mirror of
https://github.com/go-task/task.git
synced 2026-07-02 17:08:45 +00:00
ci(github): fold govulncheck into the CI workflow
Move the govulncheck job from security.yml into ci.yml and add it to the ci-status gate so it shares the CI concurrency group and is covered by the single required check. Drop the now-redundant security.yml.
This commit is contained in:
11
.github/workflows/ci.yml
vendored
11
.github/workflows/ci.yml
vendored
@@ -97,10 +97,16 @@ jobs:
|
||||
- name: 📋 Validate JSON Schema
|
||||
run: check-jsonschema --check-metaschema website/src/public/schema.json
|
||||
|
||||
govulncheck:
|
||||
name: 🛡️ Vulnerabilities
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # v1.0.4
|
||||
|
||||
ci-status:
|
||||
name: ✅ CI
|
||||
runs-on: ubuntu-latest
|
||||
needs: [build, test, lint, lint-jsonschema]
|
||||
needs: [build, test, lint, lint-jsonschema, govulncheck]
|
||||
if: always()
|
||||
steps:
|
||||
- name: ✅ Check CI status
|
||||
@@ -108,7 +114,8 @@ jobs:
|
||||
if [[ "${{ needs.build.result }}" != "success" ]] || \
|
||||
[[ "${{ needs.test.result }}" != "success" ]] || \
|
||||
[[ "${{ needs.lint.result }}" != "success" ]] || \
|
||||
[[ "${{ needs.lint-jsonschema.result }}" != "success" ]]; then
|
||||
[[ "${{ needs.lint-jsonschema.result }}" != "success" ]] || \
|
||||
[[ "${{ needs.govulncheck.result }}" != "success" ]]; then
|
||||
echo "CI failed"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
19
.github/workflows/security.yml
vendored
19
.github/workflows/security.yml
vendored
@@ -1,19 +0,0 @@
|
||||
name: Security
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
push:
|
||||
tags:
|
||||
- v*
|
||||
branches:
|
||||
- main
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
govulncheck:
|
||||
name: govulncheck
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # v1.0.4
|
||||
Reference in New Issue
Block a user