From 9b252e10d932a8380c3abfa3da7d73d7a190d485 Mon Sep 17 00:00:00 2001 From: Jake Scaltreto Date: Tue, 23 Jan 2024 10:05:39 -0500 Subject: [PATCH] chore(ci): implement code scanning (#18) Implement PR code scanning and SBOM on release. --- .github/workflows/e2e-tests.yaml | 1 + .github/workflows/unit-tests.yaml | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/.github/workflows/e2e-tests.yaml b/.github/workflows/e2e-tests.yaml index 4be73de..7b156b5 100644 --- a/.github/workflows/e2e-tests.yaml +++ b/.github/workflows/e2e-tests.yaml @@ -3,6 +3,7 @@ name: E2E Tests on: pull_request: push: + branches: [master] jobs: e2e-tests: diff --git a/.github/workflows/unit-tests.yaml b/.github/workflows/unit-tests.yaml index ecd8f52..0759738 100644 --- a/.github/workflows/unit-tests.yaml +++ b/.github/workflows/unit-tests.yaml @@ -3,6 +3,7 @@ name: Unit Tests on: pull_request: push: + branches: [master] jobs: unit-tests: @@ -18,3 +19,13 @@ jobs: - name: Run Unit Tests run: make test-unit + + scan: + needs: unit-tests + if: github.event_name == 'pull_request' + uses: circlefin/circle-public-github-workflows/.github/workflows/pr-scan.yaml@v1 + + release-sbom: + needs: unit-tests + if: github.event_name == 'push' + uses: circlefin/circle-public-github-workflows/.github/workflows/attach-release-assets.yaml@v1