add on-demand integration test workflow
- Loading branch information
Showing
1 changed file
with
35 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| name: On-demand integration test | ||
|
Check failure Code scanning / Scorecard Token-Permissions High
score is 0: no topLevel permission defined
Remediation tip: Visit https://app.stepsecurity.io/secureworkflow. Tick the 'Restrict permissions for GITHUB_TOKEN' Untick other options NOTE: If you want to resolve multiple issues at once, you can visit https://app.stepsecurity.io/securerepo instead. Click Remediation section below for further remediation help |
||
| on: | ||
| # run action every time a new comment is created | ||
| issue_comment: | ||
| types: [ created ] | ||
|
|
||
| jobs: | ||
| on_demand_integration_test: | ||
| name: On-demand integration test | ||
| # Only run the integration test if the created comment is on a pull request | ||
| # and contains the string `/integration-test` | ||
| if: | | ||
| github.event.issue.pull_request && | ||
| contains(github.event.comment.body, '/integration-test') | ||
| # XXX TODO: Device matrix? | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Check out code | ||
| uses: actions/checkout@v4 | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 9: GitHub-owned GitHubAction not pinned by hash
Click Remediation section below to solve this issue |
||
| with: | ||
| submodules: 'recursive' | ||
| persist-credentials: false | ||
| - name: Set up JDK | ||
| uses: actions/setup-java@v3 | ||
|
Check warning Code scanning / Scorecard Pinned-Dependencies Medium
score is 9: GitHub-owned GitHubAction not pinned by hash
Click Remediation section below to solve this issue |
||
| with: | ||
| # XXX TODO: java version matrix? | ||
| java-version: 17.0.8 | ||
| distribution: temurin | ||
| cache: maven | ||
| - name: Display build environment details | ||
| run: mvn --version | ||
| - name: Install error-prone-support snapshot | ||
| run: mvn -T1C install -DskipTests -Dverification.skip | ||
| - name: Run integration test | ||
| run: echo "running integration test" | ||