Skip to content

Deny - Linux

Deny - Linux #40

Workflow file for this run

# Deny - Linux
#
# Checks for security vulnerabilities or license incompatibilities
#
# Runs on:
# - scheduled UTC midnight
# - on PR comment (see comment-trigger.yml)
# - on demand from github actions UI
name: Deny - Linux
on:
workflow_call:
workflow_dispatch:
schedule:
# At midnight UTC
- cron: '0 0 * * *'
jobs:
test-deny:
runs-on: ubuntu-latest
timeout-minutes: 15
env:
CARGO_INCREMENTAL: 0
steps:
- name: (PR comment) Get PR branch
if: ${{ github.event_name == 'issue_comment' }}
uses: xt0rted/pull-request-comment-branch@v2
id: comment-branch
- name: (PR comment) Set latest commit status as pending
if: ${{ github.event_name == 'issue_comment' }}
uses: myrotvorets/set-commit-status-action@v2.0.1
with:
sha: ${{ steps.comment-branch.outputs.head_sha }}
token: ${{ secrets.GITHUB_TOKEN }}
context: Deny - Linux
status: pending
- name: (PR comment) Checkout PR branch
if: ${{ github.event_name == 'issue_comment' }}
uses: actions/checkout@v3
with:
ref: ${{ steps.comment-branch.outputs.head_ref }}
- name: Checkout branch
if: ${{ github.event_name != 'issue_comment' }}
uses: actions/checkout@v3
- uses: actions/cache@v4
name: Cache Cargo registry + index
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-cargo-
- run: sudo -E bash scripts/environment/bootstrap-ubuntu-20.04.sh
- run: bash scripts/environment/prepare.sh
- run: echo "::add-matcher::.github/matchers/rust.json"
- name: Check cargo deny advisories/licenses
run: make check-deny
- name: (PR comment) Set latest commit status as ${{ job.status }}
uses: myrotvorets/set-commit-status-action@v2.0.1
if: always() && github.event_name == 'issue_comment'
with:
sha: ${{ steps.comment-branch.outputs.head_sha }}
token: ${{ secrets.GITHUB_TOKEN }}
context: Deny - Linux
status: ${{ job.status }}