Skip to content

[StepSecurity] ci: Harden GitHub Actions #827

[StepSecurity] ci: Harden GitHub Actions

[StepSecurity] ci: Harden GitHub Actions #827

Workflow file for this run

name: Test
on:
pull_request:
branches:
- main
push:
permissions: read-all
jobs:
test:
permissions:
contents: read
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit
- name: Checkout
uses: actions/checkout@629c2de402a417ea7690ca6ce3f33229e27606a5
- name: Set up Go
uses: actions/setup-go@424fc82d43fa5a37540bae62709ddcc23d9520d4
with:
go-version: 1.19
- name: Run coverage
run: sudo CI=true go test -race -coverprofile=coverage.txt -covermode=atomic
- uses: codecov/codecov-action@40a12dcee2df644d47232dde008099a3e9e4f865