mirror of
https://github.com/apache/superset.git
synced 2026-06-02 06:09:21 +00:00
43 lines
1.1 KiB
YAML
43 lines
1.1 KiB
YAML
name: Validate All GitHub Actions
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- "master"
|
|
- "[0-9].[0-9]*"
|
|
pull_request:
|
|
branches:
|
|
- "**"
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
|
|
validate-all-ghas:
|
|
runs-on: ubuntu-24.04
|
|
permissions:
|
|
contents: read
|
|
# Required for the zizmor action to upload its SARIF results to
|
|
# GitHub code scanning (advanced-security is enabled by default).
|
|
security-events: write
|
|
steps:
|
|
- name: Checkout Repository
|
|
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: Set up Node.js
|
|
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
|
|
with:
|
|
node-version: '20'
|
|
|
|
- name: Install Dependencies
|
|
run: npm install -g @action-validator/core @action-validator/cli --save-dev
|
|
|
|
- name: Run Script
|
|
run: bash .github/workflows/github-action-validator.sh
|
|
|
|
- name: Check for security issues on GHA workflows
|
|
uses: zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d # v0.5.6
|