Skip to content

[StepSecurity] Apply security best practices #611

[StepSecurity] Apply security best practices

[StepSecurity] Apply security best practices #611

Workflow file for this run

name: Test PR
on:
pull_request:
defaults:
run:
shell: 'bash -Eeuo pipefail -x {0}'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
generate-jobs:
name: Generate Jobs
runs-on: ubuntu-latest
outputs:
strategy: ${{ steps.generate-jobs.outputs.strategy }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: docker-library/bashbrew@7e160dca3123caecf32c33ba31821dd2aa3716cd # v0.1.8
- id: generate-jobs
name: Generate Jobs
run: |
export GENERATE_STACKBREW_LIBRARY='./dockerhub_doc_config_update.sh /dev/stdout'
export GITHUB_REPOSITORY="eclipse-temurin"
strategy="$("$BASHBREW_SCRIPTS/github-actions/generate.sh")"
echo "strategy=$strategy" >> "$GITHUB_OUTPUT"
jq . <<<"$strategy" # sanity check / debugging aid
test:
needs: generate-jobs
strategy: ${{ fromJson(needs.generate-jobs.outputs.strategy) }}
name: ${{ matrix.name }}
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Prepare Environment
run: ${{ matrix.runs.prepare }}
- name: Pull Dependencies
run: ${{ matrix.runs.pull }}
- name: Build ${{ matrix.name }}
run: ${{ matrix.runs.build }}
- name: Test ${{ matrix.name }}
run: ${{ matrix.runs.test }}
- name: '"docker images"'
run: ${{ matrix.runs.images }}
conclusion:
name: conclusion
needs: test
runs-on: ubuntu-latest
if: always()
steps:
- name: Result
run: ${{ needs.test.result == 'success' }}