Skip to content
GitHub sync tests

ci: add Allstar enforcement action with SARIF upload (#77) #60

Sign in to view logs

ci: add Allstar enforcement action with SARIF upload (#77)

ci: add Allstar enforcement action with SARIF upload (#77) #60

Workflow file for this run

.github/workflows/tests.yml at 5ea41c5
name: GitHub sync tests
on:
push:
branches: [ main ]
workflow_dispatch:
permissions: read-all
jobs:
test-dump:
name: dump-config
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Set GitHub token
run: echo ${{ secrets.AUGGIE_BOT_TOKEN }} > token
- name: Dump org config
uses: docker://ghcr.io/uwu-tools/peribolos:v0.0.3@sha256:03b7dc21ec9a18ded7d73175b5920e815cb672fe03e56dbd8ef2a3dc2595ff91
with:
github-token-path: ./token
dump: relengfam
test-sync:
name: sync-orgs
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: Checkout repository
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
- name: Set GitHub token
run: echo ${{ secrets.AUGGIE_BOT_TOKEN }} > token
- name: Sync GitHub orgs
uses: docker://ghcr.io/uwu-tools/peribolos:v0.0.3@sha256:03b7dc21ec9a18ded7d73175b5920e815cb672fe03e56dbd8ef2a3dc2595ff91
with:
github-token-path: ./token
config-path: orgs
min-admins: 3
required-admins: "auggie-bot,cpanato,justaugustus"
fix-org: true
fix-org-members: true
fix-teams: true
fix-team-members: true
fix-team-repos: true