Skip to content

feat: Blade Visual Refresh ๐Ÿ’…๐Ÿผ #6384

feat: Blade Visual Refresh ๐Ÿ’…๐Ÿผ

feat: Blade Visual Refresh ๐Ÿ’…๐Ÿผ #6384

Workflow file for this run

name: Security Checks
on:
workflow_dispatch:
pull_request: {}
push:
branches: ['master']
schedule:
- cron: '30 20 * * *'
jobs:
semgrep:
if: (github.actor != 'dependabot[bot]')
permissions: write-all
name: Scan
runs-on: ubuntu-latest # nosemgrep : semgrep.dev/s/swati31196:github_provided_runner
container:
image: returntocorp/semgrep
steps:
- uses: actions/checkout@v3
- run: semgrep ci
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
workflow_status:
runs-on: ubuntu-latest # nosemgrep : semgrep.dev/s/swati31196:github_provided_runner
name: Update Status Check
needs: [semgrep]
if: always()
env:
githubCommit: ${{ github.event.pull_request.head.sha }}
steps:
- name: Set github commit id
run: |
if [ "${{ github.event_name }}" = "push" ] || [ "${{ github.event_name }}" = "schedule" ] || [ "${{ github.event_name }}" = "workflow_dispatch" ] ; then
echo "githubCommit=${{ github.sha }}" >> $GITHUB_ENV
fi
exit 0
- name: Failed
id: failed
if: (contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')) && github.ref != 'refs/heads/master'
run: |
echo 'Failing the workflow for github security status check.'
curl -X POST -H "Content-Type: application/json" -H "Authorization: token ${{ github.token }}" \
-d '{ "state" : "failure" , "context" : "github/security-status-check" , "description" : "github/security-status-check", "target_url" : "https://github.com/${{ github.repository }}" }' \
https://api.github.com/repos/${{ github.repository }}/statuses/${{ env.githubCommit }}
exit 1
- name: Success
if: steps.failed.conclusion == 'skipped' || github.ref != 'refs/heads/master'
run: |
echo 'Status check has passed!'
curl -X POST -H "Content-Type: application/json" -H "Authorization: token ${{ github.token }}" \
-d '{ "state" : "success" , "context" : "github/security-status-check" , "description" : "github/security-status-check", "target_url" : "https://github.com/${{ github.repository }}" }' \
https://api.github.com/repos/${{ github.repository }}/statuses/${{ env.githubCommit }}
exit 0