commit-to-main.yml

name: Main branch tests

permissions:
  contents: read

on:
  push:
    branches: ['main']

jobs:

  platform-tests:
    uses: ./.github/workflows/platforms.yml

  scorecard:
    uses: ./.github/workflows/scorecard.yml
    secrets: inherit
    # complete list of permissions keys as per
    # https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token#defining-access-for-the-github_token-permissions
    # accessed September 4, 2024
    permissions:
      actions: read
      attestations: read
      checks: read
      contents: read
      deployments: read
      id-token: write
      issues: read
      discussions: read
      packages: read
      pages: read
      pull-requests: read
      repository-projects: read
      security-events: write
      statuses: read

  basic-downstream:
    uses: ./.github/workflows/downstream-basic.yml
    secrets: inherit