Skip to content

Add permissions for Security monitoring HQ endpoints #1947

Add permissions for Security monitoring HQ endpoints

Add permissions for Security monitoring HQ endpoints #1947

Workflow file for this run

name: Run Tests
permissions:
contents: read
env:
GIT_AUTHOR_EMAIL: "packages@datadoghq.com"
GIT_AUTHOR_NAME: "ci.datadog-api-spec"
on:
pull_request:
branches:
- master
schedule:
- cron: "0 6 * * *"
concurrency:
group: unit-${{ github.head_ref }}
cancel-in-progress: true
jobs:
pre-commit:
runs-on: ubuntu-latest
if: >
(github.event.pull_request.draft == false &&
!contains(github.event.pull_request.labels.*.name, 'ci/skip') &&
!contains(github.event.pull_request.head.ref, 'datadog-api-spec/test/')) ||
github.event_name == 'schedule'
steps:
- name: Get GitHub App token
if: github.event_name == 'pull_request'
id: get_token
uses: tibdex/github-app-token@v2.1.0
with:
app_id: ${{ secrets.PIPELINE_GITHUB_APP_ID }}
private_key: ${{ secrets.PIPELINE_GITHUB_APP_PRIVATE_KEY }}
installation_retrieval_mode: repository
installation_retrieval_payload: DataDog/datadog-api-spec
- uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
token: ${{ steps.get_token.outputs.token }}
- name: Install pre-commit
run: python -m pip install pre-commit
- name: set PY
run: echo "PY=$(python -c 'import platform;print(platform.python_version())')" >> $GITHUB_ENV
- uses: actions/cache@v3
with:
path: ~/.cache/pre-commit
key: pre-commit|${{ env.PY }}|${{ hashFiles('.pre-commit-config.yaml') }}
- id: pre_commit
name: Run pre-commit
if: github.event.action != 'closed' && github.event.pull_request.merged != true
run: |
pre-commit run --from-ref "${FROM_REF}" --to-ref "${TO_REF}" --show-diff-on-failure --color=always
env:
FROM_REF: ${{ github.event.pull_request.base.sha }}
TO_REF: ${{ github.event.pull_request.head.sha }}
- name: Commit changes
if: ${{ failure() }}
run: |-
git add -A
git config user.name "${GIT_AUTHOR_NAME}"
git config user.email "${GIT_AUTHOR_EMAIL}"
git commit -m "pre-commit fixes"
git push origin "HEAD:${HEAD_REF}"
exit 1
env:
HEAD_REF: ${{ github.event.pull_request.head.ref }}
- id: pre_commit_schedule
name: Run pre-commit in schedule
if: github.event_name == 'schedule'
run: |
pre-commit run --all-files --show-diff-on-failure --color=always
test:
strategy:
matrix:
rust-version: ["stable"]
platform: [ubuntu-latest]
runs-on: ${{ matrix.platform }}
if: (github.event.pull_request.draft == false && !contains(github.event.pull_request.labels.*.name, 'ci/skip') && !contains(github.event.pull_request.head.ref, 'datadog-api-spec/test/')) || github.event_name == 'schedule'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Install Rust
uses: dtolnay/rust-toolchain@v1
with:
toolchain: ${{ matrix.rust-version }}
- uses: Swatinem/rust-cache@v2
- name: Test
run: ./run-tests.sh
examples:
runs-on: ubuntu-latest
if: (github.event.pull_request.draft == false && !contains(github.event.pull_request.labels.*.name, 'ci/skip') && !contains(github.event.pull_request.head.ref, 'datadog-api-spec/test/')) || github.event_name == 'schedule'
steps:
- uses: actions/checkout@v3
- name: Install Rust
uses: dtolnay/rust-toolchain@master
with:
toolchain: stable
- name: Check examples
run: cargo check --examples
shell: bash
report:
runs-on: ubuntu-latest
if: always() && github.event_name == 'pull_request' && contains(github.event.pull_request.head.ref, 'datadog-api-spec/generated/')
needs:
- test
- examples
steps:
- name: Get GitHub App token
if: github.event_name == 'pull_request'
id: get_token
uses: tibdex/github-app-token@v2.1.0
with:
app_id: ${{ secrets.PIPELINE_GITHUB_APP_ID }}
private_key: ${{ secrets.PIPELINE_GITHUB_APP_PRIVATE_KEY }}
installation_retrieval_mode: repository
installation_retrieval_payload: DataDog/datadog-api-spec
- name: Post status check
uses: DataDog/github-actions/post-status-check@v2
with:
github-token: ${{ steps.get_token.outputs.token }}
repo: datadog-api-spec
status: ${{ (needs.test.result == 'cancelled' || needs.examples.result == 'cancelled') && 'pending' || needs.test.result == 'success' && needs.examples.result == 'success' && 'success' || 'failure' }}
context: unit